pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
libreswan: import version 5.0pre0.20230808
Module Name: pkgsrc-wip
Committed By: Andrew Cagney <andrew.cagney%gmail.com@localhost>
Pushed By: cagney
Date: Tue Aug 8 20:12:11 2023 +0000
Changeset: f55b1a587b32e7ae260f5c32e8d9fce55dbaa441
Added Files:
libreswan-git/COMMIT_MSG
libreswan-git/DESCR
libreswan-git/Makefile
libreswan-git/PLIST
libreswan-git/TODO
libreswan-git/distinfo
Log Message:
libreswan: import version 5.0pre0.20230808
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=f55b1a587b32e7ae260f5c32e8d9fce55dbaa441
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
libreswan-git/COMMIT_MSG | 14 +++++++++
libreswan-git/DESCR | 11 +++++++
libreswan-git/Makefile | 76 ++++++++++++++++++++++++++++++++++++++++++++++++
libreswan-git/PLIST | 72 +++++++++++++++++++++++++++++++++++++++++++++
libreswan-git/TODO | 19 ++++++++++++
libreswan-git/distinfo | 5 ++++
6 files changed, 197 insertions(+)
diffs:
diff --git a/libreswan-git/COMMIT_MSG b/libreswan-git/COMMIT_MSG
new file mode 100644
index 0000000000..47fe032ca9
--- /dev/null
+++ b/libreswan-git/COMMIT_MSG
@@ -0,0 +1,14 @@
+Libreswan: import version 5.0pre0.20230808
+
+Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
+
+Libreswan supports IKEv1 and IKEv2 and has support for most of the
+extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
+X.509 Digital Certificates, NAT Traversal, and many others.
+
+On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack. On
+Linux, Libreswan uses the XFRM IPsec stack.
+
+Libreswan was forked from Openswan 2.6.38, which was forked from
+FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
+
diff --git a/libreswan-git/DESCR b/libreswan-git/DESCR
new file mode 100644
index 0000000000..461ef667ee
--- /dev/null
+++ b/libreswan-git/DESCR
@@ -0,0 +1,11 @@
+Libreswan is an Internet Key Exchange (IKE) daemon for managing IPsec.
+
+Libreswan supports IKEv1 and IKEv2 and has support for most of the
+extensions (RFC + IETF drafts) related to IPsec, including IKEv2,
+X.509 Digital Certificates, NAT Traversal, and many others.
+
+On NetBSD and FreeBSD, Libreswan uses the PF_KEY_V2 IPsec stack. On
+Linux, Libreswan uses the XFRM IPsec stack.
+
+Libreswan was forked from Openswan 2.6.38, which was forked from
+FreeS/WAN 2.04. See the CREDITS files for contributor acknowledgments.
diff --git a/libreswan-git/Makefile b/libreswan-git/Makefile
new file mode 100644
index 0000000000..6569d0c711
--- /dev/null
+++ b/libreswan-git/Makefile
@@ -0,0 +1,76 @@
+# $NetBSD$
+
+# Libreswan is built using GNU Make. It does not use autoconf.
+#
+# Configuration parameters can be found in mk/config.mk and OS
+# specific overides in mk/default/*.mk (for instance,
+# mk/default/netbsd.mk).
+
+DISTNAME= libreswan-5.0pre0.20230808
+GITHUB_PROJECT= libreswan
+GITHUB_TAG= 08dc9d0da33e3f5e88c836c8d2eacbb32a27275b
+MASTER_SITES= ${MASTER_SITE_GITHUB:=${GITHUB_PROJECT}/}
+DIST_SUBDIR= ${GITHUB_PROJECT}
+
+CATEGORIES= security
+MAINTAINER= pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE= https://libreswan.org/
+# Libreswan is an ...
+COMMENT= Internet Key Exchange Daemon for managing IPsec
+LICENSE= gnu-gpl-v2
+
+USE_TOOLS+= pkg-config
+USE_TOOLS+= gmake
+USE_TOOLS+= flex
+USE_TOOLS+= bison
+#default is: USE_LANGUAGES+= c
+
+EGDIR= ${PREFIX}/share/examples/libreswan
+
+# Config files: stop libreswan 4.10+ scribbling into /etc
+MAKE_FLAGS+= INSTALL_CONFIGS=false
+
+# Init scripts aka rc.d: stop libreswan 4.10+ scribbing into /etc
+MAKE_FLAGS+= INSTALL_INITSYSTEM=false
+FILESDIR= ${DESTDIR}${EGDIR}/rc.d
+post-install:
+ mv $(FILESDIR)/pluto $(FILESDIR)/pluto.sh
+#RCD_SCRIPTS= pluto
+#CONF_FILES+= ${EGDIR}/rc.d/ipsec ${PKG_SYSCONFDIR}/rc.d/ipsec
+
+# populate /etc
+PERMS=$(REAL_ROOT_USER) $(REAL_ROOT_GROUP) 0700
+MAKE_DIRS_PERMS+= ${PKG_SYSCONFDIR}/ipsec.d $(PERMS)
+MAKE_DIRS_PERMS+= ${PKG_SYSCONFDIR}/ipsec.d/policies $(PERMS)
+CONF_FILES_PERMS+= ${EGDIR}/ipsec.secrets-sample ${PKG_SYSCONFDIR}/ipsec.secrets $(PERMS)
+CONF_FILES_PERMS+= ${EGDIR}/ipsec.conf-sample ${PKG_SYSCONFDIR}/ipsec.conf $(PERMS)
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/portexcludes.conf ${PKG_SYSCONFDIR}/ipsec.d/policies/portexcludes.conf
+# needs a for loop
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/block ${PKG_SYSCONFDIR}/ipsec.d/policies/block
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/clear ${PKG_SYSCONFDIR}/ipsec.d/policies/clear
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/clear-or-private ${PKG_SYSCONFDIR}/ipsec.d/policies/clear-or-private
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/private ${PKG_SYSCONFDIR}/ipsec.d/policies/private
+CONF_FILES+= ${EGDIR}/ipsec.d/policies/private-or-clear ${PKG_SYSCONFDIR}/ipsec.d/policies/private-or-clear
+
+# Always install pam.d!?
+MAKE_DIRS+= ${PKG_SYSCONFDIR}/pam.d
+CONF_FILES+= ${EGDIR}/pam.d/pluto ${PKG_SYSCONFDIR}/pam.d/pluto
+
+# Alway install logrotate!?!
+MAKE_DIRS+= ${PKG_SYSCONFDIR}/logrotate.d
+CONF_FILES+= ${EGDIR}/logrotate.d/libreswan ${PKG_SYSCONFDIR}/logrotate.d/libreswan
+
+CHECK_PORTABILITY_SKIP= mk/docker-targets.mk
+
+# code not clean enough; XXX: why?
+#BUILDLINK_TRANSFORM+= rm:-Werror
+
+# some stuff uses .include, some does not
+DEPENDS+= xmlto-[0-9]*:../../textproc/xmlto
+
+# libevent?
+.include "../../net/unbound/buildlink3.mk"
+.include "../../www/curl/buildlink3.mk"
+.include "../../devel/nss/buildlink3.mk"
+.include "../../net/ldns/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/libreswan-git/PLIST b/libreswan-git/PLIST
new file mode 100644
index 0000000000..81d1e8b899
--- /dev/null
+++ b/libreswan-git/PLIST
@@ -0,0 +1,72 @@
+@comment $NetBSD$
+libexec/ipsec/_import_crl
+libexec/ipsec/_plutorun
+libexec/ipsec/_realsetup
+libexec/ipsec/_secretcensor
+libexec/ipsec/_unbound-hook
+libexec/ipsec/_updown
+libexec/ipsec/_updown.bsd
+libexec/ipsec/addconn
+libexec/ipsec/algparse
+libexec/ipsec/asn1check
+libexec/ipsec/auto
+libexec/ipsec/barf
+libexec/ipsec/cavp
+libexec/ipsec/dncheck
+libexec/ipsec/ecdsasigkey
+libexec/ipsec/enumcheck
+libexec/ipsec/hunkcheck
+libexec/ipsec/ipcheck
+libexec/ipsec/jambufcheck
+libexec/ipsec/keyidcheck
+libexec/ipsec/letsencrypt
+libexec/ipsec/newhostkey
+libexec/ipsec/pluto
+libexec/ipsec/readwriteconf
+libexec/ipsec/rsasigkey
+libexec/ipsec/setup
+libexec/ipsec/showhostkey
+libexec/ipsec/showroute
+libexec/ipsec/timecheck
+libexec/ipsec/vendoridcheck
+libexec/ipsec/whack
+man/man5/ipsec.conf.5
+man/man5/ipsec.secrets.5
+man/man8/ipsec.8
+man/man8/ipsec__import_crl.8
+man/man8/ipsec__plutorun.8
+man/man8/ipsec__realsetup.8
+man/man8/ipsec__secretcensor.8
+man/man8/ipsec__unbound-hook.8
+man/man8/ipsec__updown.8
+man/man8/ipsec__updown.bsdkame.8
+man/man8/ipsec_addconn.8
+man/man8/ipsec_auto.8
+man/man8/ipsec_barf.8
+man/man8/ipsec_checknss.8
+man/man8/ipsec_ecdsasigkey.8
+man/man8/ipsec_import.8
+man/man8/ipsec_initnss.8
+man/man8/ipsec_letsencrypt.8
+man/man8/ipsec_newhostkey.8
+man/man8/ipsec_pluto.8
+man/man8/ipsec_readwriteconf.8
+man/man8/ipsec_rsasigkey.8
+man/man8/ipsec_setup.8
+man/man8/ipsec_showhostkey.8
+man/man8/ipsec_showroute.8
+man/man8/ipsec_vendorid.8
+man/man8/ipsec_whack.8
+man/man8/pluto.8
+sbin/ipsec
+share/examples/libreswan/ipsec.conf-sample
+share/examples/libreswan/ipsec.d/policies/block
+share/examples/libreswan/ipsec.d/policies/clear
+share/examples/libreswan/ipsec.d/policies/clear-or-private
+share/examples/libreswan/ipsec.d/policies/portexcludes.conf
+share/examples/libreswan/ipsec.d/policies/private
+share/examples/libreswan/ipsec.d/policies/private-or-clear
+share/examples/libreswan/ipsec.secrets-sample
+share/examples/libreswan/logrotate.d/libreswan
+share/examples/libreswan/pam.d/pluto
+share/examples/libreswan/rc.d/pluto.sh
diff --git a/libreswan-git/TODO b/libreswan-git/TODO
new file mode 100644
index 0000000000..119ea5fdfd
--- /dev/null
+++ b/libreswan-git/TODO
@@ -0,0 +1,19 @@
+- platforms other than NetBSD (Linux, and FreeBSD)?
+
+ PFKEYV2 and XFRM are pretty esoteric.
+
+- /etc/ipsec*
+
+ ipsec.conf, ipsec.secrets and ipsec.d/*
+
+- logrotate https://github.com/libreswan/libreswan/issues/767
+
+ It's a weak dependency / suggested package. If libreswan is
+ using syslog, say, it isn't needed.
+
+ During install, libreswan creates logrotate.d and then installs
+ a logrotate file. It doesn't install the file in examples
+ (which begs the question where).
+
+- fix handling of config files - install into share/examples/libreswan
+ and use CONF_FILES
diff --git a/libreswan-git/distinfo b/libreswan-git/distinfo
new file mode 100644
index 0000000000..f1abd6af8e
--- /dev/null
+++ b/libreswan-git/distinfo
@@ -0,0 +1,5 @@
+$NetBSD$
+
+BLAKE2s (libreswan/libreswan-5.0pre0.20230808-08dc9d0da33e3f5e88c836c8d2eacbb32a27275b.tar.gz) = e960d14f5a4890c125465e85d0b7e0de503837bf8a3abe0ec53e6d6dba9084f1
+SHA512 (libreswan/libreswan-5.0pre0.20230808-08dc9d0da33e3f5e88c836c8d2eacbb32a27275b.tar.gz) = b554982dff64001749bd0ed64213b0bc3b7390699c1fff25594b240970da7aa35eefac680a124f7f4ebfdee3e0c4d0e7420e3c14648d2fea17903084181d05a1
+Size (libreswan/libreswan-5.0pre0.20230808-08dc9d0da33e3f5e88c836c8d2eacbb32a27275b.tar.gz) = 3789528 bytes
Home |
Main Index |
Thread Index |
Old Index