From owner-freebsd-ports@FreeBSD.ORG Sat Nov 8 10:07:12 2014 Return-Path: Delivered-To: ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 29F04253 for ; Sat, 8 Nov 2014 10:07:12 +0000 (UTC) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "funkthat.com", Issuer "funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id F235AC48 for ; Sat, 8 Nov 2014 10:07:11 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id sA8A7AJZ063619 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 8 Nov 2014 02:07:10 -0800 (PST) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id sA8A7ACq063618 for ports@FreeBSD.org; Sat, 8 Nov 2014 02:07:10 -0800 (PST) (envelope-from jmg) Date: Sat, 8 Nov 2014 02:07:10 -0800 From: John-Mark Gurney To: ports@FreeBSD.org Subject: review of new tcpcrypt port... Message-ID: <20141108100709.GF24601@funkthat.com> Mail-Followup-To: John-Mark Gurney , ports@FreeBSD.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="FkmkrVfFsRoUs1wW" Content-Disposition: inline User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Sat, 08 Nov 2014 02:07:10 -0800 (PST) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Nov 2014 10:07:12 -0000 --FkmkrVfFsRoUs1wW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I'd like someone to review the attached port for me to commit... It contains a daemon to run on divert sockets to implement the tcpcrypt protocol. I have tested this port w/ HEAD and it works fine w/ the attached patch... The included patch has been submitted upstream and committed, but a new release has not yet been released. portlint -A looks fine. Thanks. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." --FkmkrVfFsRoUs1wW Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="tcpcrypt.port.patch" Index: GIDs =================================================================== --- GIDs (revision 372292) +++ GIDs (working copy) @@ -223,6 +223,7 @@ polw:*:825: statsd:*:826: netdisco:*:840: +tcpcryptd:*:841: munin:*:842: dahdi:*:843:asterisk fossy:*:901:www Index: UIDs =================================================================== --- UIDs (revision 372292) +++ UIDs (working copy) @@ -229,6 +229,7 @@ polw:*:825:825::0:0:Policyd-weight Cache Owner:/nonexistent:/sbin/nologin statsd:*:826:826::0:0:Statsd Daemon:/nonexistent:/sbin/nologin netdisco:*:840:840::0:0:netdisco daemon:/nonexistent:/usr/sbin/nologin +tcpcryptd:*:841:841::0:0:tcpcrypt daemon:/nonexistent:/usr/sbin/nologin munin:*:842:842::0:0:Munin:/var/munin:/usr/sbin/nologin fossy:*:901:901::0:0:FOSSology user:/usr/local/share/fossology:/usr/local/bin/bash scanlogd:*:902:902::0:0:scanlogd user:/nonexistent:/usr/sbin/nologin Index: security/tcpcrypt/Makefile =================================================================== --- security/tcpcrypt/Makefile (revision 0) +++ security/tcpcrypt/Makefile (working copy) @@ -0,0 +1,27 @@ +# Created by: John-Mark Gurney +# $FreeBSD$ + +PORTNAME= tcpcrypt +DISTVERSION= 0.3.rc1 +CATEGORIES= security net + +MAINTAINER= jmg@FreeBSD.org +COMMENT= TCPCrypt userland divert daemon + +LICENSE= BSD2CLAUSE + +USE_GITHUB= yes +GH_ACCOUNT= scslab +GH_TAGNAME= v0.3-rc1 +GH_COMMIT= b110e7e + +#WRKSRC_SUBDIR= user +GNU_CONFIGURE= yes +USE_LDCONFIG= yes +USES= autoreconf libtool +INSTALL_TARGET= install-strip + +USERS= tcpcryptd +GROUPS= tcpcryptd + +.include Property changes on: security/tcpcrypt/Makefile ___________________________________________________________________ Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Index: security/tcpcrypt/distinfo =================================================================== --- security/tcpcrypt/distinfo (revision 0) +++ security/tcpcrypt/distinfo (working copy) @@ -0,0 +1,2 @@ +SHA256 (tcpcrypt-0.3.rc1.tar.gz) = da184da7b702cadeaec670f09e34af8d41be84d81ad253f4d977aaaa576da865 +SIZE (tcpcrypt-0.3.rc1.tar.gz) = 183047 Index: security/tcpcrypt/files/patch-unix.c =================================================================== --- security/tcpcrypt/files/patch-unix.c (revision 0) +++ security/tcpcrypt/files/patch-unix.c (working copy) @@ -0,0 +1,17 @@ +--- src/unix.c.orig 2014-09-10 16:22:26.000000000 -0700 ++++ src/unix.c 2014-10-31 23:59:29.000000000 -0700 +@@ -57,7 +57,13 @@ + s_in.sin_addr = ip->ip_dst; + s_in.sin_port = tcp->th_dport; + +-#if defined(__FreeBSD__) || defined(__DARWIN_UNIX03) ++#if defined(__FreeBSD__) ++#include ++#if __FreeBSD_version < 1000022 ++ #define HO_LEN ++#endif ++#endif ++#ifdef __DARWIN_UNIX03 + #define HO_LEN + #endif + #ifdef HO_LEN Property changes on: security/tcpcrypt/files/patch-unix.c ___________________________________________________________________ Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Index: security/tcpcrypt/pkg-descr =================================================================== --- security/tcpcrypt/pkg-descr (revision 0) +++ security/tcpcrypt/pkg-descr (working copy) @@ -0,0 +1,12 @@ +Tcpcrypt is a protocol that attempts to encrypt (almost) all of your +network traffic. Unlike other security mechanisms, Tcpcrypt works out +of the box: it requires no configuration, no changes to applications, +and your network connections will continue to work even if the remote +end does not support Tcpcrypt, in which case connections will +gracefully fall back to standard clear-text TCP. Install Tcpcrypt and +you'll feel no difference in your every day user experience, but yet +your traffic will be more secure and you'll have made life much harder +for hackers. + +WWW: http://www.tcpcrypt.org/ +WWW: https://github.com/sorbo/tcpcrypt Index: security/tcpcrypt/pkg-plist =================================================================== --- security/tcpcrypt/pkg-plist (revision 0) +++ security/tcpcrypt/pkg-plist (working copy) @@ -0,0 +1,10 @@ +bin/tcnetstat +bin/tcpcryptd +include/tcpcrypt/socket_address.h +include/tcpcrypt/tcpcrypt.h +lib/libtcpcrypt.a +lib/libtcpcrypt.so +lib/libtcpcrypt.so.0 +lib/libtcpcrypt.so.0.0.0 +man/man8/tcnetstat.8.gz +man/man8/tcpcryptd.8.gz --FkmkrVfFsRoUs1wW--