summaryrefslogtreecommitdiff
path: root/security/openiked-portable/files
diff options
context:
space:
mode:
Diffstat (limited to 'security/openiked-portable/files')
-rw-r--r--security/openiked-portable/files/iked.in70
-rw-r--r--security/openiked-portable/files/patch-ikectl_CMakeLists.txt13
-rw-r--r--security/openiked-portable/files/patch-ikectl_ikeca.c25
3 files changed, 0 insertions, 108 deletions
diff --git a/security/openiked-portable/files/iked.in b/security/openiked-portable/files/iked.in
deleted file mode 100644
index 79df736b6f79..000000000000
--- a/security/openiked-portable/files/iked.in
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/bin/sh
-
-# $FreeBSD: head/security/openiked/files/iked.in 425847 2016-11-10 16:14:03Z marcel $
-#
-# PROVIDE: iked
-# REQUIRE: LOGIN
-# KEYWORD: shutdown
-#
-# Add these lines to /etc/rc.conf.local or /etc/rc.conf
-# to enable this service:
-#
-# iked_enable (bool): Set to NO by default.
-# Set it to YES to enable iked.
-# iked_ramdisk (bool): Set to NO by default. See below.
-#
-# When iked_ramdisk is set to YES, the rc.d script will make sure
-# all directories exist, but will not generate a key pair if none
-# exists. The daemon is not started when the key pair no config
-# files are missing. It is assumed the ramdisk is not populated
-# completely. When iked_ramdisk is NO, key pairs are created as
-# needed and thr daemon is started unconditionally.
-
-. /etc/rc.subr
-
-name=iked
-desc="IKEv2 daemon"
-rcvar=iked_enable
-
-load_rc_config $name
-
-: ${iked_enable:=NO}
-: ${iked_ramdisk=NO}
-
-command=%%PREFIX%%/sbin/iked
-start_precmd=iked_precmd
-required_modules="ipsec"
-
-iked_config=%%PREFIX%%/etc/iked.conf
-iked_rootdir=%%PREFIX%%/etc/iked
-iked_privkey=${iked_rootdir}/private/local.key
-iked_pubkey=${iked_rootdir}/local.pub
-
-iked_precmd()
-{
-
- if checkyesno iked_ramdisk; then
- # Make sure we have our directory hierarchy.
- for D in ca certs crls export private pubkeys \
- pubkeys/fqdn pubkeys/ipv4 pubkeys/ipv6 pubkeys/ufqdn; do
- mkdir -p %%PREFIX%%/etc/iked/$D
- done
- chmod 700 %%PREFIX%%/etc/iked/private
- else
- # Create a key pair if not already present.
- if test ! -f $iked_privkey; then
- /usr/bin/openssl ecparam -genkey -name prime256v1 -noout -out "$iked_privkey"
- /bin/chmod 600 "$iked_privkey"
- /usr/bin/openssl ec -in "$iked_privkey" -pubout -out "$iked_pubkey"
- fi
- fi
-
- # We must have a private key and a configuration file.
- # Don't start iked when those are missing.
- if test ! \( -f $iked_privkey -a -f $iked_config \); then
- # Be quiet about it; it must be intentional.
- exit 1
- fi
-}
-
-run_rc_command "$1"
diff --git a/security/openiked-portable/files/patch-ikectl_CMakeLists.txt b/security/openiked-portable/files/patch-ikectl_CMakeLists.txt
deleted file mode 100644
index de79da698eb5..000000000000
--- a/security/openiked-portable/files/patch-ikectl_CMakeLists.txt
+++ /dev/null
@@ -1,13 +0,0 @@
---- ikectl/CMakeLists.txt.orig 2025-04-09 19:47:21 UTC
-+++ ikectl/CMakeLists.txt
-@@ -42,7 +42,9 @@ list(APPEND CFLAGS
- -Wsign-compare
- "$<$<CONFIG:DEBUG>:-O0;-g>"
- )
--
-+if(DEFINED CADIR)
-+ add_definitions( -DCADIR="${CADIR}" )
-+endif()
- target_compile_options(ikectl PRIVATE ${CFLAGS})
- if(HAVE_LD_Z)
- target_link_options(ikectl PRIVATE "LINKER:-z,relro,-z,now")
diff --git a/security/openiked-portable/files/patch-ikectl_ikeca.c b/security/openiked-portable/files/patch-ikectl_ikeca.c
deleted file mode 100644
index 4db8e1ce4744..000000000000
--- a/security/openiked-portable/files/patch-ikectl_ikeca.c
+++ /dev/null
@@ -1,25 +0,0 @@
---- ikectl/ikeca.c.orig 2025-04-09 19:47:21 UTC
-+++ ikectl/ikeca.c
-@@ -47,8 +47,11 @@
- #define SSLDIR PREFIX "/etc/ssl"
- #endif
- #define SSL_CNF SSLDIR "/openssl.cnf"
--#define X509_CNF SSLDIR "/ikex509v3.cnf"
--#define IKECA_CNF SSLDIR "/ikeca.cnf"
-+#ifndef CADIR
-+#define CADIR SSLDIR
-+#endif
-+#define X509_CNF CADIR "/ikex509v3.cnf"
-+#define IKECA_CNF CADIR "/ikeca.cnf"
- #define KEYBASE PREFIX "/etc/iked"
- #ifndef EXPDIR
- #define EXPDIR PREFIX "/usr/share/iked"
-@@ -1118,7 +1121,7 @@ ca_setup(char *caname, int create, int quiet, char *pa
- err(1, "calloc");
-
- ca->caname = strdup(caname);
-- len = snprintf(ca->sslpath, sizeof(ca->sslpath), SSLDIR "/%s", caname);
-+ len = snprintf(ca->sslpath, sizeof(ca->sslpath), CADIR "/%s", caname);
- if (len < 0 || (size_t)len >= sizeof(ca->sslpath))
- err(1, "%s: snprintf", __func__);
-
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 18:36:17 +0000