ports/60364: update of port security/vpnc

Christian Lackas delta at lackas.net
Sat Dec 20 20:41:00 UTC 2003


The following reply was made to PR ports/60364; it has been noted by GNATS.

From: Christian Lackas <delta at lackas.net>
To: FreeBSD-gnats-submit at FreeBSD.org
Cc:  
Subject: Re: ports/60364: update of port security/vpnc
Date: Sat, 20 Dec 2003 21:05:43 +0100

 --Qxx1br4bt0+wmkIi
 Content-Type: text/plain; charset=iso-8859-15
 Content-Disposition: inline
 Content-Transfer-Encoding: 8bit
 
 > Instead of sending shar, please send a diff in the unified format next
 > time you submit a port update. 
 
 ok, I've attached it.
 
 Regards,
  Christian
 
 -- 
 Morgenkaffee ist schlecht - er hält dich bis Mittag wach!
 http://www.lackas.net/ Perl Delphi Linux MP3 Searchengines Domainchecker
 
 --Qxx1br4bt0+wmkIi
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="vpnc.diff"
 
 diff -urN /usr/ports/security/vpnc/Makefile ./Makefile
 --- /usr/ports/security/vpnc/Makefile	Wed Dec 17 16:19:50 2003
 +++ ./Makefile	Thu Dec 18 15:57:30 2003
 @@ -1,32 +1,46 @@
  # New ports collection makefile for:	vpnc
 -# Date created:			        15 December 2003
 -# Whom:                			Christian Lackas
 +# Date created:        15 December 2003
 +# Whom:                Christian Lackas
  #
 -# $FreeBSD: ports/security/vpnc/Makefile,v 1.1 2003/12/17 15:19:50 krion Exp $
 +# $FreeBSD$
  #
  
 -PORTNAME=	vpnc
 +PORTNAME=		vpnc
  PORTVERSION=	0.2
 -CATEGORIES=	security
 +PORTREVISION=	1
 +CATEGORIES=		security
  MASTER_SITES=	http://www.unix-ag.uni-kl.de/~massar/vpnc/
 -DISTNAME=	${PORTNAME}-${PORTVERSION}-rm+zomb-pre6
 +DISTNAME=		${PORTNAME}-${PORTVERSION}-rm+zomb-pre6
  
 -MAINTAINER=	delta at lackas.net
 -COMMENT=	"Client for Cisco 3000 VPN Concentrator"
 +MAINTAINER=		delta at lackas.net
 +COMMENT=		Client for Cisco 3000 VPN Concentrator
  
  LIB_DEPENDS=	gcrypt.6:${PORTSDIR}/security/libgcrypt
  
 -USE_GMAKE=	yes
 -ALL_TARGET=	vpnc
 -INSTALL_TARGET=
 +USE_GMAKE=		yes
 +USE_REINPLACE=	yes
 +ALL_TARGET=		vpnc
  
 -post-install:
 +MAN8=vpnc.8
 +
 +do-install:
  	@${INSTALL_PROGRAM} -m 751 ${WRKSRC}/vpnc ${PREFIX}/sbin/vpnc
  	@${INSTALL_SCRIPT} -m 755 ${FILESDIR}/vpnc.sh ${PREFIX}/etc/rc.d/vpnc.sh.sample
 +	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${PREFIX}/etc/rc.d/vpnc.sh.sample
  	@${INSTALL_DATA} -m 600 ${WRKSRC}/vpnc.conf ${PREFIX}/etc/vpnc.conf.sample
  .if !defined(NOPORTDOCS)
 -	${MKDIR} ${DOCSDIR}
 -	@${INSTALL_DATA} -m 666 ${WRKSRC}/README ${DOCSDIR}
 +		${MKDIR} ${DOCSDIR}
 +		@${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR}
 +		@${INSTALL_DATA} ${WRKSRC}/ChangeLog	${DOCSDIR}
 +		@${INSTALL_DATA} ${WRKSRC}/TODO ${DOCSDIR}
 +.endif
 +.if !defined(NO_INSTALL_MANPAGES)
 +		@${INSTALL_MAN} ${FILESDIR}/vpnc.8 ${PREFIX}/man/man8
  .endif
 +	@${CAT} ${PKGMESSAGE}
 +
 +post-patch:
 +	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/vpnc.c
 +	@${REINPLACE_CMD} -e 's|%%CC%%|${CC}|;s|%%CFLAGS%%|${CFLAGS}|' ${WRKSRC}/Makefile
  
  .include <bsd.port.mk>
 diff -urN /usr/ports/security/vpnc/files/patch-Makefile ./files/patch-Makefile
 --- /usr/ports/security/vpnc/files/patch-Makefile	Wed Dec 17 16:19:51 2003
 +++ ./files/patch-Makefile	Wed Dec 17 11:25:29 2003
 @@ -1,14 +1,15 @@
  --- Makefile.orig	Sun Nov  2 01:21:39 2003
 -+++ Makefile	Wed Dec 17 13:08:35 2003
 ++++ Makefile	Wed Dec 17 09:56:14 2003
  @@ -15,14 +15,14 @@
   # along with this program; if not, write to the Free Software
   # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   
  -CC=gcc
  -CFLAGS=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags)
 -+CC?=gcc
 -+CFLAGS+=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags)
 - LDFLAGS=-g $(shell libgcrypt-config --libs)
 +-LDFLAGS=-g $(shell libgcrypt-config --libs)
 ++CC=%%CC%%
 ++CFLAGS=-W -Wall %%CFLAGS%% '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags)
 ++LDFLAGS=$(shell libgcrypt-config --libs)
   
   ifeq ($(shell uname -s), Linux)
   SYSDEP=sysdep-linux.o
 diff -urN /usr/ports/security/vpnc/files/patch-vpnc.c ./files/patch-vpnc.c
 --- /usr/ports/security/vpnc/files/patch-vpnc.c	Wed Dec 17 16:19:51 2003
 +++ ./files/patch-vpnc.c	Tue Dec 16 21:26:08 2003
 @@ -5,7 +5,7 @@
         read_config_file (argv[i], config, 0);
   
  -  read_config_file ("/etc/vpnc.conf", config, 1);
 -+  read_config_file ("/usr/local/etc/vpnc.conf", config, 1);
 ++  read_config_file ("%%PREFIX%%/etc/vpnc.conf", config, 1);
   
     if (!config[CONFIG_IKE_DH])
       config[CONFIG_IKE_DH] = "dh2";
 diff -urN /usr/ports/security/vpnc/files/vpnc.8 ./files/vpnc.8
 --- /usr/ports/security/vpnc/files/vpnc.8	Thu Jan  1 01:00:00 1970
 +++ ./files/vpnc.8	Thu Dec 18 12:43:47 2003
 @@ -0,0 +1,131 @@
 +.\" Process this file with
 +.\" groff -man -Tascii vpnc.8
 +.\"
 +.TH VPNC 8 "December 2003" FreeBSD "vpnc"
 +.SH NAME
 +vpnc \- Client for Cisco 3000 VPN Concentrator
 +.SH SYNOPSIS
 +.B vpnc  [ --gateway 
 +.I IP-or-hostname
 +.B ] [ --id 
 +.I IPSec group Id
 +.B ] [ --username
 +.I name
 +.B ] [ --ifname 
 +.I name
 +.B ] [ --local-port
 +.I port number
 +.B ] [ --pid-file
 +.I filename
 +.B ] [ --dh 
 +.I IKE DH group
 +.B ] [ --pfs 
 +.I PFS group
 +.B ] [ --non-inter ] [ --debug ] [ --no-detach ] [ --print-config ]
 +.SH DESCRIPTION
 +.B vpnc
 +is a VPN client for the Cisco 3000 VPN Concentrator,
 +creating a IPSec-like connection as a tunneling
 +network device for the local system. It uses the
 +TUN/TAP driver in Linux kernel 2.4 and above and
 +device 
 +.BR tun (4)
 +on BSD.
 +
 +The vpnc daemon by it self does not set any routes. The user
 +has to do it on its own, e.g. for a full tunnel under FreeBSD
 +
 +.RS
 +.PD 0
 +route add -host VPNGATEWAY ROUTER
 +.P
 +route delete default
 +.P
 +route add default -interface tun0
 +.PD
 +.RE
 +.SH CONFIGURATION
 +The daemon reads configuration data from the following places:
 +.PD 0
 +.IP "- command line options"
 +.IP "- config file(s) specified on the command line"
 +.IP "- PREFIX/etc/vpnc.conf"
 +.IP "- prompting the user if not found above"
 +.PD
 +.SH OPTIONS
 +.IP "--gateway IP-or-hostname"
 +IP address or hostname of the VPN gateway
 +.IP "--id IPSec group Id"
 +ID of the IPSec group
 +.IP "--username name"
 +your user credentials
 +.IP "--ifname name"
 +name of the tun-interface to use
 +.IP "--local-port port number"
 +use this port for the connection <0-65535>, use 0 for random
 +.IP "--pid-file filename"
 +store the pid of background process there
 +.IP "--dh IKE DH group"
 +name of the IKE DH Group <dh1/dh2/dh5>
 +.IP "--pfs PFS group"
 +Perfect Forward Secrecy <nopfs/dh1/dh2/dh5>
 +.IP "--non-inter"
 +non interactive mode, don't ask any questions
 +.IP "--debug nr"
 +set debugging level <0/1/2/3/99>
 +.IP "--no-detach"
 +do not send daemon to background
 +.IP "--print-config"
 +prints your configuration; output can be used as vpnc.conf
 +
 +.SH FILES
 +.I PREFIX/etc/vpnc.conf
 +.RS
 +The default configuration file. See
 +.BR EXAMPLES
 +for further details.
 +.RE
 +
 +.SH EXAMPLES
 +This is an example vpnc.conf:
 +
 +.RS
 +.PD 0
 +IKE DH Group dh2
 +.P
 +Perfect Forward Secrecy nopfs
 +.P
 +IPSec gateway vpn.rwth-aachen.de
 +.P
 +IPSec ID MoPS
 +.P
 +IPSec secret mopsWLAN
 +.P
 +Xauth username abcdef
 +.P
 +Xauth passwort 123456
 +.PD
 +.RE
 +
 +The values start exactly one space after the keywords, and run to the end of
 +line. This lets you put any kind of weird character (except EOL and NUL) in
 +your strings, but it does mean you can't add comments after a string, or spaces
 +before them.
 +
 +See also the
 +.B --print-config
 +option to generate a config file.
 +
 +.SH TODO
 +Re-keying is no implemented yet (default rekey-intervall is 8 hours).
 +
 +.SH AUTHOR
 +This man-page has been written by Christian Lackas <delta(at)lackas.net>,
 +based on the Debian man-page 
 +by Eduard Bloch <blade(at)debian.org> and the vpnc README by
 +Maurice Massar <vpnc(at)unix-ag.uni-kl.de>
 +
 +.SH "SEE ALSO"
 +.BR tun (4),
 +.BR route (1),
 +.BR http://www.unix-ag.uni-kl.de/~massar/vpnc/
 diff -urN /usr/ports/security/vpnc/files/vpnc.sh ./files/vpnc.sh
 --- /usr/ports/security/vpnc/files/vpnc.sh	Wed Dec 17 19:43:34 2003
 +++ ./files/vpnc.sh	Thu Dec 18 12:52:25 2003
 @@ -1,12 +1,25 @@
 -#!/bin/sh
 +#! /bin/sh
 +
 +PREFIX=%%PREFIX%%
 +PIDFILE=/var/run/vpnc.pid
 +
 +# change these variables and activate comments
 +# below to get a full tunnel
 +VPNGATEWAY=vpn.rwth-aachen.de
 +ROUTER=192.168.111.2
  
  case "$1" in
  start)
 -	[ -x /usr/local/sbin/vpnc ] && /usr/local/sbin/vpnc && echo -n ' vpnc'
 +	[ -x ${PREFIX}/sbin/vpnc ] && ${PREFIX}/sbin/vpnc --pid-file ${PIDFILE} &&
 +	# route add -host ${VPNGATEWAY} ${ROUTER}
 +	# route delete default && 
 +	# route add default -interface tun0 &&
 +	echo -n ' vpnc'
  	;;
  stop)
 -	#
 -	kill
 +	kill `cat ${PIDFILE}`
 +	# route delete default &&
 +	# route add default ${ROUTER}
  	;;
  *)
  	echo "Usage: `basename $0` {start|stop}" >&2
 diff -urN /usr/ports/security/vpnc/pkg-descr ./pkg-descr
 --- /usr/ports/security/vpnc/pkg-descr	Wed Dec 17 16:19:50 2003
 +++ ./pkg-descr	Thu Dec 18 15:57:30 2003
 @@ -3,6 +3,6 @@
  A VPN client compatible with Cisco's EasyVPN equipment.
  Supports IPSec (ESP) with Mode Configuration and Xauth. Supports only
  shared-secret IPSec authentication, 3DES, MD5, and IP tunneling.
 -It runs entirely in userspace
 +It runs entirely in userspace.
  
  WWW: http://www.unix-ag.uni-kl.de/~massar/vpnc/
 diff -urN /usr/ports/security/vpnc/pkg-message ./pkg-message
 --- /usr/ports/security/vpnc/pkg-message	Thu Jan  1 01:00:00 1970
 +++ ./pkg-message	Tue Dec 16 21:50:12 2003
 @@ -0,0 +1,8 @@
 +If vpnc fails with
 +
 +    socket(SOCK_RAW): Protocol not supported
 +
 +check your kernel configuration. The ESP protocol
 +is only enabled for FAST_IPSEC (this cannot be
 +configured together with IPSEC). See LINT for
 +further details.
 diff -urN /usr/ports/security/vpnc/pkg-plist ./pkg-plist
 --- /usr/ports/security/vpnc/pkg-plist	Wed Dec 17 16:19:50 2003
 +++ ./pkg-plist	Thu Dec 18 00:12:06 2003
 @@ -2,4 +2,6 @@
  etc/vpnc.conf.sample
  etc/rc.d/vpnc.sh.sample
  %%PORTDOCS%%%%DOCSDIR%%/README
 +%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
 +%%PORTDOCS%%%%DOCSDIR%%/TODO
  %%PORTDOCS%%@dirrm %%DOCSDIR%%
 
 --Qxx1br4bt0+wmkIi--
 



More information about the freebsd-ports-bugs mailing list