diff options
| author | itojun <itojun@pkgsrc.org> | 2000-06-12 10:45:52 +0000 |
|---|---|---|
| committer | itojun <itojun@pkgsrc.org> | 2000-06-12 10:45:52 +0000 |
| commit | d035f6a7b6d468140ce74233d794263d03baff3c (patch) | |
| tree | 393d43d5db40d79b1be97f1c84fa10203f2ddcf5 /security | |
| parent | 4e5c943259aa99b10806846bdf6374a2df97a5ef (diff) | |
| download | pkgsrc-d035f6a7b6d468140ce74233d794263d03baff3c.tar.gz | |
build 20000612 KAME racoon IKE daemon, by pulling tar.gz from ftp.kame.net
(does not use anoncvs any more).
changes in racoon itself is way too many to mention. for full changelog refer
http://www.kame.net/dev/cvsweb.cgi/kame/CHANGELOG.
Diffstat (limited to 'security')
| -rw-r--r-- | security/racoon/Makefile | 43 | ||||
| -rw-r--r-- | security/racoon/files/patch-sum | 7 | ||||
| -rw-r--r-- | security/racoon/patches/patch-aa | 38 | ||||
| -rw-r--r-- | security/racoon/patches/patch-ab | 19 | ||||
| -rw-r--r-- | security/racoon/patches/patch-ac | 22 | ||||
| -rw-r--r-- | security/racoon/patches/patch-ad | 14 | ||||
| -rw-r--r-- | security/racoon/pkg/DESCR | 9 | ||||
| -rw-r--r-- | security/racoon/pkg/PLIST | 11 |
8 files changed, 109 insertions, 54 deletions
diff --git a/security/racoon/Makefile b/security/racoon/Makefile index 880120586c1..bdf499910d4 100644 --- a/security/racoon/Makefile +++ b/security/racoon/Makefile @@ -1,36 +1,39 @@ -# $NetBSD: Makefile,v 1.6 2000/04/25 19:10:10 thorpej Exp $ +# $NetBSD: Makefile,v 1.7 2000/06/12 10:45:52 itojun Exp $ # -DISTNAME= racoon-0.0 +DISTNAME= racoon-20000612a CATEGORIES= security net +MASTER_SITES= ftp://ftp.kame.net/pub/kame/misc/ MAINTAINER= itojun@kame.net HOMEPAGE= http:/www.kame.net/ +NO_PACKAGE= "crypto" +NO_CDROM= "crypto" + # this is not compatible with cross build - there's no other way .if !exists(/usr/include/netinet6/ipsec.h) IGNORE+= "requires ipsec-ready NetBSD" .endif +.include "../../mk/bsd.prefs.mk" +BUILD_DEFS+= USE_INET6 + # openssl is necessary for RSA libraries # if PATENTEDOPENSSLSRC is defined, then we assume that # RSA already exists in the OpenSSL built as part of the # base distribution. .if !defined(PATENTEDOPENSSLSRC) DEPENDS+= openssl-0.9.*:../../security/openssl +CONFIGURE_ENV+= CPPFLAGS=-I${LOCALBASE}/include CFLAGS=-I${LOCALBASE}/include \ + LIBS="-L${LOCALBASE}/lib -L${WRKSRC}/../libipsec" +.else +CONFIGURE_ENV+= LIBS="-L${WRKSRC}/../libipsec" .endif -BUILD_DEPENDS+= cvs:../../devel/cvs CONFLICTS+= racoon-* -# crypto-intl configuration. needs "cvs login". -ANONCVS= :pserver:anoncvs@anoncvs.jp.netbsd.org:/cvs/cvsroot -INTL= intl -# crypto-us configuration. needs "CVS_RSH = ssh". not tested. -#ANONCVS= anoncvs@anoncvs.netbsd.org:/cvsroot -#INTL= us - -WRKSRC= ${WRKDIR}/racoon +WRKSRC= ${WRKDIR}/${DISTNAME}/racoon GNU_CONFIGURE= yes CONFIGURE_ARGS+=--enable-debug @@ -39,18 +42,14 @@ CONFIGURE_ARGS+=--enable-ipv6 .else CONFIGURE_ARGS+=--disable-ipv6 .endif +CONFIGURE_ARGS+=--sysconfdir=/etc/racoon -do-fetch:: - -do-extract: - ${MKDIR} ${WRKDIR} - (cd ${WRKDIR}; cvs -d ${ANONCVS} co -P -d racoon \ - cryptosrc-${INTL}/crypto-${INTL}/dist/kame/racoon) - (cd ${WRKDIR}; cvs -d ${ANONCVS} co -P -d libpfkey \ - cryptosrc-${INTL}/crypto-${INTL}/dist/kame/libpfkey) - ${CP} ${FILESDIR}/Makefile.libpfkey ${WRKDIR}/libpfkey/Makefile +pre-configure: + (cd ${WRKSRC}/../libipsec; make) -pre-build: - (cd ${WRKDIR}/libpfkey; make) +post-install: + ${MKDIR} ${PREFIX}/share/examples/racoon + ${INSTALL_DATA} ${WRKSRC}/samples/racoon.conf.sample \ + ${PREFIX}/share/examples/racoon .include "../../mk/bsd.pkg.mk" diff --git a/security/racoon/files/patch-sum b/security/racoon/files/patch-sum index 841c8f958c8..c859ab0afea 100644 --- a/security/racoon/files/patch-sum +++ b/security/racoon/files/patch-sum @@ -1,3 +1,6 @@ -$NetBSD: patch-sum,v 1.1.1.1 2000/04/04 03:01:12 itojun Exp $ +$NetBSD: patch-sum,v 1.2 2000/06/12 10:45:52 itojun Exp $ -MD5 (patch-aa) = 610bc105ac4381b5ec6ffb0218124d0c +MD5 (patch-aa) = 09219a5e174dfd1af277d60c01e84a1d +MD5 (patch-ab) = 1a2944fbce4cee174eade2cc0726c0ef +MD5 (patch-ac) = 120b688d163c46659fecb0163def13a0 +MD5 (patch-ad) = 4a68eee8591dd85c8b17ba154b75c642 diff --git a/security/racoon/patches/patch-aa b/security/racoon/patches/patch-aa index 8cc41c6beb2..6fee80a43f2 100644 --- a/security/racoon/patches/patch-aa +++ b/security/racoon/patches/patch-aa @@ -1,23 +1,17 @@ -$NetBSD: patch-aa,v 1.1.1.1 2000/04/04 03:01:12 itojun Exp $ ---- Makefile.in.orig Mon Apr 3 19:34:51 2000 -+++ Makefile.in Mon Apr 3 19:38:45 2000 -@@ -9,7 +9,7 @@ - OPTFLAG=@OPTFLAG@ - CFLAGS= @CFLAGS@ @CPPFLAGS@ @DEFS@ $(CPPFLAGS) $(OPTFLAG) -DIPSEC -I. -I$(srcdir) -Dss_family=__ss_family -Dss_len=__ss_len -DSYSCONFDIR=\"${sysconfdir}\" - CFLAGS+=-DYY_NO_UNPUT --LIBS= @LIBS@ -+LIBS= @LIBS@ -L${srcdir}/../libpfkey -lpfkey - YFLAGS+=-d +$NetBSD: patch-aa,v 1.2 2000/06/12 10:45:52 itojun Exp $ +--- ../libipsec/Makefile- Mon Jun 12 00:02:28 2000 ++++ ../libipsec/Makefile Mon Jun 12 00:02:49 2000 +@@ -25,9 +25,10 @@ + # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + # SUCH DAMAGE. - prefix= @prefix@ -@@ -78,10 +78,6 @@ - $(INSTALL) -o bin -g bin -m 444 racoon.conf.5 $(mandir)/man5 - -mkdir -p ${sysconfdir}/racoon - for i in $(CONF); do \ -- if test ! -f ${sysconfdir}/racoon/$$i; then \ -- $(INSTALL) -o bin -g bin -m 444 samples/$$i \ -- ${sysconfdir}/racoon; \ -- fi; \ - $(INSTALL) -o bin -g bin -m 444 samples/$$i \ - ${sysconfdir}/racoon/$$i.dist; \ - done +-.if exists(${.CURDIR}/../Makefile.opsys) +-.include "${.CURDIR}/../Makefile.opsys" +-.endif ++#.if exists(${.CURDIR}/../Makefile.opsys) ++#.include "${.CURDIR}/../Makefile.opsys" ++#.endif ++OPSYS!= uname -s + + LIB= ipsec + CFLAGS+=-g diff --git a/security/racoon/patches/patch-ab b/security/racoon/patches/patch-ab new file mode 100644 index 00000000000..3cead189ddf --- /dev/null +++ b/security/racoon/patches/patch-ab @@ -0,0 +1,19 @@ +$NetBSD: patch-ab,v 1.1 2000/06/12 10:45:53 itojun Exp $ +--- Makefile.in.orig Fri Jun 9 06:30:38 2000 ++++ Makefile.in Mon Jun 12 00:20:22 2000 +@@ -77,15 +77,6 @@ + $(INSTALL) -s -o bin -g bin -m 555 racoon $(prefix)/sbin + $(INSTALL) -o bin -g bin -m 444 racoon.8 $(mandir)/man8 + $(INSTALL) -o bin -g bin -m 444 racoon.conf.5 $(mandir)/man5 +- -mkdir -p ${sysconfdir}/racoon +- for i in $(CONF); do \ +- if test ! -f ${sysconfdir}/racoon/$$i; then \ +- $(INSTALL) -o bin -g bin -m 444 samples/$$i \ +- ${sysconfdir}/racoon; \ +- fi; \ +- $(INSTALL) -o bin -g bin -m 444 samples/$$i \ +- ${sysconfdir}/racoon/$$i.dist; \ +- done + + clean: + -rm -f $(PROG) *.o *.core y.tab.h diff --git a/security/racoon/patches/patch-ac b/security/racoon/patches/patch-ac new file mode 100644 index 00000000000..5281d72ed83 --- /dev/null +++ b/security/racoon/patches/patch-ac @@ -0,0 +1,22 @@ +$NetBSD: patch-ac,v 1.1 2000/06/12 10:45:53 itojun Exp $ +--- samples/racoon.conf.sample- Mon Jun 12 00:27:22 2000 ++++ samples/racoon.conf.sample Mon Jun 12 00:27:58 2000 +@@ -2,15 +2,15 @@ + + # "path" must be placed before it should be used. + # You can overwrite which you defined, but it should not use due to confusing. +-#path include "/usr/local/v6/etc" ; ++#path include "/etc/racoon" ; + #include "remote.conf" ; + + # search this file for pre_shared_key with various ID key. +-path pre_shared_key "/usr/local/v6/etc/psk.txt" ; ++path pre_shared_key "/etc/racoon/psk.txt" ; + + # racoon will search this directory if the certificate or certificate request + # is received. +-#path certificate "/usr/local/openssl/certs" ; ++#path certificate "/usr/pkg/certs" ; + + # personal information. + identifier user_fqdn "foo@kame.net"; diff --git a/security/racoon/patches/patch-ad b/security/racoon/patches/patch-ad new file mode 100644 index 00000000000..d4719f3e71b --- /dev/null +++ b/security/racoon/patches/patch-ad @@ -0,0 +1,14 @@ +$NetBSD: patch-ad,v 1.1 2000/06/12 10:45:53 itojun Exp $ +--- racoon.8- Mon Jun 12 00:46:13 2000 ++++ racoon.8 Mon Jun 12 00:46:28 2000 +@@ -92,8 +92,8 @@ + .El + .\" + .Sh FILES +-.Bl -tag -width /usr/local/v6/etc/racoon.conf -compact +-.It Pa /usr/local/v6/etc/racoon.conf ++.Bl -tag -width /etc/racoon/racoon.conf -compact ++.It Pa /etc/racoon/racoon.conf + default configuration file. + .It Pa /var/log/racoon.log + default log file. diff --git a/security/racoon/pkg/DESCR b/security/racoon/pkg/DESCR index 233c3e741a8..ebe356d1d70 100644 --- a/security/racoon/pkg/DESCR +++ b/security/racoon/pkg/DESCR @@ -1,2 +1,11 @@ racoon speaks IKE (ISAKMP/Oakley) key management protocol, to establish security association with other hosts. + +Known issues: +- cannot negotiate SA bundle, like "AH + ESP". +- too many usage of dynamic memory allocation, which leads to memory leak. +- non-threaded implementation. simultaneous key negotiation performance + should be improved. +- cryptic configuration syntax - blame IPsec specification too... + +Bug reports should be sent to http://orange.kame.net/dev/send-pr.html. diff --git a/security/racoon/pkg/PLIST b/security/racoon/pkg/PLIST index ef58d288fc4..92e33b12163 100644 --- a/security/racoon/pkg/PLIST +++ b/security/racoon/pkg/PLIST @@ -1,11 +1,6 @@ -@comment $NetBSD: PLIST,v 1.1.1.1 2000/04/04 03:01:12 itojun Exp $ +@comment $NetBSD: PLIST,v 1.2 2000/06/12 10:45:53 itojun Exp $ sbin/racoon man/man8/racoon.8 man/man5/racoon.conf.5 -etc/racoon/basic.conf.dist -etc/racoon/policy.conf.dist -etc/racoon/psk.txt.dist -etc/racoon/racoon.conf.dist -etc/racoon/remote.conf.dist -etc/racoon/sa.conf.dist -@dirrm etc/racoon +share/examples/racoon/racoon.conf.sample +@dirrm share/examples/racoon |