ports/96368: security/ipsec-tools: use OPTIONS, extend featureset

Renato Botelho garga at FreeBSD.org
Fri Apr 28 12:10:20 UTC 2006


The following reply was made to PR ports/96368; it has been noted by GNATS.

From: Renato Botelho <garga at FreeBSD.org>
To: VANHULLEBUS Yvan <yvan.vanhullebus at netasq.com>
Cc: bug-followup at FreeBSD.org, Joerg.Pulz at frm%32.tum.de
Subject: Re: ports/96368: security/ipsec-tools: use OPTIONS, extend featureset
Date: Fri, 28 Apr 2006 09:06:52 -0300

 Dear maintainer, 
 
 I've made 2 changes you proposed. Please, take a look at following patch and
 tell me if you approve it.
 
 -------------------------- ipsec-tools.diff starts here ------------------------
 Index: Makefile
 ===================================================================
 RCS file: /home/pcvs/ports/security/ipsec-tools/Makefile,v
 retrieving revision 1.11
 diff -u -r1.11 Makefile
 --- Makefile	23 Feb 2006 10:38:57 -0000	1.11
 +++ Makefile	28 Apr 2006 11:50:50 -0000
 @@ -4,15 +4,14 @@
  #
  # $FreeBSD: ports/security/ipsec-tools/Makefile,v 1.11 2006/02/23 10:38:57 ade Exp $
  
 -# TODO: - configurable --enable-xxx
 -#       - libipsec issue ?
 +# TODO: - libipsec issue ?
  #       - cleanup...
  #       - SYSCONFDIR
  #       - $LOCALBASE/sbin/setkey Vs /usr/sbin/setkey
  
  PORTNAME=	ipsec-tools
  PORTVERSION=	0.6.5
 -PORTREVISION=	1
 +PORTREVISION=	2
  CATEGORIES=	security net
  MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
  MASTER_SITE_SUBDIR=	ipsec-tools
 @@ -26,27 +25,133 @@
  USE_OPENSSL=	yes
  USE_BZIP2=	yes
  
 -WRKSRC=		${WRKDIR}/${DISTNAME}
  GNU_CONFIGURE=	yes
  INSTALLS_SHLIB=	yes
 -LDFLAGS=	-L${LOCALBASE}/lib
  CONFIGURE_TARGET=	--build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
 -CONFIGURE_ARGS=	--enable-debug --enable-dpd --enable-natt=kernel \
 -		--enable-frag --enable-ipv6 --enable-shared \
 -		--sysconfdir=${PREFIX}/etc/racoon \
 +CONFIGURE_ARGS=	--enable-shared --sysconfdir=${PREFIX}/etc/racoon \
  		--with-pkgversion=freebsd-${PORTVERSION}
  
 +STATEDIR=	${DESTDIR}/var/db/racoon
 +SUB_LIST+=	STATEDIR=${STATEDIR}
 +PLIST_SUB+=	STATEDIR=${STATEDIR}
 +
 +OPTIONS=	DEBUG		"enable Debug support" on \
 +		IPV6		"enable IPV6 support" on \
 +		ADMINPORT	"enable Admin port" on \
 +		STATS		"enable Statistics logging function" on \
 +		DPD		"enable Dead Peer Detection" on \
 +		NATT		"enable NAT-Traversal set to 'kernel'" on \
 +		FRAG		"enable IKE fragmentation payload support" on \
 +		HYBRID		"enable Hybrid Mode-cfg and Xauth support" on \
 +		PAM		"enable PAM authentication" on \
 +		GSSAPI		"enable GSS-API authentication" off \
 +		RADIUS		"enable Radius authentication" off \
 +		SAUNSPEC	"enable Unspecified SA mode" off \
 +		RC5		"enable RC5 encryption (patented)" off \
 +		IDEA		"enable IDEA encryption (patented)" off
 +
  MAN3=		ipsec_set_policy.3 ipsec_strerror.3
  MAN5=		racoon.conf.5
  MAN8=		racoon.8 racoonctl.8 setkey.8 plainrsa-gen.8
  
  PORTDOCS=	*
  
 +.include <bsd.port.pre.mk>
 +
 +.ifdef(WITH_DEBUG)
 +CONFIGURE_ARGS+=	--enable-debug
 +.else
 +CONFIGURE_ARGS+=	--disable-debug
 +.endif
 +
 +.ifdef(WITH_IPV6)
 +CONFIGURE_ARGS+=	--enable-ipv6
 +.else
 +CONFIGURE_ARGS+=	--disable-ipv6
 +.endif
 +
 +.ifdef(WITH_ADMINPORT)
 +CONFIGURE_ARGS+=	--enable-adminport
 +.else
 +CONFIGURE_ARGS+=	--disable-adminport
 +.endif
 +
 +.ifdef(WITH_STATS)
 +CONFIGURE_ARGS+=	--enable-stats \
 +			--localstatedir=${STATEDIR:S/\/racoon//}
 +.else
 +CONFIGURE_ARGS+=	--disable-stats
 +.endif
 +
 +.ifdef(WITH_DPD)
 +CONFIGURE_ARGS+=	--enable-dpd
 +.else
 +CONFIGURE_ARGS+=	--disable-dpd
 +.endif
 +
 +.ifdef(WITH_NATT)
 +CONFIGURE_ARGS+=	--enable-natt=kernel
 +.else
 +CONFIGURE_ARGS+=	--disable-natt
 +.endif
 +
 +.ifdef(WITH_FRAG)
 +CONFIGURE_ARGS+=	--enable-frag
 +.else
 +CONFIGURE_ARGS+=	--disable-frag
 +.endif
 +
 +.ifdef(WITH_HYBRID)
 +CONFIGURE_ARGS+=	--enable-hybrid
 +.else
 +CONFIGURE_ARGS+=	--disable-hybrid
 +.endif
 +
 +.ifdef(WITH_PAM)
 +CONFIGURE_ARGS+=	--with-libpam
 +.else
 +CONFIGURE_ARGS+=	--without-libpam
 +.endif
 +
 +.ifdef(WITH_GSSAPI)
 +USE_ICONV=	yes
 +CFLAGS+=	-I${LOCALBASE}/include
 +LDFLAGS+=	-L${LOCALBASE}/lib
 +CONFIGURE_ARGS+=	--enable-gssapi
 +.else
 +CONFIGURE_ARGS+=	--disable-gssapi
 +.endif
 +
 +.ifdef(WITH_RADIUS)
 +CONFIGURE_ARGS+=	--with-libradius
 +.else
 +CONFIGURE_ARGS+=	--without-libradius
 +.endif
 +
 +.ifdef(WITH_SAUNSPEC)
 +CONFIGURE_ARGS+=	--enable-samode-unspec
 +.else
 +CONFIGURE_ARGS+=	--disable-samode-unspec
 +.endif
 +
 +.ifdef(WITH_RC5)
 +CONFIGURE_ARGS+=	--enable-rc5
 +.else
 +CONFIGURE_ARGS+=	--disable-rc5
 +.endif
 +
 +.ifdef(WITH_IDEA)
 +CONFIGURE_ARGS+=	--enable-idea
 +.else
 +CONFIGURE_ARGS+=	--disable-idea
 +.endif
 +
  post-install:
  	@if [ -z `/sbin/sysctl -a | ${GREP} -q ipsec && ${ECHO_CMD} ipsec` ]; then \
  	    ${ECHO_MSG} "WARNING: IPsec feature is disabled on this host"; \
  	    ${ECHO_MSG} "         You must build the kernel if you want to run racoon on the host"; \
  	fi ;
 +	@${MKDIR} ${STATEDIR}
  	@${MKDIR} ${EXAMPLESDIR}
  	@${RM} -f ${WRKSRC}/src/racoon/samples/*.in
  	@${CP} -r ${WRKSRC}/src/racoon/samples/* ${EXAMPLESDIR}
 @@ -55,4 +160,4 @@
  	@${INSTALL_DATA} ${WRKSRC}/src/racoon/doc/* ${DOCSDIR}
  .endif
  
 -.include <bsd.port.mk>
 +.include <bsd.port.post.mk>
 Index: pkg-descr
 ===================================================================
 RCS file: /home/pcvs/ports/security/ipsec-tools/pkg-descr,v
 retrieving revision 1.2
 diff -u -r1.2 pkg-descr
 --- pkg-descr	15 Sep 2005 12:11:48 -0000	1.2
 +++ pkg-descr	28 Apr 2006 11:50:50 -0000
 @@ -4,8 +4,7 @@
  This is the IPSec-tools version of racoon.
  
  Enchancements:
 -- Support of NAT-T.
 -- Support of IKE fragmentation.
 +- Support of NAT-T and IKE fragmentation.
  - Support of many authentication algorithms.
  - Tons of bugfixes.
  
 Index: pkg-plist
 ===================================================================
 RCS file: /home/pcvs/ports/security/ipsec-tools/pkg-plist,v
 retrieving revision 1.4
 diff -u -r1.4 pkg-plist
 --- pkg-plist	23 Feb 2006 10:38:57 -0000	1.4
 +++ pkg-plist	28 Apr 2006 11:50:50 -0000
 @@ -1,4 +1,6 @@
 +sbin/plainrsa-gen
  sbin/racoon
 +sbin/racoonctl
  sbin/setkey
  include/libipsec/libpfkey.h
  include/racoon/admin.h
 @@ -24,8 +26,6 @@
  lib/libracoon.la
  lib/libracoon.so
  lib/libracoon.so.0
 -sbin/plainrsa-gen
 -sbin/racoonctl
  %%EXAMPLESDIR%%/psk.txt
  %%EXAMPLESDIR%%/psk.txt.sample
  %%EXAMPLESDIR%%/racoon.conf
 @@ -48,3 +48,5 @@
  @dirrm %%EXAMPLESDIR%%/roadwarrior
  @dirrm %%EXAMPLESDIR%%
  @dirrmtry var/racoon
 + at exec mkdir -p %%STATEDIR%%
 + at dirrmtry %%STATEDIR%%
 Index: files/patch-configure
 ===================================================================
 RCS file: files/patch-configure
 diff -N files/patch-configure
 --- /dev/null	1 Jan 1970 00:00:00 -0000
 +++ files/patch-configure	28 Apr 2006 11:50:50 -0000
 @@ -0,0 +1,77 @@
 +--- configure.orig	Wed Apr 26 15:28:47 2006
 ++++ configure	Wed Apr 26 15:28:56 2006
 +@@ -25122,6 +25122,74 @@
 + fi
 + 
 + 
 ++	echo "$as_me:$LINENO: checking for iconv_open in -liconv" >&5
 ++echo $ECHO_N "checking for iconv_open in -liconv... $ECHO_C" >&6
 ++if test "${ac_cv_lib_iconv_iconv_open+set}" = set; then
 ++  echo $ECHO_N "(cached) $ECHO_C" >&6
 ++else
 ++  ac_check_lib_save_LIBS=$LIBS
 ++LIBS="-liconv  $LIBS"
 ++cat >conftest.$ac_ext <<_ACEOF
 ++/* confdefs.h.  */
 ++_ACEOF
 ++cat confdefs.h >>conftest.$ac_ext
 ++cat >>conftest.$ac_ext <<_ACEOF
 ++/* end confdefs.h.  */
 ++
 ++/* Override any gcc2 internal prototype to avoid an error.  */
 ++#ifdef __cplusplus
 ++extern "C"
 ++#endif
 ++/* We use char because int might match the return type of a gcc2
 ++   builtin and then its argument prototype would still apply.  */
 ++char iconv_open ();
 ++int
 ++main ()
 ++{
 ++iconv_open ();
 ++  ;
 ++  return 0;
 ++}
 ++_ACEOF
 ++rm -f conftest.$ac_objext conftest$ac_exeext
 ++if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
 ++  (eval $ac_link) 2>conftest.er1
 ++  ac_status=$?
 ++  grep -v '^ *+' conftest.er1 >conftest.err
 ++  rm -f conftest.er1
 ++  cat conftest.err >&5
 ++  echo "$as_me:$LINENO: \$? = $ac_status" >&5
 ++  (exit $ac_status); } &&
 ++	 { ac_try='test -z "$ac_c_werror_flag"
 ++			 || test ! -s conftest.err'
 ++  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
 ++  (eval $ac_try) 2>&5
 ++  ac_status=$?
 ++  echo "$as_me:$LINENO: \$? = $ac_status" >&5
 ++  (exit $ac_status); }; } &&
 ++	 { ac_try='test -s conftest$ac_exeext'
 ++  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
 ++  (eval $ac_try) 2>&5
 ++  ac_status=$?
 ++  echo "$as_me:$LINENO: \$? = $ac_status" >&5
 ++  (exit $ac_status); }; }; then
 ++  ac_cv_lib_iconv_iconv_open=yes
 ++else
 ++  echo "$as_me: failed program was:" >&5
 ++sed 's/^/| /' conftest.$ac_ext >&5
 ++
 ++ac_cv_lib_iconv_iconv_open=no
 ++fi
 ++rm -f conftest.err conftest.$ac_objext \
 ++      conftest$ac_exeext conftest.$ac_ext
 ++LIBS=$ac_check_lib_save_LIBS
 ++fi
 ++echo "$as_me:$LINENO: result: $ac_cv_lib_iconv_iconv_open" >&5
 ++echo "${ECHO_T}$ac_cv_lib_iconv_iconv_open" >&6
 ++if test $ac_cv_lib_iconv_iconv_open = yes; then
 ++  LIBS="$LIBS -liconv"
 ++fi
 ++
 + 	echo "$as_me:$LINENO: checking if iconv second argument needs const" >&5
 + echo $ECHO_N "checking if iconv second argument needs const... $ECHO_C" >&6
 + 	saved_CFLAGS=$CFLAGS
 Index: files/racoon.sh.in
 ===================================================================
 RCS file: /home/pcvs/ports/security/ipsec-tools/files/racoon.sh.in,v
 retrieving revision 1.3
 diff -u -r1.3 racoon.sh.in
 --- files/racoon.sh.in	20 Feb 2006 20:47:39 -0000	1.3
 +++ files/racoon.sh.in	28 Apr 2006 11:50:50 -0000
 @@ -32,6 +32,7 @@
  command="${prefix}/sbin/racoon"
  pidfile="/var/run/racoon.pid"
  required_files="${prefix}/etc/racoon/racoon.conf"
 +required_dirs="%%STATEDIR%%"
  stop_postcmd="racoon_poststop"
  
  racoon_poststop() {
 -------------------------- ipsec-tools.diff ends here ------------------------
 -- 
 Renato Botelho <garga @ FreeBSD.org>
                <freebsd @ galle.com.br>
 GnuPG Key: http://www.FreeBSD.org/~garga/pubkey.asc
 
 Adding features does not necessarily increase
 functionality -- it just makes the manuals thicker.



More information about the freebsd-ports-bugs mailing list