ports/60364: update of port security/vpnc
Christian Lackas
delta at lackas.net
Sat Dec 20 20:41:00 UTC 2003
The following reply was made to PR ports/60364; it has been noted by GNATS.
From: Christian Lackas <delta at lackas.net>
To: FreeBSD-gnats-submit at FreeBSD.org
Cc:
Subject: Re: ports/60364: update of port security/vpnc
Date: Sat, 20 Dec 2003 21:05:43 +0100
--Qxx1br4bt0+wmkIi
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
> Instead of sending shar, please send a diff in the unified format next
> time you submit a port update.
ok, I've attached it.
Regards,
Christian
--
Morgenkaffee ist schlecht - er hält dich bis Mittag wach!
http://www.lackas.net/ Perl Delphi Linux MP3 Searchengines Domainchecker
--Qxx1br4bt0+wmkIi
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="vpnc.diff"
diff -urN /usr/ports/security/vpnc/Makefile ./Makefile
--- /usr/ports/security/vpnc/Makefile Wed Dec 17 16:19:50 2003
+++ ./Makefile Thu Dec 18 15:57:30 2003
@@ -1,32 +1,46 @@
# New ports collection makefile for: vpnc
-# Date created: 15 December 2003
-# Whom: Christian Lackas
+# Date created: 15 December 2003
+# Whom: Christian Lackas
#
-# $FreeBSD: ports/security/vpnc/Makefile,v 1.1 2003/12/17 15:19:50 krion Exp $
+# $FreeBSD$
#
-PORTNAME= vpnc
+PORTNAME= vpnc
PORTVERSION= 0.2
-CATEGORIES= security
+PORTREVISION= 1
+CATEGORIES= security
MASTER_SITES= http://www.unix-ag.uni-kl.de/~massar/vpnc/
-DISTNAME= ${PORTNAME}-${PORTVERSION}-rm+zomb-pre6
+DISTNAME= ${PORTNAME}-${PORTVERSION}-rm+zomb-pre6
-MAINTAINER= delta at lackas.net
-COMMENT= "Client for Cisco 3000 VPN Concentrator"
+MAINTAINER= delta at lackas.net
+COMMENT= Client for Cisco 3000 VPN Concentrator
LIB_DEPENDS= gcrypt.6:${PORTSDIR}/security/libgcrypt
-USE_GMAKE= yes
-ALL_TARGET= vpnc
-INSTALL_TARGET=
+USE_GMAKE= yes
+USE_REINPLACE= yes
+ALL_TARGET= vpnc
-post-install:
+MAN8=vpnc.8
+
+do-install:
@${INSTALL_PROGRAM} -m 751 ${WRKSRC}/vpnc ${PREFIX}/sbin/vpnc
@${INSTALL_SCRIPT} -m 755 ${FILESDIR}/vpnc.sh ${PREFIX}/etc/rc.d/vpnc.sh.sample
+ @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${PREFIX}/etc/rc.d/vpnc.sh.sample
@${INSTALL_DATA} -m 600 ${WRKSRC}/vpnc.conf ${PREFIX}/etc/vpnc.conf.sample
.if !defined(NOPORTDOCS)
- ${MKDIR} ${DOCSDIR}
- @${INSTALL_DATA} -m 666 ${WRKSRC}/README ${DOCSDIR}
+ ${MKDIR} ${DOCSDIR}
+ @${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR}
+ @${INSTALL_DATA} ${WRKSRC}/ChangeLog ${DOCSDIR}
+ @${INSTALL_DATA} ${WRKSRC}/TODO ${DOCSDIR}
+.endif
+.if !defined(NO_INSTALL_MANPAGES)
+ @${INSTALL_MAN} ${FILESDIR}/vpnc.8 ${PREFIX}/man/man8
.endif
+ @${CAT} ${PKGMESSAGE}
+
+post-patch:
+ @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/vpnc.c
+ @${REINPLACE_CMD} -e 's|%%CC%%|${CC}|;s|%%CFLAGS%%|${CFLAGS}|' ${WRKSRC}/Makefile
.include <bsd.port.mk>
diff -urN /usr/ports/security/vpnc/files/patch-Makefile ./files/patch-Makefile
--- /usr/ports/security/vpnc/files/patch-Makefile Wed Dec 17 16:19:51 2003
+++ ./files/patch-Makefile Wed Dec 17 11:25:29 2003
@@ -1,14 +1,15 @@
--- Makefile.orig Sun Nov 2 01:21:39 2003
-+++ Makefile Wed Dec 17 13:08:35 2003
++++ Makefile Wed Dec 17 09:56:14 2003
@@ -15,14 +15,14 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-CC=gcc
-CFLAGS=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags)
-+CC?=gcc
-+CFLAGS+=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags)
- LDFLAGS=-g $(shell libgcrypt-config --libs)
+-LDFLAGS=-g $(shell libgcrypt-config --libs)
++CC=%%CC%%
++CFLAGS=-W -Wall %%CFLAGS%% '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags)
++LDFLAGS=$(shell libgcrypt-config --libs)
ifeq ($(shell uname -s), Linux)
SYSDEP=sysdep-linux.o
diff -urN /usr/ports/security/vpnc/files/patch-vpnc.c ./files/patch-vpnc.c
--- /usr/ports/security/vpnc/files/patch-vpnc.c Wed Dec 17 16:19:51 2003
+++ ./files/patch-vpnc.c Tue Dec 16 21:26:08 2003
@@ -5,7 +5,7 @@
read_config_file (argv[i], config, 0);
- read_config_file ("/etc/vpnc.conf", config, 1);
-+ read_config_file ("/usr/local/etc/vpnc.conf", config, 1);
++ read_config_file ("%%PREFIX%%/etc/vpnc.conf", config, 1);
if (!config[CONFIG_IKE_DH])
config[CONFIG_IKE_DH] = "dh2";
diff -urN /usr/ports/security/vpnc/files/vpnc.8 ./files/vpnc.8
--- /usr/ports/security/vpnc/files/vpnc.8 Thu Jan 1 01:00:00 1970
+++ ./files/vpnc.8 Thu Dec 18 12:43:47 2003
@@ -0,0 +1,131 @@
+.\" Process this file with
+.\" groff -man -Tascii vpnc.8
+.\"
+.TH VPNC 8 "December 2003" FreeBSD "vpnc"
+.SH NAME
+vpnc \- Client for Cisco 3000 VPN Concentrator
+.SH SYNOPSIS
+.B vpnc [ --gateway
+.I IP-or-hostname
+.B ] [ --id
+.I IPSec group Id
+.B ] [ --username
+.I name
+.B ] [ --ifname
+.I name
+.B ] [ --local-port
+.I port number
+.B ] [ --pid-file
+.I filename
+.B ] [ --dh
+.I IKE DH group
+.B ] [ --pfs
+.I PFS group
+.B ] [ --non-inter ] [ --debug ] [ --no-detach ] [ --print-config ]
+.SH DESCRIPTION
+.B vpnc
+is a VPN client for the Cisco 3000 VPN Concentrator,
+creating a IPSec-like connection as a tunneling
+network device for the local system. It uses the
+TUN/TAP driver in Linux kernel 2.4 and above and
+device
+.BR tun (4)
+on BSD.
+
+The vpnc daemon by it self does not set any routes. The user
+has to do it on its own, e.g. for a full tunnel under FreeBSD
+
+.RS
+.PD 0
+route add -host VPNGATEWAY ROUTER
+.P
+route delete default
+.P
+route add default -interface tun0
+.PD
+.RE
+.SH CONFIGURATION
+The daemon reads configuration data from the following places:
+.PD 0
+.IP "- command line options"
+.IP "- config file(s) specified on the command line"
+.IP "- PREFIX/etc/vpnc.conf"
+.IP "- prompting the user if not found above"
+.PD
+.SH OPTIONS
+.IP "--gateway IP-or-hostname"
+IP address or hostname of the VPN gateway
+.IP "--id IPSec group Id"
+ID of the IPSec group
+.IP "--username name"
+your user credentials
+.IP "--ifname name"
+name of the tun-interface to use
+.IP "--local-port port number"
+use this port for the connection <0-65535>, use 0 for random
+.IP "--pid-file filename"
+store the pid of background process there
+.IP "--dh IKE DH group"
+name of the IKE DH Group <dh1/dh2/dh5>
+.IP "--pfs PFS group"
+Perfect Forward Secrecy <nopfs/dh1/dh2/dh5>
+.IP "--non-inter"
+non interactive mode, don't ask any questions
+.IP "--debug nr"
+set debugging level <0/1/2/3/99>
+.IP "--no-detach"
+do not send daemon to background
+.IP "--print-config"
+prints your configuration; output can be used as vpnc.conf
+
+.SH FILES
+.I PREFIX/etc/vpnc.conf
+.RS
+The default configuration file. See
+.BR EXAMPLES
+for further details.
+.RE
+
+.SH EXAMPLES
+This is an example vpnc.conf:
+
+.RS
+.PD 0
+IKE DH Group dh2
+.P
+Perfect Forward Secrecy nopfs
+.P
+IPSec gateway vpn.rwth-aachen.de
+.P
+IPSec ID MoPS
+.P
+IPSec secret mopsWLAN
+.P
+Xauth username abcdef
+.P
+Xauth passwort 123456
+.PD
+.RE
+
+The values start exactly one space after the keywords, and run to the end of
+line. This lets you put any kind of weird character (except EOL and NUL) in
+your strings, but it does mean you can't add comments after a string, or spaces
+before them.
+
+See also the
+.B --print-config
+option to generate a config file.
+
+.SH TODO
+Re-keying is no implemented yet (default rekey-intervall is 8 hours).
+
+.SH AUTHOR
+This man-page has been written by Christian Lackas <delta(at)lackas.net>,
+based on the Debian man-page
+by Eduard Bloch <blade(at)debian.org> and the vpnc README by
+Maurice Massar <vpnc(at)unix-ag.uni-kl.de>
+
+.SH "SEE ALSO"
+.BR tun (4),
+.BR route (1),
+.BR http://www.unix-ag.uni-kl.de/~massar/vpnc/
diff -urN /usr/ports/security/vpnc/files/vpnc.sh ./files/vpnc.sh
--- /usr/ports/security/vpnc/files/vpnc.sh Wed Dec 17 19:43:34 2003
+++ ./files/vpnc.sh Thu Dec 18 12:52:25 2003
@@ -1,12 +1,25 @@
-#!/bin/sh
+#! /bin/sh
+
+PREFIX=%%PREFIX%%
+PIDFILE=/var/run/vpnc.pid
+
+# change these variables and activate comments
+# below to get a full tunnel
+VPNGATEWAY=vpn.rwth-aachen.de
+ROUTER=192.168.111.2
case "$1" in
start)
- [ -x /usr/local/sbin/vpnc ] && /usr/local/sbin/vpnc && echo -n ' vpnc'
+ [ -x ${PREFIX}/sbin/vpnc ] && ${PREFIX}/sbin/vpnc --pid-file ${PIDFILE} &&
+ # route add -host ${VPNGATEWAY} ${ROUTER}
+ # route delete default &&
+ # route add default -interface tun0 &&
+ echo -n ' vpnc'
;;
stop)
- #
- kill
+ kill `cat ${PIDFILE}`
+ # route delete default &&
+ # route add default ${ROUTER}
;;
*)
echo "Usage: `basename $0` {start|stop}" >&2
diff -urN /usr/ports/security/vpnc/pkg-descr ./pkg-descr
--- /usr/ports/security/vpnc/pkg-descr Wed Dec 17 16:19:50 2003
+++ ./pkg-descr Thu Dec 18 15:57:30 2003
@@ -3,6 +3,6 @@
A VPN client compatible with Cisco's EasyVPN equipment.
Supports IPSec (ESP) with Mode Configuration and Xauth. Supports only
shared-secret IPSec authentication, 3DES, MD5, and IP tunneling.
-It runs entirely in userspace
+It runs entirely in userspace.
WWW: http://www.unix-ag.uni-kl.de/~massar/vpnc/
diff -urN /usr/ports/security/vpnc/pkg-message ./pkg-message
--- /usr/ports/security/vpnc/pkg-message Thu Jan 1 01:00:00 1970
+++ ./pkg-message Tue Dec 16 21:50:12 2003
@@ -0,0 +1,8 @@
+If vpnc fails with
+
+ socket(SOCK_RAW): Protocol not supported
+
+check your kernel configuration. The ESP protocol
+is only enabled for FAST_IPSEC (this cannot be
+configured together with IPSEC). See LINT for
+further details.
diff -urN /usr/ports/security/vpnc/pkg-plist ./pkg-plist
--- /usr/ports/security/vpnc/pkg-plist Wed Dec 17 16:19:50 2003
+++ ./pkg-plist Thu Dec 18 00:12:06 2003
@@ -2,4 +2,6 @@
etc/vpnc.conf.sample
etc/rc.d/vpnc.sh.sample
%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
+%%PORTDOCS%%%%DOCSDIR%%/TODO
%%PORTDOCS%%@dirrm %%DOCSDIR%%
--Qxx1br4bt0+wmkIi--
More information about the freebsd-ports-bugs
mailing list