From 3267048a4c63ffe159e9c77816659f53be92b379 Mon Sep 17 00:00:00 2001 From: hubertf Date: Sat, 28 Apr 2007 20:17:04 +0000 Subject: Update vpnc to 0.4.0. Changes: * DragonFly BSD support by Hans-Werner Hilse * Solaris 10 fixes by Sunil * support to read obfuscated passwords from .pcf files, based on work from "HAL-9000@evilscientists.de" * granted Dan Villiom Podlaski Christiansen svn commit privileges * Darwin support by Dan Villiom Podlaski Christiansen * UDP IP keepalive support from FreeBSD port * Juniper/ScreenOS support from Marc Huber * replace "--disable-natt --force-natt --udp" with "--natt-mode" * null cipher support from Simon Lipp * Windows/Cygwin and tap support from Paolo Zarpellon * rekeying support * various other fixes contributed by Joerg Mayer, Heiko Stamer, Plamen Todorov, Asgeir, Jukka Salmi, Wolfram Sang, Laurence MOINDROT, Chris Osicki, Anton Altaparmakov, Adam Simpkins, Ken Bell, Hanno Boeck, Kyle McKay, Dennis Schneider Also, the binary is now in .../sbin instead of .../bin. Patch contributed by Jukka Salmi in private mail. --- net/vpnc/DESCR | 11 +++-- net/vpnc/Makefile | 8 ++-- net/vpnc/PLIST | 4 +- net/vpnc/distinfo | 15 +++--- net/vpnc/patches/patch-aa | 32 ++++++------- net/vpnc/patches/patch-ab | 31 ++++--------- net/vpnc/patches/patch-ac | 114 ++++++++-------------------------------------- 7 files changed, 65 insertions(+), 150 deletions(-) (limited to 'net/vpnc') diff --git a/net/vpnc/DESCR b/net/vpnc/DESCR index 2b8f7509b33..a6ff4416b8a 100644 --- a/net/vpnc/DESCR +++ b/net/vpnc/DESCR @@ -1,3 +1,8 @@ -vpnc is a VPN client for the Cisco 3000 VPN Concentrator, creating -an IPSec-like connection as a tunneling network device for the -local system. +A VPN client compatible with Cisco's EasyVPN equipment. + +vpnc is supposed to work with: + + * Cisco VPN concentrator 3000 Series + * Cisco IOS routers + * Cisco PIX / ASA Zecurity Appliances + * Juniper/Netscreen diff --git a/net/vpnc/Makefile b/net/vpnc/Makefile index 48b34e89421..c672b56481f 100644 --- a/net/vpnc/Makefile +++ b/net/vpnc/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.17 2007/02/22 19:27:00 wiz Exp $ +# $NetBSD: Makefile,v 1.18 2007/04/28 20:17:11 hubertf Exp $ # -DISTNAME= vpnc-0.3.3 -PKGREVISION= 4 +DISTNAME= vpnc-0.4.0 CATEGORIES= net security MASTER_SITES= http://www.unix-ag.uni-kl.de/~massar/vpnc/ @@ -13,6 +12,7 @@ COMMENT= Client for Cisco3000 VPN Concentrator NOT_FOR_PLATFORM= Interix-*-* USE_TOOLS+= gmake +USE_TOOLS+= perl BUILD_TARGET= vpnc INSTALLATION_DIRS= bin ${PKGMANDIR}/man8 @@ -24,7 +24,7 @@ do-install: ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/vpnc ${INSTALL_DATA_DIR} ${EGDIR} : - ${INSTALL_PROGRAM} ${WRKSRC}/vpnc ${PREFIX}/bin + ${INSTALL_PROGRAM} ${WRKSRC}/vpnc ${PREFIX}/sbin ${INSTALL_SCRIPT} ${WRKSRC}/vpnc-disconnect ${PREFIX}/bin ${INSTALL_MAN} ${WRKSRC}/vpnc.8 ${PREFIX}/${PKGMANDIR}/man8 ${INSTALL_MAN} ${WRKSRC}/README ${PREFIX}/share/doc/vpnc diff --git a/net/vpnc/PLIST b/net/vpnc/PLIST index 17833a13a00..7552a9aee4f 100644 --- a/net/vpnc/PLIST +++ b/net/vpnc/PLIST @@ -1,7 +1,7 @@ -@comment $NetBSD: PLIST,v 1.2 2006/01/03 21:48:17 hubertf Exp $ -bin/vpnc +@comment $NetBSD: PLIST,v 1.3 2007/04/28 20:17:11 hubertf Exp $ bin/vpnc-disconnect man/man8/vpnc.8 +sbin/vpnc share/doc/vpnc/README share/examples/vpnc/vpnc.conf share/examples/vpnc/vpnc-script diff --git a/net/vpnc/distinfo b/net/vpnc/distinfo index 3c322117093..ee2ce42d5ad 100644 --- a/net/vpnc/distinfo +++ b/net/vpnc/distinfo @@ -1,9 +1,8 @@ -$NetBSD: distinfo,v 1.7 2006/09/27 12:50:29 hubertf Exp $ +$NetBSD: distinfo,v 1.8 2007/04/28 20:17:12 hubertf Exp $ -SHA1 (vpnc-0.3.3.tar.gz) = 95559e1c5b1f4bc78dc1a0b9f95e1a2d65a84c0a -RMD160 (vpnc-0.3.3.tar.gz) = ffcb229fb8cac18f8d6dea0e67f88cec420f31da -Size (vpnc-0.3.3.tar.gz) = 59939 bytes -SHA1 (patch-aa) = b7645f093f1c3bfbdf81871b3582273a1e6ddda0 -SHA1 (patch-ab) = 5dff14059698724e3cb5478c005b5e229fd03dbf -SHA1 (patch-ac) = 04402b87425c32dc6c72a21a7e0cdcbe60965acb -SHA1 (patch-ad) = d386a3861f6c272b6471732089067a842757bdcb +SHA1 (vpnc-0.4.0.tar.gz) = e39b63bbebf37758e8fb7eb2ec44dfc9b7afdaab +RMD160 (vpnc-0.4.0.tar.gz) = 1640481601074d4517746f6e3b147b12f24b06e3 +Size (vpnc-0.4.0.tar.gz) = 75491 bytes +SHA1 (patch-aa) = 80c183434e635cb95a0a6f0a481b118e654e6699 +SHA1 (patch-ab) = 458f86249e20d1948b5f99f5d4f39c35b19a0e13 +SHA1 (patch-ac) = 3f680616b4d49b3f6b525fc75669166798819376 diff --git a/net/vpnc/patches/patch-aa b/net/vpnc/patches/patch-aa index 8a6172d02be..d61920db2db 100644 --- a/net/vpnc/patches/patch-aa +++ b/net/vpnc/patches/patch-aa @@ -1,8 +1,8 @@ -$NetBSD: patch-aa,v 1.3 2006/01/03 21:48:17 hubertf Exp $ +$NetBSD: patch-aa,v 1.4 2007/04/28 20:17:13 hubertf Exp $ ---- config.c.orig 2005-05-01 16:06:36.000000000 -0400 -+++ config.c -@@ -125,7 +125,7 @@ static const char *config_def_app_versio +--- config.c.orig 2007-02-16 18:22:06.000000000 +0100 ++++ config.c 2007-04-28 11:30:56.000000000 +0200 +@@ -251,7 +251,7 @@ static const char *config_def_app_versio static const char *config_def_script(void) { @@ -11,23 +11,23 @@ $NetBSD: patch-aa,v 1.3 2006/01/03 21:48:17 hubertf Exp $ } static const char *config_def_pid_file(void) -@@ -325,7 +325,7 @@ static void read_config_file(const char - if (index(name, '/')) - realname = strdup(name); - else -- asprintf(&realname, "/etc/vpnc/%s", name); -+ asprintf(&realname, PKG_SYSCONFDIR "/vpnc/%s", name); - f = fopen(realname, "r"); - if (missingok && f == NULL && errno == ENOENT) { - free(realname); -@@ -520,8 +520,8 @@ void do_config(int argc, char **argv) - } +@@ -485,7 +485,7 @@ static char *get_config_filename(const c + { + char *realname; + +- asprintf(&realname, "%s%s%s", index(name, '/') ? "" : "/etc/vpnc/", name, add_dot_conf ? ".conf" : ""); ++ asprintf(&realname, "%s%s%s", index(name, '/') ? "" : PKG_SYSCONFDIR "/", name, add_dot_conf ? ".conf" : ""); + return realname; + } +@@ -701,8 +701,8 @@ void do_config(int argc, char **argv) + } + if (!got_conffile) { - read_config_file("/etc/vpnc/default.conf", config, 1); - read_config_file("/etc/vpnc.conf", config, 1); + read_config_file(PKG_SYSCONFDIR "/vpnc/default.conf", config, 1); + read_config_file(PKG_SYSCONFDIR "/vpnc.conf", config, 1); } - + if (!print_config) { diff --git a/net/vpnc/patches/patch-ab b/net/vpnc/patches/patch-ab index 38ad18ff64a..f8791d8c401 100644 --- a/net/vpnc/patches/patch-ab +++ b/net/vpnc/patches/patch-ab @@ -1,24 +1,13 @@ -$NetBSD: patch-ab,v 1.3 2006/03/23 16:53:28 joerg Exp $ +$NetBSD: patch-ab,v 1.4 2007/04/28 20:17:13 hubertf Exp $ ---- Makefile.orig 2005-05-01 20:30:35.000000000 +0000 -+++ Makefile -@@ -23,7 +23,7 @@ SBINDIR=$(PREFIX)/sbin - MANDIR=$(PREFIX)/share/man +--- Makefile.orig 2007-02-19 21:51:12.000000000 +0100 ++++ Makefile 2007-04-28 11:32:25.000000000 +0200 +@@ -35,7 +35,7 @@ VERSION := $(shell sh mk-version) + RELEASE_VERSION := $(shell cat VERSION) CC=gcc --CFLAGS=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags) -+CFLAGS=-W -Wall -O -g '-DVERSION="$(shell cat VERSION)"' $(shell libgcrypt-config --cflags) -DPKG_SYSCONFDIR=\"${PKG_SYSCONFDIR}\" - LDFLAGS=-g $(shell libgcrypt-config --libs) - - ifeq ($(shell uname -s), Linux) -@@ -33,6 +33,10 @@ ifeq ($(shell uname -s), FreeBSD) - CFLAGS += -DSOCKADDR_IN_SIN_LEN -DHAVE_SA_LEN - SYSDEP=sysdep-bsd.o - endif -+ifeq ($(shell uname -s), DragonFly) -+CFLAGS += -DSOCKADDR_IN_SIN_LEN -DHAVE_SA_LEN -+SYSDEP=sysdep-bsd.o -+endif - ifeq ($(shell uname -s), NetBSD) - CFLAGS += -DSOCKADDR_IN_SIN_LEN -DHAVE_SA_LEN - SYSDEP=sysdep-bsd.o +-CFLAGS += -W -Wall -O3 -Wmissing-declarations -Wwrite-strings -g ++CFLAGS += -W -Wall -O3 -Wmissing-declarations -Wwrite-strings -g -DPKG_SYSCONFDIR=\"${PKG_SYSCONFDIR}\" + CPPFLAGS = -DVERSION=\"$(VERSION)\" + LDFLAGS = -g $(shell libgcrypt-config --libs) + CFLAGS += $(shell libgcrypt-config --cflags) diff --git a/net/vpnc/patches/patch-ac b/net/vpnc/patches/patch-ac index d0b4a57dd75..8e8dd7eac44 100644 --- a/net/vpnc/patches/patch-ac +++ b/net/vpnc/patches/patch-ac @@ -1,109 +1,31 @@ -$NetBSD: patch-ac,v 1.3 2006/09/27 12:50:29 hubertf Exp $ +$NetBSD: patch-ac,v 1.4 2007/04/28 20:17:13 hubertf Exp $ ---- vpnc-script.orig 2006-01-03 22:36:27.000000000 +0100 -+++ vpnc-script -@@ -19,10 +19,12 @@ - #set -x +--- vpnc-script.orig 2007-02-18 12:52:03.000000000 +0100 ++++ vpnc-script 2007-04-28 11:49:41.000000000 +0200 +@@ -31,12 +31,13 @@ case "$OS" in + ;; + esac - OS="`uname -s`" -DEFAULT_ROUTE_FILE=/var/run/vpnc/defaultroute -RESOLV_CONF_BACKUP=/var/run/vpnc/resolv.conf-backup +STATEDIR=/var/run/vpnc +DEFAULT_ROUTE_FILE=$STATEDIR/defaultroute +RESOLV_CONF_BACKUP=$STATEDIR/resolv.conf-backup --IPROUTE="`which ip 2> /dev/null`" -+# stupid SunOS: no blubber in /usr/local/bin ... (on stdout) -+IPROUTE="`which ip | grep '^/' 2> /dev/null`" + # some systems, eg. Darwin & FreeBSD, prune /var/run on boot +-if ! [ -d "/var/run/vpnc" ]; then +- mkdir -p /var/run/vpnc ++if ! [ -d $STATEDIR ]; then ++ mkdir -p $STATEDIR + fi - if [ "$OS" = "Linux" ]; then - ifconfig_syntax_ptp="pointopoint" -@@ -56,7 +58,9 @@ do_pre_init() { - fi - fi - elif [ "$OS" = "FreeBSD" ]; then -- : -+ if [ ! -e /dev/tun ]; then -+ kldload if_tun -+ fi - elif [ "$OS" = "NetBSD" ]; then - : - elif [ "$OS" = "OpenBSD" ]; then -@@ -64,6 +68,8 @@ do_pre_init() { - elif [ "$OS" = "SunOS" ]; then - : - fi -+ -+ mkdir -p $STATEDIR - } - - do_ifconfig() { -@@ -72,7 +78,7 @@ do_ifconfig() { - - if [ -n "$IPROUTE" ]; then - fix_ip_get_output () { -- sed 's/cache//;s/metric[0-9]\+ [0-9]\+//g' -+ sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g' - } - - set_vpngateway_route() { -@@ -117,7 +123,10 @@ if [ -n "$IPROUTE" ]; then - } - else + # stupid SunOS: no blubber in /usr/local/bin ... (on stdout) +@@ -167,7 +168,7 @@ else get_default_gw() { -- netstat -r -n | grep '^0.0.0.0' | awk '{print $2}' -+ # Let's assume the first default gateway is IPv4... -+ # (On NetBSD '-f inet' and on Linux and probably Solaris, -+ # '-A inet' could be used to make sure... - HF) -+ netstat -rn | grep -v link | awk '/^(default|0.0.0.0)/{ print $2 ; exit } ' + # isn't -n supposed to give --numeric output? + # apperently not... +- netstat -r -n | sed 's/default/0.0.0.0/' | grep '^0.0.0.0' | awk '{print $2}' ++ netstat -r -n | awk '$2 ~ /^link/ { next; } /^(default|0.0.0.0)/ { print $2; }' } set_vpngateway_route() { -@@ -131,7 +140,7 @@ else - set_default_route() { - DEFAULTGW="`get_default_gw`" - echo "$DEFAULTGW" > "$DEFAULT_ROUTE_FILE" -- route $route_syntax_del default -+ route $route_syntax_del default "$DEFAULTGW" - route add default $route_syntax_gw "$INTERNAL_IP4_ADDRESS" - } - -@@ -219,11 +228,13 @@ do_connect() { - do_ifconfig - set_vpngateway_route - if [ -n "$CISCO_SPLIT_INC" ]; then -- for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do -+ i=0 -+ while [ $i -lt $CISCO_SPLIT_INC ] ; do - eval NETWORK="\${CISCO_SPLIT_INC_${i}_ADDR}" - eval NETMASK="\${CISCO_SPLIT_INC_${i}_MASK}" - eval NETMASKLEN="\${CISCO_SPLIT_INC_${i}_MASKLEN}" - set_network_route "$NETWORK" "$NETMASK" "$NETMASKLEN" -+ i=`expr $i + 1` - done - for i in $INTERNAL_IP4_DNS ; do - set_network_route "$i" "255.255.255.255" "32" -@@ -239,11 +250,13 @@ do_connect() { - - do_disconnect() { - if [ -n "$CISCO_SPLIT_INC" ]; then -- for ((i = 0 ; i < CISCO_SPLIT_INC ; i++ )) ; do -+ i=0 -+ while [ $i -lt $CISCO_SPLIT_INC ] ; do - eval NETWORK="\${CISCO_SPLIT_INC_${i}_ADDR}" - eval NETMASK="\${CISCO_SPLIT_INC_${i}_MASK}" - eval NETMASKLEN="\${CISCO_SPLIT_INC_${i}_MASKLEN}" - del_network_route "$NETWORK" "$NETMASK" "$NETMASKLEN" -+ i=`expr $i + 1` - done - for i in $INTERNAL_IP4_DNS ; do - del_network_route "$i" "255.255.255.255" "32" -@@ -260,6 +273,8 @@ do_disconnect() { - if [ -n "$INTERNAL_IP4_DNS" ]; then - reset_resolvconf - fi -+ -+ rm -fr -- $STATEDIR - } - - #### -- cgit v1.2.3