FreeBSD Bugzilla – Attachment 225093 Details for
Bug 256009
New port: security/openiked-portable
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
new port entry
openikedp.diff (text/plain), 4.37 KB, created by
David Marec
on 2021-05-19 19:19:44 UTC
(
hide
)
Description:
new port entry
Filename:
MIME Type:
Creator:
David Marec
Created:
2021-05-19 19:19:44 UTC
Size:
4.37 KB
patch
obsolete
>diff --git a/security/openiked-portable/Makefile b/security/openiked-portable/Makefile >new file mode 100644 >index 000000000..1d5dcd363 >--- /dev/null >+++ b/security/openiked-portable/Makefile >@@ -0,0 +1,25 @@ >+PORTNAME= openiked-portable >+DISTVERSIONPREFIX= v >+PORTVERSION= 6.9.0 >+CATEGORIES= security net >+ >+MAINTAINER= portmgr@FreeBSD.org >+COMMENT= IKEv2 daemon >+ >+LICENSE= ISCL >+ >+LIB_DEPENDS= libevent.so:devel/libevent >+ >+USES= cmake ssl >+USE_GITHUB= yes >+GH_ACCOUNT= openiked >+ >+USE_RC_SUBR= iked >+USERS= _iked >+GROUPS= _iked >+ >+post-install: >+ ${MV} ${STAGEDIR}${PREFIX}/etc/iked.conf \ >+ ${STAGEDIR}${PREFIX}/etc/iked.conf.sample >+ >+.include <bsd.port.mk> >diff --git a/security/openiked-portable/distinfo b/security/openiked-portable/distinfo >new file mode 100644 >index 000000000..985274dbd >--- /dev/null >+++ b/security/openiked-portable/distinfo >@@ -0,0 +1,3 @@ >+TIMESTAMP = 1620241950 >+SHA256 (openiked-openiked-portable-v6.9.0_GH0.tar.gz) = 091fb7bb3a1f708b8d620cb11dd5509091c0326293fb38f020a7b6c8909d19af >+SIZE (openiked-openiked-portable-v6.9.0_GH0.tar.gz) = 296532 >diff --git a/security/openiked-portable/files/iked.in b/security/openiked-portable/files/iked.in >new file mode 100644 >index 000000000..850c44287 >--- /dev/null >+++ b/security/openiked-portable/files/iked.in >@@ -0,0 +1,69 @@ >+#!/bin/sh >+ >+# $FreeBSD: head/security/openiked/files/iked.in 425847 2016-11-10 16:14:03Z marcel $ >+# >+# PROVIDE: iked >+# REQUIRE: LOGIN >+# KEYWORD: shutdown >+# >+# Add these lines to /etc/rc.conf.local or /etc/rc.conf >+# to enable this service: >+# >+# iked_enable (bool): Set to NO by default. >+# Set it to YES to enable iked. >+# iked_ramdisk (bool): Set to NO by default. See below. >+# >+# When iked_ramdisk is set to YES, the rc.d script will make sure >+# all directories exist, but will not generate a key pair if none >+# exists. The daemon is not started when the key pair no config >+# files are missing. It is assumed the ramdisk is not populated >+# completely. When iked_ramdisk is NO, key pairs are created as >+# needed and thr daemon is started unconditionally. >+ >+. /etc/rc.subr >+ >+name=iked >+desc="IKEv2 daemon" >+rcvar=iked_enable >+ >+load_rc_config $name >+ >+: ${iked_enable:=NO} >+: ${iked_ramdisk=NO} >+ >+command=%%PREFIX%%/sbin/iked >+start_precmd=iked_precmd >+ >+iked_config=%%PREFIX%%/etc/iked.conf >+iked_rootdir=%%PREFIX%%/etc/iked >+iked_privkey=${iked_rootdir}/private/local.key >+iked_pubkey=${iked_rootdir}/local.pub >+ >+iked_precmd() >+{ >+ >+ if checkyesno iked_ramdisk; then >+ # Make sure we have our directory hierarchy. >+ for D in ca certs crls export private pubkeys \ >+ pubkeys/fqdn pubkeys/ipv4 pubkeys/ipv6 pubkeys/ufqdn; do >+ mkdir -p %%PREFIX%%/etc/iked/$D >+ done >+ chmod 700 %%PREFIX%%/etc/iked/private >+ else >+ # Create a key pair if not already present. >+ if test ! -f $iked_privkey; then >+ /usr/bin/openssl ecparam -genkey -name prime256v1 -noout -out "$iked_privkey" >+ /bin/chmod 600 "$iked_privkey" >+ /usr/bin/openssl ec -in "$iked_privkey" -pubout -out "$iked_pubkey" >+ fi >+ fi >+ >+ # We must have a private key and a configuration file. >+ # Don't start iked when those are missing. >+ if test ! \( -f $iked_privkey -a -f $iked_config \); then >+ # Be quiet about it; it must be intentional. >+ exit 1 >+ fi >+} >+ >+run_rc_command "$1" >diff --git a/security/openiked-portable/pkg-descr b/security/openiked-portable/pkg-descr >new file mode 100644 >index 000000000..5860471b8 >--- /dev/null >+++ b/security/openiked-portable/pkg-descr >@@ -0,0 +1,9 @@ >+OpenIKED is a lean Internet Key Exchange (IKEv2) daemon which performs >+mutual authentication and which establishes and maintains IPsec VPN >+flows and security associations (SAs) between the two peers. >+ >+This version of OpenIKED is derived from OpenIKED's iked, but changed >+to support transport mode IPSec and lazy creation of associations, >+among many other improvements. >+ >+WWW: https://github.com/openiked/openiked-portable >diff --git a/security/openiked-portable/pkg-plist b/security/openiked-portable/pkg-plist >new file mode 100644 >index 000000000..0fd28cb61 >--- /dev/null >+++ b/security/openiked-portable/pkg-plist >@@ -0,0 +1,14 @@ >+@sample(,,600) etc/iked.conf.sample >+sbin/ikectl >+sbin/iked >+man/man5/iked.conf.5.gz >+man/man8/ikectl.8.gz >+man/man8/iked.8.gz >+@dir etc/iked/ca >+@dir etc/iked/certs >+@dir etc/iked/crls >+@dir(,,700) etc/iked/private >+@dir etc/iked/pubkeys/fqdn >+@dir etc/iked/pubkeys/ipv4 >+@dir etc/iked/pubkeys/ipv6 >+@dir etc/iked/pubkeys/ufqdn
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=225093">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 256009
:
225093
|
225098
|
225100
|
225292