diff options
Diffstat (limited to 'security/openiked')
-rw-r--r-- | security/openiked/Makefile | 29 | ||||
-rw-r--r-- | security/openiked/distinfo | 6 | ||||
-rw-r--r-- | security/openiked/files/patch-ikectl_CMakeLists.txt | 13 | ||||
-rw-r--r-- | security/openiked/files/patch-ikectl_Makefile.am | 10 | ||||
-rw-r--r-- | security/openiked/files/patch-ikectl_ikeca.c | 25 | ||||
-rw-r--r-- | security/openiked/pkg-descr | 13 | ||||
-rw-r--r-- | security/openiked/pkg-plist | 5 |
7 files changed, 64 insertions, 37 deletions
diff --git a/security/openiked/Makefile b/security/openiked/Makefile index a280721acf7e..2a9230deae95 100644 --- a/security/openiked/Makefile +++ b/security/openiked/Makefile @@ -1,37 +1,34 @@ PORTNAME= openiked -PORTVERSION= 2.2 +DISTVERSION= 7.4 PORTREVISION= 1 CATEGORIES= security net +MASTER_SITES= OPENBSD/OpenIKED \ + https://github.com/${PORTNAME}/${PORTNAME}-portable/releases/download/v${DISTVERSION}/ -MAINTAINER= marcel@FreeBSD.org +MAINTAINER= david.marec@proton.me COMMENT= IKEv2 daemon -WWW= https://github.com/xcllnt/openiked +WWW= https://www.openiked.org LICENSE= ISCL +LICENSE_FILE= ${WRKSRC}/LICENSE LIB_DEPENDS= libevent.so:devel/libevent -USES= autoreconf libtool ssl - -CONFLICTS_INSTALL= openiked-portable[0-9]* - -USE_GITHUB= yes -GH_ACCOUNT= xcllnt +USES= cmake ssl USE_RC_SUBR= iked USERS= _iked GROUPS= _iked -GNU_CONFIGURE= yes -GNU_CONFIGURE_MANPREFIX=${PREFIX}/share -INSTALL_TARGET= install-strip -CONFIGURE_ARGS= --with-libevent-dir=${PREFIX} --with-mantype=man -CONFIGURE_ARGS+= --without-zlib-version-check # fix build by disabling zlib version check +CMAKE_ARGS= -DCADIR=${PREFIX}/etc/ssl \ + -DCMAKE_INSTALL_MANDIR=${PREFIX}/share/man post-install: - ${MV} ${STAGEDIR}${PREFIX}/etc/ikeca.cnf \ - ${STAGEDIR}${PREFIX}/etc/ikeca.cnf.sample ${MV} ${STAGEDIR}${PREFIX}/etc/iked.conf \ ${STAGEDIR}${PREFIX}/etc/iked.conf.sample + ${MV} ${STAGEDIR}${PREFIX}/etc/ssl/ikeca.cnf \ + ${STAGEDIR}${PREFIX}/etc/ssl/ikeca.cnf.sample + ${MV} ${STAGEDIR}${PREFIX}/etc/ssl/ikex509v3.cnf \ + ${STAGEDIR}${PREFIX}/etc/ssl/ikex509v3.cnf.sample .include <bsd.port.mk> diff --git a/security/openiked/distinfo b/security/openiked/distinfo index a154c38488e5..7fcb08fd7e1f 100644 --- a/security/openiked/distinfo +++ b/security/openiked/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1598375734 -SHA256 (xcllnt-openiked-2.2_GH0.tar.gz) = 5e161f12cdba3853dca576348409fa512d58c19840eac9eb4d1ce68e8dd5f0bf -SIZE (xcllnt-openiked-2.2_GH0.tar.gz) = 230804 +TIMESTAMP = 1748557872 +SHA256 (openiked-7.4.tar.gz) = 19b72b48080240c3eff585f5cbcf6aa7b5734192ad8bc6677ae64a455074358a +SIZE (openiked-7.4.tar.gz) = 321175 diff --git a/security/openiked/files/patch-ikectl_CMakeLists.txt b/security/openiked/files/patch-ikectl_CMakeLists.txt new file mode 100644 index 000000000000..de79da698eb5 --- /dev/null +++ b/security/openiked/files/patch-ikectl_CMakeLists.txt @@ -0,0 +1,13 @@ +--- ikectl/CMakeLists.txt.orig 2025-04-09 19:47:21 UTC ++++ ikectl/CMakeLists.txt +@@ -42,7 +42,9 @@ list(APPEND CFLAGS + -Wsign-compare + "$<$<CONFIG:DEBUG>:-O0;-g>" + ) +- ++if(DEFINED CADIR) ++ add_definitions( -DCADIR="${CADIR}" ) ++endif() + target_compile_options(ikectl PRIVATE ${CFLAGS}) + if(HAVE_LD_Z) + target_link_options(ikectl PRIVATE "LINKER:-z,relro,-z,now") diff --git a/security/openiked/files/patch-ikectl_Makefile.am b/security/openiked/files/patch-ikectl_Makefile.am deleted file mode 100644 index 315d87d83986..000000000000 --- a/security/openiked/files/patch-ikectl_Makefile.am +++ /dev/null @@ -1,10 +0,0 @@ ---- ikectl/Makefile.am.orig 2020-09-04 14:25:33 UTC -+++ ikectl/Makefile.am -@@ -28,7 +28,6 @@ $(MANPAGES): $(MANPAGES_IN) - - install-exec-hook: $(MANPAGES) - $(MKDIR_P) $(DESTDIR)$(sysconfdir)/iked/ -- $(MKDIR_P) $(DESTDIR)$(SSLDIR) - $(MKDIR_P) $(DESTDIR)$(sbindir) - $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)8 - diff --git a/security/openiked/files/patch-ikectl_ikeca.c b/security/openiked/files/patch-ikectl_ikeca.c new file mode 100644 index 000000000000..4db8e1ce4744 --- /dev/null +++ b/security/openiked/files/patch-ikectl_ikeca.c @@ -0,0 +1,25 @@ +--- ikectl/ikeca.c.orig 2025-04-09 19:47:21 UTC ++++ ikectl/ikeca.c +@@ -47,8 +47,11 @@ + #define SSLDIR PREFIX "/etc/ssl" + #endif + #define SSL_CNF SSLDIR "/openssl.cnf" +-#define X509_CNF SSLDIR "/ikex509v3.cnf" +-#define IKECA_CNF SSLDIR "/ikeca.cnf" ++#ifndef CADIR ++#define CADIR SSLDIR ++#endif ++#define X509_CNF CADIR "/ikex509v3.cnf" ++#define IKECA_CNF CADIR "/ikeca.cnf" + #define KEYBASE PREFIX "/etc/iked" + #ifndef EXPDIR + #define EXPDIR PREFIX "/usr/share/iked" +@@ -1118,7 +1121,7 @@ ca_setup(char *caname, int create, int quiet, char *pa + err(1, "calloc"); + + ca->caname = strdup(caname); +- len = snprintf(ca->sslpath, sizeof(ca->sslpath), SSLDIR "/%s", caname); ++ len = snprintf(ca->sslpath, sizeof(ca->sslpath), CADIR "/%s", caname); + if (len < 0 || (size_t)len >= sizeof(ca->sslpath)) + err(1, "%s: snprintf", __func__); + diff --git a/security/openiked/pkg-descr b/security/openiked/pkg-descr index ffa195819a97..cd2f05da0925 100644 --- a/security/openiked/pkg-descr +++ b/security/openiked/pkg-descr @@ -1,7 +1,8 @@ -OpenIKED is a lean Internet Key Exchange (IKEv2) daemon which performs -mutual authentication and which establishes and maintains IPsec VPN -flows and security associations (SAs) between the two peers. +OpenIKED is a free, permissively licensed Internet Key Exchange +(IKEv2) implementation, developed as part of the OpenBSD project. +It is intended to be a lean, secure and interoperable daemon that +allows for easy setup and management of IPsec VPNs. -This version of OpenIKED is derived from OpenIKED's iked, but changed -to support transport mode IPSec and lazy creation of associations, -among many other improvements. +The portable versions take the OpenBSD based source code and add +compatibility functions and build infrastructure for other operating +systems. diff --git a/security/openiked/pkg-plist b/security/openiked/pkg-plist index d0b202daae26..8ada1a3bc27b 100644 --- a/security/openiked/pkg-plist +++ b/security/openiked/pkg-plist @@ -1,5 +1,6 @@ -@sample etc/ikeca.cnf.sample -@sample etc/iked.conf.sample +@sample(,,600) etc/iked.conf.sample +@sample etc/ssl/ikeca.cnf.sample +@sample etc/ssl/ikex509v3.cnf.sample sbin/ikectl sbin/iked share/man/man5/iked.conf.5.gz |