pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
libreswan: shuffle directories
Module Name: pkgsrc-wip
Committed By: Andrew Cagney <andrew.cagney%gmail.com@localhost>
Pushed By: cagney
Date: Wed Apr 17 15:26:38 2024 +0000
Changeset: 7d33784b101fac3db4abca4427dc56cfc0e4a3c8
Added Files:
libreswan-4/COMMIT_MSG
libreswan-4/DESCR
libreswan-4/Makefile
libreswan-4/PLIST
libreswan-4/TODO
libreswan-4/distinfo
libreswan-5/COMMIT_MSG
libreswan-5/DESCR
libreswan-5/Makefile
libreswan-5/PLIST
libreswan-5/TODO
libreswan-5/distinfo
Removed Files:
libreswan/COMMIT_MSG
libreswan/DESCR
libreswan/Makefile
libreswan/PLIST
libreswan/TODO
libreswan/distinfo
Log Message:
libreswan: shuffle directories
Result is libreswan-4, libreswan-5, libreswan-git
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=7d33784b101fac3db4abca4427dc56cfc0e4a3c8
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
libreswan-4/COMMIT_MSG | 14 +++++++
libreswan-4/DESCR | 11 ++++++
libreswan-4/Makefile | 79 +++++++++++++++++++++++++++++++++++++
libreswan-4/PLIST | 72 ++++++++++++++++++++++++++++++++++
libreswan-4/TODO | 25 ++++++++++++
libreswan-4/distinfo | 5 +++
libreswan-5/COMMIT_MSG | 14 +++++++
libreswan-5/DESCR | 11 ++++++
libreswan-5/Makefile | 87 +++++++++++++++++++++++++++++++++++++++++
libreswan-5/PLIST | 103 +++++++++++++++++++++++++++++++++++++++++++++++++
libreswan-5/TODO | 12 ++++++
libreswan-5/distinfo | 5 +++
libreswan/COMMIT_MSG | 14 -------
libreswan/DESCR | 11 ------
libreswan/Makefile | 79 -------------------------------------
libreswan/PLIST | 72 ----------------------------------
libreswan/TODO | 25 ------------
libreswan/distinfo | 5 ---
18 files changed, 438 insertions(+), 206 deletions(-)
diffs:
diff --git a/libreswan-4/COMMIT_MSG b/libreswan-4/COMMIT_MSG
new file mode 100644
index 0000000000..06f0d2df1f
--- /dev/null
+++ b/libreswan-4/COMMIT_MSG
@@ -0,0 +1,14 @@
+Libreswan: import version 4.12
+
+Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
+
+Libreswan supports IKEv1 and IKEv2 and has support for most of the
+extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
+X.509 Digital Certificates, NAT Traversal, and many others.
+
+On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack.
+On Linux, Libreswan uses the XFRM IPsec stack.
+
+Libreswan was forked from Openswan 2.6.38, which was forked from
+FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
+
diff --git a/libreswan-4/DESCR b/libreswan-4/DESCR
new file mode 100644
index 0000000000..461ef667ee
--- /dev/null
+++ b/libreswan-4/DESCR
@@ -0,0 +1,11 @@
+Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
+
+Libreswan supports IKEv1 and IKEv2 and has support for most of the
+extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
+X.509 Digital Certificates, NAT Traversal, and many others.
+
+On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack. On
+Linux, Libreswan uses the XFRM IPsec stack.
+
+Libreswan was forked from Openswan 2.6.38, which was forked from
+FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
diff --git a/libreswan-4/Makefile b/libreswan-4/Makefile
new file mode 100644
index 0000000000..73e62d3838
--- /dev/null
+++ b/libreswan-4/Makefile
@@ -0,0 +1,79 @@
+# $NetBSD$
+
+# Libreswan is built using GNU Make (it does not use autoconf).
+#
+# Configuration parameters can be found in mk/config.mk and OS
+# specific overides in mk/default/*.mk (for instance,
+# mk/default/netbsd.mk).
+
+DISTNAME= libreswan-4.15
+PKGREVISION= 0
+MASTER_SITES= https://download.libreswan.org/
+
+CATEGORIES= security
+MAINTAINER= pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE= https://libreswan.org/
+# Libreswan is an ...
+COMMENT= Internet Key Exchange Daemon for managing IPsec
+LICENSE= gnu-gpl-v2
+
+USE_TOOLS+= pkg-config
+USE_TOOLS+= gmake
+USE_TOOLS+= flex
+USE_TOOLS+= bison
+#default is: USE_LANGUAGES+= c
+
+# 4.x installs config files and the rc.d script into /etc and not
+# examples/. Hence, need to move them to their proper directory.
+# 5.x should have this fixed.
+
+EGDIR= ${PREFIX}/share/examples
+MAKE_FLAGS=
+MAKE_FLAGS+= FINALDOCDIR=${EGDIR}/libreswan/
+MAKE_FLAGS+= FINALCONFDDIR=${EGDIR}/libreswan/ipsec.d
+post-install:
+ rm -f ${DESTDIR}/usr/pkg/etc/ipsec.conf
+ rm -f ${DESTDIR}/usr/pkg/etc/ipsec.secrets
+ rm -f ${DESTDIR}/usr/pkg/etc/rc.d/pluto
+ mv ${DESTDIR}${EGDIR}/rc.d/pluto ${DESTDIR}${EGDIR}/rc.d/ipsec
+ mv ${DESTDIR}/etc/pam.d ${DESTDIR}${EGDIR}/pam.d
+ mv ${DESTDIR}/usr/pkg/etc/logrotate.d ${DESTDIR}${EGDIR}/logrotate.d
+#RCD_SCRIPTS= pluto
+CONF_FILES+= ${EGDIR}/rc.d/ipsec ${PKG_SYSCONFDIR}/rc.d/ipsec
+
+# populate /etc
+PERMS=$(REAL_ROOT_USER) $(REAL_ROOT_GROUP) 0700
+MAKE_DIRS_PERMS+= ${PKG_SYSCONFDIR}/ipsec.d $(PERMS)
+MAKE_DIRS_PERMS+= ${PKG_SYSCONFDIR}/ipsec.d/policies $(PERMS)
+CONF_FILES_PERMS+= ${EGDIR}/libreswan/ipsec.secrets-sample ${PKG_SYSCONFDIR}/ipsec.secrets $(PERMS)
+CONF_FILES_PERMS+= ${EGDIR}/libreswan/ipsec.conf-sample ${PKG_SYSCONFDIR}/ipsec.conf $(PERMS)
+CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/portexcludes.conf ${PKG_SYSCONFDIR}/ipsec.d/policies/portexcludes.conf
+# needs a for loop
+CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/block ${PKG_SYSCONFDIR}/ipsec.d/policies/block
+CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/clear ${PKG_SYSCONFDIR}/ipsec.d/policies/clear
+CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/clear-or-private ${PKG_SYSCONFDIR}/ipsec.d/policies/clear-or-private
+CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/private ${PKG_SYSCONFDIR}/ipsec.d/policies/private
+CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/private-or-clear ${PKG_SYSCONFDIR}/ipsec.d/policies/private-or-clear
+
+# Always install pam.d!?
+MAKE_DIRS+= ${PKG_SYSCONFDIR}/pam.d
+CONF_FILES+= ${EGDIR}/pam.d/pluto ${PKG_SYSCONFDIR}/pam.d/pluto
+
+# Alway install logrotate!?!
+MAKE_DIRS+= ${PKG_SYSCONFDIR}/logrotate.d
+CONF_FILES+= ${EGDIR}/logrotate.d/libreswan ${PKG_SYSCONFDIR}/logrotate.d/libreswan
+
+CHECK_PORTABILITY_SKIP= mk/docker-targets.mk
+
+# code not clean enough; XXX: why?
+#BUILDLINK_TRANSFORM+= rm:-Werror
+
+# some stuff uses .include, some does not
+DEPENDS+= xmlto-[0-9]*:../../textproc/xmlto
+
+# libevent?
+.include "../../net/unbound/buildlink3.mk"
+.include "../../www/curl/buildlink3.mk"
+.include "../../devel/nss/buildlink3.mk"
+.include "../../net/ldns/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/libreswan-4/PLIST b/libreswan-4/PLIST
new file mode 100644
index 0000000000..107c3db608
--- /dev/null
+++ b/libreswan-4/PLIST
@@ -0,0 +1,72 @@
+@comment $NetBSD$
+libexec/ipsec/_import_crl
+libexec/ipsec/_plutorun
+libexec/ipsec/_realsetup
+libexec/ipsec/_secretcensor
+libexec/ipsec/_unbound-hook
+libexec/ipsec/_updown
+libexec/ipsec/_updown.bsd
+libexec/ipsec/addconn
+libexec/ipsec/algparse
+libexec/ipsec/asn1check
+libexec/ipsec/auto
+libexec/ipsec/barf
+libexec/ipsec/cavp
+libexec/ipsec/dncheck
+libexec/ipsec/ecdsasigkey
+libexec/ipsec/enumcheck
+libexec/ipsec/hunkcheck
+libexec/ipsec/ipcheck
+libexec/ipsec/jambufcheck
+libexec/ipsec/keyidcheck
+libexec/ipsec/letsencrypt
+libexec/ipsec/newhostkey
+libexec/ipsec/pluto
+libexec/ipsec/readwriteconf
+libexec/ipsec/rsasigkey
+libexec/ipsec/setup
+libexec/ipsec/showhostkey
+libexec/ipsec/showroute
+libexec/ipsec/timecheck
+libexec/ipsec/vendoridcheck
+libexec/ipsec/whack
+man/man5/ipsec.conf.5
+man/man5/ipsec.secrets.5
+man/man8/ipsec.8
+man/man8/ipsec__import_crl.8
+man/man8/ipsec__plutorun.8
+man/man8/ipsec__realsetup.8
+man/man8/ipsec__secretcensor.8
+man/man8/ipsec__unbound-hook.8
+man/man8/ipsec__updown.8
+man/man8/ipsec__updown.bsdkame.8
+man/man8/ipsec_addconn.8
+man/man8/ipsec_auto.8
+man/man8/ipsec_barf.8
+man/man8/ipsec_checknss.8
+man/man8/ipsec_ecdsasigkey.8
+man/man8/ipsec_import.8
+man/man8/ipsec_initnss.8
+man/man8/ipsec_letsencrypt.8
+man/man8/ipsec_newhostkey.8
+man/man8/ipsec_pluto.8
+man/man8/ipsec_readwriteconf.8
+man/man8/ipsec_rsasigkey.8
+man/man8/ipsec_setup.8
+man/man8/ipsec_showhostkey.8
+man/man8/ipsec_showroute.8
+man/man8/ipsec_vendorid.8
+man/man8/ipsec_whack.8
+man/man8/pluto.8
+sbin/ipsec
+share/examples/libreswan/ipsec.conf-sample
+share/examples/libreswan/ipsec.d/policies/block
+share/examples/libreswan/ipsec.d/policies/clear
+share/examples/libreswan/ipsec.d/policies/clear-or-private
+share/examples/libreswan/ipsec.d/policies/portexcludes.conf
+share/examples/libreswan/ipsec.d/policies/private
+share/examples/libreswan/ipsec.d/policies/private-or-clear
+share/examples/libreswan/ipsec.secrets-sample
+share/examples/rc.d/ipsec
+share/examples/logrotate.d/libreswan
+share/examples/pam.d/pluto
diff --git a/libreswan-4/TODO b/libreswan-4/TODO
new file mode 100644
index 0000000000..d6e68a1876
--- /dev/null
+++ b/libreswan-4/TODO
@@ -0,0 +1,25 @@
+- platforms other than NetBSD (Linux, and FreeBSD)?
+
+ PFKEYV2 and XFRM are pretty esoteric.
+
+ Libreswan builds on Fedora, Debian, Apline (they each
+ have their own packaing quirks), FreeBSD, NetBSD, OpenBSD
+
+ not sure about this package
+
+- add following entries to pkg-vulnerabilities
+
+libreswan<4.15 denial-of-service https://libreswan.org/security/CVE-2024-3652/CVE-2024-3652.txt
+libreswan<4.13nb1 denial-of-service https://libreswan.org/security/CVE-2024-2357/CVE-2024-2357.txt
+libreswan<4.12nb1 denial-of-service https://libreswan.org/security/CVE-2023-38712/CVE-2023-38712.txt
+libreswan<4.12nb1 denial-of-service https://libreswan.org/security/CVE-2023-38711/CVE-2023-38711.txt
+libreswan<4.12nb1 denial-of-service https://libreswan.org/security/CVE-2023-38710/CVE-2023-38710.txt
+libreswan<4.9nb3 denial-of-service https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt
+libreswan<4.9nb2 denial-of-service https://libreswan.org/security/CVE-2023-23009/CVE-2023-23009.txt
+libreswan<4.6 denial-of-service https://libreswan.org/security/CVE-2022-23094/CVE-2022-23094.txt
+
+Notes:
+
+4.7 earliest pkgsrc version, 4.6 is just a baseline
+CVE-2023-2295 was a bug in Red Hat's Libreswan package, not Libreswan
+4.9nb2 4.9nb3 were cut from libreswan's mainline
diff --git a/libreswan-4/distinfo b/libreswan-4/distinfo
new file mode 100644
index 0000000000..f1a680c464
--- /dev/null
+++ b/libreswan-4/distinfo
@@ -0,0 +1,5 @@
+$NetBSD$
+
+BLAKE2s (libreswan-4.15.tar.gz) = caf4ad3e098aa7b1a57971aabcbf10f834fa7e507bcdf5c130493cb996ec77aa
+SHA512 (libreswan-4.15.tar.gz) = 49a60688bb4a5241dbd791bdde0c71ae80cfb7383bb841ea0788a9d0237569d7ad79e59985c700526e3807817ddae77ebd57521897526fbb8fb93ffbea631efe
+Size (libreswan-4.15.tar.gz) = 3728498 bytes
diff --git a/libreswan-5/COMMIT_MSG b/libreswan-5/COMMIT_MSG
new file mode 100644
index 0000000000..47fe032ca9
--- /dev/null
+++ b/libreswan-5/COMMIT_MSG
@@ -0,0 +1,14 @@
+Libreswan: import version 5.0pre0.20230808
+
+Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
+
+Libreswan supports IKEv1 and IKEv2 and has support for most of the
+extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
+X.509 Digital Certificates, NAT Traversal, and many others.
+
+On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack. On
+Linux, Libreswan uses the XFRM IPsec stack.
+
+Libreswan was forked from Openswan 2.6.38, which was forked from
+FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
+
diff --git a/libreswan-5/DESCR b/libreswan-5/DESCR
new file mode 100644
index 0000000000..461ef667ee
--- /dev/null
+++ b/libreswan-5/DESCR
@@ -0,0 +1,11 @@
+Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
+
+Libreswan supports IKEv1 and IKEv2 and has support for most of the
+extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
+X.509 Digital Certificates, NAT Traversal, and many others.
+
+On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack. On
+Linux, Libreswan uses the XFRM IPsec stack.
+
+Libreswan was forked from Openswan 2.6.38, which was forked from
+FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
diff --git a/libreswan-5/Makefile b/libreswan-5/Makefile
new file mode 100644
index 0000000000..079cbb251e
--- /dev/null
+++ b/libreswan-5/Makefile
@@ -0,0 +1,87 @@
+# $NetBSD$
+
+# Libreswan is built using GNU Make. It does not use autoconf.
+#
+# Configuration parameters can be found in mk/config.mk and OS
+# specific overides in mk/default/*.mk (for instance,
+# mk/default/netbsd.mk).
+
+# See:
+# pkg_admin pmatch 'foo>=5.0rc1' foo-5.0pre0.20230807
+# the suggestion is:
+#
+# libreswan-git: 5.0pre0.YYYYMMDD 5.0rc1 5.0rc1.YYYYMMDD 5.0
+# 5.1pre.YYYYMMDD ...
+#
+# libreswan: 5.0 5.0nb1 ...
+
+
+#DISTNAME= libreswan-5.0pre0.20231114
+DISTNAME= libreswan-5.0rc2
+GITHUB_PROJECT= libreswan
+GITHUB_TAG= v5.0rc2
+MASTER_SITES= ${MASTER_SITE_GITHUB:=${GITHUB_PROJECT}/}
+DIST_SUBDIR= ${GITHUB_PROJECT}
+
+CATEGORIES= security
+MAINTAINER= pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE= https://libreswan.org/
+# Libreswan is an ...
+COMMENT= Internet Key Exchange Daemon for managing IPsec
+LICENSE= gnu-gpl-v2
+
+USE_TOOLS+= pkg-config
+USE_TOOLS+= gmake
+USE_TOOLS+= flex
+USE_TOOLS+= bison
+#default is: USE_LANGUAGES+= c
+
+EGDIR= ${PREFIX}/share/examples/libreswan
+
+# Config files: stop libreswan 4.10+ scribbling into /etc
+MAKE_FLAGS+= INSTALL_CONFIGS=false
+
+# Init scripts aka rc.d: stop libreswan 4.10+ scribbing into /etc
+MAKE_FLAGS+= INSTALL_INITSYSTEM=false
+FILESDIR= ${DESTDIR}${EGDIR}/rc.d
+post-install:
+ mv $(FILESDIR)/pluto $(FILESDIR)/pluto.sh
+#RCD_SCRIPTS= pluto
+#CONF_FILES+= ${EGDIR}/rc.d/ipsec ${PKG_SYSCONFDIR}/rc.d/ipsec
+
+# populate /etc
+PERMS=$(REAL_ROOT_USER) $(REAL_ROOT_GROUP) 0700
+MAKE_DIRS_PERMS+= ${PKG_SYSCONFDIR}/ipsec.d $(PERMS)
+MAKE_DIRS_PERMS+= ${PKG_SYSCONFDIR}/ipsec.d/policies $(PERMS)
+CONF_FILES_PERMS+= ${EGDIR}/ipsec.secrets-sample ${PKG_SYSCONFDIR}/ipsec.secrets $(PERMS)
+CONF_FILES_PERMS+= ${EGDIR}/ipsec.conf-sample ${PKG_SYSCONFDIR}/ipsec.conf $(PERMS)
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/portexcludes.conf ${PKG_SYSCONFDIR}/ipsec.d/policies/portexcludes.conf
+# needs a for loop
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/block ${PKG_SYSCONFDIR}/ipsec.d/policies/block
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/clear ${PKG_SYSCONFDIR}/ipsec.d/policies/clear
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/clear-or-private ${PKG_SYSCONFDIR}/ipsec.d/policies/clear-or-private
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/private ${PKG_SYSCONFDIR}/ipsec.d/policies/private
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/private-or-clear ${PKG_SYSCONFDIR}/ipsec.d/policies/private-or-clear
+
+# Always install pam.d!?
+MAKE_DIRS+= ${PKG_SYSCONFDIR}/pam.d
+CONF_FILES+= ${EGDIR}/pam.d/pluto ${PKG_SYSCONFDIR}/pam.d/pluto
+
+# Alway install logrotate!?!
+MAKE_DIRS+= ${PKG_SYSCONFDIR}/logrotate.d
+CONF_FILES+= ${EGDIR}/logrotate.d/libreswan ${PKG_SYSCONFDIR}/logrotate.d/libreswan
+
+CHECK_PORTABILITY_SKIP= mk/docker-targets.mk
+
+# code not clean enough; XXX: why?
+#BUILDLINK_TRANSFORM+= rm:-Werror
+
+# some stuff uses .include, some does not
+DEPENDS+= xmlto-[0-9]*:../../textproc/xmlto
+
+# libevent?
+.include "../../net/unbound/buildlink3.mk"
+.include "../../www/curl/buildlink3.mk"
+.include "../../devel/nss/buildlink3.mk"
+.include "../../net/ldns/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/libreswan-5/PLIST b/libreswan-5/PLIST
new file mode 100644
index 0000000000..b6fb9e82c9
--- /dev/null
+++ b/libreswan-5/PLIST
@@ -0,0 +1,103 @@
+@comment $NetBSD$
+libexec/ipsec/_asn1check
+libexec/ipsec/_dncheck
+libexec/ipsec/_enumcheck
+libexec/ipsec/_hunkcheck
+libexec/ipsec/_import_crl
+libexec/ipsec/_ipcheck
+libexec/ipsec/_jambufcheck
+libexec/ipsec/_keyidcheck
+libexec/ipsec/_plutorun
+libexec/ipsec/_timecheck
+libexec/ipsec/_ttodatacheck
+libexec/ipsec/_unbound-hook
+libexec/ipsec/_updown
+libexec/ipsec/_updown.bsd
+libexec/ipsec/_vendoridcheck
+libexec/ipsec/addconn
+libexec/ipsec/algparse
+libexec/ipsec/cavp
+libexec/ipsec/ecdsasigkey
+libexec/ipsec/letsencrypt
+libexec/ipsec/newhostkey
+libexec/ipsec/pluto
+libexec/ipsec/readwriteconf
+libexec/ipsec/rsasigkey
+libexec/ipsec/setup
+libexec/ipsec/showhostkey
+libexec/ipsec/showroute
+libexec/ipsec/whack
+man/man5/ipsec.conf.5
+man/man5/ipsec.secrets.5
+man/man7/libreswan.7
+man/man8/ipsec-_plutorun.8
+man/man8/ipsec-_updown.8
+man/man8/ipsec-_updown.bsd.8
+man/man8/ipsec-add.8
+man/man8/ipsec-addconn.8
+man/man8/ipsec-algparse.8
+man/man8/ipsec-briefconnectionstatus.8
+man/man8/ipsec-briefstatus.8
+man/man8/ipsec-certutil.8
+man/man8/ipsec-checkconfig.8
+man/man8/ipsec-checknflog.8
+man/man8/ipsec-checknss.8
+man/man8/ipsec-connectionstatus.8
+man/man8/ipsec-crlutil.8
+man/man8/ipsec-delete.8
+man/man8/ipsec-down.8
+man/man8/ipsec-ecdsasigkey.8
+man/man8/ipsec-fetchcrls.8
+man/man8/ipsec-fipsstatus.8
+man/man8/ipsec-globalstatus.8
+man/man8/ipsec-import.8
+man/man8/ipsec-initnss.8
+man/man8/ipsec-letsencrypt.8
+man/man8/ipsec-listall.8
+man/man8/ipsec-listcacerts.8
+man/man8/ipsec-listcerts.8
+man/man8/ipsec-listcrls.8
+man/man8/ipsec-listen.8
+man/man8/ipsec-listpubkeys.8
+man/man8/ipsec-modutil.8
+man/man8/ipsec-newhostkey.8
+man/man8/ipsec-ondemand.8
+man/man8/ipsec-pk12util.8
+man/man8/ipsec-pluto.8
+man/man8/ipsec-purgeocsp.8
+man/man8/ipsec-readwriteconf.8
+man/man8/ipsec-redirect.8
+man/man8/ipsec-replace.8
+man/man8/ipsec-rereadall.8
+man/man8/ipsec-rereadcerts.8
+man/man8/ipsec-rereadsecrets.8
+man/man8/ipsec-restart.8
+man/man8/ipsec-route.8
+man/man8/ipsec-rsasigkey.8
+man/man8/ipsec-setup.8
+man/man8/ipsec-showhostkey.8
+man/man8/ipsec-showroute.8
+man/man8/ipsec-showstates.8
+man/man8/ipsec-shuntstatus.8
+man/man8/ipsec-start.8
+man/man8/ipsec-status.8
+man/man8/ipsec-stop.8
+man/man8/ipsec-trafficstatus.8
+man/man8/ipsec-unroute.8
+man/man8/ipsec-up.8
+man/man8/ipsec-vfychain.8
+man/man8/ipsec-whack.8
+man/man8/ipsec.8
+man/man8/pluto.8
+sbin/ipsec
+share/examples/libreswan/ipsec.conf-sample
+share/examples/libreswan/ipsec.d/policies/block
+share/examples/libreswan/ipsec.d/policies/clear
+share/examples/libreswan/ipsec.d/policies/clear-or-private
+share/examples/libreswan/ipsec.d/policies/portexcludes.conf
+share/examples/libreswan/ipsec.d/policies/private
+share/examples/libreswan/ipsec.d/policies/private-or-clear
+share/examples/libreswan/ipsec.secrets-sample
+share/examples/libreswan/logrotate.d/libreswan
+share/examples/libreswan/pam.d/pluto
+share/examples/libreswan/rc.d/pluto.sh
diff --git a/libreswan-5/TODO b/libreswan-5/TODO
new file mode 100644
index 0000000000..8b8d76a7bc
--- /dev/null
+++ b/libreswan-5/TODO
@@ -0,0 +1,12 @@
+- platforms other than NetBSD (Linux, and FreeBSD)?
+
+ PFKEYV2 and XFRM are pretty esoteric.
+
+- /etc/ipsec*
+
+ ipsec.conf, ipsec.secrets and ipsec.d/*
+
+- logrotate https://github.com/libreswan/libreswan/issues/767
+
+ It's a weak dependency / suggested package. If libreswan is
+ using syslog, say, it isn't needed.
diff --git a/libreswan-5/distinfo b/libreswan-5/distinfo
new file mode 100644
index 0000000000..cbcbbaa4b4
--- /dev/null
+++ b/libreswan-5/distinfo
@@ -0,0 +1,5 @@
+$NetBSD$
+
+BLAKE2s (libreswan/libreswan-5.0rc2.tar.gz) = e969849745eff82c463d10875e723ae891e6b4a5f2c2da84640783e1e5a83486
+SHA512 (libreswan/libreswan-5.0rc2.tar.gz) = a7f47b820d6aacf46eb3ab80f3436af3580b07e3cce23624329b9c3771bd4a0f75a7cc9c1b25b438a024c2feb1b473595ee6ddbc6773a2d1788639f055e1a15d
+Size (libreswan/libreswan-5.0rc2.tar.gz) = 3951446 bytes
diff --git a/libreswan/COMMIT_MSG b/libreswan/COMMIT_MSG
deleted file mode 100644
index 06f0d2df1f..0000000000
--- a/libreswan/COMMIT_MSG
+++ /dev/null
@@ -1,14 +0,0 @@
-Libreswan: import version 4.12
-
-Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
-
-Libreswan supports IKEv1 and IKEv2 and has support for most of the
-extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
-X.509 Digital Certificates, NAT Traversal, and many others.
-
-On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack.
-On Linux, Libreswan uses the XFRM IPsec stack.
-
-Libreswan was forked from Openswan 2.6.38, which was forked from
-FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
-
diff --git a/libreswan/DESCR b/libreswan/DESCR
deleted file mode 100644
index 461ef667ee..0000000000
--- a/libreswan/DESCR
+++ /dev/null
@@ -1,11 +0,0 @@
-Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
-
-Libreswan supports IKEv1 and IKEv2 and has support for most of the
-extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
-X.509 Digital Certificates, NAT Traversal, and many others.
-
-On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack. On
-Linux, Libreswan uses the XFRM IPsec stack.
-
-Libreswan was forked from Openswan 2.6.38, which was forked from
-FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
diff --git a/libreswan/Makefile b/libreswan/Makefile
deleted file mode 100644
index 73e62d3838..0000000000
--- a/libreswan/Makefile
+++ /dev/null
@@ -1,79 +0,0 @@
-# $NetBSD$
-
-# Libreswan is built using GNU Make (it does not use autoconf).
-#
-# Configuration parameters can be found in mk/config.mk and OS
-# specific overides in mk/default/*.mk (for instance,
-# mk/default/netbsd.mk).
-
-DISTNAME= libreswan-4.15
-PKGREVISION= 0
-MASTER_SITES= https://download.libreswan.org/
-
-CATEGORIES= security
-MAINTAINER= pkgsrc-users%NetBSD.org@localhost
-HOMEPAGE= https://libreswan.org/
-# Libreswan is an ...
-COMMENT= Internet Key Exchange Daemon for managing IPsec
-LICENSE= gnu-gpl-v2
-
-USE_TOOLS+= pkg-config
-USE_TOOLS+= gmake
-USE_TOOLS+= flex
-USE_TOOLS+= bison
-#default is: USE_LANGUAGES+= c
-
-# 4.x installs config files and the rc.d script into /etc and not
-# examples/. Hence, need to move them to their proper directory.
-# 5.x should have this fixed.
-
-EGDIR= ${PREFIX}/share/examples
-MAKE_FLAGS=
-MAKE_FLAGS+= FINALDOCDIR=${EGDIR}/libreswan/
-MAKE_FLAGS+= FINALCONFDDIR=${EGDIR}/libreswan/ipsec.d
-post-install:
- rm -f ${DESTDIR}/usr/pkg/etc/ipsec.conf
- rm -f ${DESTDIR}/usr/pkg/etc/ipsec.secrets
- rm -f ${DESTDIR}/usr/pkg/etc/rc.d/pluto
- mv ${DESTDIR}${EGDIR}/rc.d/pluto ${DESTDIR}${EGDIR}/rc.d/ipsec
- mv ${DESTDIR}/etc/pam.d ${DESTDIR}${EGDIR}/pam.d
- mv ${DESTDIR}/usr/pkg/etc/logrotate.d ${DESTDIR}${EGDIR}/logrotate.d
-#RCD_SCRIPTS= pluto
-CONF_FILES+= ${EGDIR}/rc.d/ipsec ${PKG_SYSCONFDIR}/rc.d/ipsec
-
-# populate /etc
-PERMS=$(REAL_ROOT_USER) $(REAL_ROOT_GROUP) 0700
-MAKE_DIRS_PERMS+= ${PKG_SYSCONFDIR}/ipsec.d $(PERMS)
-MAKE_DIRS_PERMS+= ${PKG_SYSCONFDIR}/ipsec.d/policies $(PERMS)
-CONF_FILES_PERMS+= ${EGDIR}/libreswan/ipsec.secrets-sample ${PKG_SYSCONFDIR}/ipsec.secrets $(PERMS)
-CONF_FILES_PERMS+= ${EGDIR}/libreswan/ipsec.conf-sample ${PKG_SYSCONFDIR}/ipsec.conf $(PERMS)
-CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/portexcludes.conf ${PKG_SYSCONFDIR}/ipsec.d/policies/portexcludes.conf
-# needs a for loop
-CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/block ${PKG_SYSCONFDIR}/ipsec.d/policies/block
-CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/clear ${PKG_SYSCONFDIR}/ipsec.d/policies/clear
-CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/clear-or-private ${PKG_SYSCONFDIR}/ipsec.d/policies/clear-or-private
-CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/private ${PKG_SYSCONFDIR}/ipsec.d/policies/private
-CONF_FILES+= ${EGDIR}/libreswan/ipsec.d/policies/private-or-clear ${PKG_SYSCONFDIR}/ipsec.d/policies/private-or-clear
-
-# Always install pam.d!?
-MAKE_DIRS+= ${PKG_SYSCONFDIR}/pam.d
-CONF_FILES+= ${EGDIR}/pam.d/pluto ${PKG_SYSCONFDIR}/pam.d/pluto
-
-# Alway install logrotate!?!
-MAKE_DIRS+= ${PKG_SYSCONFDIR}/logrotate.d
-CONF_FILES+= ${EGDIR}/logrotate.d/libreswan ${PKG_SYSCONFDIR}/logrotate.d/libreswan
-
-CHECK_PORTABILITY_SKIP= mk/docker-targets.mk
-
-# code not clean enough; XXX: why?
-#BUILDLINK_TRANSFORM+= rm:-Werror
-
-# some stuff uses .include, some does not
-DEPENDS+= xmlto-[0-9]*:../../textproc/xmlto
-
-# libevent?
-.include "../../net/unbound/buildlink3.mk"
-.include "../../www/curl/buildlink3.mk"
-.include "../../devel/nss/buildlink3.mk"
-.include "../../net/ldns/buildlink3.mk"
-.include "../../mk/bsd.pkg.mk"
diff --git a/libreswan/PLIST b/libreswan/PLIST
deleted file mode 100644
index 107c3db608..0000000000
--- a/libreswan/PLIST
+++ /dev/null
@@ -1,72 +0,0 @@
-@comment $NetBSD$
-libexec/ipsec/_import_crl
-libexec/ipsec/_plutorun
-libexec/ipsec/_realsetup
-libexec/ipsec/_secretcensor
-libexec/ipsec/_unbound-hook
-libexec/ipsec/_updown
-libexec/ipsec/_updown.bsd
-libexec/ipsec/addconn
-libexec/ipsec/algparse
-libexec/ipsec/asn1check
-libexec/ipsec/auto
-libexec/ipsec/barf
-libexec/ipsec/cavp
-libexec/ipsec/dncheck
-libexec/ipsec/ecdsasigkey
-libexec/ipsec/enumcheck
-libexec/ipsec/hunkcheck
-libexec/ipsec/ipcheck
-libexec/ipsec/jambufcheck
-libexec/ipsec/keyidcheck
-libexec/ipsec/letsencrypt
-libexec/ipsec/newhostkey
-libexec/ipsec/pluto
-libexec/ipsec/readwriteconf
-libexec/ipsec/rsasigkey
-libexec/ipsec/setup
-libexec/ipsec/showhostkey
-libexec/ipsec/showroute
-libexec/ipsec/timecheck
-libexec/ipsec/vendoridcheck
-libexec/ipsec/whack
-man/man5/ipsec.conf.5
-man/man5/ipsec.secrets.5
-man/man8/ipsec.8
-man/man8/ipsec__import_crl.8
-man/man8/ipsec__plutorun.8
-man/man8/ipsec__realsetup.8
-man/man8/ipsec__secretcensor.8
-man/man8/ipsec__unbound-hook.8
-man/man8/ipsec__updown.8
-man/man8/ipsec__updown.bsdkame.8
-man/man8/ipsec_addconn.8
-man/man8/ipsec_auto.8
-man/man8/ipsec_barf.8
-man/man8/ipsec_checknss.8
-man/man8/ipsec_ecdsasigkey.8
-man/man8/ipsec_import.8
-man/man8/ipsec_initnss.8
-man/man8/ipsec_letsencrypt.8
-man/man8/ipsec_newhostkey.8
-man/man8/ipsec_pluto.8
-man/man8/ipsec_readwriteconf.8
-man/man8/ipsec_rsasigkey.8
-man/man8/ipsec_setup.8
-man/man8/ipsec_showhostkey.8
-man/man8/ipsec_showroute.8
-man/man8/ipsec_vendorid.8
-man/man8/ipsec_whack.8
-man/man8/pluto.8
-sbin/ipsec
-share/examples/libreswan/ipsec.conf-sample
-share/examples/libreswan/ipsec.d/policies/block
-share/examples/libreswan/ipsec.d/policies/clear
-share/examples/libreswan/ipsec.d/policies/clear-or-private
-share/examples/libreswan/ipsec.d/policies/portexcludes.conf
-share/examples/libreswan/ipsec.d/policies/private
-share/examples/libreswan/ipsec.d/policies/private-or-clear
-share/examples/libreswan/ipsec.secrets-sample
-share/examples/rc.d/ipsec
-share/examples/logrotate.d/libreswan
-share/examples/pam.d/pluto
diff --git a/libreswan/TODO b/libreswan/TODO
deleted file mode 100644
index d6e68a1876..0000000000
--- a/libreswan/TODO
+++ /dev/null
@@ -1,25 +0,0 @@
-- platforms other than NetBSD (Linux, and FreeBSD)?
-
- PFKEYV2 and XFRM are pretty esoteric.
-
- Libreswan builds on Fedora, Debian, Apline (they each
- have their own packaing quirks), FreeBSD, NetBSD, OpenBSD
-
- not sure about this package
-
-- add following entries to pkg-vulnerabilities
-
-libreswan<4.15 denial-of-service https://libreswan.org/security/CVE-2024-3652/CVE-2024-3652.txt
-libreswan<4.13nb1 denial-of-service https://libreswan.org/security/CVE-2024-2357/CVE-2024-2357.txt
-libreswan<4.12nb1 denial-of-service https://libreswan.org/security/CVE-2023-38712/CVE-2023-38712.txt
-libreswan<4.12nb1 denial-of-service https://libreswan.org/security/CVE-2023-38711/CVE-2023-38711.txt
-libreswan<4.12nb1 denial-of-service https://libreswan.org/security/CVE-2023-38710/CVE-2023-38710.txt
-libreswan<4.9nb3 denial-of-service https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt
-libreswan<4.9nb2 denial-of-service https://libreswan.org/security/CVE-2023-23009/CVE-2023-23009.txt
-libreswan<4.6 denial-of-service https://libreswan.org/security/CVE-2022-23094/CVE-2022-23094.txt
-
-Notes:
-
-4.7 earliest pkgsrc version, 4.6 is just a baseline
-CVE-2023-2295 was a bug in Red Hat's Libreswan package, not Libreswan
-4.9nb2 4.9nb3 were cut from libreswan's mainline
diff --git a/libreswan/distinfo b/libreswan/distinfo
deleted file mode 100644
index f1a680c464..0000000000
--- a/libreswan/distinfo
+++ /dev/null
@@ -1,5 +0,0 @@
-$NetBSD$
-
-BLAKE2s (libreswan-4.15.tar.gz) = caf4ad3e098aa7b1a57971aabcbf10f834fa7e507bcdf5c130493cb996ec77aa
-SHA512 (libreswan-4.15.tar.gz) = 49a60688bb4a5241dbd791bdde0c71ae80cfb7383bb841ea0788a9d0237569d7ad79e59985c700526e3807817ddae77ebd57521897526fbb8fb93ffbea631efe
-Size (libreswan-4.15.tar.gz) = 3728498 bytes
Home |
Main Index |
Thread Index |
Old Index