ports/110272: [maintainer-update] security/vpnc
Christian Lackas
delta at lackas.net
Tue Mar 13 16:30:05 UTC 2007
>Number: 110272
>Category: ports
>Synopsis: [maintainer-update] security/vpnc
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Tue Mar 13 16:30:04 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Christian Lackas
>Release: FreeBSD 6.2-PRERELEASE i386
>Organization:
Delta Consulting
>Environment:
System: FreeBSD zel057.zel.kfa-juelich.de 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Sat Nov 11 15:42:37 CET 2006 root at zel057.zel.kfa-juelich.de:/usr/obj/usr/src/sys/KERNEL.D800 i386
<machine, os, target, libraries (multiple lines)>
>Description:
upgrade to vpnc 0.4.0
# vpnc-0.4.0.tar.gz Mon Feb 19 22:22:22 CET 2007
* DragonFly BSD support by Hans-Werner Hilse
* Solaris 10 fixes by Sunil
* support to read obfuscated passwords from .pcf files, based on work from
"HAL-9000 at evilscientists.de"
* granted Dan Villiom Podlaski Christiansen svn commit privileges
* Darwin support by Dan Villiom Podlaski Christiansen
* UDP IP keepalive support from FreeBSD port
* Juniper/ScreenOS support from Marc Huber
* replace "--disable-natt --force-natt --udp" with "--natt-mode"
* null cipher support from Simon Lipp
* Windows/Cygwin and tap support from Paolo Zarpellon
* rekeying support
* various other fixes contributed by Joerg Mayer, Heiko Stamer, Plamen
Todorov, Asgeir, Jukka Salmi, Wolfram Sang, Laurence MOINDROT, Chris
Osicki, Anton Altaparmakov, Adam Simpkins, Ken Bell, Hanno Boeck, Kyle
McKay, Dennis Schneider
>How-To-Repeat:
>Fix:
http://www.lackas.net/freebsd/vpnc-0.4.0.patch
diff -uNr /usr/ports/security/vpnc/Makefile vpnc/Makefile
--- /usr/ports/security/vpnc/Makefile Mon Mar 5 21:57:04 2007
+++ vpnc/Makefile Tue Mar 13 16:30:29 2007
@@ -6,8 +6,7 @@
#
PORTNAME= vpnc
-PORTVERSION= 0.3.3
-PORTREVISION= 5
+PORTVERSION= 0.4.0
CATEGORIES= security
MASTER_SITES= http://www.unix-ag.uni-kl.de/~massar/vpnc/
@@ -26,7 +25,7 @@
sbin/vpnc-disconnect \
etc/vpnc.conf.sample
-PORTDOCS= README ChangeLog TODO
+PORTDOCS= README TODO
MAN8= vpnc.8
.include <bsd.port.pre.mk>
@@ -35,7 +34,7 @@
@${REINPLACE_CMD} -e \
's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/config.c
@${REINPLACE_CMD} -e \
- 's|%%CC%%|${CC}|;s|%%CFLAGS%%|${CFLAGS}|' \
+ 's|%%PREFIX%%|${PREFIX}|;s|%%CC%%|${CC}|;s|%%CFLAGS%%|${CFLAGS}|' \
${WRKSRC}/Makefile
do-install:
@@ -51,8 +50,5 @@
${MKDIR} ${DOCSDIR}
@cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR}
.endif
-
-post-install:
- @${CAT} ${PKGMESSAGE}
.include <bsd.port.post.mk>
diff -uNr /usr/ports/security/vpnc/distinfo vpnc/distinfo
--- /usr/ports/security/vpnc/distinfo Tue Jan 24 07:38:27 2006
+++ vpnc/distinfo Tue Mar 13 15:57:07 2007
@@ -1,3 +1,3 @@
-MD5 (vpnc-0.3.3.tar.gz) = e7518cff21326fe7eb9795b60c25ae6a
-SHA256 (vpnc-0.3.3.tar.gz) = be4a8e87b044cb99349e71e6879446739dd537dbde13e99ec61817ed67605bd7
-SIZE (vpnc-0.3.3.tar.gz) = 59939
+MD5 (vpnc-0.4.0.tar.gz) = 604807e7dd90fce00a4e2344ee29c76d
+SHA256 (vpnc-0.4.0.tar.gz) = f91c6bc2547cb503fde4f244ba82304553fec3954c65521482f8db2491700586
+SIZE (vpnc-0.4.0.tar.gz) = 75491
diff -uNr /usr/ports/security/vpnc/files/patch-Makefile vpnc/files/patch-Makefile
--- /usr/ports/security/vpnc/files/patch-Makefile Thu Apr 29 15:41:55 2004
+++ vpnc/files/patch-Makefile Tue Mar 13 16:30:29 2007
@@ -1,15 +1,20 @@
---- Makefile.orig Sun Apr 25 02:43:56 2004
-+++ Makefile Sun Apr 25 02:44:38 2004
-@@ -15,9 +15,9 @@
- # along with this program; if not, write to the Free Software
- # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+--- Makefile.orig Tue Mar 13 15:58:08 2007
++++ Makefile Tue Mar 13 15:59:50 2007
+@@ -20,7 +20,7 @@
+ # $Id: patch-Makefile,v 1.5 2007/03/13 15:30:29 lackas Exp $
+
+ DESTDIR=
+-PREFIX=/usr/local
++PREFIX=%%PREFIX%%
+ ETCDIR=/etc/vpnc
+ BINDIR=$(PREFIX)/bin
+ SBINDIR=$(PREFIX)/sbin
+@@ -34,7 +34,7 @@
+ VERSION := $(shell sh mk-version)
+ RELEASE_VERSION := $(shell cat VERSION)
-CC=gcc
--CFLAGS=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags)
--LDFLAGS=-g $(shell libgcrypt-config --libs)
+CC=%%CC%%
-+CFLAGS=-W -Wall %%CFLAGS%% '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags)
-+LDFLAGS=$(shell libgcrypt-config --libs)
-
- ifeq ($(shell uname -s), Linux)
- SYSDEP=sysdep-linux.o
+ CFLAGS += -W -Wall -O3 -Wmissing-declarations -Wwrite-strings -g
+ CPPFLAGS = -DVERSION=\"$(VERSION)\"
+ LDFLAGS = -g $(shell libgcrypt-config --libs)
diff -uNr /usr/ports/security/vpnc/files/patch-config.c vpnc/files/patch-config.c
--- /usr/ports/security/vpnc/files/patch-config.c Sun Sep 4 16:20:45 2005
+++ vpnc/files/patch-config.c Tue Mar 13 16:30:29 2007
@@ -1,6 +1,6 @@
---- config.c.orig Sun May 1 22:06:36 2005
-+++ config.c Tue Aug 2 20:18:29 2005
-@@ -125,12 +125,12 @@
+--- config.c.orig Fri Feb 16 18:22:06 2007
++++ config.c Tue Mar 13 16:11:53 2007
+@@ -251,12 +251,12 @@
static const char *config_def_script(void)
{
@@ -14,15 +14,15 @@
+ return "/var/run/vpnc.pid";
}
- static const struct config_names_s {
-@@ -520,8 +520,8 @@
+ static const char *config_def_vendor(void)
+@@ -701,8 +701,8 @@
}
-
+
if (!got_conffile) {
- read_config_file("/etc/vpnc/default.conf", config, 1);
- read_config_file("/etc/vpnc.conf", config, 1);
+ read_config_file("%%PREFIX%%/etc/vpnc/default.conf", config, 1);
+ read_config_file("%%PREFIX%%/etc/vpnc.conf", config, 1);
}
-
+
if (!print_config) {
diff -uNr /usr/ports/security/vpnc/files/patch-tunip.c vpnc/files/patch-tunip.c
--- /usr/ports/security/vpnc/files/patch-tunip.c Sat Jul 29 22:41:30 2006
+++ vpnc/files/patch-tunip.c Thu Jan 1 01:00:00 1970
@@ -1,48 +0,0 @@
-Index: tunip.c
-===================================================================
---- tunip.c (revision 67)
-+++ tunip.c (working copy)
-@@ -3,6 +3,7 @@
- Copyright (C) 2002 Geoffrey Keating
- Copyright (C) 2003-2005 Maurice Massar
- Copyright (C) 2004 Tomas Mraz
-+ Copyright (C) 2006 Daniel Roethlisberger
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
-@@ -776,7 +777,16 @@
- {
- int sock;
- struct pollfd pollfds[2];
-+ int enable_keepalives;
-+ int poll_timeout;
-
-+ /* non-esp marker, nat keepalive payload (0xFF) */
-+ char keepalive[5] = { 0x00, 0x00, 0x00, 0x00, 0xFF };
-+
-+ /* send keepalives if UDP encapsulation is enabled */
-+ enable_keepalives = !strcmp(meth->name, "udpesp");
-+ poll_timeout = enable_keepalives ? 20000 : -1;
-+
- pollfds[0].fd = tun_fd;
- pollfds[0].events = POLLIN;
- pollfds[1].fd = encap_get_fd(meth);
-@@ -786,8 +796,16 @@
- int presult;
-
- do {
-- presult = poll(pollfds, sizeof(pollfds) / sizeof(pollfds[0]), -1);
-- } while (presult == -1 && errno == EINTR && !do_kill);
-+ presult = poll(pollfds, sizeof(pollfds) / sizeof(pollfds[0]), poll_timeout);
-+ if (presult == 0 && enable_keepalives) {
-+ /* send nat keepalive packet */
-+ if(sendto(meth->fd, keepalive, sizeof(keepalive), 0,
-+ (struct sockaddr*)&peer->remote_sa->dest,
-+ sizeof(peer->remote_sa->dest)) == -1) {
-+ syslog(LOG_ERR, "sendto: %m");
-+ }
-+ }
-+ } while ((presult == 0 || (presult == -1 && errno == EINTR)) && !do_kill);
- if (presult == -1) {
- syslog(LOG_ERR, "poll: %m");
- continue;
diff -uNr /usr/ports/security/vpnc/files/patch-vpnc-disconnect vpnc/files/patch-vpnc-disconnect
--- /usr/ports/security/vpnc/files/patch-vpnc-disconnect Fri May 27 20:21:51 2005
+++ vpnc/files/patch-vpnc-disconnect Tue Mar 13 16:30:29 2007
@@ -1,5 +1,5 @@
---- vpnc-disconnect.orig Fri May 27 12:27:48 2005
-+++ vpnc-disconnect Fri May 27 12:28:02 2005
+--- vpnc-disconnect.orig Tue Mar 13 16:27:11 2007
++++ vpnc-disconnect Tue Mar 13 16:27:17 2007
@@ -1,6 +1,6 @@
#!/bin/sh
diff -uNr /usr/ports/security/vpnc/files/patch-vpnc-script vpnc/files/patch-vpnc-script
--- /usr/ports/security/vpnc/files/patch-vpnc-script Fri May 27 20:21:51 2005
+++ vpnc/files/patch-vpnc-script Tue Mar 13 16:30:29 2007
@@ -1,54 +1,13 @@
---- vpnc-script.orig Thu May 5 19:05:18 2005
-+++ vpnc-script Fri May 27 12:21:50 2005
-@@ -19,8 +19,8 @@
- #set -x
+--- vpnc-script.orig Tue Mar 13 16:03:06 2007
++++ vpnc-script Tue Mar 13 16:03:24 2007
+@@ -31,8 +31,8 @@
+ ;;
+ esac
- OS="`uname -s`"
-DEFAULT_ROUTE_FILE=/var/run/vpnc/defaultroute
-RESOLV_CONF_BACKUP=/var/run/vpnc/resolv.conf-backup
+DEFAULT_ROUTE_FILE=/var/run/vpnc.defaultroute
+RESOLV_CONF_BACKUP=/var/run/vpnc.resolv.conf-backup
- IPROUTE="`which ip 2> /dev/null`"
-
-@@ -117,7 +117,7 @@
- }
- else
- get_default_gw() {
-- netstat -r -n | grep '^0.0.0.0' | awk '{print $2}'
-+ netstat -r -n | grep '^default' | awk '{print $2}'
- }
-
- set_vpngateway_route() {
-@@ -219,11 +219,14 @@
- do_ifconfig
- set_vpngateway_route
- if [ -n "$CISCO_SPLIT_INC" ]; then
-- for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do
-+ # for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do
-+ i=0
-+ while [ $i -lt ${CISCO_SPLIT_INC} ]; do
- eval NETWORK="\${CISCO_SPLIT_INC_${i}_ADDR}"
- eval NETMASK="\${CISCO_SPLIT_INC_${i}_MASK}"
- eval NETMASKLEN="\${CISCO_SPLIT_INC_${i}_MASKLEN}"
- set_network_route "$NETWORK" "$NETMASK" "$NETMASKLEN"
-+ i=`expr $i + 1`
- done
- for i in $INTERNAL_IP4_DNS ; do
- set_network_route "$i" "255.255.255.255" "32"
-@@ -239,11 +242,14 @@
-
- do_disconnect() {
- if [ -n "$CISCO_SPLIT_INC" ]; then
-- for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do
-+ # for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do
-+ i=0
-+ while [ $i -lt ${CISCO_SPLIT_INC} ]; do
- eval NETWORK="\${CISCO_SPLIT_INC_${i}_ADDR}"
- eval NETMASK="\${CISCO_SPLIT_INC_${i}_MASK}"
- eval NETMASKLEN="\${CISCO_SPLIT_INC_${i}_MASKLEN}"
- del_network_route "$NETWORK" "$NETMASK" "$NETMASKLEN"
-+ i=`expr $i + 1`
- done
- for i in $INTERNAL_IP4_DNS ; do
- del_network_route "$i" "255.255.255.255" "32"
+ # some systems, eg. Darwin & FreeBSD, prune /var/run on boot
+ if ! [ -d "/var/run/vpnc" ]; then
diff -uNr /usr/ports/security/vpnc/files/patch-vpnc.8 vpnc/files/patch-vpnc.8
--- /usr/ports/security/vpnc/files/patch-vpnc.8 Thu Nov 18 13:22:50 2004
+++ vpnc/files/patch-vpnc.8 Thu Jan 1 01:00:00 1970
@@ -1,237 +0,0 @@
---- vpnc.8.dist Wed Nov 17 15:19:42 2004
-+++ vpnc.8 Wed Nov 17 15:20:40 2004
-@@ -1,18 +1,45 @@
--.TH "VPNC" "8" "13 Mai 2004" "Debian" "vpnc"
-+.\" groff -man -Tascii vpnc.8
-+.TH "VPNC" "8" "Mai 2004" "FreeBSD" "vpnc"
-
- .SH NAME
--vpnc \- client for Cisco VPN3000 Concentrator, IOS and PIX
-+vpnc \- client for cisco3000 VPN Concentrator
- .SH SYNOPSIS
-
--see
--.B vpnc \-\-long\-help
-+.B vpnc [ \-\-gateway
-+.I <IP or hostname>
-+.B ] [ \-\-id
-+.I <IPSec group Id>
-+.B ] [ \-\-username
-+.I <user name>
-+.B ] [ \-\-script
-+.I <command>
-+.B ] [ \-\-domain
-+.I <domain name>
-+.B ] [ \-\-dh
-+.I <dh1/dh2/dh5>
-+.B ] [ \-\-pfs
-+.I <nopfs/dh1/dh2/dh5/server>
-+.B ] [ \-\-enable-1des
-+.B ] [ \-\-application-version
-+.I <version string>
-+.B ] [ \-\-ifname
-+.I <interface>
-+.B ] [ \-\-debug
-+.I <0/1/2/3/99>
-+.B ] [ \-\-no-detach
-+.B ] [ \-\-pid-file
-+.I <filename>
-+.B ] [ \-\-local-port
-+.I <0-65535>
-+.B ] [ \-\-non-inter
-+.B ] [ \-\-udp
-+.B ] [ \-\-udp-port <0-65535>
-+.B ] [ \-\-disable-natt
-+.B ]
-+
-
- .SH "DESCRIPTION"
- .PP
--This manual page documents briefly the
--\fBvpnc\fR, \fBvpnc\-connect\fR and
--\fBvpnc\-disconnect\fR commands.
--.PP
- \fBvpnc\fR is a
- VPN client for the Cisco 3000 VPN Concentrator, creating a IPSec-like
- connection as a tunneling network device for the local system. It uses
-@@ -20,7 +47,7 @@
- on BSD. The created connection is presented as a tunneling network
- device to the local system.
- .PP
--The vpnc daemon by it self does not set any routes, the user (or
-+The vpnc daemon by itself does not set any routes, the user (or
- the connect script, see below) has to do it on its own, e.g. for a full
- tunnel with IP routing under Linux. Further, the user must care about
- setting a minimal route to the gateway to not cut the essential
-@@ -30,26 +57,17 @@
- command (see \-\-script) to configure the interface and care about the
- route setup. By default, only a simple ifconfig command is executed.
- .PP
--The command \fBvpnc\-connect\fR is a helper script that will assist on
--connection invocation and routing configuration. It can also be used to manage configuration files
--for multiple VPN connections. The script can be started by the user or
--from the daemon (see \-\-script) when the connection is established. In
--the first case, it will simply run the daemon after some environment
--checks. When executed by the daemon later, it will create a minimalistic
--host route to the gateway and configures the default gateway
--configuration of Linux to run over the VPN tunnel.
--.PP
--The \fBvpnc\-disconnect\fR command is used to terminate
--the connection previously created by \fBvpnc\-connect\fR
--and restore the previous routing configuration.
-+The script installed at \fB%%PREFIX%%/etc/rc.d/vpnc.sh.sample\fR contains an example
-+of how to set up a tunnel. The \fBvpnc.sh.sample-fulltunnel\fR is are more intelligent
-+script to set up a full tunnel.
-
- .SH CONFIGURATION
- The daemon reads configuration data from the following places:
- .PD 0
- .IP "- command line options"
- .IP "- config file(s) specified on the command line"
--.IP "- /etc/vpnc/default.conf"
--.IP "- /etc/vpnc.conf"
-+.IP "- %%PREFIX%%/etc/vpnc/default.conf"
-+.IP "- %%PREFIX%%/etc/vpnc.conf"
- .IP "- prompting the user if not found above"
-
- .PP
-@@ -73,18 +91,87 @@
- for security reasons) or be stored in a configuration file.
-
-
-+.IP "\-\-gateway <ip/hostname>"
-+IP or host name of your IPSec gateway
-+
-+.IP "\-\-id <ASCII string>"
-+Your group name in <ASCII string>
-+
-+.IP "\-\-username <ASCII string>"
-+Your username
-+
-+.IP "\-\-script <command>"
-+The <command> specified here is executed when the connection has been
-+established, in order to configure the interface, routing and so on.
-+Device name, IP, etc. are passed using enviroment variables, see
-+README. This script is executed right after ISAKMP is done, but befor
-+tunneling is enabled. Some environment variables (namely TUNDEV and VPNGATEWAY)
-+are set and can be used for the detail configuration. Default command: ifconfig
-+$TUNDEV inet $INTERNAL_IP4_ADDRESS pointopoint $INTERNAL_IP4_ADDRESS netmask
-+255.255.255.255 mtu 1412 up.
-+
-+.IP "\-\-domain <ASCII string>"
-+Domain name for authentication, sometimes needed for authentification
-+against Windows NT domains.
-+
-+.IP "\-\-dh <dh1/dh2/dh5>"
-+Name of the IKE DH Group (default: dh2).
-+
-+.IP "\-\-pfs <nopfs/dh1/dh2/dh5/server>"
-+Diffie-Hellman group to use for PFS, one of nopfs, dh1, dh2, dh5 or
-+server (default: server).
-+
-+.IP "\-\-enable\-1des"
-+Enables weak Single DES encryption.
-+
-+.IP "\-\-application\-version <ASCII string>"
-+Application Version to report to the server when identifying ourself
-+(default: Cisco Systems VPN Client <vpnc-version>).
-+
-+.IP "\-\-ifname <ASCII string>"
-+The virtual name of the network interface assigned to the tunnel
-+endpoint (default: first available tunX). [Linux only]
-+
-+.IP "\-\-debug <0/1/2/3/99>"
-+Show verbose debug messages with different verbosity levels.
-+A level 99 transscript contains username and password, so
-+do NEVER give those files away (use debug 3 instead).
-+
-+.IP "\-\-no\-detach"
-+Don't detach from the console (go to background) after login.
-+
-+.IP "\-\-pid\-file <filename>"
-+Store the pid of background process in a file.
-+
-+.IP "\-\-local-port <0-65535>"
-+Local ISAKMP port number to use (0 == use random port, 500 is default).
-+
-+.IP "\-\-non-inter"
-+Don't ask anything, exit on missing options.
-+
- .IP "\-\-print\-config"
-- Prints your configuration; output can be used as vpnc.conf
-+Prints your configuration; output can be used as vpnc.conf.
-+
-+.IP "\-\-udp"
-+Use Cisco-UDP encapsulation of IPSEC traffic.
-+
-+.IP "\-\-udp-port"
-+Local UDP Encapsulation Port number to use (0 == use random port)
-+
-+.IP "\-\-disable-natt"
-+Disable use of NAT-T
-+
-+.IP "\-\-xauth-inter"
-+Enable interactive extended authentification (for challenge
-+response auth).
-+
-
--See output of
--.B vpnc \-\-long\-help
--for a complete description
-
- .SH FILES
--.I /etc/vpnc.conf
-+.I %%PREFIX%%/etc/vpnc.conf
- .RS
- The default configuration file. You can specify the same config
--directives as with command line options and additionaly
-+directives as with command line options and additionaly.
- .B IPSec secret
- and
- .B Xauth password
-@@ -96,7 +183,7 @@
- for further details.
- .RE
-
--.I /etc/vpnc/*.conf
-+.I %%PREFIX%%/etc/vpnc/*.conf
- .RS
- The vpnc\-connect will read configuration files in this directory when
- the config script name (without .conf) is specified on the command line.
-@@ -129,7 +216,7 @@
- See also the
- .B \-\-print\-config
- option to generate a config file, and the example file in the package
--documentation directory where more advanced usage is demonstrated.
-+documentation directory where more advanced usage is described.
-
- Advanced features like manual setting of multiple target routes is
- documented in the example files of the vpnc package.
-@@ -143,18 +230,17 @@
-
- .SH AUTHOR
- This man-page has been written by Eduard Bloch <blade(at)debian.org> and
--Christian Lackas <delta(at)lackas.net>, based on vpnc README by
--Maurice Massar <vpnc(at)unix\-ag.uni\-kl.de>.
--Permission is
--granted to copy, distribute and/or modify this document under
--the terms of the GNU General Public License, Version 2 any
--later version published by the Free Software Foundation.
-+Christian Lackas <delta(at)lackas.net>, based on the vpnc README by
-+Maurice Massar <vpnc(at)unix\-ag.uni\-kl.de> and his source code.
-+Permission is granted to copy, distribute and/or modify this document
-+under the terms of the GNU General Public License, Version 2 any later
-+version published by the Free Software Foundation.
- .PP
- On Debian systems, the complete text of the GNU General Public
- License can be found in /usr/share/common\-licenses/GPL.
- .SH "SEE ALSO"
--.BR ip (8),
--.BR ifconfig (8),
--.BR route (1),
-+.BR tun(4),
-+.BR ifconfig(8),
-+.BR route(8),
- .BR http://www.unix\-ag.uni\-kl.de/~massar/vpnc/
--
-+.BR %%PREFIX%%/etc/rc.d/vpnc.sh.sample-fulltunnel
diff -uNr /usr/ports/security/vpnc/pkg-descr vpnc/pkg-descr
--- /usr/ports/security/vpnc/pkg-descr Mon Dec 22 20:23:14 2003
+++ vpnc/pkg-descr Tue Mar 13 16:30:29 2007
@@ -1,8 +1,8 @@
-VPNC - Client for Cisco 3000 VPN Concentrator
+VPNC - Client for Cisco 3000 VPN Concentrator, IOS and PIX
-A VPN client compatible with Cisco's EasyVPN equipment.
-Supports IPSec (ESP) with Mode Configuration and Xauth. Supports only
-shared-secret IPSec authentication, 3DES, MD5, and IP tunneling.
-It runs entirely in userspace.
+Vpnc is a VPN client for the Cisco 3000 VPN Concentrator, creating a
+IPSec-like connection as a tunneling network device for the local
+system. The created connection is presented as a tunneling network
+device to the local system. The daemon runs entirely in userspace.
WWW: http://www.unix-ag.uni-kl.de/~massar/vpnc/
diff -uNr /usr/ports/security/vpnc/pkg-message vpnc/pkg-message
--- /usr/ports/security/vpnc/pkg-message Tue May 4 22:14:23 2004
+++ vpnc/pkg-message Thu Jan 1 01:00:00 1970
@@ -1,9 +0,0 @@
-If vpnc under FreeBSD 4 fails with
-
- socket(SOCK_RAW): Protocol not supported
-
-check your kernel configuration. The ESP protocol may be only
-enabled for FAST_IPSEC (this cannot be configured together with
-IPSEC). See LINT for further details.
-
-Under FreeBSD 5 vpnc should work without any IPSEC enabled.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list