From owner-svn-ports-all@FreeBSD.ORG Fri Feb 6 20:31:56 2015 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 63EDF4C1; Fri, 6 Feb 2015 20:31:56 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 44F53972; Fri, 6 Feb 2015 20:31:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t16KVuZV018395; Fri, 6 Feb 2015 20:31:56 GMT (envelope-from pi@FreeBSD.org) Received: (from pi@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t16KVtoZ018387; Fri, 6 Feb 2015 20:31:55 GMT (envelope-from pi@FreeBSD.org) Message-Id: <201502062031.t16KVtoZ018387@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: pi set sender to pi@FreeBSD.org using -f From: Kurt Jaeger Date: Fri, 6 Feb 2015 20:31:54 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r378554 - in head/security/ipsec-tools: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Feb 2015 20:31:56 -0000 Author: pi Date: Fri Feb 6 20:31:54 2015 New Revision: 378554 URL: https://svnweb.freebsd.org/changeset/ports/378554 QAT: https://qat.redports.org/buildarchive/r378554/ Log: security/ipsec-tools: 0.8.1 -> 0.8.2 From ChangeLog: - Fix admin port establish-sa for tunnel mode SAs (Alexander Sbitnev) - Fix source port selection regression from version 0.8.1 - Various logging improvements - Additional compliance and build fixes From submitter: - extra patch to adding wildcard psk option PR: 196930 Submitted by: Harald Schmalzbauer , Ed Schouten Approved by: vanhu (maintainer) Added: head/security/ipsec-tools/files/patch-src-racoon-isakmp_cfg.c (contents, props changed) head/security/ipsec-tools/files/wildcard-psk.diff (contents, props changed) Modified: head/security/ipsec-tools/Makefile head/security/ipsec-tools/distinfo head/security/ipsec-tools/pkg-plist Modified: head/security/ipsec-tools/Makefile ============================================================================== --- head/security/ipsec-tools/Makefile Fri Feb 6 20:14:06 2015 (r378553) +++ head/security/ipsec-tools/Makefile Fri Feb 6 20:31:54 2015 (r378554) @@ -7,8 +7,7 @@ # - $LOCALBASE/sbin/setkey Vs /usr/sbin/setkey PORTNAME= ipsec-tools -PORTVERSION= 0.8.1 -PORTREVISION= 7 +PORTVERSION= 0.8.2 CATEGORIES= security MASTER_SITES= SF @@ -34,7 +33,7 @@ SUB_LIST+= STATEDIR=${STATEDIR} PLIST_SUB+= STATEDIR=${STATEDIR} OPTIONS_DEFINE= DEBUG IPV6 ADMINPORT STATS DPD NATT NATTF FRAG HYBRID PAM \ - RADIUS LDAP GSSAPI SAUNSPEC RC5 IDEA DOCS + RADIUS LDAP GSSAPI SAUNSPEC RC5 IDEA DOCS EXAMPLES WCPSKEY OPTIONS_DEFAULT= DEBUG DPD NATT FRAG HYBRID ADMINPORT_DESC= Enable Admin port @@ -50,8 +49,10 @@ IDEA_DESC= IDEA encryption (patented) PAM_DESC= PAM authentication (Xauth server) RADIUS_DESC= Radius authentication (Xauth server) LDAP_DESC= LDAP authentication (Xauth server) +WCPSKEY_DESC= Allow wildcard matching for pre-shared keys PORTDOCS= * +PORTEXAMPLES= * .include @@ -157,6 +158,10 @@ CONFIGURE_ARGS+= --enable-idea CONFIGURE_ARGS+= --disable-idea .endif +.if ${PORT_OPTIONS:MWCPSKEY} +EXTRA_PATCHES= ${FILESDIR}/wildcard-psk.diff +.endif + post-patch: @${REINPLACE_CMD} -e "s/-Werror//g ; s/-R$$libdir/-Wl,-rpath=$$libdir/g" ${WRKSRC}/configure Modified: head/security/ipsec-tools/distinfo ============================================================================== --- head/security/ipsec-tools/distinfo Fri Feb 6 20:14:06 2015 (r378553) +++ head/security/ipsec-tools/distinfo Fri Feb 6 20:31:54 2015 (r378554) @@ -1,2 +1,2 @@ -SHA256 (ipsec-tools-0.8.1.tar.bz2) = fa4a95bb36842f001b84c4e7a1bb727e3ee06147edbc830a881d63abe8153dd4 -SIZE (ipsec-tools-0.8.1.tar.bz2) = 860717 +SHA256 (ipsec-tools-0.8.2.tar.bz2) = 8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d +SIZE (ipsec-tools-0.8.2.tar.bz2) = 866465 Added: head/security/ipsec-tools/files/patch-src-racoon-isakmp_cfg.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/ipsec-tools/files/patch-src-racoon-isakmp_cfg.c Fri Feb 6 20:31:54 2015 (r378554) @@ -0,0 +1,28 @@ +--- src/racoon/isakmp_cfg.c ++++ src/racoon/isakmp_cfg.c +@@ -38,7 +38,9 @@ + #include + #include + ++#if __FreeBSD_version >= 900007 + #include ++#endif + #if defined(__APPLE__) && defined(__MACH__) + #include + #endif +@@ -1663,6 +1665,7 @@ + char *usr; + int inout; + { ++#if __FreeBSD_version >= 900007 + int error = 0; + struct utmpx ut; + char addr[NI_MAXHOST]; +@@ -1706,6 +1709,7 @@ + plog(LLV_ERROR, LOCATION, NULL, "Unepected inout\n"); + break; + } ++#endif + + return 0; + } Added: head/security/ipsec-tools/files/wildcard-psk.diff ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/ipsec-tools/files/wildcard-psk.diff Fri Feb 6 20:31:54 2015 (r378554) @@ -0,0 +1,12 @@ +--- src/racoon/localconf.c 9 Sep 2006 16:22:09 -0000 1.4 ++++ src/racoon/localconf.c 11 Jul 2008 20:58:55 -0000 +@@ -211,7 +211,8 @@ getpsk(str, len) + if (*p == '\0') + continue; /* no 2nd parameter */ + p--; +- if (strncmp(buf, str, len) == 0 && buf[len] == '\0') { ++ if (strcmp(buf, "*") == 0 ++ || (strncmp(buf, str, len) == 0 && buf[len] == '\0')) { + p++; + keylen = 0; + for (q = p; *q != '\0' && *q != '\n'; q++) Modified: head/security/ipsec-tools/pkg-plist ============================================================================== --- head/security/ipsec-tools/pkg-plist Fri Feb 6 20:14:06 2015 (r378553) +++ head/security/ipsec-tools/pkg-plist Fri Feb 6 20:31:54 2015 (r378554) @@ -33,19 +33,5 @@ man/man8/plainrsa-gen.8.gz man/man8/racoon.8.gz man/man8/racoonctl.8.gz man/man8/setkey.8.gz -%%EXAMPLESDIR%%/psk.txt -%%EXAMPLESDIR%%/psk.txt.sample -%%EXAMPLESDIR%%/racoon.conf -%%EXAMPLESDIR%%/racoon.conf.sample -%%EXAMPLESDIR%%/racoon.conf.sample-gssapi -%%EXAMPLESDIR%%/racoon.conf.sample-inherit -%%EXAMPLESDIR%%/racoon.conf.sample-natt -%%EXAMPLESDIR%%/racoon.conf.sample-plainrsa -%%EXAMPLESDIR%%/roadwarrior/README -%%EXAMPLESDIR%%/roadwarrior/client/phase1-down.sh -%%EXAMPLESDIR%%/roadwarrior/client/phase1-up.sh -%%EXAMPLESDIR%%/roadwarrior/client/racoon.conf -%%EXAMPLESDIR%%/roadwarrior/server/racoon.conf -%%EXAMPLESDIR%%/roadwarrior/server/racoon.conf-radius @dir etc/racoon @dir %%STATEDIR%%