Add vpnd 1.1.0, a VPN daemon offering transparent blowfish encryption

between networks.

PR:		26067
Submitted by:	Anders Nordby <anders@fix.no>

security/Makefile

@@ -156,6 +156,7 @@
     SUBDIR += tripwire-131
     SUBDIR += uvscan-dat
     SUBDIR += vlock
+    SUBDIR += vpnd
     SUBDIR += vscan
     SUBDIR += whisker
     SUBDIR += xinetd

security/vpnd/Makefile

@@ -0,0 +1,46 @@
+# New ports collection makefile for:	vpnd
+# Date created:		25 March 2001
+# Whom:			Anders Nordby <anders@fix.no>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	vpnd
+PORTVERSION=	1.1.0
+CATEGORIES=	security
+MASTER_SITES=	http://sunsite.dk/vpnd/archive/ \
+		http://www.freenix.no/~anders/
+
+MAINTAINER=	anders@fix.no
+
+WRKSRC=		${WRKDIR}/${PORTNAME}
+HAS_CONFIGURE=	yes
+
+DOCFILES=	README FAQ.TXT SPEED.TXT VERSIONS
+
+post-patch:
+	@${MV} ${WRKSRC}/Makefile.FreeBSD.in ${WRKSRC}/Makefile.FreeBSD.in_tmp
+	@${SED} -e "s:^ETC_DIR=:ETC_DIR=	${PREFIX}/etc:" \
+	< ${WRKSRC}/Makefile.FreeBSD.in_tmp > ${WRKSRC}/Makefile.FreeBSD.in
+
+pre-configure:
+	${PERL} -pi.orig -e "s@-O3@${CFLAGS}@g; s@gcc@${CC}@g" ${WRKSRC}/configure
+
+do-install:
+	@${INSTALL_PROGRAM} ${WRKSRC}/vpnd ${PREFIX}/sbin/vpnd
+	@${INSTALL_DATA} ${WRKSRC}/vpnd.conf ${PREFIX}/etc/vpnd.conf.sample
+	@${INSTALL_DATA} ${WRKSRC}/vpnd.chat ${PREFIX}/etc/vpnd.chat.sample
+.if !defined(NOPORTDOCS)
+	${INSTALL} -d -m 555 ${PREFIX}/share/doc/vpnd
+.for i in ${DOCFILES}
+	@${INSTALL_DATA} ${WRKSRC}/${i} ${PREFIX}/share/doc/vpnd
+.endfor
+.endif
+
+post-install:
+	@${ECHO} "================================================================================"
+	@${ECHO} "Make sure you set up a few IRQ's for random generation with rndcontrol before"
+	@${ECHO} "trying to generate a master key file."
+	@${ECHO} "================================================================================"
+
+.include <bsd.port.mk>

security/vpnd/distinfo

@@ -0,0 +1 @@
+MD5 (vpnd-1.1.0.tar.gz) = 6ca958fb5471faf3ebebe4caa75154e7

security/vpnd/files/patch-Makefile.FreeBSD.in

@@ -0,0 +1,13 @@
+--- Makefile.FreeBSD.in.orig	Fri Nov 19 17:50:24 1999
++++ Makefile.FreeBSD.in	Sun Mar 25 01:39:56 2001
+@@ -5,7 +5,9 @@
+ CRYPTOFLG=
+ .endif
+ 
+-CFLAGS=-c $(CBASE) $(DEBUG) $(CRYPTOFLG) -DMD5_HMAC_FAST -DSHA1_HMAC_FAST -DRMD160_HMAC_FAST
++ETC_DIR=
++
++CFLAGS=-c $(CBASE) $(DEBUG) $(CRYPTOFLG) -DMD5_HMAC_FAST -DSHA1_HMAC_FAST -DRMD160_HMAC_FAST -DETC_DIR=\"$(ETC_DIR)\"
+ 
+ OBJS1=vpnd.o globals.o parse.o slip.o route.o chatter.o serial.o die.o \
+       signal.o tcp.o external.o syslog.o sequencer.o icmp.o rxtx.o crypto.o \

security/vpnd/files/patch-README

@@ -0,0 +1,12 @@
+--- README.old	Sun Mar 25 03:05:42 2001
++++ README	Sun Mar 25 03:06:04 2001
+@@ -370,8 +370,8 @@
+ ========
+ 
+ Copy vpnd (and randomd if it is required) to any directory you like.
+-Copy vpnd.conf and vpnd.chat to /etc or copy those files to any other 
+-directory when you use the -f option of vpnd (see later). Note that
++Copy vpnd.conf and vpnd.chat to /usr/local/etc or copy those files to any
++other directory when you use the -f option of vpnd (see later). Note that
+ vpnd.conf and vpnd.chat must be at least mode 644 and be owned by
+ root:root.

security/vpnd/files/patch-globals.c

@@ -0,0 +1,14 @@
+--- globals.c.old	Sun Mar 25 01:19:51 2001
++++ globals.c	Sun Mar 25 01:20:58 2001
+@@ -69,9 +69,9 @@
+ 	anchor->pty=anchor->tty=anchor->peer=anchor->server=anchor->ping=
+ 		anchor->serial=anchor->lock=-1;
+ 	anchor->speed=B115200;
+-	anchor->conffile="/etc/vpnd.conf";
++	anchor->conffile=ETC_DIR "/vpnd.conf";
+ 	anchor->randomdev="/dev/random";
+-	anchor->keyfile="/etc/vpnd.key";
++	anchor->keyfile=ETC_DIR "/vpnd.key";
+ 	anchor->lkeyfile="vpnd.lcl.key";
+ 	anchor->rkeyfile="vpnd.rmt.key";
+ 	anchor->cipher=BLOWFISH;

security/vpnd/files/patch-vpnd.c

@@ -0,0 +1,21 @@
+--- vpnd.c.old	Sun Mar 25 01:58:06 2001
++++ vpnd.c	Sun Mar 25 03:02:26 2001
+@@ -41,7 +41,8 @@
+ 	       "       vpnd -c <extended-master-key-file>\n" \
+ 	       USAGE1 \
+ 	       "    -h prints this info\n" \
+-	       "    -m creates master key file (default is /etc/vpnd.key),\n" \
++	       "    -m creates master key file (default is " ETC_DIR \
++	       "/vpnd.key),\n" \
+ 	       "       note that the file must not yet exist\n" \
+ 	       "    -x creates extended master key files named vpnd.lcl.key\n" \
+ 	       "       and vpnd.rmt.key in the given directory,\n" \
+@@ -65,7 +66,7 @@
+                "    -l allow dns lookups so host names can be used\n" \
+ 	       "    -n do not become daemon\n" \
+ 	       "    -t do modem init chat test\n" \
+-	       "    -f use configfile instead of /etc/vpnd.conf\n" \
++	       "    -f use configfile instead of " ETC_DIR "/vpnd.conf\n" \
+ 	       COMPRESSINFO
+ 
+ /*

security/vpnd/files/patch-vpnd.conf

@@ -0,0 +1,56 @@
+--- vpnd.conf.old	Sun Mar 25 03:04:06 2001
++++ vpnd.conf	Sun Mar 25 03:04:43 2001
+@@ -121,7 +121,7 @@
+ # which is called asynchonously when the vpn
+ # link is established
+ #
+-# example: linkup /etc/vpnd.linkup
++# example: linkup /usr/local/etc/vpnd.linkup
+ #
+ # linkdown <process-pathname>
+ #
+@@ -129,7 +129,7 @@
+ # which is called asynchonously when the vpn
+ # link is terminated
+ #
+-# example: linkdown /etc/vpnd.linkdown
++# example: linkdown /usr/local/etc/vpnd.linkdown
+ #
+ # ---------------------------------------------------
+ # basic operation mode
+@@ -170,7 +170,7 @@
+ #
+ # optional, defines the pathname of the shared secret file which
+ # must be created with the -m option of vpnd, if not given default
+-# of /etc/vpnd.key is used
++# of /usr/local/etc/vpnd.key is used
+ #
+ # example: keyfile /var/adm/mysecret.key
+ #
+@@ -285,7 +285,7 @@
+ # interface is established, the SLIP interface
+ # name is the parameter for the process
+ #
+-# example: slipup /etc/vpnd.slipup
++# example: slipup /usr/local/etc/vpnd.slipup
+ #
+ # slipdown <process-pathname>
+ #
+@@ -294,7 +294,7 @@
+ # link is terminated, the SLIP interface
+ # name is the parameter for the process
+ #
+-# example: slipdown /etc/vpnd.slipdown
++# example: slipdown /usr/local/etc/vpnd.slipdown
+ #
+ #
+ # ---------------------------------------------------
+@@ -334,7 +334,7 @@
+ # optional, pathname of file containing modem initialization
+ # chat sequence, default is not to perform init chat
+ #
+-# example: modemchat /etc/vpnd.chat
++# example: modemchat /usr/local/etc/vpnd.chat
+ #
+ # ---------------------------------------------------
+ # TCP/IP parameters (available with version 1.0.2)

security/vpnd/pkg-comment

@@ -0,0 +1 @@
+VPN daemon offering transparent blowfish encryption between networks

security/vpnd/pkg-descr

@@ -0,0 +1,11 @@
+The virtual private network daemon vpnd is a daemon which connects two networks
+on network level either via TCP/IP or a (virtual) leased line attached to a
+serial interface. All data transfered between the two networks are encrypted
+using the unpatented free Blowfish encryption algorithm.
+
+vpnd is not intended as a replacement of existing secured communications
+software like ssh or tunneling facilities of the operating system. It is,
+however, intended as a means of securing transparent network interconnection
+across potentially insecure channels.
+
+WWW: http://sunsite.dk/vpnd/

security/vpnd/pkg-plist

@@ -0,0 +1,8 @@
+sbin/vpnd
+etc/vpnd.conf.sample
+etc/vpnd.chat.sample
+share/doc/vpnd/README
+share/doc/vpnd/FAQ.TXT
+share/doc/vpnd/SPEED.TXT
+share/doc/vpnd/VERSIONS
+@dirrm share/doc/vpnd