svn commit: r493835 - in head/security: . softether softether-devel softether5 softether5/files
Koichiro Iwao
meta at FreeBSD.org
Mon Feb 25 05:07:12 UTC 2019
Author: meta
Date: Mon Feb 25 05:07:08 2019
New Revision: 493835
URL: https://svnweb.freebsd.org/changeset/ports/493835
Log:
New port: security/softether5: SoftEther VPN 5 (Developer Edition)
SoftEther VPN ("SoftEther" means "Software Ethernet") is an
open-source cross-platform multi-protocol VPN program, created as an
academic project in the University of Tsukuba. Its protocol is very
fast and it can be used in very restricted environments, as it's able
to transfer packets over DNS and ICMP. A NAT-Traversal function is
also available, very useful in case the required ports cannot be
opened on the firewall. The supported third party protocols are
OpenVPN, L2TP/IPSec and SSTP.
This port is a bleeding-edge developer version of SoftEther, not for
production use. If you're looking for a solid and stable version,
use security/softether (RTM version) or security/softether-devel
(stable version) instead. This version is available also on other
other than i386/amd64 processors. Users who want to use SoftEther on
single board computers such as Raspberry Pi, BeagleBoard or other
embedded devices, try this port.
WWW: https://www.softether.org
Added:
head/security/softether5/
head/security/softether5/Makefile (contents, props changed)
head/security/softether5/distinfo (contents, props changed)
head/security/softether5/files/
head/security/softether5/files/extra-patch-unrestrict-enterprise-functions (contents, props changed)
head/security/softether5/files/patch-chain-certs-dir (contents, props changed)
head/security/softether5/files/patch-piddir (contents, props changed)
head/security/softether5/files/patch-use-system-cpu_features (contents, props changed)
head/security/softether5/files/pkg-message.in (contents, props changed)
head/security/softether5/files/softether_bridge.in (contents, props changed)
head/security/softether5/files/softether_client.in (contents, props changed)
head/security/softether5/files/softether_server.in (contents, props changed)
head/security/softether5/pkg-descr (contents, props changed)
head/security/softether5/pkg-plist (contents, props changed)
Modified:
head/security/Makefile
head/security/softether-devel/Makefile
head/security/softether/Makefile
Modified: head/security/Makefile
==============================================================================
--- head/security/Makefile Mon Feb 25 03:20:32 2019 (r493834)
+++ head/security/Makefile Mon Feb 25 05:07:08 2019 (r493835)
@@ -1258,6 +1258,7 @@
SUBDIR += snuffleupagus
SUBDIR += softether
SUBDIR += softether-devel
+ SUBDIR += softether5
SUBDIR += softhsm
SUBDIR += softhsm2
SUBDIR += sops
Modified: head/security/softether-devel/Makefile
==============================================================================
--- head/security/softether-devel/Makefile Mon Feb 25 03:20:32 2019 (r493834)
+++ head/security/softether-devel/Makefile Mon Feb 25 05:07:08 2019 (r493835)
@@ -36,7 +36,7 @@ OPTIONS_DEFINE= DOCS UNLOCK
UNLOCK_DESC= Unlock regional lockout (JP and CN)
UNLOCK_EXTRA_PATCHES= ${FILESDIR}/extra-patch-unrestrict-enterprise-functions
-CONFLICTS_INSTALL= softether
+CONFLICTS_INSTALL= softether-4.* softether5
PORTDOCS= AUTHORS.TXT ChangeLog LICENSE README THIRD_PARTY.TXT WARNING.TXT
LOGDIR?= /var/log/softether
Modified: head/security/softether/Makefile
==============================================================================
--- head/security/softether/Makefile Mon Feb 25 03:20:32 2019 (r493834)
+++ head/security/softether/Makefile Mon Feb 25 05:07:08 2019 (r493835)
@@ -36,7 +36,7 @@ OPTIONS_DEFINE= DOCS UNLOCK
UNLOCK_DESC= Unlock regional lockout (JP and CN)
UNLOCK_EXTRA_PATCHES= ${FILESDIR}/extra-patch-unrestrict-enterprise-functions
-CONFLICTS_INSTALL= softether-devel
+CONFLICTS_INSTALL= softether-devel-4.* softether5
PORTDOCS= AUTHORS.TXT ChangeLog LICENSE README THIRD_PARTY.TXT WARNING.TXT
LOGDIR?= /var/log/softether
Added: head/security/softether5/Makefile
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/Makefile Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,109 @@
+# $FreeBSD$
+
+PORTNAME= softether
+DISTVERSION= 5.01.9669
+CATEGORIES= security
+PKGNAMESUFFIX= 5
+
+MAINTAINER= meta at FreeBSD.org
+COMMENT= SoftEther VPN 5 (Developer Edition)
+
+LICENSE= APACHE20
+LICENSE_FILE= ${WRKSRC}/LICENSE
+
+BUILD_DEPENDS= ${LOCALBASE}/include/cpu_features_macros.h:devel/cpu_features
+
+USES+= cmake:noninja dos2unix iconv:wchar_t localbase:ldflags ncurses readline ssl
+USE_RC_SUBR= softether_bridge softether_client softether_server
+USE_LDCONFIG= yes
+USE_GITHUB= yes
+
+DOS2UNIX_GLOB= *.h *.c
+
+GH_ACCOUNT= SoftEtherVPN
+GH_PROJECT= SoftEtherVPN
+
+OPTIONS_DEFINE= DOCS UNLOCK
+
+# Use of some functions in Japan and China is restricted.
+# This option Unlocks regional lockout following functions:
+# - RADIUS / NT Domain user authentication function
+# - RSA certificate user authentication function
+# - Deep-inspect packet logging function
+# - Source IP address control list function
+# - syslog transfer function
+UNLOCK_DESC= Unlock regional lockout (JP and CN)
+UNLOCK_EXTRA_PATCHES= ${FILESDIR}/extra-patch-unrestrict-enterprise-functions
+
+PORTDOCS= DISCLAIMER.md WARNING.TXT
+CONFLICTS_INSTALL= softether-4.[0-9]* softether-devel-4.[0-9]*
+
+SE_DBDIR?= /var/db/${PORTNAME}
+SE_LOGDIR?= /var/log/${PORTNAME}
+PLIST_SUB= SE_DBDIR="${SE_DBDIR}" SE_LOGDIR="${SE_LOGDIR}"
+SUB_LIST= SE_DBDIR="${SE_DBDIR}" SE_LOGDIR="${SE_LOGDIR}"
+SUB_FILES= pkg-message
+
+.include <bsd.port.options.mk>
+
+pre-configure:
+ # not a GNU configure
+ @cd ${WRKSRC} && ${SETENV} ${CONFIGURE_ENV} ./configure
+
+post-patch:
+ # SoftEther scatters logs, config files and PID files in PREFIX/libexec
+ # directory. To write them in the right place, replace it.
+ ${REINPLACE_CMD} \
+ -e "s|@vpn_server_template|${SE_DBDIR}/vpn_server_template|" \
+ -e "s|@vpn_server|${SE_DBDIR}/vpn_server|" \
+ -e "s|@vpn_bridge|${SE_DBDIR}/vpn_bridge|" \
+ -e "s|@vpn_gate_svc|${SE_DBDIR}/vpn_gate_svc|" \
+ -e "s|@vpn_gate_relay|${SE_DBDIR}/vpn_gate_relay|" \
+ ${WRKSRC}/src/Cedar/Server.c
+
+ ${REINPLACE_CMD} \
+ -e "s|@adminip|${SE_DBDIR}/adminip|" \
+ -e "s|@etherlogger|${SE_DBDIR}/etherlogger|" \
+ -e "s|@vpn_client|${SE_DBDIR}/vpn_client|" \
+ -e "s|@vpn_router|${SE_DBDIR}/vpn_router|" \
+ -e "s|@custom|${SE_DBDIR}/custom|" \
+ -e "s|@backup|${SE_DBDIR}/backup|" \
+ -e "s|@save_binary|${SE_DBDIR}/save_binary|" \
+ -e "s|@lang|${SE_DBDIR}/lang|" \
+ -e "s|@azureserver|${SE_DBDIR}/azureserver|" \
+ -e "s|@server_log|${DIR}/server|" \
+ -e "s|@security_log|${SE_LOGDIR}/security|" \
+ -e "s|@packet_log|${SE_LOGDIR}/packet|" \
+ -e "s|@secure_nat_log|${SE_LOGDIR}/secure_nat|" \
+ -e "s|@client_log|${SE_LOGDIR}/client|" \
+ -e "s|@tiny_log|${SE_LOGDIR}/tiny|" \
+ -e "s|@carrier_log|${SE_LOGDIR}/carrier|" \
+ -e "s|@etherlogger_log|${SE_LOGDIR}/etherlogger|" \
+ ${WRKSRC}/src/Cedar/Cedar.h \
+ ${WRKSRC}/src/Cedar/Client.h \
+ ${WRKSRC}/src/Cedar/Nat.h \
+ ${WRKSRC}/src/Cedar/Server.c \
+ ${WRKSRC}/src/Mayaqua/Cfg.c \
+ ${WRKSRC}/src/Mayaqua/Cfg.h \
+ ${WRKSRC}/src/Mayaqua/Table.h
+
+ ${REINPLACE_CMD} \
+ -e "s|abort_error_log\.txt|${SE_LOGDIR}/abort_error_log.txt|" \
+ ${WRKSRC}/src/Mayaqua/Kernel.c
+
+ ${REINPLACE_CMD} \
+ -e "s|%%SE_DBDIR%%|${SE_DBDIR}|g" \
+ ${WRKSRC}/src/Cedar/Protocol.c \
+ ${WRKSRC}/src/Mayaqua/Unix.c \
+ ${WRKSRC}/src/Mayaqua/Network.c
+
+post-install:
+ @${MKDIR} ${STAGEDIR}${SE_LOGDIR} ${STAGEDIR}${SE_DBDIR}
+
+post-install-DOCS-on:
+ @${MKDIR} ${STAGEDIR}${DOCSDIR}
+.for doc in ${PORTDOCS}
+ ${FIND} ${WRKSRC} -name ${doc} -exec ${INSTALL_DATA} {} ${STAGEDIR}${DOCSDIR} \;
+.endfor
+
+.include <bsd.port.mk>
Added: head/security/softether5/distinfo
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/distinfo Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1549591284
+SHA256 (SoftEtherVPN-SoftEtherVPN-5.01.9669_GH0.tar.gz) = e40597094bd551767043fd5a8553ca03bfb5ab3938ea2523414d03b1bb7fddd5
+SIZE (SoftEtherVPN-SoftEtherVPN-5.01.9669_GH0.tar.gz) = 65709105
Added: head/security/softether5/files/extra-patch-unrestrict-enterprise-functions
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/files/extra-patch-unrestrict-enterprise-functions Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,27 @@
+--- src/Cedar/Server.c.orig 2019-02-04 04:43:50.000000000 +0900
++++ src/Cedar/Server.c 2019-02-15 17:50:18.825945000 +0900
+@@ -10566,23 +10566,7 @@
+ //
+ bool SiIsEnterpriseFunctionsRestrictedOnOpenSource(CEDAR *c)
+ {
+- char region[128];
+- bool ret = false;
+- // Validate arguments
+- if (c == NULL)
+- {
+- return false;
+- }
+-
+-
+- SiGetCurrentRegion(c, region, sizeof(region));
+-
+- if (StrCmpi(region, "JP") == 0 || StrCmpi(region, "CN") == 0)
+- {
+- ret = true;
+- }
+-
+- return ret;
++ return false;
+ }
+
+ // Update the current region
Added: head/security/softether5/files/patch-chain-certs-dir
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/files/patch-chain-certs-dir Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,31 @@
+--- src/Cedar/Protocol.c.orig 2019-02-03 19:43:50 UTC
++++ src/Cedar/Protocol.c
+@@ -58,7 +58,7 @@ bool TryGetRootCertChain(LIST *o, X *x, bool auto_save
+ wchar_t exedir[MAX_SIZE];
+
+ GetExeDirW(exedir, sizeof(exedir));
+- CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
++ CombinePathW(dirname, sizeof(dirname), L"/var/db/softether", L"chain_certs");
+ MakeDirExW(dirname);
+
+ if (auto_save)
+@@ -365,7 +365,7 @@ void AddAllChainCertsToCertList(LIST *o)
+
+ GetExeDirW(exedir, sizeof(exedir));
+
+- CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
++ CombinePathW(dirname, sizeof(dirname), L"/var/db/softether", L"chain_certs");
+
+ MakeDirExW(dirname);
+
+--- src/Mayaqua/Network.c.orig 2019-02-03 19:43:50 UTC
++++ src/Mayaqua/Network.c
+@@ -11520,7 +11520,7 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx
+
+ GetExeDirW(exedir, sizeof(exedir));
+
+- CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
++ CombinePathW(dirname, sizeof(dirname), L"/var/db/softether", L"chain_certs");
+
+ MakeDirExW(dirname);
+
Added: head/security/softether5/files/patch-piddir
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/files/patch-piddir Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,29 @@
+--- src/Mayaqua/Unix.c.orig 2019-02-03 19:43:50 UTC
++++ src/Mayaqua/Unix.c
+@@ -774,7 +774,7 @@ void *UnixNewSingleInstance(char *instance_name)
+ GetExeDir(dir, sizeof(dir));
+
+ // File name generation
+- Format(name, sizeof(name), "%s/.%s", dir, tmp);
++ Format(name, sizeof(name), "/var/db/softether/.%s", tmp);
+
+ fd = open(name, O_WRONLY);
+ if (fd == -1)
+@@ -2194,7 +2194,7 @@ void UnixGenPidFileName(char *name, UINT size)
+ Md5(hash, exe_name, StrLen(exe_name));
+ BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+
+- Format(name, size, "%s/.pid_%s", dir, tmp1);
++ Format(name, size, "/var/db/softether/.pid_%s", tmp1);
+ }
+
+ // Delete the PID file
+@@ -2239,7 +2239,7 @@ void UnixGenCtlFileName(char *name, UINT size)
+ Md5(hash, exe_name, StrLen(exe_name));
+ BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+
+- Format(name, size, "%s/.ctl_%s", dir, tmp1);
++ Format(name, size, "/var/db/softether/.ctl_%s", tmp1);
+ }
+
+ // Write the CTL file
Added: head/security/softether5/files/patch-use-system-cpu_features
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/files/patch-use-system-cpu_features Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,18 @@
+--- src/Mayaqua/CMakeLists.txt.orig 2019-02-03 19:43:50 UTC
++++ src/Mayaqua/CMakeLists.txt
+@@ -63,14 +63,10 @@ if(UNIX)
+
+ find_library(LIB_RT rt)
+
+- target_link_libraries(mayaqua PRIVATE OpenSSL::SSL OpenSSL::Crypto Threads::Threads ZLIB::ZLIB)
++ target_link_libraries(mayaqua PRIVATE OpenSSL::SSL OpenSSL::Crypto Threads::Threads ZLIB::ZLIB cpu_features)
+
+ if (CMAKE_SYSTEM_PROCESSOR MATCHES "^(armv7l|aarch64|s390x)$" OR NOT HAVE_SYS_AUXV)
+ add_definitions(-DSKIP_CPU_FEATURES)
+- else()
+- add_subdirectory(3rdparty/cpu_features)
+- set_property(TARGET cpu_features PROPERTY POSITION_INDEPENDENT_CODE ON)
+- target_link_libraries(mayaqua PRIVATE cpu_features)
+ endif()
+
+ if(LIB_RT)
Added: head/security/softether5/files/pkg-message.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/files/pkg-message.in Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,24 @@
+**************************************************************************
+
+To run softether vpn client from startup, run
+sysrc softether_client_enable=yes
+
+To run softether vpn server from startup, run
+sysrc softether_server_enable=yes
+
+To run softether vpn bridge from startup, run
+sysrc softether_bridge_enable=yes
+
+Initial and further configuration of all softether services can be
+done either by using a Windows client to connect to the running
+services or by vpncmd from command line.
+
+Please note client and bridge functionality is not fully
+supported on FreeBSD right now.
+
+When removing SoftEther VPN without the desire to reinstall, please
+ensure to remove the following dirctories as well:
+- %%SE_DBDIR%%
+- %%SE_LOGDIR%%
+
+**************************************************************************
Added: head/security/softether5/files/softether_bridge.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/files/softether_bridge.in Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+# PROVIDE: softether_bridge
+# REQUIRE: NETWORKING SERVERS
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable softether_bridge:
+# softether_bridge_enable (bool): Set to "NO" by default.
+# Set it to "YES" to enable
+#
+. /etc/rc.subr
+
+name=softether_bridge
+rcvar=softether_bridge_enable
+load_rc_config ${name}
+
+: ${softether_bridge_enable:=NO}
+
+command="%%PREFIX%%/libexec/softether/vpnbridge/vpnbridge"
+
+datadir="/var/db/softether"
+
+start_precmd="${name}_precmd"
+start_cmd="${command} start"
+stop_cmd="${command} stop"
+
+softether_bridge_precmd()
+{
+ if [ ! -d "${datadir}" ]; then
+ mkdir -p ${datadir}
+ fi
+}
+
+run_rc_command "$1"
Added: head/security/softether5/files/softether_client.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/files/softether_client.in Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+# PROVIDE: softether_client
+# REQUIRE: NETWORKING SERVERS
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable softether_client:
+# softether_client_enable (bool): Set to "NO" by default.
+# Set it to "YES" to enable
+#
+. /etc/rc.subr
+
+name=softether_client
+rcvar=softether_client_enable
+load_rc_config ${name}
+
+: ${softether_client_enable:=NO}
+
+command="%%PREFIX%%/libexec/softether/vpnclient/vpnclient"
+
+datadir="/var/db/softether"
+
+start_precmd="${name}_precmd"
+start_cmd="${command} start"
+stop_cmd="${command} stop"
+
+softether_client_precmd()
+{
+ if [ ! -d "${datadir}" ]; then
+ mkdir -p ${datadir}
+ fi
+}
+
+run_rc_command "$1"
Added: head/security/softether5/files/softether_server.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/files/softether_server.in Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+# PROVIDE: softether_server
+# REQUIRE: NETWORKING SERVERS
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable softether_server:
+# softether_server_enable (bool): Set to "NO" by default.
+# Set it to "YES" to enable
+#
+. /etc/rc.subr
+
+name=softether_server
+rcvar=softether_server_enable
+load_rc_config ${name}
+
+: ${softether_server_enable:=NO}
+
+command="%%PREFIX%%/libexec/softether/vpnserver/vpnserver"
+
+datadir="/var/db/softether"
+
+start_precmd="${name}_precmd"
+start_cmd="${command} start"
+stop_cmd="${command} stop"
+
+softether_server_precmd()
+{
+ if [ ! -d "${datadir}" ]; then
+ mkdir -p ${datadir}
+ fi
+}
+
+run_rc_command "$1"
Added: head/security/softether5/pkg-descr
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/pkg-descr Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,18 @@
+SoftEther VPN ("SoftEther" means "Software Ethernet") is an
+open-source cross-platform multi-protocol VPN program, created as an
+academic project in the University of Tsukuba. Its protocol is very
+fast and it can be used in very restricted environments, as it's able
+to transfer packets over DNS and ICMP. A NAT-Traversal function is
+also available, very useful in case the required ports cannot be
+opened on the firewall. The supported third party protocols are
+OpenVPN, L2TP/IPSec and SSTP.
+
+This port is a bleeding-edge developer version of SoftEther, not for
+production use. If you're looking for a solid and stable version,
+use security/softether (RTM version) or security/softether-devel
+(stable version) instead. This version is available also on other
+other than i386/amd64 processors. Users who want to use SoftEther on
+single board computers such as Raspberry Pi, BeagleBoard or other
+embedded devices, try this port.
+
+WWW: https://www.softether.org
Added: head/security/softether5/pkg-plist
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/softether5/pkg-plist Mon Feb 25 05:07:08 2019 (r493835)
@@ -0,0 +1,20 @@
+bin/vpnbridge
+bin/vpnclient
+bin/vpncmd
+bin/vpnserver
+lib/libcedar.so
+lib/libmayaqua.so
+libexec/softether/vpnbridge/hamcore.se2
+libexec/softether/vpnbridge/vpnbridge
+libexec/softether/vpnclient/hamcore.se2
+libexec/softether/vpnclient/vpnclient
+libexec/softether/vpncmd/hamcore.se2
+libexec/softether/vpncmd/vpncmd
+libexec/softether/vpnserver/hamcore.se2
+libexec/softether/vpnserver/vpnserver
+ at dir libexec/softether/vpnbridge
+ at dir libexec/softether/vpnclient
+ at dir libexec/softether/vpncmd
+ at dir libexec/softether/vpnserver
+ at dir %%SE_DBDIR%%
+ at dir %%SE_LOGDIR%%
More information about the svn-ports-all
mailing list