racoon: KAME IKE daemon

9 files changed, 125 insertions, 0 deletions

diff --git a/security/racoon/Makefile b/security/racoon/Makefile
new file mode 100644
index 000000000000..84a796e75126
--- /dev/null
+++ b/security/racoon/Makefile
@@ -0,0 +1,38 @@
+# New ports collection makefile for:	racoon
+# Date created:		4 July 2000
+# Whom:			sumikawa
+#
+# $FreeBSD$
+#
+
+PORTNAME=	racoon
+PORTVERSION=	20000705a
+CATEGORIES=	security net
+MASTER_SITES=	ftp://ftp.kame.net/pub/kame/misc/
+
+MAINTAINER=	sumikawa@FreeBSD.org
+
+.if !exists(/usr/lib/libipsec.so.1)
+BROKEN=		"You must upgrade the OS"
+.endif
+
+USE_OPENSSL=	RSA
+
+WRKSRC=		${WRKDIR}/${DISTNAME}/racoon
+GNU_CONFIGURE=	yes
+CONFIGURE_ENV+=CPPFLAGS=-I${LOCALBASE}/include CFLAGS=-I${LOCALBASE}/include \
+		LDFLAGS="-L${LOCALBASE}/lib -L${WRKSRC}/../libipsec"
+CONFIGURE_ARGS+=--enable-debug
+CONFIGURE_ARGS+=--enable-ipv6
+CONFIGURE_ARGS+=--sysconfdir=${LOCALBASE}/etc
+
+MAN5=		racoon.conf.5
+MAN8=		racoon.8
+
+pre-patch:
+	${MV} ${WRKSRC}/racoon.8 ${WRKSRC}/racoon.8.in
+
+pre-configure:
+	(cd ${WRKSRC}/../libipsec; make)
+
+.include <bsd.port.mk>
diff --git a/security/racoon/distinfo b/security/racoon/distinfo
new file mode 100644
index 000000000000..eee5fd8c446b
--- /dev/null
+++ b/security/racoon/distinfo
@@ -0,0 +1 @@
+MD5 (racoon-20000705a.tar.gz) = 137e87e7a42d07660a8549d4c476409c
diff --git a/security/racoon/files/patch-aa b/security/racoon/files/patch-aa
new file mode 100644
index 000000000000..d599760fbf0f
--- /dev/null
+++ b/security/racoon/files/patch-aa
@@ -0,0 +1,16 @@
+--- ../libipsec/Makefile-	Mon Jun 12 00:02:28 2000
++++ ../libipsec/Makefile	Mon Jun 12 00:02:49 2000
+@@ -25,9 +25,10 @@
+ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ # SUCH DAMAGE.
+ 
+-.if exists(${.CURDIR}/../Makefile.opsys)
+-.include "${.CURDIR}/../Makefile.opsys"
+-.endif
++#.if exists(${.CURDIR}/../Makefile.opsys)
++#.include "${.CURDIR}/../Makefile.opsys"
++#.endif
++OPSYS!=	uname -s
+ 
+ LIB=	ipsec
+ CFLAGS+=-g
diff --git a/security/racoon/files/patch-ab b/security/racoon/files/patch-ab
new file mode 100644
index 000000000000..70206c12ebfe
--- /dev/null
+++ b/security/racoon/files/patch-ab
@@ -0,0 +1,22 @@
+--- Makefile.in.orig	Tue Jun 13 14:01:41 2000
++++ Makefile.in	Wed Jul  5 16:20:04 2000
+@@ -7,7 +7,7 @@
+ LDFLAGS=@LDFLAGS@
+ CPPFLAGS=	@CPPFLAGS@
+ OPTFLAG=@OPTFLAG@
+-CFLAGS=	@CFLAGS@ $(CPPFLAGS) @DEFS@ $(CPPFLAGS) $(OPTFLAG) -DIPSEC -I. -I$(srcdir) -Dss_family=__ss_family -Dss_len=__ss_len -DSYSCONFDIR=\"${sysconfdir}\"
++CFLAGS=	@CFLAGS@ $(CPPFLAGS) @DEFS@ $(CPPFLAGS) $(OPTFLAG) -DIPSEC -I. -I$(srcdir) -Dss_family=__ss_family -Dss_len=__ss_len -DSYSCONFDIR=\"${sysconfdir}/racoon\"
+ CFLAGS+=-DYY_NO_UNPUT
+ CFLAGS+=-I${srcdir}/../libipsec
+ LIBS=	@LIBS@
+@@ -79,10 +79,6 @@
+ 	$(INSTALL) -o bin -g bin -m 444 racoon.conf.5 $(mandir)/man5
+ 	-mkdir -p ${sysconfdir}/racoon
+ 	for i in $(CONF); do \
+-		if test ! -f ${sysconfdir}/racoon/$$i; then \
+-			$(INSTALL) -o bin -g bin -m 444 samples/$$i \
+-				${sysconfdir}/racoon; \
+-		fi; \
+ 		$(INSTALL) -o bin -g bin -m 444 samples/$$i \
+ 			${sysconfdir}/racoon/$$i.dist; \
+ 	done
diff --git a/security/racoon/files/patch-ac b/security/racoon/files/patch-ac
new file mode 100644
index 000000000000..9e710b341251
--- /dev/null
+++ b/security/racoon/files/patch-ac
@@ -0,0 +1,11 @@
+--- configure-	Wed Jul  5 16:18:19 2000
++++ configure	Wed Jul  5 16:18:32 2000
+@@ -4021,7 +4021,7 @@
+ 
+ cat >> $CONFIG_STATUS <<EOF
+ 
+-CONFIG_FILES=\${CONFIG_FILES-"Makefile samples/psk.txt samples/racoon.conf samples/remote.conf"}
++CONFIG_FILES=\${CONFIG_FILES-"Makefile samples/psk.txt samples/racoon.conf samples/remote.conf racoon.8"}
+ EOF
+ cat >> $CONFIG_STATUS <<\EOF
+ for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
diff --git a/security/racoon/files/patch-ad b/security/racoon/files/patch-ad
new file mode 100644
index 000000000000..8b8fb3b81fe0
--- /dev/null
+++ b/security/racoon/files/patch-ad
@@ -0,0 +1,13 @@
+--- racoon.8.in.orig	Tue Jul  4 21:27:59 2000
++++ racoon.8.in	Wed Jul  5 16:17:43 2000
+@@ -97,8 +97,8 @@
+ .El
+ .\" 
+ .Sh FILES
+-.Bl -tag -width /usr/local/v6/etc/racoon.conf -compact
+-.It Pa /usr/local/v6/etc/racoon.conf
++.Bl -tag -width @sysconfdir@/racoon/racoon.conf -compact
++.It Pa @sysconfdir@/racoon/racoon.conf
+ default configuration file.
+ .It Pa /var/log/racoon.log
+ default log file.
diff --git a/security/racoon/pkg-comment b/security/racoon/pkg-comment
new file mode 100644
index 000000000000..252204b81ad6
--- /dev/null
+++ b/security/racoon/pkg-comment
@@ -0,0 +1 @@
+KAME racoon IKE daemon
diff --git a/security/racoon/pkg-descr b/security/racoon/pkg-descr
new file mode 100644
index 000000000000..34f8530ce9cc
--- /dev/null
+++ b/security/racoon/pkg-descr
@@ -0,0 +1,18 @@
+racoon speaks IKE (ISAKMP/Oakley) key management protocol, to
+establish security association with other hosts.
+
+Known issues:
+- Too many use of dynamic memory allocation, which leads to memory leak.
+- Non-threaded implementation.  Simultaneous key negotiation performance
+  should be improved.
+- Cannot negotiate keys for per-socket policy.
+- Cryptic configuration syntax - blame IPsec specification too...
+- Needs more documentation.
+
+Design choice, not a bug:
+- racoon negotiate IPsec keys only.  It does not negotiate policy.  Policy must
+  be configured into the kernel separately from racoon.  If you want to
+  support roaming clients, you may need to have a mechanism to put policy
+  for the roaming client after phase 1 finhises.
+
+WWW: http://www.kame.net/
diff --git a/security/racoon/pkg-plist b/security/racoon/pkg-plist
new file mode 100644
index 000000000000..b2a7d83559af
--- /dev/null
+++ b/security/racoon/pkg-plist
@@ -0,0 +1,5 @@
+sbin/racoon
+etc/racoon/psk.txt.dist
+etc/racoon/racoon.conf.dist
+etc/racoon/remote.conf.dist
+@dirrm etc/racoon