From nobody@FreeBSD.org  Thu Jun  3 12:31:05 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C84D9106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Thu,  3 Jun 2010 12:31:05 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id B6C338FC1C
	for <freebsd-gnats-submit@FreeBSD.org>; Thu,  3 Jun 2010 12:31:05 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o53CV5kd050109
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 3 Jun 2010 12:31:05 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o53CV5S4050108;
	Thu, 3 Jun 2010 12:31:05 GMT
	(envelope-from nobody)
Message-Id: <201006031231.o53CV5S4050108@www.freebsd.org>
Date: Thu, 3 Jun 2010 12:31:05 GMT
From: Riaan Kruger <riaank@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [NEW PORT] security/strongswan - Open Source IPsec-based VPN solution
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         147431
>Category:       ports
>Synopsis:       [NEW PORT] security/strongswan - Open Source IPsec-based VPN solution
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jun 03 12:40:03 UTC 2010
>Closed-Date:    Thu Aug 26 13:40:24 UTC 2010
>Last-Modified:  Thu Aug 26 13:50:00 UTC 2010
>Originator:     Riaan Kruger
>Release:        FreeBSD 8.0-RELEASE-p2
>Organization:
>Environment:
FreeBSD hostname 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #0: Tue Jan  5 16:02:27 UTC 2010     root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
Strongswan is an open source IPsec-based VPN solution. 

WWW: http://www.strongswan.org 
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	/usr/ports/security/strongswan/
#	/usr/ports/security/strongswan/files
#	/usr/ports/security/strongswan/files/patch-src__libcharon__plugins__kernel_pfkey__kernel_pfkey_ipsec.c
#	/usr/ports/security/strongswan/distinfo
#	/usr/ports/security/strongswan/pkg-descr
#	/usr/ports/security/strongswan/pkg-plist
#	/usr/ports/security/strongswan/Makefile
#
echo c - /usr/ports/security/strongswan/
mkdir -p /usr/ports/security/strongswan/ > /dev/null 2>&1
echo c - /usr/ports/security/strongswan/files
mkdir -p /usr/ports/security/strongswan/files > /dev/null 2>&1
echo x - /usr/ports/security/strongswan/files/patch-src__libcharon__plugins__kernel_pfkey__kernel_pfkey_ipsec.c
sed 's/^X//' >/usr/ports/security/strongswan/files/patch-src__libcharon__plugins__kernel_pfkey__kernel_pfkey_ipsec.c << 'd746b2299214dda4208929a3abd0e063'
Xdiff -u -r srcold/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
X--- srcold/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c	2010-03-19 17:56:54.000000000 +0200
X+++ src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c	2010-05-28 15:58:12.000000000 +0200
X@@ -600,17 +600,43 @@
X }
X 
X /**
X- * add a host behind a sadb_address extension
X+ * Copy a host_t as sockaddr_t to the given memory location. Ports are
X+ * reset to zero as per RFC 2367.
X+ * @returns		the number of bytes copied
X  */
X-static void host2ext(host_t *host, struct sadb_address *ext)
X+static size_t hostcpy(void *dest, host_t *host)
X {
X-	sockaddr_t *host_addr = host->get_sockaddr(host);
X+	sockaddr_t *addr = host->get_sockaddr(host), *dest_addr = dest;
X 	socklen_t *len = host->get_sockaddr_len(host);
X+	memcpy(dest, addr, *len);
X #ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
X-	host_addr->sa_len = *len;
X+	dest_addr->sa_len = *len;
X #endif
X-	memcpy((char*)(ext + 1), host_addr, *len);
X-	ext->sadb_address_len = PFKEY_LEN(sizeof(*ext) + *len);
X+	switch (dest_addr->sa_family)
X+	{
X+		case AF_INET:
X+		{
X+			struct sockaddr_in *sin = dest;
X+			sin->sin_port = 0;
X+			break;
X+		}
X+		case AF_INET6:
X+		{
X+			struct sockaddr_in6 *sin6 = dest;
X+			sin6->sin6_port = 0;
X+			break;
X+		}
X+	}
X+	return *len;
X+}
X+
X+/**
X+ * add a host behind an sadb_address extension
X+ */
X+static void host2ext(host_t *host, struct sadb_address *ext)
X+{
X+	size_t len = hostcpy(ext + 1, host);
X+	ext->sadb_address_len = PFKEY_LEN(sizeof(*ext) + len);
X }
X 
X /**
X@@ -1019,6 +1045,7 @@
X }
X #endif /*SADB_X_MIGRATE*/
X 
X+#ifndef __FreeBSD__
X #ifdef HAVE_NATT
X /**
X  * Process a SADB_X_NAT_T_NEW_MAPPING message from the kernel
X@@ -1076,6 +1103,7 @@
X 	}
X }
X #endif /*HAVE_NATT*/
X+#endif /*__FreeBSD__*/
X 
X /**
X  * Receives events from kernel
X@@ -1137,11 +1165,13 @@
X 			process_migrate(this, msg);
X 			break;
X #endif /*SADB_X_MIGRATE*/
X+#ifndef __FreeBSD__
X #ifdef HAVE_NATT
X 		case SADB_X_NAT_T_NEW_MAPPING:
X 			process_mapping(this, msg);
X 			break;
X #endif /*HAVE_NATT*/
X+#endif /*__FreeBSD__*/
X 		default:
X 			break;
X 	}
X@@ -1679,14 +1709,10 @@
X 	req->sadb_x_ipsecrequest_level = IPSEC_LEVEL_UNIQUE;
X 	if (mode == MODE_TUNNEL)
X 	{
X-		sockaddr_t *sa;
X-		socklen_t sl;
X-		sa = src->get_sockaddr(src);
X-		sl = *src->get_sockaddr_len(src);
X-		memcpy(req + 1, sa, sl);
X-		sa = dst->get_sockaddr(dst);
X-		memcpy((u_int8_t*)(req + 1) + sl, sa, sl);
X-		req->sadb_x_ipsecrequest_len += sl * 2;
X+		len = hostcpy(req + 1, src);
X+		req->sadb_x_ipsecrequest_len += len;
X+		len = hostcpy((char*)(req + 1) + len, dst);
X+		req->sadb_x_ipsecrequest_len += len;
X 	}
X 
X 	pol->sadb_x_policy_len += PFKEY_LEN(req->sadb_x_ipsecrequest_len);
d746b2299214dda4208929a3abd0e063
echo x - /usr/ports/security/strongswan/distinfo
sed 's/^X//' >/usr/ports/security/strongswan/distinfo << '9127200bde3fcbe921232c9becde9a0a'
XMD5 (strongswan-4.4.0.tar.bz2) = bfb0f1c8ef1344e1ae8157bdde060fed
XSHA256 (strongswan-4.4.0.tar.bz2) = df40d9daf963ce4f4bef4177ed02d68c083521b307f52bebb1872c2ded4b2718
XSIZE (strongswan-4.4.0.tar.bz2) = 2863754
9127200bde3fcbe921232c9becde9a0a
echo x - /usr/ports/security/strongswan/pkg-descr
sed 's/^X//' >/usr/ports/security/strongswan/pkg-descr << '229658a306df519cf515176f3b9a6e48'
XStrongswan is an open source IPsec-based VPN solution. 
X
XWWW: http://www.strongswan.org
229658a306df519cf515176f3b9a6e48
echo x - /usr/ports/security/strongswan/pkg-plist
sed 's/^X//' >/usr/ports/security/strongswan/pkg-plist << 'b13d9de1e2dd08108c3b33a7aaa4329a'
Xetc/ipsec.conf
X%%ETCDIR%%.conf
Xlib/libcharon.a
Xlib/libcharon.la
Xlib/libcharon.so
Xlib/libcharon.so.0
Xlib/libhydra.a
Xlib/libhydra.la
Xlib/libhydra.so
Xlib/libhydra.so.0
Xlib/libstrongswan.a
Xlib/libstrongswan.la
Xlib/libstrongswan.so
Xlib/libstrongswan.so.0
Xlibexec/ipsec/_copyright
Xlibexec/ipsec/_updown
Xlibexec/ipsec/_updown_espmark
Xlibexec/ipsec/charon
Xlibexec/ipsec/plugins/libstrongswan-aes.a
Xlibexec/ipsec/plugins/libstrongswan-aes.la
Xlibexec/ipsec/plugins/libstrongswan-aes.so
Xlibexec/ipsec/plugins/libstrongswan-attr.a
Xlibexec/ipsec/plugins/libstrongswan-attr.la
Xlibexec/ipsec/plugins/libstrongswan-attr.so
Xlibexec/ipsec/plugins/libstrongswan-des.a
Xlibexec/ipsec/plugins/libstrongswan-des.la
Xlibexec/ipsec/plugins/libstrongswan-des.so
Xlibexec/ipsec/plugins/libstrongswan-dnskey.a
Xlibexec/ipsec/plugins/libstrongswan-dnskey.la
Xlibexec/ipsec/plugins/libstrongswan-dnskey.so
Xlibexec/ipsec/plugins/libstrongswan-fips-prf.a
Xlibexec/ipsec/plugins/libstrongswan-fips-prf.la
Xlibexec/ipsec/plugins/libstrongswan-fips-prf.so
Xlibexec/ipsec/plugins/libstrongswan-gmp.a
Xlibexec/ipsec/plugins/libstrongswan-gmp.la
Xlibexec/ipsec/plugins/libstrongswan-gmp.so
Xlibexec/ipsec/plugins/libstrongswan-hmac.a
Xlibexec/ipsec/plugins/libstrongswan-hmac.la
Xlibexec/ipsec/plugins/libstrongswan-hmac.so
Xlibexec/ipsec/plugins/libstrongswan-kernel-pfkey.a
Xlibexec/ipsec/plugins/libstrongswan-kernel-pfkey.la
Xlibexec/ipsec/plugins/libstrongswan-kernel-pfkey.so
Xlibexec/ipsec/plugins/libstrongswan-kernel-pfroute.a
Xlibexec/ipsec/plugins/libstrongswan-kernel-pfroute.la
Xlibexec/ipsec/plugins/libstrongswan-kernel-pfroute.so
Xlibexec/ipsec/plugins/libstrongswan-md5.a
Xlibexec/ipsec/plugins/libstrongswan-md5.la
Xlibexec/ipsec/plugins/libstrongswan-md5.so
Xlibexec/ipsec/plugins/libstrongswan-pem.a
Xlibexec/ipsec/plugins/libstrongswan-pem.la
Xlibexec/ipsec/plugins/libstrongswan-pem.so
Xlibexec/ipsec/plugins/libstrongswan-pgp.a
Xlibexec/ipsec/plugins/libstrongswan-pgp.la
Xlibexec/ipsec/plugins/libstrongswan-pgp.so
Xlibexec/ipsec/plugins/libstrongswan-pkcs1.a
Xlibexec/ipsec/plugins/libstrongswan-pkcs1.la
Xlibexec/ipsec/plugins/libstrongswan-pkcs1.so
Xlibexec/ipsec/plugins/libstrongswan-pubkey.a
Xlibexec/ipsec/plugins/libstrongswan-pubkey.la
Xlibexec/ipsec/plugins/libstrongswan-pubkey.so
Xlibexec/ipsec/plugins/libstrongswan-random.a
Xlibexec/ipsec/plugins/libstrongswan-random.la
Xlibexec/ipsec/plugins/libstrongswan-random.so
Xlibexec/ipsec/plugins/libstrongswan-resolve.a
Xlibexec/ipsec/plugins/libstrongswan-resolve.la
Xlibexec/ipsec/plugins/libstrongswan-resolve.so
Xlibexec/ipsec/plugins/libstrongswan-sha1.a
Xlibexec/ipsec/plugins/libstrongswan-sha1.la
Xlibexec/ipsec/plugins/libstrongswan-sha1.so
Xlibexec/ipsec/plugins/libstrongswan-sha2.a
Xlibexec/ipsec/plugins/libstrongswan-sha2.la
Xlibexec/ipsec/plugins/libstrongswan-sha2.so
Xlibexec/ipsec/plugins/libstrongswan-socket-default.a
Xlibexec/ipsec/plugins/libstrongswan-socket-default.la
Xlibexec/ipsec/plugins/libstrongswan-socket-default.so
Xlibexec/ipsec/plugins/libstrongswan-stroke.a
Xlibexec/ipsec/plugins/libstrongswan-stroke.la
Xlibexec/ipsec/plugins/libstrongswan-stroke.so
Xlibexec/ipsec/plugins/libstrongswan-updown.a
Xlibexec/ipsec/plugins/libstrongswan-updown.la
Xlibexec/ipsec/plugins/libstrongswan-updown.so
Xlibexec/ipsec/plugins/libstrongswan-x509.a
Xlibexec/ipsec/plugins/libstrongswan-x509.la
Xlibexec/ipsec/plugins/libstrongswan-x509.so
Xlibexec/ipsec/plugins/libstrongswan-xcbc.a
Xlibexec/ipsec/plugins/libstrongswan-xcbc.la
Xlibexec/ipsec/plugins/libstrongswan-xcbc.so
Xlibexec/ipsec/starter
Xlibexec/ipsec/stroke
Xsbin/ipsec
X@dirrm libexec/ipsec/plugins
X@dirrm libexec/ipsec
X@dirrm etc/ipsec.d/reqs
X@dirrm etc/ipsec.d/private
X@dirrm etc/ipsec.d/ocspcerts
X@dirrm etc/ipsec.d/crls
X@dirrm etc/ipsec.d/certs
X@dirrm etc/ipsec.d/cacerts
X@dirrm etc/ipsec.d/acerts
X@dirrm etc/ipsec.d/aacerts
X@dirrm etc/ipsec.d
X@exec mkdir -p %D/etc/ipsec.d/reqs
X@exec mkdir -p %D/etc/ipsec.d/private
X@exec mkdir -p %D/etc/ipsec.d/ocspcerts
X@exec mkdir -p %D/etc/ipsec.d/crls
X@exec mkdir -p %D/etc/ipsec.d/certs
X@exec mkdir -p %D/etc/ipsec.d/cacerts
X@exec mkdir -p %D/etc/ipsec.d/acerts
X@exec mkdir -p %D/etc/ipsec.d/aacerts
b13d9de1e2dd08108c3b33a7aaa4329a
echo x - /usr/ports/security/strongswan/Makefile
sed 's/^X//' >/usr/ports/security/strongswan/Makefile << 'c9ffd13c0567760030aa133e15a5f480'
X# New ports collection makefile for:    strongswan
X# Date created:         30 May 2010
X# Whom:                 riaank
X# $FreeBSD$
X
X# TODO: 
X# 1. At present there should be no CONFLICTS because this is the first version of the strongswan port. But in future this should be filled in.
X# 2. The port needs the standard startup scripts.
X# 3. The port needs some documentation on which parts/functinalities of Strongswan is supported on FreeBSD; this might be outside the scope of the port
X# 4. Currently the port requires a minimum version of FreeBSD 8 and this should be set somehow in this Makefile.
X# 5. The PORTDOCS section/values need to be defined.
X
XPORTNAME=	strongswan
XPORTVERSION=	4.4.0
XCATEGORIES=	security
XMASTER_SITES=	http://download.strongswan.org/ \
X		http://download2.strongswan.org/
X
XMAINTAINER=	riaank@gmail.com
X
XCOMMENT=	Open Source IPSec-based VPN solution.
X
XLIB_DEPENDS+=	vstr:${PORTSDIR}/devel/vstr
XLIB_DEPENDS+=	gmp.8:${PORTSDIR}/math/libgmp4
X
XUSE_BZIP2=	yes
X
XUSE_AUTOTOOLS=	libtool:22
XGNU_CONFIGURE=	yes
XUSE_LDCONFIG=	yes
XCONFIGURE_ARGS=	-enable-kernel-pfkey \
X		--enable-kernel-pfroute  \
X		--disable-kernel-netlink  \
X		--enable-vstr  \
X		--disable-tools  \
X		--disable-scripts  \
X		--disable-pluto  \
X		--with-group=wheel  \
X		--with-lib-prefix=${PREFIX}
X
XMAN5=		ipsec.conf.5
XMAN8=		ipsec.8 starter.8 _copyright.8 _updown.8 _updown_espmark.8
X
X.include <bsd.port.mk>
c9ffd13c0567760030aa133e15a5f480
exit



>Release-Note:
>Audit-Trail:

From: Riaan Kruger <riaank@gmail.com>
To: bug-followup@FreeBSD.org, riaank@gmail.com
Cc:  
Subject: Re: ports/147431: [NEW PORT] security/strongswan - Open Source 
	IPsec-based VPN solution
Date: Tue, 27 Jul 2010 15:26:53 +0200

 --0016363ba760598974048c5e74f2
 Content-Type: multipart/alternative; boundary=0016363ba760598969048c5e74f0
 
 --0016363ba760598969048c5e74f0
 Content-Type: text/plain; charset=ISO-8859-1
 
 A fix to the Makefile and a better package description
 
 --0016363ba760598969048c5e74f0
 Content-Type: text/html; charset=ISO-8859-1
 
 A fix to the Makefile and a better package description<div><br></div>
 
 --0016363ba760598969048c5e74f0--
 --0016363ba760598974048c5e74f2
 Content-Type: application/octet-stream; name="patch-1.diff"
 Content-Disposition: attachment; filename="patch-1.diff"
 Content-Transfer-Encoding: base64
 X-Attachment-Id: f_gc4s443c0
 
 ZGlmZiAtdXJOIHN0cm9uZ3N3YW4ub2xkL01ha2VmaWxlIHN0cm9uZ3N3YW4vTWFrZWZpbGUKLS0t
 IHN0cm9uZ3N3YW4ub2xkL01ha2VmaWxlCTIwMTAtMDctMjUgMTU6MzI6MTIuMDAwMDAwMDAwICsw
 MjAwCisrKyBzdHJvbmdzd2FuL01ha2VmaWxlCTIwMTAtMDctMjUgMTU6NDY6MjcuMDAwMDAwMDAw
 ICswMjAwCkBAIC0yOCw3ICsyOCw3IEBACiBVU0VfQVVUT1RPT0xTPQlsaWJ0b29sOjIyCiBHTlVf
 Q09ORklHVVJFPQl5ZXMKIFVTRV9MRENPTkZJRz0JeWVzCi1DT05GSUdVUkVfQVJHUz0JLWVuYWJs
 ZS1rZXJuZWwtcGZrZXkgXAorQ09ORklHVVJFX0FSR1M9CS0tZW5hYmxlLWtlcm5lbC1wZmtleSBc
 CiAJCS0tZW5hYmxlLWtlcm5lbC1wZnJvdXRlICBcCiAJCS0tZGlzYWJsZS1rZXJuZWwtbmV0bGlu
 ayAgXAogCQktLWVuYWJsZS12c3RyICBcCmRpZmYgLXVyTiBzdHJvbmdzd2FuLm9sZC9wa2ctZGVz
 Y3Igc3Ryb25nc3dhbi9wa2ctZGVzY3IKLS0tIHN0cm9uZ3N3YW4ub2xkL3BrZy1kZXNjcgkyMDEw
 LTA3LTI1IDE1OjMyOjEyLjAwMDAwMDAwMCArMDIwMAorKysgc3Ryb25nc3dhbi9wa2ctZGVzY3IJ
 MjAxMC0wNy0yNSAxNTo0NjoyNy4wMDAwMDAwMDAgKzAyMDAKQEAgLTEsMyArMSw0IEBACiBTdHJv
 bmdzd2FuIGlzIGFuIG9wZW4gc291cmNlIElQc2VjLWJhc2VkIFZQTiBzb2x1dGlvbi4gCitTdHJv
 bmdzd2FuIGZvciBGcmVlQlNEIHN1cHBvcnRzIElLRXYyIGJ1dCBOT1QgSUtFdjEuCiAKIFdXVzog
 aHR0cDovL3d3dy5zdHJvbmdzd2FuLm9yZwo=
 --0016363ba760598974048c5e74f2--
State-Changed-From-To: open->closed 
State-Changed-By: pav 
State-Changed-When: Thu Aug 26 13:21:22 UTC 2010 
State-Changed-Why:  
New port added, with modifications 

http://www.freebsd.org/cgi/query-pr.cgi?pr=147431 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/147431: commit references a PR
Date: Thu, 26 Aug 2010 13:40:22 +0000 (UTC)

 pav         2010-08-26 13:40:11 UTC
 
   FreeBSD ports repository
 
   Modified files:
     security             Makefile 
   Added files:
     security/strongswan  Makefile distinfo pkg-descr pkg-plist 
     security/strongswan/files 
                               patch-src__libcharon__plugins__kernel_pfkey__kernel_pfkey_ipsec.c 
   Log:
   Strongswan is an open source IPsec-based VPN solution.
   Strongswan for FreeBSD supports IKEv2 but NOT IKEv1.
   
   WWW: http://www.strongswan.org
   
   PR:             ports/147431
   Submitted by:   Riaan Kruger <riaank@gmail.com>
   
   Revision  Changes    Path
   1.1123    +1 -0      ports/security/Makefile
   1.1       +47 -0     ports/security/strongswan/Makefile (new)
   1.1       +3 -0      ports/security/strongswan/distinfo (new)
   1.1       +102 -0    ports/security/strongswan/files/patch-src__libcharon__plugins__kernel_pfkey__kernel_pfkey_ipsec.c (new)
   1.1       +4 -0      ports/security/strongswan/pkg-descr (new)
   1.1       +109 -0    ports/security/strongswan/pkg-plist (new)
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
