Bug 189132 - security/strongswan Update request to 5.1.3 (CVE 2014-2338)
security/strongswan Update request to 5.1.3 (CVE 2014-2338)
Status: Closed FIXED
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s)
Latest
Any Any
: Normal Affects Only Me
Assigned To: Kurt Jaeger
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-04-30 09:50 UTC by dewayne
Modified: 2014-05-15 13:52 UTC (History)
0 users

See Also:


Attachments
strongswan-5.1.3.patch.txt (16.24 KB, text/plain)
2014-05-08 07:01 UTC, strongswan
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description dewayne 2014-04-30 09:50:02 UTC
Strongswan has quite a few useful changes from 5.1.1 to 5.1.3, please refer: 
http://wiki.strongswan.org/projects/strongswan/wiki/Changelog51

strongswan 5.1.3 was released 14th April 2014 and addresses CVE 2014-2338, unfortunately portaudit as of Wed Apr 30 08:31:59 UTC 2014 did not include this vulnerability.

Details of CVE at:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2338

After changing only the Makefile's to
PORTVERSION=    5.1.3
I've tested 5.1.3 compilation on a 9.2Stable system (using gcc & pkg_*).  Compiles and builds a package cleanly but I haven't tested its function yet.
Comment 1 Edwin Groothuis freebsd_committer 2014-04-30 09:50:09 UTC
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 2 Edwin Groothuis freebsd_committer 2014-04-30 09:50:09 UTC
Maintainer of security/strongswan,

Please note that PR ports/189132 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/189132

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 3 strongswan 2014-05-08 07:01:02 UTC
Number: 189132
Category:       ports
Synopsis:       security/strongswan Update request to 5.1.3 (CVE 2014-2338)
Severity:       non-critical
Priority:       low
Responsible:    freebsd-ports-bugs
State:  feedback
Class:  maintainer-update

Hi

I created a patch attached to the e-mail to update the strongswan port to 5.1.3 that addresses CVE 2014-2338 (Was added to port audit on 4 May 2014)
The update also resolves issues with http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/186865
And http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/186867

The update was tested on FreeBSD 10.0 and FreeBSD 9.2

Description for update:
 - Update strongSwan port to 5.1.3 to resolve CVE 2014-2338
 -  Fixed rcvar issue with FreeBSD 10 (ports/186865)
 - Added building of additional tools included in strongswan (ports/186867)


Kind Regards

Francois ten Krooden
Senior Software Developer

Nanoteq
Tel: +27 12 672 7000
Fax: +27 12 665 1343
Postal: P.O. Box 7991, Centurion, 0046
Physical: 1 Pieter street, Highveld Park, Centurion



Important Notice:

This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail legal notice available at:
http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx
Comment 4 dewayne.geraghty 2014-05-13 00:04:02 UTC
Thank-you Francois, your support of this port is greatly appreciated.
 
I can confirm strongwan 5.1.3 functions correctly between:
a) 9.2Stable and nat'ed Window7 clients, and
b) multiple 9.2Stable servers using eap-tls.

I've also added -enable-padlock to the Makefile as our internet facing
firewalls use padlock CPUs.

Kind regards, Dewayne
Comment 5 Kurt Jaeger freebsd_committer 2014-05-15 09:37:51 UTC
Responsible Changed
From-To: freebsd-ports-bugs->pi

Testing @work
Comment 6 dfilter freebsd_committer 2014-05-15 13:47:25 UTC
Author: pi
Date: Thu May 15 12:47:20 2014
New Revision: 354114
URL: http://svnweb.freebsd.org/changeset/ports/354114
QAT: https://qat.redports.org/buildarchive/r354114/

Log:
  security/strongswan: update 5.1.1 -> 5.1.3 with security update
  
  - Update strongSwan port to 5.1.3 to resolve CVE 2014-2338
  - Fixed rcvar issue with FreeBSD 10 (ports/186865)
  - Added building of additional tools included in strongswan (ports/186867)
  - libtool fix
  - pkg-plist updated
  
  PR:             ports/189132, ports/186865, ports/186867
  Submitted by:   Robert Sevat, Dewayne Geraghty, Francois ten Krooden (maintainer)
  Approved by:    jadawin (mentor)

Modified:
  head/security/strongswan/Makefile
  head/security/strongswan/distinfo
  head/security/strongswan/files/strongswan.in
  head/security/strongswan/pkg-plist

Modified: head/security/strongswan/Makefile
==============================================================================
--- head/security/strongswan/Makefile	Thu May 15 12:41:58 2014	(r354113)
+++ head/security/strongswan/Makefile	Thu May 15 12:47:20 2014	(r354114)
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	strongswan
-PORTVERSION=	5.1.1
-PORTREVISION=	1
+PORTVERSION=	5.1.3
 CATEGORIES=	security
 MASTER_SITES=	http://download.strongswan.org/ \
 		http://download2.strongswan.org/
@@ -13,9 +12,8 @@ COMMENT=	Open Source IKEv2 IPsec-based V
 
 LIB_DEPENDS=	libexecinfo.so:${PORTSDIR}/devel/libexecinfo
 
-USE_BZIP2=	yes
+USES=		libtool:keepla tar:bzip2
 USE_OPENSSL=	yes
-USE_AUTOTOOLS=	libtool
 USE_RC_SUBR=	strongswan
 GNU_CONFIGURE=	yes
 USE_LDCONFIG=	yes
@@ -23,7 +21,6 @@ USE_LDCONFIG=	yes
 CONFIGURE_ARGS=	--enable-kernel-pfkey \
 		--enable-kernel-pfroute  \
 		--disable-kernel-netlink  \
-		--disable-tools  \
 		--disable-scripts  \
 		--disable-gmp \
 		--enable-openssl \
@@ -43,7 +40,7 @@ CONFIGURE_ARGS=	--enable-kernel-pfkey \
 
 OPTIONS_DEFINE=	CURL EAPAKA3GPP2 EAPDYNAMIC EAPRADIUS EAPSIMFILE IKEv1 \
 		IPSECKEY KERNELLIBIPSEC LOADTESTER LDAP MYSQL SQLITE \
-		TESTVECTOR UNBOUND XAUTH
+		TESTVECTOR TOOLS UNBOUND XAUTH
 OPTIONS_SUB=	yes
 CURL_DESC=	Enable CURL to fetch CRL/OCSP
 EAPAKA3GPP2_DESC=	Enable EAP AKA with 3gpp2 backend
@@ -55,6 +52,7 @@ IPSECKEY_DESC=	Enable authentication wit
 KERNELLIBIPSEC_DESC=	Enable IPSec userland backend
 LOADTESTER_DESC=	Enable load testing plugin
 TESTVECTOR_DESC=	Enable crypto test vectors
+TOOLS_DESC=	Enable PKI tools
 UNBOUND_DESC=	Enable DNSSEC-enabled resolver
 XAUTH_DESC=	Enable XAuth password verification
 
@@ -77,6 +75,7 @@ MYSQL_USE=		USE_MYSQL=yes
 SQLITE_CONFIGURE_ON=	--enable-sqlite
 SQLITE_LIB_DEPENDS=	libsqlite3.so:${PORTSDIR}/databases/sqlite3
 TESTVECTOR_CONFIGURE_ON=--enable-test-vectors
+TOOLS_CONFIGURE_OFF=	--disable-tools
 UNBOUND_CONFIGURE_ON=	--enable-unbound
 UNBOUND_LIB_DEPENDS=	libunbound.so:${PORTSDIR}/dns/unbound
 XAUTH_CONFIGURE_ON=	--enable-xauth-eap --enable-xauth-generic
@@ -89,6 +88,12 @@ PLIST_SUB+=	SIMAKA=""
 PLIST_SUB+=	SIMAKA="@comment "
 .endif
 
+.if ${PORT_OPTIONS:MEAPDYNAMIC} || ${PORT_OPTIONS:MEAPAKA3GPP2}
+PLIST_SUB+=	DYNAKA=""
+.else
+PLIST_SUB+=	DYNAKA="@comment "
+.endif
+
 .if ${PORT_OPTIONS:MMYSQL} || ${PORT_OPTIONS:MSQLITE}
 CONFIGURE_ARGS+=	--enable-attr-sql --enable-sql
 PLIST_SUB+=	SQL=""
@@ -96,9 +101,26 @@ PLIST_SUB+=	SQL=""
 PLIST_SUB+=	SQL="@comment "
 .endif
 
+.if ${PORT_OPTIONS:MIKEv1} || ${PORT_OPTIONS:MXAUTH}
+PLIST_SUB+=	XAUTHGEN=""
+.else
+PLIST_SUB+=	XAUTHGEN="@comment "
+.endif
+
 post-install:
 	${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
+	${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/strongswan.d
+	${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/strongswan.d/charon
 	${INSTALL_DATA} ${STAGEDIR}${PREFIX}/etc/strongswan.conf ${STAGEDIR}${EXAMPLESDIR}
 	${INSTALL_DATA} ${STAGEDIR}${PREFIX}/etc/ipsec.conf ${STAGEDIR}${EXAMPLESDIR}
+	${INSTALL_DATA} ${STAGEDIR}${PREFIX}/etc/strongswan.d/*.* ${STAGEDIR}${EXAMPLESDIR}/strongswan.d
+	${INSTALL_DATA} ${STAGEDIR}${PREFIX}/etc/strongswan.d/charon/*.* ${STAGEDIR}${EXAMPLESDIR}/strongswan.d/charon
+.for i in strongswan hydra tls charon
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/ipsec/lib${i}.so.0.0.0
+.endfor
+.for i in aes des blowfish rc2 md4 md5 sha1 sha2 random nonce hmac cmac xcbc x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf attr kernel-pfkey kernel-pfroute resolve socket-default stroke updown eap-identity eap-md5 eap-mschapv2 eap-tls eap-ttls eap-peap whitelist addrblock
+	${STRIP_CMD} \
+		${STAGEDIR}${PREFIX}/lib/ipsec/plugins/libstrongswan-${i}.so
+.endfor
 
 .include <bsd.port.mk>

Modified: head/security/strongswan/distinfo
==============================================================================
--- head/security/strongswan/distinfo	Thu May 15 12:41:58 2014	(r354113)
+++ head/security/strongswan/distinfo	Thu May 15 12:47:20 2014	(r354114)
@@ -1,2 +1,2 @@
-SHA256 (strongswan-5.1.1.tar.bz2) = fbf2a668221fc4a36a34bdeac2dfeda25b96f572d551df022585177953622406
-SIZE (strongswan-5.1.1.tar.bz2) = 3673200
+SHA256 (strongswan-5.1.3.tar.bz2) = 84e46d5ce801e1b874e2bfba8d21dbd78b432e23b7fb1f4f2d637359e7a183a8
+SIZE (strongswan-5.1.3.tar.bz2) = 3807212

Modified: head/security/strongswan/files/strongswan.in
==============================================================================
--- head/security/strongswan/files/strongswan.in	Thu May 15 12:41:58 2014	(r354113)
+++ head/security/strongswan/files/strongswan.in	Thu May 15 12:47:20 2014	(r354114)
@@ -11,7 +11,7 @@ command="%%PREFIX%%/sbin/ipsec"
 . /etc/rc.subr
 
 name="strongswan"
-rcvar=`set_rcvar`
+rcvar=${name}_enable
 extra_commands="reload statusall"
 
 load_rc_config $name

Modified: head/security/strongswan/pkg-plist
==============================================================================
--- head/security/strongswan/pkg-plist	Thu May 15 12:41:58 2014	(r354113)
+++ head/security/strongswan/pkg-plist	Thu May 15 12:47:20 2014	(r354114)
@@ -151,6 +151,97 @@ sbin/ipsec
 sbin/charon-cmd
 share/examples/strongswan/ipsec.conf
 share/examples/strongswan/strongswan.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon-logging.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/addrblock.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/aes.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/attr.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/blowfish.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/cmac.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/constraints.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/des.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/dnskey.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-identity.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-md5.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-mschapv2.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-peap.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-tls.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-ttls.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/fips-prf.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/hmac.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/kernel-pfkey.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/kernel-pfroute.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/md4.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/md5.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/nonce.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/openssl.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pem.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pgp.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pkcs1.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pkcs12.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pkcs7.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pkcs8.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pubkey.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/random.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/rc2.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/resolve.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/revocation.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sha1.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sha2.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/socket-default.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sshkey.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/stroke.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/updown.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/whitelist.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/x509.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/xcbc.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/starter.conf
+%%DATADIR%%/templates/config/plugins/addrblock.conf
+%%DATADIR%%/templates/config/plugins/aes.conf
+%%DATADIR%%/templates/config/plugins/attr.conf
+%%DATADIR%%/templates/config/plugins/blowfish.conf
+%%DATADIR%%/templates/config/plugins/cmac.conf
+%%DATADIR%%/templates/config/plugins/constraints.conf
+%%DATADIR%%/templates/config/plugins/des.conf
+%%DATADIR%%/templates/config/plugins/dnskey.conf
+%%DATADIR%%/templates/config/plugins/eap-identity.conf
+%%DATADIR%%/templates/config/plugins/eap-md5.conf
+%%DATADIR%%/templates/config/plugins/eap-mschapv2.conf
+%%DATADIR%%/templates/config/plugins/eap-peap.conf
+%%DATADIR%%/templates/config/plugins/eap-tls.conf
+%%DATADIR%%/templates/config/plugins/eap-ttls.conf
+%%DATADIR%%/templates/config/plugins/fips-prf.conf
+%%DATADIR%%/templates/config/plugins/hmac.conf
+%%DATADIR%%/templates/config/plugins/kernel-pfkey.conf
+%%DATADIR%%/templates/config/plugins/kernel-pfroute.conf
+%%DATADIR%%/templates/config/plugins/md4.conf
+%%DATADIR%%/templates/config/plugins/md5.conf
+%%DATADIR%%/templates/config/plugins/nonce.conf
+%%DATADIR%%/templates/config/plugins/openssl.conf
+%%DATADIR%%/templates/config/plugins/pem.conf
+%%DATADIR%%/templates/config/plugins/pgp.conf
+%%DATADIR%%/templates/config/plugins/pkcs1.conf
+%%DATADIR%%/templates/config/plugins/pkcs12.conf
+%%DATADIR%%/templates/config/plugins/pkcs7.conf
+%%DATADIR%%/templates/config/plugins/pkcs8.conf
+%%DATADIR%%/templates/config/plugins/pubkey.conf
+%%DATADIR%%/templates/config/plugins/random.conf
+%%DATADIR%%/templates/config/plugins/rc2.conf
+%%DATADIR%%/templates/config/plugins/resolve.conf
+%%DATADIR%%/templates/config/plugins/revocation.conf
+%%DATADIR%%/templates/config/plugins/sha1.conf
+%%DATADIR%%/templates/config/plugins/sha2.conf
+%%DATADIR%%/templates/config/plugins/socket-default.conf
+%%DATADIR%%/templates/config/plugins/sshkey.conf
+%%DATADIR%%/templates/config/plugins/stroke.conf
+%%DATADIR%%/templates/config/plugins/updown.conf
+%%DATADIR%%/templates/config/plugins/whitelist.conf
+%%DATADIR%%/templates/config/plugins/x509.conf
+%%DATADIR%%/templates/config/plugins/xcbc.conf
+%%DATADIR%%/templates/config/strongswan.conf
+%%DATADIR%%/templates/config/strongswan.d/charon-logging.conf
+%%DATADIR%%/templates/config/strongswan.d/charon.conf
+%%DATADIR%%/templates/config/strongswan.d/starter.conf
 man/man5/strongswan.conf.5.gz
 man/man5/ipsec.conf.5.gz
 man/man5/ipsec.secrets.5.gz
@@ -175,27 +266,45 @@ man/man8/_updown_espmark.8.gz
 %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.a
 %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.la
 %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.so
+%%EAPAKA3GPP2%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-aka-3gpp2.conf
+%%EAPAKA3GPP2%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-aka.conf
+%%EAPAKA3GPP2%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/gmp.conf
+%%EAPAKA3GPP2%%%%DATADIR%%/templates/config/plugins/eap-aka-3gpp2.conf
+%%EAPAKA3GPP2%%%%DATADIR%%/templates/config/plugins/eap-aka.conf
+%%DYNAKA%%%%DATADIR%%/templates/config/plugins/gmp.conf
 %%EAPDYNAMIC%%lib/ipsec/plugins/libstrongswan-eap-dynamic.a
 %%EAPDYNAMIC%%lib/ipsec/plugins/libstrongswan-eap-dynamic.la
 %%EAPDYNAMIC%%lib/ipsec/plugins/libstrongswan-eap-dynamic.so
+%%EAPDYNAMIC%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-dynamic.conf
+%%EAPDYNAMIC%%%%DATADIR%%/templates/config/plugins/eap-dynamic.conf
 %%EAPRADIUS%%lib/ipsec/plugins/libstrongswan-eap-radius.a
 %%EAPRADIUS%%lib/ipsec/plugins/libstrongswan-eap-radius.la
 %%EAPRADIUS%%lib/ipsec/plugins/libstrongswan-eap-radius.so
+%%EAPRADIUS%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-radius.conf
+%%EAPRADIUS%%%%DATADIR%%/templates/config/plugins/eap-radius.conf
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.a
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.la
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.so
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim-file.a
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim-file.la
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim-file.so
+%%EAPSIMFILE%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-sim-file.conf
+%%EAPSIMFILE%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-sim.conf
+%%EAPSIMFILE%%%%DATADIR%%/templates/config/plugins/eap-sim-file.conf
+%%EAPSIMFILE%%%%DATADIR%%/templates/config/plugins/eap-sim.conf
 %%CURL%%lib/ipsec/plugins/libstrongswan-curl.a
 %%CURL%%lib/ipsec/plugins/libstrongswan-curl.la
 %%CURL%%lib/ipsec/plugins/libstrongswan-curl.so
+%%CURL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/curl.conf
+%%CURL%%%%DATADIR%%/templates/config/plugins/curl.conf
 %%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.a
 %%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.la
 %%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.so
 %%IPSECKEY%%lib/ipsec/plugins/libstrongswan-ipseckey.a
 %%IPSECKEY%%lib/ipsec/plugins/libstrongswan-ipseckey.la
 %%IPSECKEY%%lib/ipsec/plugins/libstrongswan-ipseckey.so
+%%IPSECKEY%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/ipseckey.conf
+%%IPSECKEY%%%%DATADIR%%/templates/config/plugins/ipseckey.conf
 %%KERNELLIBIPSEC%%lib/ipsec/libipsec.a
 %%KERNELLIBIPSEC%%lib/ipsec/libipsec.la
 %%KERNELLIBIPSEC%%lib/ipsec/libipsec.so
@@ -203,36 +312,141 @@ man/man8/_updown_espmark.8.gz
 %%KERNELLIBIPSEC%%lib/ipsec/plugins/libstrongswan-kernel-libipsec.a
 %%KERNELLIBIPSEC%%lib/ipsec/plugins/libstrongswan-kernel-libipsec.la
 %%KERNELLIBIPSEC%%lib/ipsec/plugins/libstrongswan-kernel-libipsec.so
+%%KERNELLIBIPSEC%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/kernel-libipsec.conf
+%%KERNELLIBIPSEC%%%%DATADIR%%/templates/config/plugins/kernel-libipsec.conf
 %%LOADTESTER%%lib/ipsec/plugins/libstrongswan-load-tester.a
 %%LOADTESTER%%lib/ipsec/plugins/libstrongswan-load-tester.la
 %%LOADTESTER%%lib/ipsec/plugins/libstrongswan-load-tester.so
 %%LOADTESTER%%libexec/ipsec/load-tester
+%%LOADTESTER%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/load-tester.conf
+%%LOADTESTER%%%%DATADIR%%/templates/config/plugins/load-tester.conf
 %%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.a
 %%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.la
 %%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.so
+%%LDAP%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/ldap.conf
+%%LDAP%%%%DATADIR%%/templates/config/plugins/ldap.conf
 %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.a
 %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.la
 %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.so
+%%MYSQL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/mysql.conf
+%%MYSQL%%%%DATADIR%%/templates/config/plugins/mysql.conf
 %%SQL%%lib/ipsec/plugins/libstrongswan-attr-sql.a
 %%SQL%%lib/ipsec/plugins/libstrongswan-attr-sql.la
 %%SQL%%lib/ipsec/plugins/libstrongswan-attr-sql.so
+%%SQL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/attr-sql.conf
+%%SQL%%%%DATADIR%%/templates/config/plugins/attr-sql.conf
 %%SQL%%lib/ipsec/plugins/libstrongswan-sql.a
 %%SQL%%lib/ipsec/plugins/libstrongswan-sql.la
 %%SQL%%lib/ipsec/plugins/libstrongswan-sql.so
+%%SQL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sql.conf
+%%SQL%%%%DATADIR%%/templates/config/plugins/sql.conf
 %%SQL%%libexec/ipsec/pool
+%%SQL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/pool.conf
+%%SQL%%%%DATADIR%%/templates/config/strongswan.d/pool.conf
+%%SQL%%%%DATADIR%%/templates/database/sql/mysql.sql
+%%SQL%%%%DATADIR%%/templates/database/sql/sqlite.sql
 %%SQLITE%%lib/ipsec/plugins/libstrongswan-sqlite.a
 %%SQLITE%%lib/ipsec/plugins/libstrongswan-sqlite.la
 %%SQLITE%%lib/ipsec/plugins/libstrongswan-sqlite.so
+%%SQLITE%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sqlite.conf
+%%SQLITE%%%%DATADIR%%/templates/config/plugins/sqlite.conf
 %%TESTVECTOR%%lib/ipsec/plugins/libstrongswan-test-vectors.a
 %%TESTVECTOR%%lib/ipsec/plugins/libstrongswan-test-vectors.la
 %%TESTVECTOR%%lib/ipsec/plugins/libstrongswan-test-vectors.so
+%%TESTVECTOR%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/test-vectors.conf
+%%TESTVECTOR%%%%DATADIR%%/templates/config/plugins/test-vectors.conf
+%%TOOLS%%bin/pki
+%%TOOLS%%libexec/ipsec/scepclient
+%%TOOLS%%man/man1/pki---acert.1.gz
+%%TOOLS%%man/man1/pki---gen.1.gz
+%%TOOLS%%man/man1/pki---issue.1.gz
+%%TOOLS%%man/man1/pki---keyid.1.gz
+%%TOOLS%%man/man1/pki---pkcs7.1.gz
+%%TOOLS%%man/man1/pki---print.1.gz
+%%TOOLS%%man/man1/pki---pub.1.gz
+%%TOOLS%%man/man1/pki---req.1.gz
+%%TOOLS%%man/man1/pki---self.1.gz
+%%TOOLS%%man/man1/pki---signcrl.1.gz
+%%TOOLS%%man/man1/pki---verify.1.gz
+%%TOOLS%%man/man1/pki.1.gz
+%%TOOLS%%man/man8/scepclient.8.gz
+%%TOOLS%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/tools.conf
+%%TOOLS%%%%DATADIR%%/templates/config/strongswan.d/tools.conf
 %%UNBOUND%%lib/ipsec/plugins/libstrongswan-unbound.a
 %%UNBOUND%%lib/ipsec/plugins/libstrongswan-unbound.la
 %%UNBOUND%%lib/ipsec/plugins/libstrongswan-unbound.so
+%%UNBOUND%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/unbound.conf
+%%UNBOUND%%%%DATADIR%%/templates/config/plugins/unbound.conf
 %%XAUTH%%lib/ipsec/plugins/libstrongswan-xauth-eap.a
 %%XAUTH%%lib/ipsec/plugins/libstrongswan-xauth-eap.la
 %%XAUTH%%lib/ipsec/plugins/libstrongswan-xauth-eap.so
-@dirrm share/examples/strongswan
+%%XAUTH%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/xauth-eap.conf
+%%XAUTH%%%%DATADIR%%/templates/config/plugins/xauth-eap.conf
+%%XAUTHGEN%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/xauth-generic.conf
+%%XAUTHGEN%%%%DATADIR%%/templates/config/plugins/xauth-generic.conf
+etc/ipsec.conf
+%%ETCDIR%%.conf
+%%ETCDIR%%.d/charon-logging.conf
+%%ETCDIR%%.d/charon.conf
+%%ETCDIR%%.d/charon/addrblock.conf
+%%ETCDIR%%.d/charon/aes.conf
+%%ETCDIR%%.d/charon/attr.conf
+%%ETCDIR%%.d/charon/blowfish.conf
+%%ETCDIR%%.d/charon/cmac.conf
+%%ETCDIR%%.d/charon/constraints.conf
+%%ETCDIR%%.d/charon/des.conf
+%%ETCDIR%%.d/charon/dnskey.conf
+%%ETCDIR%%.d/charon/eap-identity.conf
+%%ETCDIR%%.d/charon/eap-md5.conf
+%%ETCDIR%%.d/charon/eap-mschapv2.conf
+%%ETCDIR%%.d/charon/eap-peap.conf
+%%ETCDIR%%.d/charon/eap-tls.conf
+%%ETCDIR%%.d/charon/eap-ttls.conf
+%%ETCDIR%%.d/charon/fips-prf.conf
+%%ETCDIR%%.d/charon/hmac.conf
+%%ETCDIR%%.d/charon/kernel-pfkey.conf
+%%ETCDIR%%.d/charon/kernel-pfroute.conf
+%%ETCDIR%%.d/charon/md4.conf
+%%ETCDIR%%.d/charon/md5.conf
+%%ETCDIR%%.d/charon/nonce.conf
+%%ETCDIR%%.d/charon/openssl.conf
+%%ETCDIR%%.d/charon/pem.conf
+%%ETCDIR%%.d/charon/pgp.conf
+%%ETCDIR%%.d/charon/pkcs1.conf
+%%ETCDIR%%.d/charon/pkcs12.conf
+%%ETCDIR%%.d/charon/pkcs7.conf
+%%ETCDIR%%.d/charon/pkcs8.conf
+%%ETCDIR%%.d/charon/pubkey.conf
+%%ETCDIR%%.d/charon/random.conf
+%%ETCDIR%%.d/charon/rc2.conf
+%%ETCDIR%%.d/charon/resolve.conf
+%%ETCDIR%%.d/charon/revocation.conf
+%%ETCDIR%%.d/charon/sha1.conf
+%%ETCDIR%%.d/charon/sha2.conf
+%%ETCDIR%%.d/charon/socket-default.conf
+%%ETCDIR%%.d/charon/sshkey.conf
+%%ETCDIR%%.d/charon/stroke.conf
+%%ETCDIR%%.d/charon/updown.conf
+%%ETCDIR%%.d/charon/whitelist.conf
+%%ETCDIR%%.d/charon/x509.conf
+%%ETCDIR%%.d/charon/xcbc.conf
+%%ETCDIR%%.d/starter.conf
+lib/ipsec/libcharon.so.0.0.0
+lib/ipsec/libhydra.so.0.0.0
+lib/ipsec/libstrongswan.so.0.0.0
+lib/ipsec/libtls.so.0.0.0
+@dirrmtry %%ETCDIR%%.d/charon
+@dirrmtry %%ETCDIR%%.d
+@dirrmtry share/examples/strongswan/strongswan.d/charon
+@dirrmtry share/examples/strongswan/strongswan.d
+@dirrmtry share/examples/strongswan
+@dirrmtry %%DATADIR%%/templates/config/strongswan.d
+@dirrmtry %%DATADIR%%/templates/config/plugins
+@dirrmtry %%DATADIR%%/templates/config
+%%SQL%%@dirrmtry %%DATADIR%%/templates/database/sql
+%%SQL%%@dirrmtry %%DATADIR%%/templates/database
+@dirrmtry %%DATADIR%%/templates
+@dirrmtry %%DATADIR%%
 @dirrm libexec/ipsec
 @dirrm lib/ipsec/plugins
 @dirrm lib/ipsec
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
Comment 7 Kurt Jaeger freebsd_committer 2014-05-15 13:52:16 UTC
State Changed
From-To: feedback->closed

Committed, with minor changes. Thanks!