Libreswan: import version 4.7

To: pkgsrc-wip-changes%NetBSD.org@localhost
Subject: Libreswan: import version 4.7
From: Andrew Cagney <andrew.cagney%gmail.com@localhost>
Date: Thu, 16 Jun 2022 16:37:11 +0000
Module Name:	pkgsrc-wip
Committed By:	Andrew Cagney <andrew.cagney%gmail.com@localhost>
Pushed By:	cagney
Date:		Thu Jun 16 16:37:11 2022 +0000
Changeset:	3d3e7c8aeac2919fab6d6f755e0f18ca3e7402e4

Added Files:
	libreswan/COMMIT_MSG
	libreswan/DESCR
	libreswan/Makefile
	libreswan/PLIST
	libreswan/TODO
	libreswan/distinfo
	libreswan/patches/patch-b_mk_defaults_netbsd.mk

Log Message:
Libreswan: import version 4.7

Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.

Libreswan supports IKEv1 and IKEv2 and has support for most of the
extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
X.509 Digital Certificates, NAT Traversal, and many others.

On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack.  On
Linux, Libreswan uses the XFRM IPsec stack.

Libreswan was forked from Openswan 2.6.38, which was forked from
FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=3d3e7c8aeac2919fab6d6f755e0f18ca3e7402e4

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 libreswan/COMMIT_MSG                            | 14 +++++
 libreswan/DESCR                                 | 11 ++++
 libreswan/Makefile                              | 37 +++++++++++++
 libreswan/PLIST                                 | 71 +++++++++++++++++++++++++
 libreswan/TODO                                  | 16 ++++++
 libreswan/distinfo                              |  6 +++
 libreswan/patches/patch-b_mk_defaults_netbsd.mk | 21 ++++++++
 7 files changed, 176 insertions(+)

diffs:
diff --git a/libreswan/COMMIT_MSG b/libreswan/COMMIT_MSG
new file mode 100644
index 0000000000..d59306e2db
--- /dev/null
+++ b/libreswan/COMMIT_MSG
@@ -0,0 +1,14 @@
+Libreswan: import version 4.7
+
+Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
+
+Libreswan supports IKEv1 and IKEv2 and has support for most of the
+extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
+X.509 Digital Certificates, NAT Traversal, and many others.
+
+On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack.  On
+Linux, Libreswan uses the XFRM IPsec stack.
+
+Libreswan was forked from Openswan 2.6.38, which was forked from
+FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
+
diff --git a/libreswan/DESCR b/libreswan/DESCR
new file mode 100644
index 0000000000..461ef667ee
--- /dev/null
+++ b/libreswan/DESCR
@@ -0,0 +1,11 @@
+Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
+
+Libreswan supports IKEv1 and IKEv2 and has support for most of the
+extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
+X.509 Digital Certificates, NAT Traversal, and many others.
+
+On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack.  On
+Linux, Libreswan uses the XFRM IPsec stack.
+
+Libreswan was forked from Openswan 2.6.38, which was forked from
+FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
diff --git a/libreswan/Makefile b/libreswan/Makefile
new file mode 100644
index 0000000000..c12828d3b7
--- /dev/null
+++ b/libreswan/Makefile
@@ -0,0 +1,37 @@
+# $NetBSD$
+
+# Libreswan is built using GNU Make.  It does not use autoconf.
+#
+# Configuration parameters can be found in mk/config.mk and OS
+# specific overides in mk/default/*.mk (for instance,
+# mk/default/netbsd.mk).
+
+DISTNAME=	libreswan-4.7
+CATEGORIES=	security
+MASTER_SITES=	https://download.libreswan.org/
+
+MAINTAINER=	pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE=	https://libreswan.org/
+# Libreswan is an ...
+COMMENT=	Internet Key Exchange Daemon for managing IPsec
+LICENSE=	gnu-gpl-v2
+
+USE_TOOLS+=	pkg-config
+USE_TOOLS+=	gmake
+USE_TOOLS+=	flex
+USE_TOOLS+=	bison
+#default is: USE_LANGUAGES+=	c
+
+DEPENDS+=	xmlto-[0-9]*:../../textproc/xmlto
+# weak dependency
+#DEPENDS+=	logrotate:../../sysutils/logrotate
+
+# libreswan has GIT style patches
+PATCH_STRIP= -p1
+
+# libevent?
+.include "../../net/unbound/buildlink3.mk"
+.include "../../www/curl/buildlink3.mk"
+.include "../../devel/nss/buildlink3.mk"
+.include "../../net/ldns/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/libreswan/PLIST b/libreswan/PLIST
new file mode 100644
index 0000000000..062afa016b
--- /dev/null
+++ b/libreswan/PLIST
@@ -0,0 +1,71 @@
+@comment $NetBSD$
+libexec/ipsec/_import_crl
+libexec/ipsec/_plutorun
+libexec/ipsec/_realsetup
+libexec/ipsec/_secretcensor
+libexec/ipsec/_stackmanager
+libexec/ipsec/_unbound-hook
+libexec/ipsec/_updown
+libexec/ipsec/_updown.bsd
+libexec/ipsec/addconn
+libexec/ipsec/algparse
+libexec/ipsec/asn1check
+libexec/ipsec/auto
+libexec/ipsec/barf
+libexec/ipsec/cavp
+libexec/ipsec/dncheck
+libexec/ipsec/ecdsasigkey
+libexec/ipsec/enumcheck
+libexec/ipsec/hunkcheck
+libexec/ipsec/ipcheck
+libexec/ipsec/jambufcheck
+libexec/ipsec/keyidcheck
+libexec/ipsec/letsencrypt
+libexec/ipsec/look
+libexec/ipsec/newhostkey
+libexec/ipsec/pluto
+libexec/ipsec/readwriteconf
+libexec/ipsec/routecheck
+libexec/ipsec/rsasigkey
+libexec/ipsec/setup
+libexec/ipsec/show
+libexec/ipsec/showhostkey
+libexec/ipsec/timecheck
+libexec/ipsec/vendoridcheck
+libexec/ipsec/verify
+libexec/ipsec/whack
+man/man5/ipsec.conf.5
+man/man5/ipsec.secrets.5
+man/man8/ipsec.8
+man/man8/ipsec__import_crl.8
+man/man8/ipsec__plutorun.8
+man/man8/ipsec__realsetup.8
+man/man8/ipsec__secretcensor.8
+man/man8/ipsec__stackmanager.8
+man/man8/ipsec__unbound-hook.8
+man/man8/ipsec__updown.8
+man/man8/ipsec__updown.bsdkame.8
+man/man8/ipsec_addconn.8
+man/man8/ipsec_auto.8
+man/man8/ipsec_barf.8
+man/man8/ipsec_checknss.8
+man/man8/ipsec_ecdsasigkey.8
+man/man8/ipsec_import.8
+man/man8/ipsec_initnss.8
+man/man8/ipsec_letsencrypt.8
+man/man8/ipsec_look.8
+man/man8/ipsec_newhostkey.8
+man/man8/ipsec_pluto.8
+man/man8/ipsec_readwriteconf.8
+man/man8/ipsec_rsasigkey.8
+man/man8/ipsec_setup.8
+man/man8/ipsec_show.8
+man/man8/ipsec_showhostkey.8
+man/man8/ipsec_vendorid.8
+man/man8/ipsec_verify.8
+man/man8/ipsec_whack.8
+man/man8/pluto.8
+sbin/ipsec
+share/doc/libreswan/ipsec.conf-sample
+share/doc/libreswan/ipsec.secrets-sample
+share/examples/rc.d/pluto
diff --git a/libreswan/TODO b/libreswan/TODO
new file mode 100644
index 0000000000..4a77021535
--- /dev/null
+++ b/libreswan/TODO
@@ -0,0 +1,16 @@
+- platforms other than NetBSD (Linux, and FreeBSD)?
+
+  PFKEYV2 and XFRM are pretty esoteric.
+
+- /etc/ipsec*
+
+  ipsec.conf, ipsec.secrets and ipsec.d/*
+
+- logrotate https://github.com/libreswan/libreswan/issues/767
+
+  It's a weak dependency / suggested package.  If libreswan is
+  using syslog, say, it isn't needed.
+
+  During install, libreswan creates logrotate.d and then installs
+  a logrotate file.  It doesn't install the file in examples
+  (which begs the question where).
diff --git a/libreswan/distinfo b/libreswan/distinfo
new file mode 100644
index 0000000000..4da50c8808
--- /dev/null
+++ b/libreswan/distinfo
@@ -0,0 +1,6 @@
+$NetBSD$
+
+BLAKE2s (libreswan-4.7.tar.gz) = 952887f1381b00a672e05e9baa4d4bb899cd07c4809dc8f365fc06e9791cbd6d
+SHA512 (libreswan-4.7.tar.gz) = aea958be5512e08ea809145021695edd4e7df4487a0f3ba94c4d0165113647195c1c1599cd5fbbbfae8f6a2bebf39d7514a694f86297c29c543b1a63646ca44e
+Size (libreswan-4.7.tar.gz) = 3684167 bytes
+SHA1 (patch-b_mk_defaults_netbsd.mk) = 90e58c1bb06dd3f67006c5cffb3b0b02a5ec2b1e
diff --git a/libreswan/patches/patch-b_mk_defaults_netbsd.mk b/libreswan/patches/patch-b_mk_defaults_netbsd.mk
new file mode 100644
index 0000000000..27ca0391f2
--- /dev/null
+++ b/libreswan/patches/patch-b_mk_defaults_netbsd.mk
@@ -0,0 +1,21 @@
+$NetBSD$
+
+Backport patch from upstream.
+
+commit 8861abd461ad049f915fb4aad8ac123188f407a7
+Author: Andrew Cagney <cagney%gnu.org@localhost>
+Date:   Tue Jun 14 20:54:55 2022 -0400
+
+    NetBSD: install manual pages in $(PREFIX)/man
+    
+    not share/man
+
+diff --git a/mk/defaults/netbsd.mk b/mk/defaults/netbsd.mk
+index 4c623089f5..d9e3d262f8 100644
+--- a/mk/defaults/netbsd.mk
++++ b/mk/defaults/netbsd.mk
+@@ -33,3 +33,4 @@ FINALRUNDIR=/var/run/pluto
+ FINALSYSCONFDIR=$(PREFIX)/etc
+ FINALNSSDIR=$(PREFIX)/etc/ipsec.d
+ FINALEXAMPECONFDIR=$(PREFIX)/share/examples/libreswan
++FINALMANDIR=$(PREFIX)/man
Prev by Date: unison-snapshot: Update to 2.52.60.0
Next by Date: libreswan: fix some issues
Previous by Thread: unison-snapshot: Update to 2.52.60.0
Next by Thread: libreswan: fix some issues
Indexes:
Home | Main Index | Thread Index | Old Index