ports/171928: [patch update] security/strongswan 4.5.3 -> 5.0.0
David Shane Holden
dpejesh at yahoo.com
Mon Sep 24 21:10:07 UTC 2012
>Number: 171928
>Category: ports
>Synopsis: [patch update] security/strongswan 4.5.3 -> 5.0.0
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Mon Sep 24 21:10:06 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: David Shane Holden
>Release:
>Organization:
>Environment:
>Description:
[patch update] security/strongswan 4.5.3 -> 5.0.0
* pluto has been removed and charon now has built-in ikev1 support which is why the --disable-pluto configure arg was removed and an IKEv1 option added.
* the man3 files are no longer installed
* gmake is required for this release, but shouldn't be required for 5.0.1.
* a new patch was added to include stdint which shouldn't be required for 5.0.1.
* the old ipsec.in patch is no longer required, thus removed.
http://wiki.strongswan.org/issues/205 resolves the make, and stdint issues noted above.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff --git a/security/strongswan/Makefile b/security/strongswan/Makefile
index 6e28fdc..1ba1695 100644
--- a/security/strongswan/Makefile
+++ b/security/strongswan/Makefile
@@ -5,7 +5,7 @@
# $FreeBSD$
PORTNAME= strongswan
-PORTVERSION= 4.5.3
+PORTVERSION= 5.0.0
CATEGORIES= security
MASTER_SITES= http://download.strongswan.org/ \
http://download2.strongswan.org/
@@ -13,7 +13,9 @@ MASTER_SITES= http://download.strongswan.org/ \
MAINTAINER= riaank at gmail.com
COMMENT= Open Source IKEv2 IPsec-based VPN solution
-OPTIONS= SQLITE "Enable SQLite" off \
+OPTIONS= IKEv1 "Enable IKEv1 support" off \
+ LDAP "Enable LDAP" off \
+ SQLITE "Enable SQLite" off \
MYSQL "Enable MySQL" off \
CURL "Enable CURL to fetch CRL/OCSP" off \
EAPAKA3GPP2 "Enable EAP AKA with 3gpp2 backend" off \
@@ -22,6 +24,7 @@ OPTIONS= SQLITE "Enable SQLite" off \
USE_RC_SUBR= strongswan
USE_BZIP2= yes
USE_AUTOTOOLS= libtool
+USE_GMAKE= yes
GNU_CONFIGURE= yes
USE_OPENSSL= yes
USE_LDCONFIG= yes
@@ -31,7 +34,6 @@ CONFIGURE_ARGS= --enable-kernel-pfkey \
--disable-kernel-netlink \
--disable-tools \
--disable-scripts \
- --disable-pluto \
--disable-gmp \
--enable-openssl \
--enable-eap-identity \
@@ -46,9 +48,6 @@ CONFIGURE_ARGS= --enable-kernel-pfkey \
--with-lib-prefix=${PREFIX}
# Man pages with default install
-MAN3= anyaddr.3 atoaddr.3 atoasr.3 atoul.3 goodmask.3 initaddr.3 \
- initsubnet.3 portof.3 rangetosubnet.3 sameaddr.3 subnetof.3 \
- ttoaddr.3 ttodata.3 ttosa.3 ttoul.3
MAN5= ipsec.conf.5 ipsec.secrets.5 strongswan.conf.5
MAN8= ipsec.8 _updown.8 _updown_espmark.8
@@ -60,6 +59,21 @@ IGNORE= requires at least FreeBSD 8.X
.endif
# Extra options
+.if defined(WITH_IKEv1)
+PLIST_SUB+= IKEv1=""
+.else
+CONFIGURE_ARGS+= --disable-ikev1
+PLIST_SUB+= IKEv1="@comment "
+.endif
+
+.if defined(WITH_LDAP)
+USE_OPENLDAP= yes
+CONFIGURE_ARGS+= --enable-ldap
+PLIST_SUB+= LDAP=""
+.else
+PLIST_SUB+= LDAP="@comment "
+.endif
+
.if defined(WITH_SQLITE) || defined (WITH_MYSQL)
CONFIGURE_ARGS+= --enable-attr-sql
CONFIGURE_ARGS+= --enable-sql
diff --git a/security/strongswan/distinfo b/security/strongswan/distinfo
index 6dfa1da..e374d67 100644
--- a/security/strongswan/distinfo
+++ b/security/strongswan/distinfo
@@ -1,2 +1,2 @@
-SHA256 (strongswan-4.5.3.tar.bz2) = a59fa0d9820fb06a3c848f4537b9256d2067265ad10e1b007b79f3b16279f1ff
-SIZE (strongswan-4.5.3.tar.bz2) = 3299522
+SHA256 (strongswan-5.0.0.tar.bz2) = efc13c86e715b5e596d9d8535640c830f83e977fe521afd2c70d68926c4b573e
+SIZE (strongswan-5.0.0.tar.bz2) = 3087071
diff --git a/security/strongswan/files/patch-src-libcharon-encoding-payloads-transform__attribute.c b/security/strongswan/files/patch-src-libcharon-encoding-payloads-transform__attribute.c
new file mode 100644
index 0000000..ed12ec4
--- /dev/null
+++ b/security/strongswan/files/patch-src-libcharon-encoding-payloads-transform__attribute.c
@@ -0,0 +1,41 @@
+From d511a71daa36f701636a76fb1e513755b3cb8b03 Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias at strongswan.org>
+Date: Fri, 27 Jul 2012 11:36:59 +0200
+Subject: [PATCH] Include stdint.h for UINTxx_MAX defines
+
+Fixes #205.
+---
+ src/libcharon/encoding/payloads/transform_attribute.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/libcharon/encoding/payloads/transform_attribute.c b/src/libcharon/encoding/payloads/transform_attribute.c
+index a11ee98..d20f77c 100644
+--- src/libcharon/encoding/payloads/transform_attribute.c
++++ src/libcharon/encoding/payloads/transform_attribute.c
+@@ -17,6 +17,7 @@
+
+ #include <string.h>
+ #include <stddef.h>
++#include <stdint.h>
+
+ #include "transform_attribute.h"
+
+@@ -107,13 +108,13 @@ struct private_transform_attribute_t {
+ */
+ static encoding_rule_t encodings[] = {
+ /* Flag defining the format of this payload */
+- { ATTRIBUTE_FORMAT, offsetof(private_transform_attribute_t, attribute_format) },
++ { ATTRIBUTE_FORMAT, offsetof(private_transform_attribute_t, attribute_format) },
+ /* type of the attribute as 15 bit unsigned integer */
+ { ATTRIBUTE_TYPE, offsetof(private_transform_attribute_t, attribute_type) },
+ /* Length or value, depending on the attribute format flag */
+ { ATTRIBUTE_LENGTH_OR_VALUE,offsetof(private_transform_attribute_t, attribute_length_or_value) },
+ /* Value of attribute if attribute format flag is zero */
+- { ATTRIBUTE_VALUE, offsetof(private_transform_attribute_t, attribute_value) }
++ { ATTRIBUTE_VALUE, offsetof(private_transform_attribute_t, attribute_value) }
+ };
+
+ /*
+--
+1.7.10.4
+
diff --git a/security/strongswan/files/patch-src__ipsec__ipsec.in b/security/strongswan/files/patch-src__ipsec__ipsec.in
deleted file mode 100644
index eb1118b..0000000
--- a/security/strongswan/files/patch-src__ipsec__ipsec.in
+++ /dev/null
@@ -1,20 +0,0 @@
-diff -ur srcold/ipsec/ipsec.in src/ipsec/ipsec.in
---- srcold/ipsec/ipsec.in 2011-09-22 08:39:26.589952124 +0200
-+++ src/ipsec/ipsec.in 2011-09-22 08:39:44.640945476 +0200
-@@ -19,6 +19,7 @@
- export PATH
-
- # name and version of the ipsec implementation
-+OS_NAME=`uname -s`
- IPSEC_NAME="@IPSEC_NAME@"
- IPSEC_VERSION="U at IPSEC_VERSION@/K`uname -r`"
-
-@@ -378,7 +379,7 @@
- fi
- ;;
- version|--version)
-- printf "Linux $IPSEC_NAME $IPSEC_VERSION\n"
-+ printf "$OS_NAME $IPSEC_NAME $IPSEC_VERSION\n"
- printf "$IPSEC_DISTRO\n"
- printf "See 'ipsec --copyright' for copyright information.\n"
- exit 0
diff --git a/security/strongswan/pkg-plist b/security/strongswan/pkg-plist
index 036e76d..7bf23f6 100644
--- a/security/strongswan/pkg-plist
+++ b/security/strongswan/pkg-plist
@@ -12,6 +12,10 @@ lib/ipsec/libstrongswan.a
lib/ipsec/libstrongswan.la
lib/ipsec/libstrongswan.so
lib/ipsec/libstrongswan.so.0
+lib/ipsec/libtls.a
+lib/ipsec/libtls.la
+lib/ipsec/libtls.so
+lib/ipsec/libtls.so.0
lib/ipsec/plugins/libstrongswan-addrblock.a
lib/ipsec/plugins/libstrongswan-addrblock.la
lib/ipsec/plugins/libstrongswan-addrblock.so
@@ -24,6 +28,9 @@ lib/ipsec/plugins/libstrongswan-attr.so
lib/ipsec/plugins/libstrongswan-blowfish.a
lib/ipsec/plugins/libstrongswan-blowfish.la
lib/ipsec/plugins/libstrongswan-blowfish.so
+lib/ipsec/plugins/libstrongswan-cmac.a
+lib/ipsec/plugins/libstrongswan-cmac.la
+lib/ipsec/plugins/libstrongswan-cmac.so
lib/ipsec/plugins/libstrongswan-constraints.a
lib/ipsec/plugins/libstrongswan-constraints.la
lib/ipsec/plugins/libstrongswan-constraints.so
@@ -63,6 +70,9 @@ lib/ipsec/plugins/libstrongswan-md4.so
lib/ipsec/plugins/libstrongswan-md5.a
lib/ipsec/plugins/libstrongswan-md5.la
lib/ipsec/plugins/libstrongswan-md5.so
+lib/ipsec/plugins/libstrongswan-nonce.a
+lib/ipsec/plugins/libstrongswan-nonce.la
+lib/ipsec/plugins/libstrongswan-nonce.so
lib/ipsec/plugins/libstrongswan-openssl.a
lib/ipsec/plugins/libstrongswan-openssl.la
lib/ipsec/plugins/libstrongswan-openssl.so
@@ -75,6 +85,9 @@ lib/ipsec/plugins/libstrongswan-pgp.so
lib/ipsec/plugins/libstrongswan-pkcs1.a
lib/ipsec/plugins/libstrongswan-pkcs1.la
lib/ipsec/plugins/libstrongswan-pkcs1.so
+lib/ipsec/plugins/libstrongswan-pkcs8.a
+lib/ipsec/plugins/libstrongswan-pkcs8.la
+lib/ipsec/plugins/libstrongswan-pkcs8.so
lib/ipsec/plugins/libstrongswan-pubkey.a
lib/ipsec/plugins/libstrongswan-pubkey.la
lib/ipsec/plugins/libstrongswan-pubkey.so
@@ -128,6 +141,10 @@ sbin/ipsec
%%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.a
%%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.la
%%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.so
+%%EAPSIMFILE%%lib/ipsec/libsimaka.a
+%%EAPSIMFILE%%lib/ipsec/libsimaka.la
+%%EAPSIMFILE%%lib/ipsec/libsimaka.so
+%%EAPSIMFILE%%lib/ipsec/libsimaka.so.0
%%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.a
%%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.la
%%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.so
@@ -137,6 +154,12 @@ sbin/ipsec
%%CURL%%lib/ipsec/plugins/libstrongswan-curl.a
%%CURL%%lib/ipsec/plugins/libstrongswan-curl.la
%%CURL%%lib/ipsec/plugins/libstrongswan-curl.so
+%%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.a
+%%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.la
+%%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.so
+%%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.a
+%%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.la
+%%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.so
%%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.a
%%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.la
%%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.so
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list