From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Sep 24 21:10:07 2012 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 453E0106564A for ; Mon, 24 Sep 2012 21:10:07 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 127868FC15 for ; Mon, 24 Sep 2012 21:10:07 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q8OLA6G6040773 for ; Mon, 24 Sep 2012 21:10:06 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q8OLA66d040772; Mon, 24 Sep 2012 21:10:06 GMT (envelope-from gnats) Resent-Date: Mon, 24 Sep 2012 21:10:06 GMT Resent-Message-Id: <201209242110.q8OLA66d040772@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, David Shane Holden Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 71D48106566B for ; Mon, 24 Sep 2012 21:09:31 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 5BD1E8FC15 for ; Mon, 24 Sep 2012 21:09:31 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.5/8.14.5) with ESMTP id q8OL9V9e054527 for ; Mon, 24 Sep 2012 21:09:31 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.5/8.14.5/Submit) id q8OL9Vwl054526; Mon, 24 Sep 2012 21:09:31 GMT (envelope-from nobody) Message-Id: <201209242109.q8OL9Vwl054526@red.freebsd.org> Date: Mon, 24 Sep 2012 21:09:31 GMT From: David Shane Holden To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/171928: [patch update] security/strongswan 4.5.3 -> 5.0.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Sep 2012 21:10:07 -0000 >Number: 171928 >Category: ports >Synopsis: [patch update] security/strongswan 4.5.3 -> 5.0.0 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Mon Sep 24 21:10:06 UTC 2012 >Closed-Date: >Last-Modified: >Originator: David Shane Holden >Release: >Organization: >Environment: >Description: [patch update] security/strongswan 4.5.3 -> 5.0.0 * pluto has been removed and charon now has built-in ikev1 support which is why the --disable-pluto configure arg was removed and an IKEv1 option added. * the man3 files are no longer installed * gmake is required for this release, but shouldn't be required for 5.0.1. * a new patch was added to include stdint which shouldn't be required for 5.0.1. * the old ipsec.in patch is no longer required, thus removed. http://wiki.strongswan.org/issues/205 resolves the make, and stdint issues noted above. >How-To-Repeat: >Fix: Patch attached with submission follows: diff --git a/security/strongswan/Makefile b/security/strongswan/Makefile index 6e28fdc..1ba1695 100644 --- a/security/strongswan/Makefile +++ b/security/strongswan/Makefile @@ -5,7 +5,7 @@ # $FreeBSD$ PORTNAME= strongswan -PORTVERSION= 4.5.3 +PORTVERSION= 5.0.0 CATEGORIES= security MASTER_SITES= http://download.strongswan.org/ \ http://download2.strongswan.org/ @@ -13,7 +13,9 @@ MASTER_SITES= http://download.strongswan.org/ \ MAINTAINER= riaank@gmail.com COMMENT= Open Source IKEv2 IPsec-based VPN solution -OPTIONS= SQLITE "Enable SQLite" off \ +OPTIONS= IKEv1 "Enable IKEv1 support" off \ + LDAP "Enable LDAP" off \ + SQLITE "Enable SQLite" off \ MYSQL "Enable MySQL" off \ CURL "Enable CURL to fetch CRL/OCSP" off \ EAPAKA3GPP2 "Enable EAP AKA with 3gpp2 backend" off \ @@ -22,6 +24,7 @@ OPTIONS= SQLITE "Enable SQLite" off \ USE_RC_SUBR= strongswan USE_BZIP2= yes USE_AUTOTOOLS= libtool +USE_GMAKE= yes GNU_CONFIGURE= yes USE_OPENSSL= yes USE_LDCONFIG= yes @@ -31,7 +34,6 @@ CONFIGURE_ARGS= --enable-kernel-pfkey \ --disable-kernel-netlink \ --disable-tools \ --disable-scripts \ - --disable-pluto \ --disable-gmp \ --enable-openssl \ --enable-eap-identity \ @@ -46,9 +48,6 @@ CONFIGURE_ARGS= --enable-kernel-pfkey \ --with-lib-prefix=${PREFIX} # Man pages with default install -MAN3= anyaddr.3 atoaddr.3 atoasr.3 atoul.3 goodmask.3 initaddr.3 \ - initsubnet.3 portof.3 rangetosubnet.3 sameaddr.3 subnetof.3 \ - ttoaddr.3 ttodata.3 ttosa.3 ttoul.3 MAN5= ipsec.conf.5 ipsec.secrets.5 strongswan.conf.5 MAN8= ipsec.8 _updown.8 _updown_espmark.8 @@ -60,6 +59,21 @@ IGNORE= requires at least FreeBSD 8.X .endif # Extra options +.if defined(WITH_IKEv1) +PLIST_SUB+= IKEv1="" +.else +CONFIGURE_ARGS+= --disable-ikev1 +PLIST_SUB+= IKEv1="@comment " +.endif + +.if defined(WITH_LDAP) +USE_OPENLDAP= yes +CONFIGURE_ARGS+= --enable-ldap +PLIST_SUB+= LDAP="" +.else +PLIST_SUB+= LDAP="@comment " +.endif + .if defined(WITH_SQLITE) || defined (WITH_MYSQL) CONFIGURE_ARGS+= --enable-attr-sql CONFIGURE_ARGS+= --enable-sql diff --git a/security/strongswan/distinfo b/security/strongswan/distinfo index 6dfa1da..e374d67 100644 --- a/security/strongswan/distinfo +++ b/security/strongswan/distinfo @@ -1,2 +1,2 @@ -SHA256 (strongswan-4.5.3.tar.bz2) = a59fa0d9820fb06a3c848f4537b9256d2067265ad10e1b007b79f3b16279f1ff -SIZE (strongswan-4.5.3.tar.bz2) = 3299522 +SHA256 (strongswan-5.0.0.tar.bz2) = efc13c86e715b5e596d9d8535640c830f83e977fe521afd2c70d68926c4b573e +SIZE (strongswan-5.0.0.tar.bz2) = 3087071 diff --git a/security/strongswan/files/patch-src-libcharon-encoding-payloads-transform__attribute.c b/security/strongswan/files/patch-src-libcharon-encoding-payloads-transform__attribute.c new file mode 100644 index 0000000..ed12ec4 --- /dev/null +++ b/security/strongswan/files/patch-src-libcharon-encoding-payloads-transform__attribute.c @@ -0,0 +1,41 @@ +From d511a71daa36f701636a76fb1e513755b3cb8b03 Mon Sep 17 00:00:00 2001 +From: Tobias Brunner +Date: Fri, 27 Jul 2012 11:36:59 +0200 +Subject: [PATCH] Include stdint.h for UINTxx_MAX defines + +Fixes #205. +--- + src/libcharon/encoding/payloads/transform_attribute.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/libcharon/encoding/payloads/transform_attribute.c b/src/libcharon/encoding/payloads/transform_attribute.c +index a11ee98..d20f77c 100644 +--- src/libcharon/encoding/payloads/transform_attribute.c ++++ src/libcharon/encoding/payloads/transform_attribute.c +@@ -17,6 +17,7 @@ + + #include + #include ++#include + + #include "transform_attribute.h" + +@@ -107,13 +108,13 @@ struct private_transform_attribute_t { + */ + static encoding_rule_t encodings[] = { + /* Flag defining the format of this payload */ +- { ATTRIBUTE_FORMAT, offsetof(private_transform_attribute_t, attribute_format) }, ++ { ATTRIBUTE_FORMAT, offsetof(private_transform_attribute_t, attribute_format) }, + /* type of the attribute as 15 bit unsigned integer */ + { ATTRIBUTE_TYPE, offsetof(private_transform_attribute_t, attribute_type) }, + /* Length or value, depending on the attribute format flag */ + { ATTRIBUTE_LENGTH_OR_VALUE,offsetof(private_transform_attribute_t, attribute_length_or_value) }, + /* Value of attribute if attribute format flag is zero */ +- { ATTRIBUTE_VALUE, offsetof(private_transform_attribute_t, attribute_value) } ++ { ATTRIBUTE_VALUE, offsetof(private_transform_attribute_t, attribute_value) } + }; + + /* +-- +1.7.10.4 + diff --git a/security/strongswan/files/patch-src__ipsec__ipsec.in b/security/strongswan/files/patch-src__ipsec__ipsec.in deleted file mode 100644 index eb1118b..0000000 --- a/security/strongswan/files/patch-src__ipsec__ipsec.in +++ /dev/null @@ -1,20 +0,0 @@ -diff -ur srcold/ipsec/ipsec.in src/ipsec/ipsec.in ---- srcold/ipsec/ipsec.in 2011-09-22 08:39:26.589952124 +0200 -+++ src/ipsec/ipsec.in 2011-09-22 08:39:44.640945476 +0200 -@@ -19,6 +19,7 @@ - export PATH - - # name and version of the ipsec implementation -+OS_NAME=`uname -s` - IPSEC_NAME="@IPSEC_NAME@" - IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`" - -@@ -378,7 +379,7 @@ - fi - ;; - version|--version) -- printf "Linux $IPSEC_NAME $IPSEC_VERSION\n" -+ printf "$OS_NAME $IPSEC_NAME $IPSEC_VERSION\n" - printf "$IPSEC_DISTRO\n" - printf "See 'ipsec --copyright' for copyright information.\n" - exit 0 diff --git a/security/strongswan/pkg-plist b/security/strongswan/pkg-plist index 036e76d..7bf23f6 100644 --- a/security/strongswan/pkg-plist +++ b/security/strongswan/pkg-plist @@ -12,6 +12,10 @@ lib/ipsec/libstrongswan.a lib/ipsec/libstrongswan.la lib/ipsec/libstrongswan.so lib/ipsec/libstrongswan.so.0 +lib/ipsec/libtls.a +lib/ipsec/libtls.la +lib/ipsec/libtls.so +lib/ipsec/libtls.so.0 lib/ipsec/plugins/libstrongswan-addrblock.a lib/ipsec/plugins/libstrongswan-addrblock.la lib/ipsec/plugins/libstrongswan-addrblock.so @@ -24,6 +28,9 @@ lib/ipsec/plugins/libstrongswan-attr.so lib/ipsec/plugins/libstrongswan-blowfish.a lib/ipsec/plugins/libstrongswan-blowfish.la lib/ipsec/plugins/libstrongswan-blowfish.so +lib/ipsec/plugins/libstrongswan-cmac.a +lib/ipsec/plugins/libstrongswan-cmac.la +lib/ipsec/plugins/libstrongswan-cmac.so lib/ipsec/plugins/libstrongswan-constraints.a lib/ipsec/plugins/libstrongswan-constraints.la lib/ipsec/plugins/libstrongswan-constraints.so @@ -63,6 +70,9 @@ lib/ipsec/plugins/libstrongswan-md4.so lib/ipsec/plugins/libstrongswan-md5.a lib/ipsec/plugins/libstrongswan-md5.la lib/ipsec/plugins/libstrongswan-md5.so +lib/ipsec/plugins/libstrongswan-nonce.a +lib/ipsec/plugins/libstrongswan-nonce.la +lib/ipsec/plugins/libstrongswan-nonce.so lib/ipsec/plugins/libstrongswan-openssl.a lib/ipsec/plugins/libstrongswan-openssl.la lib/ipsec/plugins/libstrongswan-openssl.so @@ -75,6 +85,9 @@ lib/ipsec/plugins/libstrongswan-pgp.so lib/ipsec/plugins/libstrongswan-pkcs1.a lib/ipsec/plugins/libstrongswan-pkcs1.la lib/ipsec/plugins/libstrongswan-pkcs1.so +lib/ipsec/plugins/libstrongswan-pkcs8.a +lib/ipsec/plugins/libstrongswan-pkcs8.la +lib/ipsec/plugins/libstrongswan-pkcs8.so lib/ipsec/plugins/libstrongswan-pubkey.a lib/ipsec/plugins/libstrongswan-pubkey.la lib/ipsec/plugins/libstrongswan-pubkey.so @@ -128,6 +141,10 @@ sbin/ipsec %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.a %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.la %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.so +%%EAPSIMFILE%%lib/ipsec/libsimaka.a +%%EAPSIMFILE%%lib/ipsec/libsimaka.la +%%EAPSIMFILE%%lib/ipsec/libsimaka.so +%%EAPSIMFILE%%lib/ipsec/libsimaka.so.0 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.a %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.la %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.so @@ -137,6 +154,12 @@ sbin/ipsec %%CURL%%lib/ipsec/plugins/libstrongswan-curl.a %%CURL%%lib/ipsec/plugins/libstrongswan-curl.la %%CURL%%lib/ipsec/plugins/libstrongswan-curl.so +%%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.a +%%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.la +%%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.so +%%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.a +%%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.la +%%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.so %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.a %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.la %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.so >Release-Note: >Audit-Trail: >Unformatted: