mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-20 20:09:11 +00:00
- Update to a new snapshot from the OpenBSD 2.6 branch dated 20041207
which, among many other things, fixes the know security vulnerabilities. - Remove some notes about tracking NetBSD, since the port does not do that anymore. - Remove out-of-date information from pkg-descr. - Take maintainership. Approved by: nectar
This commit is contained in:
parent
89c9480609
commit
ebd97bd79d
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=123999
@ -4,20 +4,14 @@
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
# NOTE: See NetBSD's /usr/pkgsrc/security/isakmpd if this package
|
||||
# should be updated!
|
||||
#
|
||||
|
||||
PORTNAME= isakmpd
|
||||
PORTVERSION= 20030903
|
||||
PORTVERSION= 20041207
|
||||
CATEGORIES= security net
|
||||
MASTER_SITES= ${MASTER_SITE_NETBSD}
|
||||
MASTER_SITE_SUBDIR= .
|
||||
MASTER_SITES= ${MASTER_SITE_LOCAL}
|
||||
MASTER_SITE_SUBDIR= simon
|
||||
|
||||
DEPRECATED= http://vuxml.freebsd.org/b7cb488c-8349-11d8-a41f-0020ed76ef5a.html (security)
|
||||
EXPIRATION_DATE=2004-11-21
|
||||
|
||||
MAINTAINER= ports@FreeBSD.org
|
||||
MAINTAINER= simon@FreeBSD.org
|
||||
COMMENT= OpenBSD IKE daemon
|
||||
|
||||
# this is not compatible with cross build - there's no other way
|
||||
|
@ -1,2 +1,2 @@
|
||||
MD5 (isakmpd-20030903.tar.gz) = 7a692835f7928ae0a1a8f6f2d119b4aa
|
||||
SIZE (isakmpd-20030903.tar.gz) = 358314
|
||||
MD5 (isakmpd-20041207.tar.gz) = 24d8acbe6c0c9d53f3a06adf8a4387e8
|
||||
SIZE (isakmpd-20041207.tar.gz) = 374718
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- Makefile.orig Fri Aug 29 00:43:35 2003
|
||||
+++ Makefile Thu Oct 16 18:54:23 2003
|
||||
--- Makefile.orig Tue Dec 7 21:06:56 2004
|
||||
+++ Makefile Mon Dec 13 12:06:21 2004
|
||||
@@ -38,9 +38,9 @@
|
||||
|
||||
# openbsd means OpenBSD 2.5 or newer. freeswan is the name for Linux with
|
||||
@ -12,16 +12,22 @@
|
||||
#OS= freeswan
|
||||
#OS= bsdi
|
||||
|
||||
@@ -157,6 +157,7 @@
|
||||
USE_LIBDES= yes
|
||||
@@ -133,9 +133,9 @@
|
||||
|
||||
.ifdef USE_KEYNOTE
|
||||
USE_LIBCRYPTO= yes
|
||||
-USE_LIBDES= yes
|
||||
LDADD+= -lkeynote -lm
|
||||
DPADD+= ${LIBKEYNOTE} ${LIBM}
|
||||
+POLICY= policy.c
|
||||
CFLAGS+= -DUSE_KEYNOTE
|
||||
.endif
|
||||
|
||||
@@ -202,4 +203,3 @@
|
||||
@@ -181,7 +181,6 @@
|
||||
${PROG} beforedepend: ${GENERATED}
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
-.include <bsd.subdir.mk>
|
||||
|
||||
debug:
|
||||
(cd ${.CURDIR}; ${MAKE} DEBUG="-g -Werror")
|
||||
|
@ -1,8 +1,6 @@
|
||||
$FreeBSD$
|
||||
|
||||
--- sysdep/freebsd/Makefile.sysdep.orig Thu Aug 29 02:39:36 2002
|
||||
+++ sysdep/freebsd/Makefile.sysdep Sun Aug 24 18:30:45 2003
|
||||
@@ -42,10 +42,10 @@
|
||||
--- sysdep/freebsd/Makefile.sysdep.orig Sat Jun 26 05:40:57 2004
|
||||
+++ sysdep/freebsd/Makefile.sysdep Sun Dec 12 02:47:19 2004
|
||||
@@ -40,11 +40,11 @@
|
||||
LIBSYSDEPDIR= ${.CURDIR}/sysdep/common/libsysdep
|
||||
.endif
|
||||
|
||||
@ -10,12 +8,14 @@ $FreeBSD$
|
||||
+LDADD+= ${LIBSYSDEPDIR}/libsysdep.a -lipsec -L/usr/local/lib
|
||||
DPADD+= ${LIBGMP} ${LIBSYSDEPDIR}/libsysdep.a
|
||||
|
||||
-CFLAGS+= -DHAVE_GETNAMEINFO -DHAVE_GETIFADDRS \
|
||||
+CFLAGS+= -DHAVE_GETNAMEINFO -DHAVE_GETIFADDRS -DHAVE_PCAP \
|
||||
-I${.CURDIR}/sysdep/common -I/usr/include \
|
||||
-CFLAGS+= -DHAVE_GETIFADDRS \
|
||||
- -I${.CURDIR}/sysdep/common -I/usr/include \
|
||||
+CFLAGS+= -DHAVE_GETIFADDRS -DHAVE_PCAP \
|
||||
+ -I${.CURDIR}/sysdep/common -I/usr/include -I/usr/include/openssl \
|
||||
-I/usr/local/include -I/usr/local/include/openssl
|
||||
|
||||
@@ -60,9 +60,6 @@
|
||||
IPSEC_SRCS= pf_key_v2.c
|
||||
@@ -58,9 +58,6 @@
|
||||
GENERATED+= sysdep-target
|
||||
sysdep-target:
|
||||
cd ${.CURDIR}/sysdep/common/libsysdep; ${MAKE} ${.MAKEFLAGS}
|
||||
|
16
security/isakmpd/files/patch-ike_quick_mode.c
Normal file
16
security/isakmpd/files/patch-ike_quick_mode.c
Normal file
@ -0,0 +1,16 @@
|
||||
--- ike_quick_mode.c 2004/08/14 13:29:50 1.86
|
||||
+++ ike_quick_mode.c 2004/09/17 13:53:08 1.87
|
||||
@@ -1739,8 +1739,11 @@
|
||||
"strdup (\"%s\") failed", name);
|
||||
goto cleanup;
|
||||
}
|
||||
- } else if (ignore_policy || strncmp("yes", conf_get_str("General",
|
||||
- "Use-Keynote"), 3)) {
|
||||
+ } else if (
|
||||
+#ifdef USE_POLICY
|
||||
+ ignore_policy ||
|
||||
+#endif
|
||||
+ strncmp("yes", conf_get_str("General", "Use-Keynote"), 3)) {
|
||||
log_print("responder_recv_HASH_SA_NONCE: peer proposed "
|
||||
"invalid phase 2 IDs: %s",
|
||||
(exchange->doi->decode_ids("initiator id %s, responder"
|
11
security/isakmpd/files/patch-isakmpd.c
Normal file
11
security/isakmpd/files/patch-isakmpd.c
Normal file
@ -0,0 +1,11 @@
|
||||
--- isakmpd.c 25 Jun 2004 20:25:34 -0000 1.67
|
||||
+++ isakmpd.c 7 Dec 2004 19:41:01 -0000
|
||||
@@ -386,7 +386,7 @@
|
||||
if (fcntl(n, F_GETFL, 0) == -1 && errno == EBADF)
|
||||
(void) open("/dev/null", n ? O_WRONLY : O_RDONLY, 0);
|
||||
|
||||
- for (n = 1; n < _NSIG; n++)
|
||||
+ for (n = 1; n < NSIG; n++)
|
||||
signal(n, SIG_DFL);
|
||||
|
||||
/* Log cmd line parsing and initialization errors to stderr. */
|
@ -1,25 +1,31 @@
|
||||
--- sa.c.orig Wed Nov 13 04:31:38 2002
|
||||
+++ sa.c Sat Feb 8 12:04:21 2003
|
||||
@@ -440,6 +440,6 @@
|
||||
LOG_DBG ((cls, level, "%s: msgid %08x refcnt %d", header,
|
||||
decode_32 (sa->message_id), sa->refcnt));
|
||||
- LOG_DBG ((cls, level, "%s: life secs %llu kb %llu", header, sa->seconds,
|
||||
--- sa.c.orig Tue Aug 10 17:59:10 2004
|
||||
+++ sa.c Sun Dec 12 02:40:45 2004
|
||||
@@ -427,8 +427,8 @@
|
||||
decode_32(sa->cookies + 8), decode_32(sa->cookies + 12)));
|
||||
LOG_DBG((cls, level, "%s: msgid %08x refcnt %d", header,
|
||||
decode_32(sa->message_id), sa->refcnt));
|
||||
- LOG_DBG((cls, level, "%s: life secs %llu kb %llu", header, sa->seconds,
|
||||
- sa->kilobytes));
|
||||
+ LOG_DBG ((cls, level, "%s: life secs %llu kb %llu", header, (long long unsigned) sa->seconds,
|
||||
+ LOG_DBG((cls, level, "%s: life secs %llu kb %llu", header, (long long unsigned) sa->seconds,
|
||||
+ (long long unsigned) sa->kilobytes));
|
||||
for (proto = TAILQ_FIRST (&sa->protos); proto;
|
||||
proto = TAILQ_NEXT (proto, link))
|
||||
@@ -1040,5 +1040,5 @@
|
||||
LOG_DBG ((LOG_TIMER, 95,
|
||||
"sa_setup_expirations: SA %p soft timeout in %llu seconds",
|
||||
- sa, seconds));
|
||||
+ sa, (long long unsigned) seconds));
|
||||
expiration.tv_sec += seconds;
|
||||
sa->soft_death
|
||||
@@ -1058,5 +1058,5 @@
|
||||
LOG_DBG ((LOG_TIMER, 95,
|
||||
"sa_setup_expirations: SA %p hard timeout in %llu seconds",
|
||||
- sa, sa->seconds));
|
||||
+ sa, (long long unsigned) sa->seconds));
|
||||
expiration.tv_sec += sa->seconds;
|
||||
sa->death
|
||||
for (proto = TAILQ_FIRST(&sa->protos); proto;
|
||||
proto = TAILQ_NEXT(proto, link)) {
|
||||
LOG_DBG((cls, level, "%s: suite %d proto %d", header,
|
||||
@@ -1217,7 +1217,7 @@
|
||||
seconds = sa->seconds * (850 + sysdep_random() % 100) / 1000;
|
||||
LOG_DBG((LOG_TIMER, 95,
|
||||
"sa_setup_expirations: SA %p soft timeout in %llu seconds",
|
||||
- sa, seconds));
|
||||
+ sa, (long long unsigned) seconds));
|
||||
expiration.tv_sec += seconds;
|
||||
sa->soft_death = timer_add_event("sa_soft_expire",
|
||||
sa_soft_expire, sa, &expiration);
|
||||
@@ -1232,7 +1232,7 @@
|
||||
gettimeofday(&expiration, 0);
|
||||
LOG_DBG((LOG_TIMER, 95,
|
||||
"sa_setup_expirations: SA %p hard timeout in %llu seconds",
|
||||
- sa, sa->seconds));
|
||||
+ sa, (long long unsigned) sa->seconds));
|
||||
expiration.tv_sec += sa->seconds;
|
||||
sa->death = timer_add_event("sa_hard_expire", sa_hard_expire,
|
||||
sa, &expiration);
|
||||
|
@ -1,15 +1,5 @@
|
||||
This is isakmpd, a BSD-licensed ISAKMP/Oakley (a.k.a. IKE)
|
||||
implementation. It's written by Niklas Hallqvist and Niels Provos,
|
||||
funded by Ericsson Radio Systems AB. Currently it is work in
|
||||
progress, although it can be used for real setups. There are
|
||||
releases, but this distribution is not a release and is not named with
|
||||
ordinary version numbers. When you got the source, hopefully the
|
||||
archive was named with a date which reflects when it was created.
|
||||
These archives are also known as snapshots and will be created at
|
||||
irregular intervals and put up on ftp.gsnig.net and ftp.appli.se in
|
||||
/pub/isakmpd. From Nov 14, 1998 isakmpd is also available in the
|
||||
OpenBSD main source tree under src/sbin/isakmpd, though slightly
|
||||
modified because I don't want to carry support files for other OSes in
|
||||
that distribution.
|
||||
funded by Ericsson Radio Systems AB.
|
||||
|
||||
WWW: http://www.openbsd.org/
|
||||
|
Loading…
Reference in New Issue
Block a user