New port for SoftEther VPN. An OpenSource multi-protocol and multi-platform VPN client server solution. The port includes the configuration tool (vpncmd), the server component and the client component. Fix: Patch attached with submission follows:
Hi, if you are still interested in having this port in FreeBSD, it may (or may not) need to be reworked to support stage, and it may need updating to other newer conventions such as "USES" which is expanding all time. For staging, see http://lists.freebsd.org/pipermail/freebsd-ports-announce/2014-May/000080.html Additionally, you need to provide some sort of quality assurance. In order of preference, we are looking for: 1) "poudriere testport" or "poudriere bulk -t" logs 2) Redports or tinderbox logs 3) at least this: https://www.freebsd.org/doc/en/books/porters-handbook/porting-testing.html Please provide an updated shar file and attach a test log. Alternatively, please indicate if you are no longer interested in having this software in the Ports Collection and that we can close the PR. Thanks!
Created attachment 145509 [details] Output of make check-orphans, make package, make install, make deinstall, pkg add, make package
Created attachment 145510 [details] Output of: env DEVELOPER=yes make stage >&! other_logs && make check-plist >>&! other_logs && make package >>&! other_logs
Created attachment 145511 [details] Updated port - newer version, stage
See the 3 new attachments. Wish such quality assurance would be required for other parts of FreeBSD
Okay, this is good. The only thing that wasn't tested is dependencies and file system violations (you need poudriere for that) but let's be optimistic and move this to patch-ready.
Well - thing is - once started Softether puts binary files (configurations, data files) into the same directory where the binaries are put. So placing the commands into ${prefix}/bin isn't a good option, there other files then binaries shouldn't be placed. So libexec/softether is maybe a possible location, though putting everything in /var/softether (or somewhere) else isn't maybe an option too. That's the way Softether works and without going deep into the source it can't be changed. So installing it, using it for some time, then removing it will leave files back in libexec/softether - or somewhere else where the binaries are put. If there's some standard where to put binaries, data files and configurations - when being unable to split everything into sbin, etc, share, ... I can change the port easily and modify the wrappers that get installed.
(In reply to T. S. from comment #7) > Well - thing is - once started Softether puts binary files (configurations, > data files) into the same directory where the binaries are put. That's unfortunate. That's not allowed. > So placing the commands into ${prefix}/bin isn't a good option, there other > files then binaries shouldn't be placed. > So libexec/softether is maybe a possible location, though putting everything > in /var/softether (or somewhere) else isn't maybe an option too. libexec isn't allowed either. The s/w can create all the files it wants in /var/softether but it can't but the binary there. > That's the way Softether works and without going deep into the source it > can't be changed. > So installing it, using it for some time, then removing it will leave files > back in libexec/softether - or somewhere else where the binaries are put. I think you are going to have to change this. /usr/local could be mounted ready only. Any program that doesn't work on such a mount is considered broken, and definitely it can't litter in /usr/local (exception is /usr/local/etc) > If there's some standard where to put binaries, data files and > configurations - when being unable to split everything into sbin, etc, > share, ... I can change the port easily and modify the wrappers that get > installed. binaries: /usr/local/bin and /usr/local/libexec data: /usr/local/share/$PORTNAME/ usually config: /usr/local/etc/ Do you want to take this back and work on it some more? Thank you for telling us about this issue up front.
(In reply to John Marino from comment #8) > data: /usr/local/share/$PORTNAME/ usually Oh you mean user data. That would be $HOME or /var/ether I think.
Well - I'm aware it's not really nice to put everything into one directory, though the situation is that the binaries write data files into the same directory where the binaries are put - it's coded this way. /home/softether isn't the place, in my opinion, where server software should be put, /var/softether (or some kind of sub-directory) too. For now - please put this on hold - will see if the authors of the software can modify it in some way that data files, dynamic configuration etc. are placed where they should belong.
(In reply to T. S. from comment #10) > Well - I'm aware it's not really nice to put everything into one directory, > though the situation is that the binaries write data files into the same > directory where the binaries are put - it's coded this way. > /home/softether isn't the place, in my opinion, where server software should > be put, /var/softether (or some kind of sub-directory) too. Maybe this hack would be alright: 1) install softether not in /usr/local/bin and not executable 2) Make an executable script that copies (if it doesn't exist) softether to $HOME directory, make it executable, and run it there. your script just has to known where to only execute or copy then execute first. At least this would be legal. > For now - please put this on hold - will see if the authors of the software > can modify it in some way that data files, dynamic configuration etc. are > placed where they should belong. This sounds like a good idea. I don't know any package system that would tolerate this, so it's surprising that it's set up this way.
I wrote the authors already an email - because there's a CentOS spec file and a Debian directory included in the source this might affect the Linux version in a positive way as well. From both the CentOS and Debian files I don't see any patching, things are put into /usr/vpnbridge, /usr/vpnserver etc. - still also Linux allows to mount /usr as read-only or via NFS (of course SystemD might think different ;) ). So for now - maybe putting this on-hold until the authors replied back that doesn't require any FreeBSD specific patching (and maybe breaking something unintended).
i already moved it back to "open" status which can be used for "on hold". It's fine, just comment on this PR when you want to change the state.
(In reply to T. S. from comment #10) > Well - I'm aware it's not really nice to put everything into one directory, > though the situation is that the binaries write data files into the same > directory where the binaries are put - it's coded this way. > /home/softether isn't the place, in my opinion, where server software should > be put, /var/softether (or some kind of sub-directory) too. > > For now - please put this on hold - will see if the authors of the software > can modify it in some way that data files, dynamic configuration etc. are > placed where they should belong. Take a look at: http://www.bayofrum.net/cgi-bin/fossil/softether/ci/95da163d4b5766e0531e468353ea8ee1448f57b5?sbs=0 This fixes several issues, and hopefully catches all of the opening files. Otherwise, another thing to do is to change working directory to /var/db/softether.. but I don't think this'd work. Please give it a try and let me know.
Created attachment 147112 [details] Directory patch Hello, after some try & error and modifying several files the attached patch should be it and modify the source / headers files that everything points to /var/db/softether while the binaries are in ${PREFIX}/libexec/softether The proposed link modifies also Windows-only files (e.g. winpcap) that this patch won't touch. Though - still untested - remote administration from a Windows machine. Once a VM is setup, I'll do this the next days to check if everything really gets placed into /var/db/softether. The patch may not be really nice by hard-coding the var/db directory, still it introduces some kind of separation between data and binary files.
(In reply to T. S. from comment #15) > The patch may not be really nice by hard-coding the var/db directory, still > it introduces some kind of separation between data and binary files. I think hardcoding to /var/db is okay. Did you run this through poudriere, by any chance?
Hi *, Are the port already done ? I could help to test the port ? Regards, Cliff
Short update. For FreeBSD 10 and maybe later versions, the ports need to build with converters/libiconv instead of the base iconv: I added: BUILD_DEPENDS= libiconv>=1.14:${PORTSDIR}/converters/libiconv With base iconv, the compile failed with message: /usr/bin/ld: cannot found -liconv Regards, C.
*** Bug 199195 has been marked as a duplicate of this bug. ***
Created attachment 155592 [details] Updated port Hello, thanks to everyone involved in testing and giving feedback, the port should be ready. The "softether.tgz" is an updated attachment to the newest version, as well as updated to patches to manually let it use /var/db/softether for storing data files. Tested under: 10.1 i386 / amd64 9.4 i386 / amd64 Running as client, server and bridge with Linux / Windows clients. Additionally tested the ability to remote-configure the server from a Windows client. The patch looks good so far so if there's nothing else, it might be open for the good of the public. Port builds fine with the usual "make && make install && make package". Portlint report: ---- BEGIN HERE ---- WARN: Makefile: [61]: do not use muted INSTALL_foo commands (i.e., those that start with '@'). These should be printed. WARN: Makefile: "BUILD_DEPENDS" has to appear earlier. WARN: /usr/src/ports/security/softether/files/patch-src__Cedar__Cedar.h: [4]: patch contains ^M characters. Consider defining USES=dos2unix to remove DOS line endings from source files. WARN: /usr/src/ports/security/softether/files/patch-src__Cedar__Client.h: [4]: patch contains ^M characters. Consider defining USES=dos2unix to remove DOS line endings from source files. WARN: /usr/src/ports/security/softether/files/patch-src__Cedar__Nat.h: [4]: patch contains ^M characters. Consider defining USES=dos2unix to remove DOS line endings from source files. WARN: /usr/src/ports/security/softether/files/patch-src__Cedar__Server.c: [4]: patch contains ^M characters. Consider defining USES=dos2unix to remove DOS line endings from source files. WARN: /usr/src/ports/security/softether/files/patch-src__Mayaqua__Cfg.c: [4]: patch contains ^M characters. Consider defining USES=dos2unix to remove DOS line endings from source files. WARN: /usr/src/ports/security/softether/files/patch-src__Mayaqua__Cfg.h: [4]: patch contains ^M characters. Consider defining USES=dos2unix to remove DOS line endings from source files. WARN: /usr/src/ports/security/softether/files/patch-src__Mayaqua__Kernel.c: [4]: patch contains ^M characters. Consider defining USES=dos2unix to remove DOS line endings from source files. WARN: /usr/src/ports/security/softether/files/patch-src__Mayaqua__Table.h: [4]: patch contains ^M characters. Consider defining USES=dos2unix to remove DOS line endings from source files. WARN: /usr/src/ports/security/softether/files/patch-src__Mayaqua__Unix.c: [4]: patch contains ^M characters. Consider defining USES=dos2unix to remove DOS line endings from source files. 0 fatal errors and 11 warnings found. ---- END HERE ---- The warnings from the files directory are ok, the patches are applied at DOS line ending files, being later converted.
Meant of course 9.3 instead of 9.4 for the comment above - sry for the typo.
Hi *, Any news about when this port will be commited ? Regards, C.
Created attachment 160582 [details] Update to version 4.18.9570 Hi, an update to the newest version (4.18.9570) has been attached. Tested with 9.3 and 10.2 (i386 and amd64).
Testing@work
A commit references this bug: Author: pi Date: Tue Sep 1 16:30:34 UTC 2015 New revision: 395779 URL: https://svnweb.freebsd.org/changeset/ports/395779 Log: New port: security/softether SoftEther VPN ("SoftEther" means "Software Ethernet") is a powerful, multi-OS and easy-to-use multi-protocol VPN software. It supports SSL-VPN (HTTPS), as well as OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3 and EtherIP tunneling protocols and has a clone function to support OpenVPN clients. WWW: http://www.softether.org PR: 188437 Submitted by: net@arrishq.net Reviewed by: marino Changes: head/security/Makefile head/security/softether/ head/security/softether/Makefile head/security/softether/distinfo head/security/softether/files/ head/security/softether/files/patch-src__Cedar__Cedar.h head/security/softether/files/patch-src__Cedar__Client.h head/security/softether/files/patch-src__Cedar__Nat.h head/security/softether/files/patch-src__Cedar__Server.c head/security/softether/files/patch-src__Mayaqua__Cfg.c head/security/softether/files/patch-src__Mayaqua__Cfg.h head/security/softether/files/patch-src__Mayaqua__Kernel.c head/security/softether/files/patch-src__Mayaqua__Table.h head/security/softether/files/patch-src__Mayaqua__Unix.c head/security/softether/files/softether_bridge.in head/security/softether/files/softether_client.in head/security/softether/files/softether_server.in head/security/softether/files/vpncmd.in head/security/softether/pkg-descr head/security/softether/pkg-message head/security/softether/pkg-plist
Build-tested on current-amd64, 10.2-amd64, 9.3-amd64, 10.2-i386. Committed, thanks for your patience! As this port has complex features, I would like to see run-test-reports and success reports against several clients 8-} Maybe my colleague will have the opportunity to test it against android/iphone.
Please Help VPN Client>niccreat NicCreate command - Create New Virtual Network Adapter Virtual Network Adapter Name: vpn Error occurred. (Error code: 31) Installation of the Virtual Network Adapter device driver failed. VPN Client> FreeBSD 10.2
Seems like this is already completed and there's no action on it for a while, so I'm closing this PR.