189132 – security/strongswan Update request to 5.1.3 (CVE 2014-2338)

Bug 189132 - security/strongswan Update request to 5.1.3 (CVE 2014-2338)

Summary: security/strongswan Update request to 5.1.3 (CVE 2014-2338)

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Kurt Jaeger

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-04-30 09:50 UTC by dewayne
Modified:	2014-05-15 13:52 UTC (History)
CC List:	0 users

See Also:

Attachments
strongswan-5.1.3.patch.txt (16.24 KB, text/plain) 2014-05-08 07:01 UTC, Francois ten Krooden	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description dewayne 2014-04-30 09:50:02 UTC

Strongswan has quite a few useful changes from 5.1.1 to 5.1.3, please refer: 
http://wiki.strongswan.org/projects/strongswan/wiki/Changelog51

strongswan 5.1.3 was released 14th April 2014 and addresses CVE 2014-2338, unfortunately portaudit as of Wed Apr 30 08:31:59 UTC 2014 did not include this vulnerability.

Details of CVE at:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2338

After changing only the Makefile's to
PORTVERSION=    5.1.3
I've tested 5.1.3 compilation on a 9.2Stable system (using gcc & pkg_*).  Compiles and builds a package cleanly but I haven't tested its function yet.

Comment 1 Edwin Groothuis freebsd_committer

2014-04-30 09:50:09 UTC

State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)

Comment 2 Edwin Groothuis freebsd_committer

2014-04-30 09:50:09 UTC

Maintainer of security/strongswan,

Please note that PR ports/189132 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/189132

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org

Comment 3 Francois ten Krooden 2014-05-08 07:01:02 UTC

Number: 189132
Category:       ports
Synopsis:       security/strongswan Update request to 5.1.3 (CVE 2014-2338)
Severity:       non-critical
Priority:       low
Responsible:    freebsd-ports-bugs
State:  feedback
Class:  maintainer-update

Hi

I created a patch attached to the e-mail to update the strongswan port to 5.1.3 that addresses CVE 2014-2338 (Was added to port audit on 4 May 2014)
The update also resolves issues with http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/186865
And http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/186867

The update was tested on FreeBSD 10.0 and FreeBSD 9.2

Description for update:
 - Update strongSwan port to 5.1.3 to resolve CVE 2014-2338
 -  Fixed rcvar issue with FreeBSD 10 (ports/186865)
 - Added building of additional tools included in strongswan (ports/186867)


Kind Regards

Francois ten Krooden
Senior Software Developer

Nanoteq
Tel: +27 12 672 7000
Fax: +27 12 665 1343
Postal: P.O. Box 7991, Centurion, 0046
Physical: 1 Pieter street, Highveld Park, Centurion



Important Notice:

This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail legal notice available at:
http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx

Comment 4 Dewayne 2014-05-13 00:04:02 UTC

Thank-you Francois, your support of this port is greatly appreciated.
 
I can confirm strongwan 5.1.3 functions correctly between:
a) 9.2Stable and nat'ed Window7 clients, and
b) multiple 9.2Stable servers using eap-tls.

I've also added -enable-padlock to the Makefile as our internet facing
firewalls use padlock CPUs.

Kind regards, Dewayne

Comment 5 Kurt Jaeger freebsd_committer

2014-05-15 09:37:51 UTC

Responsible Changed
From-To: freebsd-ports-bugs->pi

Testing @work

Comment 6 dfilter service freebsd_committer

2014-05-15 13:47:25 UTC

Author: pi
Date: Thu May 15 12:47:20 2014
New Revision: 354114
URL: http://svnweb.freebsd.org/changeset/ports/354114
QAT: https://qat.redports.org/buildarchive/r354114/

Log:
  security/strongswan: update 5.1.1 -> 5.1.3 with security update
  
  - Update strongSwan port to 5.1.3 to resolve CVE 2014-2338
  - Fixed rcvar issue with FreeBSD 10 (ports/186865)
  - Added building of additional tools included in strongswan (ports/186867)
  - libtool fix
  - pkg-plist updated
  
  PR:             ports/189132, ports/186865, ports/186867
  Submitted by:   Robert Sevat, Dewayne Geraghty, Francois ten Krooden (maintainer)
  Approved by:    jadawin (mentor)

Modified:
  head/security/strongswan/Makefile
  head/security/strongswan/distinfo
  head/security/strongswan/files/strongswan.in
  head/security/strongswan/pkg-plist

Modified: head/security/strongswan/Makefile
==============================================================================
--- head/security/strongswan/Makefile	Thu May 15 12:41:58 2014	(r354113)
+++ head/security/strongswan/Makefile	Thu May 15 12:47:20 2014	(r354114)
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	strongswan
-PORTVERSION=	5.1.1
-PORTREVISION=	1
+PORTVERSION=	5.1.3
 CATEGORIES=	security
 MASTER_SITES=	http://download.strongswan.org/ \
 		http://download2.strongswan.org/
@@ -13,9 +12,8 @@ COMMENT=	Open Source IKEv2 IPsec-based V
 
 LIB_DEPENDS=	libexecinfo.so:${PORTSDIR}/devel/libexecinfo
 
-USE_BZIP2=	yes
+USES=		libtool:keepla tar:bzip2
 USE_OPENSSL=	yes
-USE_AUTOTOOLS=	libtool
 USE_RC_SUBR=	strongswan
 GNU_CONFIGURE=	yes
 USE_LDCONFIG=	yes
@@ -23,7 +21,6 @@ USE_LDCONFIG=	yes
 CONFIGURE_ARGS=	--enable-kernel-pfkey \
 		--enable-kernel-pfroute  \
 		--disable-kernel-netlink  \
-		--disable-tools  \
 		--disable-scripts  \
 		--disable-gmp \
 		--enable-openssl \
@@ -43,7 +40,7 @@ CONFIGURE_ARGS=	--enable-kernel-pfkey \
 
 OPTIONS_DEFINE=	CURL EAPAKA3GPP2 EAPDYNAMIC EAPRADIUS EAPSIMFILE IKEv1 \
 		IPSECKEY KERNELLIBIPSEC LOADTESTER LDAP MYSQL SQLITE \
-		TESTVECTOR UNBOUND XAUTH
+		TESTVECTOR TOOLS UNBOUND XAUTH
 OPTIONS_SUB=	yes
 CURL_DESC=	Enable CURL to fetch CRL/OCSP
 EAPAKA3GPP2_DESC=	Enable EAP AKA with 3gpp2 backend
@@ -55,6 +52,7 @@ IPSECKEY_DESC=	Enable authentication wit
 KERNELLIBIPSEC_DESC=	Enable IPSec userland backend
 LOADTESTER_DESC=	Enable load testing plugin
 TESTVECTOR_DESC=	Enable crypto test vectors
+TOOLS_DESC=	Enable PKI tools
 UNBOUND_DESC=	Enable DNSSEC-enabled resolver
 XAUTH_DESC=	Enable XAuth password verification
 
@@ -77,6 +75,7 @@ MYSQL_USE=		USE_MYSQL=yes
 SQLITE_CONFIGURE_ON=	--enable-sqlite
 SQLITE_LIB_DEPENDS=	libsqlite3.so:${PORTSDIR}/databases/sqlite3
 TESTVECTOR_CONFIGURE_ON=--enable-test-vectors
+TOOLS_CONFIGURE_OFF=	--disable-tools
 UNBOUND_CONFIGURE_ON=	--enable-unbound
 UNBOUND_LIB_DEPENDS=	libunbound.so:${PORTSDIR}/dns/unbound
 XAUTH_CONFIGURE_ON=	--enable-xauth-eap --enable-xauth-generic
@@ -89,6 +88,12 @@ PLIST_SUB+=	SIMAKA=""
 PLIST_SUB+=	SIMAKA="@comment "
 .endif
 
+.if ${PORT_OPTIONS:MEAPDYNAMIC} || ${PORT_OPTIONS:MEAPAKA3GPP2}
+PLIST_SUB+=	DYNAKA=""
+.else
+PLIST_SUB+=	DYNAKA="@comment "
+.endif
+
 .if ${PORT_OPTIONS:MMYSQL} || ${PORT_OPTIONS:MSQLITE}
 CONFIGURE_ARGS+=	--enable-attr-sql --enable-sql
 PLIST_SUB+=	SQL=""
@@ -96,9 +101,26 @@ PLIST_SUB+=	SQL=""
 PLIST_SUB+=	SQL="@comment "
 .endif
 
+.if ${PORT_OPTIONS:MIKEv1} || ${PORT_OPTIONS:MXAUTH}
+PLIST_SUB+=	XAUTHGEN=""
+.else
+PLIST_SUB+=	XAUTHGEN="@comment "
+.endif
+
 post-install:
 	${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
+	${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/strongswan.d
+	${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/strongswan.d/charon
 	${INSTALL_DATA} ${STAGEDIR}${PREFIX}/etc/strongswan.conf ${STAGEDIR}${EXAMPLESDIR}
 	${INSTALL_DATA} ${STAGEDIR}${PREFIX}/etc/ipsec.conf ${STAGEDIR}${EXAMPLESDIR}
+	${INSTALL_DATA} ${STAGEDIR}${PREFIX}/etc/strongswan.d/*.* ${STAGEDIR}${EXAMPLESDIR}/strongswan.d
+	${INSTALL_DATA} ${STAGEDIR}${PREFIX}/etc/strongswan.d/charon/*.* ${STAGEDIR}${EXAMPLESDIR}/strongswan.d/charon
+.for i in strongswan hydra tls charon
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/ipsec/lib${i}.so.0.0.0
+.endfor
+.for i in aes des blowfish rc2 md4 md5 sha1 sha2 random nonce hmac cmac xcbc x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf attr kernel-pfkey kernel-pfroute resolve socket-default stroke updown eap-identity eap-md5 eap-mschapv2 eap-tls eap-ttls eap-peap whitelist addrblock
+	${STRIP_CMD} \
+		${STAGEDIR}${PREFIX}/lib/ipsec/plugins/libstrongswan-${i}.so
+.endfor
 
 .include <bsd.port.mk>

Modified: head/security/strongswan/distinfo
==============================================================================
--- head/security/strongswan/distinfo	Thu May 15 12:41:58 2014	(r354113)
+++ head/security/strongswan/distinfo	Thu May 15 12:47:20 2014	(r354114)
@@ -1,2 +1,2 @@
-SHA256 (strongswan-5.1.1.tar.bz2) = fbf2a668221fc4a36a34bdeac2dfeda25b96f572d551df022585177953622406
-SIZE (strongswan-5.1.1.tar.bz2) = 3673200
+SHA256 (strongswan-5.1.3.tar.bz2) = 84e46d5ce801e1b874e2bfba8d21dbd78b432e23b7fb1f4f2d637359e7a183a8
+SIZE (strongswan-5.1.3.tar.bz2) = 3807212

Modified: head/security/strongswan/files/strongswan.in
==============================================================================
--- head/security/strongswan/files/strongswan.in	Thu May 15 12:41:58 2014	(r354113)
+++ head/security/strongswan/files/strongswan.in	Thu May 15 12:47:20 2014	(r354114)
@@ -11,7 +11,7 @@ command="%%PREFIX%%/sbin/ipsec"
 . /etc/rc.subr
 
 name="strongswan"
-rcvar=`set_rcvar`
+rcvar=${name}_enable
 extra_commands="reload statusall"
 
 load_rc_config $name

Modified: head/security/strongswan/pkg-plist
==============================================================================
--- head/security/strongswan/pkg-plist	Thu May 15 12:41:58 2014	(r354113)
+++ head/security/strongswan/pkg-plist	Thu May 15 12:47:20 2014	(r354114)
@@ -151,6 +151,97 @@ sbin/ipsec
 sbin/charon-cmd
 share/examples/strongswan/ipsec.conf
 share/examples/strongswan/strongswan.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon-logging.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/addrblock.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/aes.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/attr.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/blowfish.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/cmac.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/constraints.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/des.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/dnskey.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-identity.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-md5.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-mschapv2.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-peap.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-tls.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-ttls.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/fips-prf.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/hmac.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/kernel-pfkey.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/kernel-pfroute.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/md4.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/md5.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/nonce.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/openssl.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pem.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pgp.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pkcs1.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pkcs12.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pkcs7.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pkcs8.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/pubkey.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/random.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/rc2.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/resolve.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/revocation.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sha1.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sha2.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/socket-default.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sshkey.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/stroke.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/updown.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/whitelist.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/x509.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/xcbc.conf
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/starter.conf
+%%DATADIR%%/templates/config/plugins/addrblock.conf
+%%DATADIR%%/templates/config/plugins/aes.conf
+%%DATADIR%%/templates/config/plugins/attr.conf
+%%DATADIR%%/templates/config/plugins/blowfish.conf
+%%DATADIR%%/templates/config/plugins/cmac.conf
+%%DATADIR%%/templates/config/plugins/constraints.conf
+%%DATADIR%%/templates/config/plugins/des.conf
+%%DATADIR%%/templates/config/plugins/dnskey.conf
+%%DATADIR%%/templates/config/plugins/eap-identity.conf
+%%DATADIR%%/templates/config/plugins/eap-md5.conf
+%%DATADIR%%/templates/config/plugins/eap-mschapv2.conf
+%%DATADIR%%/templates/config/plugins/eap-peap.conf
+%%DATADIR%%/templates/config/plugins/eap-tls.conf
+%%DATADIR%%/templates/config/plugins/eap-ttls.conf
+%%DATADIR%%/templates/config/plugins/fips-prf.conf
+%%DATADIR%%/templates/config/plugins/hmac.conf
+%%DATADIR%%/templates/config/plugins/kernel-pfkey.conf
+%%DATADIR%%/templates/config/plugins/kernel-pfroute.conf
+%%DATADIR%%/templates/config/plugins/md4.conf
+%%DATADIR%%/templates/config/plugins/md5.conf
+%%DATADIR%%/templates/config/plugins/nonce.conf
+%%DATADIR%%/templates/config/plugins/openssl.conf
+%%DATADIR%%/templates/config/plugins/pem.conf
+%%DATADIR%%/templates/config/plugins/pgp.conf
+%%DATADIR%%/templates/config/plugins/pkcs1.conf
+%%DATADIR%%/templates/config/plugins/pkcs12.conf
+%%DATADIR%%/templates/config/plugins/pkcs7.conf
+%%DATADIR%%/templates/config/plugins/pkcs8.conf
+%%DATADIR%%/templates/config/plugins/pubkey.conf
+%%DATADIR%%/templates/config/plugins/random.conf
+%%DATADIR%%/templates/config/plugins/rc2.conf
+%%DATADIR%%/templates/config/plugins/resolve.conf
+%%DATADIR%%/templates/config/plugins/revocation.conf
+%%DATADIR%%/templates/config/plugins/sha1.conf
+%%DATADIR%%/templates/config/plugins/sha2.conf
+%%DATADIR%%/templates/config/plugins/socket-default.conf
+%%DATADIR%%/templates/config/plugins/sshkey.conf
+%%DATADIR%%/templates/config/plugins/stroke.conf
+%%DATADIR%%/templates/config/plugins/updown.conf
+%%DATADIR%%/templates/config/plugins/whitelist.conf
+%%DATADIR%%/templates/config/plugins/x509.conf
+%%DATADIR%%/templates/config/plugins/xcbc.conf
+%%DATADIR%%/templates/config/strongswan.conf
+%%DATADIR%%/templates/config/strongswan.d/charon-logging.conf
+%%DATADIR%%/templates/config/strongswan.d/charon.conf
+%%DATADIR%%/templates/config/strongswan.d/starter.conf
 man/man5/strongswan.conf.5.gz
 man/man5/ipsec.conf.5.gz
 man/man5/ipsec.secrets.5.gz
@@ -175,27 +266,45 @@ man/man8/_updown_espmark.8.gz
 %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.a
 %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.la
 %%EAPAKA3GPP2%%lib/ipsec/plugins/libstrongswan-gmp.so
+%%EAPAKA3GPP2%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-aka-3gpp2.conf
+%%EAPAKA3GPP2%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-aka.conf
+%%EAPAKA3GPP2%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/gmp.conf
+%%EAPAKA3GPP2%%%%DATADIR%%/templates/config/plugins/eap-aka-3gpp2.conf
+%%EAPAKA3GPP2%%%%DATADIR%%/templates/config/plugins/eap-aka.conf
+%%DYNAKA%%%%DATADIR%%/templates/config/plugins/gmp.conf
 %%EAPDYNAMIC%%lib/ipsec/plugins/libstrongswan-eap-dynamic.a
 %%EAPDYNAMIC%%lib/ipsec/plugins/libstrongswan-eap-dynamic.la
 %%EAPDYNAMIC%%lib/ipsec/plugins/libstrongswan-eap-dynamic.so
+%%EAPDYNAMIC%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-dynamic.conf
+%%EAPDYNAMIC%%%%DATADIR%%/templates/config/plugins/eap-dynamic.conf
 %%EAPRADIUS%%lib/ipsec/plugins/libstrongswan-eap-radius.a
 %%EAPRADIUS%%lib/ipsec/plugins/libstrongswan-eap-radius.la
 %%EAPRADIUS%%lib/ipsec/plugins/libstrongswan-eap-radius.so
+%%EAPRADIUS%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-radius.conf
+%%EAPRADIUS%%%%DATADIR%%/templates/config/plugins/eap-radius.conf
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.a
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.la
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim.so
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim-file.a
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim-file.la
 %%EAPSIMFILE%%lib/ipsec/plugins/libstrongswan-eap-sim-file.so
+%%EAPSIMFILE%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-sim-file.conf
+%%EAPSIMFILE%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/eap-sim.conf
+%%EAPSIMFILE%%%%DATADIR%%/templates/config/plugins/eap-sim-file.conf
+%%EAPSIMFILE%%%%DATADIR%%/templates/config/plugins/eap-sim.conf
 %%CURL%%lib/ipsec/plugins/libstrongswan-curl.a
 %%CURL%%lib/ipsec/plugins/libstrongswan-curl.la
 %%CURL%%lib/ipsec/plugins/libstrongswan-curl.so
+%%CURL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/curl.conf
+%%CURL%%%%DATADIR%%/templates/config/plugins/curl.conf
 %%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.a
 %%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.la
 %%IKEv1%%lib/ipsec/plugins/libstrongswan-xauth-generic.so
 %%IPSECKEY%%lib/ipsec/plugins/libstrongswan-ipseckey.a
 %%IPSECKEY%%lib/ipsec/plugins/libstrongswan-ipseckey.la
 %%IPSECKEY%%lib/ipsec/plugins/libstrongswan-ipseckey.so
+%%IPSECKEY%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/ipseckey.conf
+%%IPSECKEY%%%%DATADIR%%/templates/config/plugins/ipseckey.conf
 %%KERNELLIBIPSEC%%lib/ipsec/libipsec.a
 %%KERNELLIBIPSEC%%lib/ipsec/libipsec.la
 %%KERNELLIBIPSEC%%lib/ipsec/libipsec.so
@@ -203,36 +312,141 @@ man/man8/_updown_espmark.8.gz
 %%KERNELLIBIPSEC%%lib/ipsec/plugins/libstrongswan-kernel-libipsec.a
 %%KERNELLIBIPSEC%%lib/ipsec/plugins/libstrongswan-kernel-libipsec.la
 %%KERNELLIBIPSEC%%lib/ipsec/plugins/libstrongswan-kernel-libipsec.so
+%%KERNELLIBIPSEC%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/kernel-libipsec.conf
+%%KERNELLIBIPSEC%%%%DATADIR%%/templates/config/plugins/kernel-libipsec.conf
 %%LOADTESTER%%lib/ipsec/plugins/libstrongswan-load-tester.a
 %%LOADTESTER%%lib/ipsec/plugins/libstrongswan-load-tester.la
 %%LOADTESTER%%lib/ipsec/plugins/libstrongswan-load-tester.so
 %%LOADTESTER%%libexec/ipsec/load-tester
+%%LOADTESTER%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/load-tester.conf
+%%LOADTESTER%%%%DATADIR%%/templates/config/plugins/load-tester.conf
 %%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.a
 %%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.la
 %%LDAP%%lib/ipsec/plugins/libstrongswan-ldap.so
+%%LDAP%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/ldap.conf
+%%LDAP%%%%DATADIR%%/templates/config/plugins/ldap.conf
 %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.a
 %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.la
 %%MYSQL%%lib/ipsec/plugins/libstrongswan-mysql.so
+%%MYSQL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/mysql.conf
+%%MYSQL%%%%DATADIR%%/templates/config/plugins/mysql.conf
 %%SQL%%lib/ipsec/plugins/libstrongswan-attr-sql.a
 %%SQL%%lib/ipsec/plugins/libstrongswan-attr-sql.la
 %%SQL%%lib/ipsec/plugins/libstrongswan-attr-sql.so
+%%SQL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/attr-sql.conf
+%%SQL%%%%DATADIR%%/templates/config/plugins/attr-sql.conf
 %%SQL%%lib/ipsec/plugins/libstrongswan-sql.a
 %%SQL%%lib/ipsec/plugins/libstrongswan-sql.la
 %%SQL%%lib/ipsec/plugins/libstrongswan-sql.so
+%%SQL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sql.conf
+%%SQL%%%%DATADIR%%/templates/config/plugins/sql.conf
 %%SQL%%libexec/ipsec/pool
+%%SQL%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/pool.conf
+%%SQL%%%%DATADIR%%/templates/config/strongswan.d/pool.conf
+%%SQL%%%%DATADIR%%/templates/database/sql/mysql.sql
+%%SQL%%%%DATADIR%%/templates/database/sql/sqlite.sql
 %%SQLITE%%lib/ipsec/plugins/libstrongswan-sqlite.a
 %%SQLITE%%lib/ipsec/plugins/libstrongswan-sqlite.la
 %%SQLITE%%lib/ipsec/plugins/libstrongswan-sqlite.so
+%%SQLITE%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/sqlite.conf
+%%SQLITE%%%%DATADIR%%/templates/config/plugins/sqlite.conf
 %%TESTVECTOR%%lib/ipsec/plugins/libstrongswan-test-vectors.a
 %%TESTVECTOR%%lib/ipsec/plugins/libstrongswan-test-vectors.la
 %%TESTVECTOR%%lib/ipsec/plugins/libstrongswan-test-vectors.so
+%%TESTVECTOR%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/test-vectors.conf
+%%TESTVECTOR%%%%DATADIR%%/templates/config/plugins/test-vectors.conf
+%%TOOLS%%bin/pki
+%%TOOLS%%libexec/ipsec/scepclient
+%%TOOLS%%man/man1/pki---acert.1.gz
+%%TOOLS%%man/man1/pki---gen.1.gz
+%%TOOLS%%man/man1/pki---issue.1.gz
+%%TOOLS%%man/man1/pki---keyid.1.gz
+%%TOOLS%%man/man1/pki---pkcs7.1.gz
+%%TOOLS%%man/man1/pki---print.1.gz
+%%TOOLS%%man/man1/pki---pub.1.gz
+%%TOOLS%%man/man1/pki---req.1.gz
+%%TOOLS%%man/man1/pki---self.1.gz
+%%TOOLS%%man/man1/pki---signcrl.1.gz
+%%TOOLS%%man/man1/pki---verify.1.gz
+%%TOOLS%%man/man1/pki.1.gz
+%%TOOLS%%man/man8/scepclient.8.gz
+%%TOOLS%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/tools.conf
+%%TOOLS%%%%DATADIR%%/templates/config/strongswan.d/tools.conf
 %%UNBOUND%%lib/ipsec/plugins/libstrongswan-unbound.a
 %%UNBOUND%%lib/ipsec/plugins/libstrongswan-unbound.la
 %%UNBOUND%%lib/ipsec/plugins/libstrongswan-unbound.so
+%%UNBOUND%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/unbound.conf
+%%UNBOUND%%%%DATADIR%%/templates/config/plugins/unbound.conf
 %%XAUTH%%lib/ipsec/plugins/libstrongswan-xauth-eap.a
 %%XAUTH%%lib/ipsec/plugins/libstrongswan-xauth-eap.la
 %%XAUTH%%lib/ipsec/plugins/libstrongswan-xauth-eap.so
-@dirrm share/examples/strongswan
+%%XAUTH%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/xauth-eap.conf
+%%XAUTH%%%%DATADIR%%/templates/config/plugins/xauth-eap.conf
+%%XAUTHGEN%%%%PORTEXAMPLES%%%%EXAMPLESDIR%%/strongswan.d/charon/xauth-generic.conf
+%%XAUTHGEN%%%%DATADIR%%/templates/config/plugins/xauth-generic.conf
+etc/ipsec.conf
+%%ETCDIR%%.conf
+%%ETCDIR%%.d/charon-logging.conf
+%%ETCDIR%%.d/charon.conf
+%%ETCDIR%%.d/charon/addrblock.conf
+%%ETCDIR%%.d/charon/aes.conf
+%%ETCDIR%%.d/charon/attr.conf
+%%ETCDIR%%.d/charon/blowfish.conf
+%%ETCDIR%%.d/charon/cmac.conf
+%%ETCDIR%%.d/charon/constraints.conf
+%%ETCDIR%%.d/charon/des.conf
+%%ETCDIR%%.d/charon/dnskey.conf
+%%ETCDIR%%.d/charon/eap-identity.conf
+%%ETCDIR%%.d/charon/eap-md5.conf
+%%ETCDIR%%.d/charon/eap-mschapv2.conf
+%%ETCDIR%%.d/charon/eap-peap.conf
+%%ETCDIR%%.d/charon/eap-tls.conf
+%%ETCDIR%%.d/charon/eap-ttls.conf
+%%ETCDIR%%.d/charon/fips-prf.conf
+%%ETCDIR%%.d/charon/hmac.conf
+%%ETCDIR%%.d/charon/kernel-pfkey.conf
+%%ETCDIR%%.d/charon/kernel-pfroute.conf
+%%ETCDIR%%.d/charon/md4.conf
+%%ETCDIR%%.d/charon/md5.conf
+%%ETCDIR%%.d/charon/nonce.conf
+%%ETCDIR%%.d/charon/openssl.conf
+%%ETCDIR%%.d/charon/pem.conf
+%%ETCDIR%%.d/charon/pgp.conf
+%%ETCDIR%%.d/charon/pkcs1.conf
+%%ETCDIR%%.d/charon/pkcs12.conf
+%%ETCDIR%%.d/charon/pkcs7.conf
+%%ETCDIR%%.d/charon/pkcs8.conf
+%%ETCDIR%%.d/charon/pubkey.conf
+%%ETCDIR%%.d/charon/random.conf
+%%ETCDIR%%.d/charon/rc2.conf
+%%ETCDIR%%.d/charon/resolve.conf
+%%ETCDIR%%.d/charon/revocation.conf
+%%ETCDIR%%.d/charon/sha1.conf
+%%ETCDIR%%.d/charon/sha2.conf
+%%ETCDIR%%.d/charon/socket-default.conf
+%%ETCDIR%%.d/charon/sshkey.conf
+%%ETCDIR%%.d/charon/stroke.conf
+%%ETCDIR%%.d/charon/updown.conf
+%%ETCDIR%%.d/charon/whitelist.conf
+%%ETCDIR%%.d/charon/x509.conf
+%%ETCDIR%%.d/charon/xcbc.conf
+%%ETCDIR%%.d/starter.conf
+lib/ipsec/libcharon.so.0.0.0
+lib/ipsec/libhydra.so.0.0.0
+lib/ipsec/libstrongswan.so.0.0.0
+lib/ipsec/libtls.so.0.0.0
+@dirrmtry %%ETCDIR%%.d/charon
+@dirrmtry %%ETCDIR%%.d
+@dirrmtry share/examples/strongswan/strongswan.d/charon
+@dirrmtry share/examples/strongswan/strongswan.d
+@dirrmtry share/examples/strongswan
+@dirrmtry %%DATADIR%%/templates/config/strongswan.d
+@dirrmtry %%DATADIR%%/templates/config/plugins
+@dirrmtry %%DATADIR%%/templates/config
+%%SQL%%@dirrmtry %%DATADIR%%/templates/database/sql
+%%SQL%%@dirrmtry %%DATADIR%%/templates/database
+@dirrmtry %%DATADIR%%/templates
+@dirrmtry %%DATADIR%%
 @dirrm libexec/ipsec
 @dirrm lib/ipsec/plugins
 @dirrm lib/ipsec
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"

Comment 7 Kurt Jaeger freebsd_committer

2014-05-15 13:52:16 UTC

State Changed
From-To: feedback->closed

Committed, with minor changes. Thanks!