summaryrefslogtreecommitdiff
path: root/security/openiked
diff options
context:
space:
mode:
Diffstat (limited to 'security/openiked')
-rw-r--r--security/openiked/Makefile29
-rw-r--r--security/openiked/distinfo6
-rw-r--r--security/openiked/files/patch-ikectl_CMakeLists.txt13
-rw-r--r--security/openiked/files/patch-ikectl_Makefile.am10
-rw-r--r--security/openiked/files/patch-ikectl_ikeca.c25
-rw-r--r--security/openiked/pkg-descr13
-rw-r--r--security/openiked/pkg-plist5
7 files changed, 64 insertions, 37 deletions
diff --git a/security/openiked/Makefile b/security/openiked/Makefile
index a280721acf7e..2a9230deae95 100644
--- a/security/openiked/Makefile
+++ b/security/openiked/Makefile
@@ -1,37 +1,34 @@
PORTNAME= openiked
-PORTVERSION= 2.2
+DISTVERSION= 7.4
PORTREVISION= 1
CATEGORIES= security net
+MASTER_SITES= OPENBSD/OpenIKED \
+ https://github.com/${PORTNAME}/${PORTNAME}-portable/releases/download/v${DISTVERSION}/
-MAINTAINER= marcel@FreeBSD.org
+MAINTAINER= david.marec@proton.me
COMMENT= IKEv2 daemon
-WWW= https://github.com/xcllnt/openiked
+WWW= https://www.openiked.org
LICENSE= ISCL
+LICENSE_FILE= ${WRKSRC}/LICENSE
LIB_DEPENDS= libevent.so:devel/libevent
-USES= autoreconf libtool ssl
-
-CONFLICTS_INSTALL= openiked-portable[0-9]*
-
-USE_GITHUB= yes
-GH_ACCOUNT= xcllnt
+USES= cmake ssl
USE_RC_SUBR= iked
USERS= _iked
GROUPS= _iked
-GNU_CONFIGURE= yes
-GNU_CONFIGURE_MANPREFIX=${PREFIX}/share
-INSTALL_TARGET= install-strip
-CONFIGURE_ARGS= --with-libevent-dir=${PREFIX} --with-mantype=man
-CONFIGURE_ARGS+= --without-zlib-version-check # fix build by disabling zlib version check
+CMAKE_ARGS= -DCADIR=${PREFIX}/etc/ssl \
+ -DCMAKE_INSTALL_MANDIR=${PREFIX}/share/man
post-install:
- ${MV} ${STAGEDIR}${PREFIX}/etc/ikeca.cnf \
- ${STAGEDIR}${PREFIX}/etc/ikeca.cnf.sample
${MV} ${STAGEDIR}${PREFIX}/etc/iked.conf \
${STAGEDIR}${PREFIX}/etc/iked.conf.sample
+ ${MV} ${STAGEDIR}${PREFIX}/etc/ssl/ikeca.cnf \
+ ${STAGEDIR}${PREFIX}/etc/ssl/ikeca.cnf.sample
+ ${MV} ${STAGEDIR}${PREFIX}/etc/ssl/ikex509v3.cnf \
+ ${STAGEDIR}${PREFIX}/etc/ssl/ikex509v3.cnf.sample
.include <bsd.port.mk>
diff --git a/security/openiked/distinfo b/security/openiked/distinfo
index a154c38488e5..7fcb08fd7e1f 100644
--- a/security/openiked/distinfo
+++ b/security/openiked/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1598375734
-SHA256 (xcllnt-openiked-2.2_GH0.tar.gz) = 5e161f12cdba3853dca576348409fa512d58c19840eac9eb4d1ce68e8dd5f0bf
-SIZE (xcllnt-openiked-2.2_GH0.tar.gz) = 230804
+TIMESTAMP = 1748557872
+SHA256 (openiked-7.4.tar.gz) = 19b72b48080240c3eff585f5cbcf6aa7b5734192ad8bc6677ae64a455074358a
+SIZE (openiked-7.4.tar.gz) = 321175
diff --git a/security/openiked/files/patch-ikectl_CMakeLists.txt b/security/openiked/files/patch-ikectl_CMakeLists.txt
new file mode 100644
index 000000000000..de79da698eb5
--- /dev/null
+++ b/security/openiked/files/patch-ikectl_CMakeLists.txt
@@ -0,0 +1,13 @@
+--- ikectl/CMakeLists.txt.orig 2025-04-09 19:47:21 UTC
++++ ikectl/CMakeLists.txt
+@@ -42,7 +42,9 @@ list(APPEND CFLAGS
+ -Wsign-compare
+ "$<$<CONFIG:DEBUG>:-O0;-g>"
+ )
+-
++if(DEFINED CADIR)
++ add_definitions( -DCADIR="${CADIR}" )
++endif()
+ target_compile_options(ikectl PRIVATE ${CFLAGS})
+ if(HAVE_LD_Z)
+ target_link_options(ikectl PRIVATE "LINKER:-z,relro,-z,now")
diff --git a/security/openiked/files/patch-ikectl_Makefile.am b/security/openiked/files/patch-ikectl_Makefile.am
deleted file mode 100644
index 315d87d83986..000000000000
--- a/security/openiked/files/patch-ikectl_Makefile.am
+++ /dev/null
@@ -1,10 +0,0 @@
---- ikectl/Makefile.am.orig 2020-09-04 14:25:33 UTC
-+++ ikectl/Makefile.am
-@@ -28,7 +28,6 @@ $(MANPAGES): $(MANPAGES_IN)
-
- install-exec-hook: $(MANPAGES)
- $(MKDIR_P) $(DESTDIR)$(sysconfdir)/iked/
-- $(MKDIR_P) $(DESTDIR)$(SSLDIR)
- $(MKDIR_P) $(DESTDIR)$(sbindir)
- $(MKDIR_P) $(DESTDIR)$(mandir)/$(mansubdir)8
-
diff --git a/security/openiked/files/patch-ikectl_ikeca.c b/security/openiked/files/patch-ikectl_ikeca.c
new file mode 100644
index 000000000000..4db8e1ce4744
--- /dev/null
+++ b/security/openiked/files/patch-ikectl_ikeca.c
@@ -0,0 +1,25 @@
+--- ikectl/ikeca.c.orig 2025-04-09 19:47:21 UTC
++++ ikectl/ikeca.c
+@@ -47,8 +47,11 @@
+ #define SSLDIR PREFIX "/etc/ssl"
+ #endif
+ #define SSL_CNF SSLDIR "/openssl.cnf"
+-#define X509_CNF SSLDIR "/ikex509v3.cnf"
+-#define IKECA_CNF SSLDIR "/ikeca.cnf"
++#ifndef CADIR
++#define CADIR SSLDIR
++#endif
++#define X509_CNF CADIR "/ikex509v3.cnf"
++#define IKECA_CNF CADIR "/ikeca.cnf"
+ #define KEYBASE PREFIX "/etc/iked"
+ #ifndef EXPDIR
+ #define EXPDIR PREFIX "/usr/share/iked"
+@@ -1118,7 +1121,7 @@ ca_setup(char *caname, int create, int quiet, char *pa
+ err(1, "calloc");
+
+ ca->caname = strdup(caname);
+- len = snprintf(ca->sslpath, sizeof(ca->sslpath), SSLDIR "/%s", caname);
++ len = snprintf(ca->sslpath, sizeof(ca->sslpath), CADIR "/%s", caname);
+ if (len < 0 || (size_t)len >= sizeof(ca->sslpath))
+ err(1, "%s: snprintf", __func__);
+
diff --git a/security/openiked/pkg-descr b/security/openiked/pkg-descr
index ffa195819a97..cd2f05da0925 100644
--- a/security/openiked/pkg-descr
+++ b/security/openiked/pkg-descr
@@ -1,7 +1,8 @@
-OpenIKED is a lean Internet Key Exchange (IKEv2) daemon which performs
-mutual authentication and which establishes and maintains IPsec VPN
-flows and security associations (SAs) between the two peers.
+OpenIKED is a free, permissively licensed Internet Key Exchange
+(IKEv2) implementation, developed as part of the OpenBSD project.
+It is intended to be a lean, secure and interoperable daemon that
+allows for easy setup and management of IPsec VPNs.
-This version of OpenIKED is derived from OpenIKED's iked, but changed
-to support transport mode IPSec and lazy creation of associations,
-among many other improvements.
+The portable versions take the OpenBSD based source code and add
+compatibility functions and build infrastructure for other operating
+systems.
diff --git a/security/openiked/pkg-plist b/security/openiked/pkg-plist
index d0b202daae26..8ada1a3bc27b 100644
--- a/security/openiked/pkg-plist
+++ b/security/openiked/pkg-plist
@@ -1,5 +1,6 @@
-@sample etc/ikeca.cnf.sample
-@sample etc/iked.conf.sample
+@sample(,,600) etc/iked.conf.sample
+@sample etc/ssl/ikeca.cnf.sample
+@sample etc/ssl/ikex509v3.cnf.sample
sbin/ikectl
sbin/iked
share/man/man5/iked.conf.5.gz