5 files changed, 36 insertions, 113 deletions

diff --git a/security/strongswan/Makefile b/security/strongswan/Makefile
index 6d54e5e8ce15..b8d163f6e943 100644
--- a/security/strongswan/Makefile
+++ b/security/strongswan/Makefile
@@ -5,7 +5,7 @@
 # $FreeBSD$
 
 PORTNAME=	strongswan
-PORTVERSION=	4.4.0
+PORTVERSION=	4.5.1
 CATEGORIES=	security
 MASTER_SITES=	http://download.strongswan.org/ \
 		http://download2.strongswan.org/
@@ -14,7 +14,7 @@ MAINTAINER=	riaank@gmail.com
 COMMENT=	Open Source IPSec-based VPN solution
 
 LIB_DEPENDS=	vstr:${PORTSDIR}/devel/vstr \
-		gmp.10:${PORTSDIR}/math/gmp
+				gmp.10:${PORTSDIR}/math/gmp
 
 USE_BZIP2=	yes
 
@@ -24,19 +24,20 @@ USE_LDCONFIG=	yes
 CONFIGURE_ARGS=	--enable-kernel-pfkey \
 		--enable-kernel-pfroute  \
 		--disable-kernel-netlink  \
-		--enable-vstr  \
 		--disable-tools  \
 		--disable-scripts  \
 		--disable-pluto  \
 		--with-group=wheel  \
+		--enable-gmp \
+		--enable-vstr \
 		--with-lib-prefix=${PREFIX}
 
-MAN3=		anyaddr.3 atoaddr.3 atoasr.3 atosa.3 atoul.3 goodmask.3 \
-		initaddr.3 initsubnet.3 keyblobtoid.3 portof.3 prng.3 \
-		rangetosubnet.3 sameaddr.3 subnetof.3 ttoaddr.3 ttodata.3 \
+MAN3=		anyaddr.3 atoaddr.3 atoasr.3 atoul.3 goodmask.3 \
+		initaddr.3 initsubnet.3 portof.3 rangetosubnet.3 \
+		sameaddr.3 subnetof.3 ttoaddr.3 ttodata.3 \
 		ttosa.3 ttoul.3
-MAN5=		ipsec.conf.5
-MAN8=		ipsec.8 starter.8 _copyright.8 _updown.8 _updown_espmark.8
+MAN5=		ipsec.conf.5 ipsec.secrets.5 strongswan.conf.5
+MAN8=		ipsec.8 _updown.8 _updown_espmark.8
 
 .include <bsd.port.pre.mk>
 
diff --git a/security/strongswan/distinfo b/security/strongswan/distinfo
index 58dd23cd24ca..5697d1ffbb4c 100644
--- a/security/strongswan/distinfo
+++ b/security/strongswan/distinfo
@@ -1,3 +1,2 @@
-MD5 (strongswan-4.4.0.tar.bz2) = bfb0f1c8ef1344e1ae8157bdde060fed
-SHA256 (strongswan-4.4.0.tar.bz2) = df40d9daf963ce4f4bef4177ed02d68c083521b307f52bebb1872c2ded4b2718
-SIZE (strongswan-4.4.0.tar.bz2) = 2863754
+SHA256 (strongswan-4.5.1.tar.bz2) = 252d7369d94aa2d79e6fad078853b07ca897ea811ab1e1a2b008bcec0d1e758a
+SIZE (strongswan-4.5.1.tar.bz2) = 3254264
diff --git a/security/strongswan/files/patch-src__libcharon__bus__listeners__sys_logger.c b/security/strongswan/files/patch-src__libcharon__bus__listeners__sys_logger.c
new file mode 100644
index 000000000000..1dbbf50ca281
--- /dev/null
+++ b/security/strongswan/files/patch-src__libcharon__bus__listeners__sys_logger.c
@@ -0,0 +1,19 @@
+--- srcold/libcharon/bus/listeners/sys_logger.c	2011-03-10 20:50:01.000000000 +0200
++++ src/libcharon/bus/listeners/sys_logger.c	2011-03-10 20:53:59.000000000 +0200
+@@ -79,13 +79,15 @@
+ 		/* do a syslog with every line */
+ 		while (current)
+ 		{
++			char tmp[8192];
+ 			next = strchr(current, '\n');
+ 			if (next)
+ 			{
+ 				*(next++) = '\0';
+ 			}
+-			syslog(this->facility|LOG_INFO, "%.2d[%N]%s %s\n",
++			snprintf(tmp, 8192, "%.2d[%N]%s %s\n",
+ 				   thread, debug_names, group, namestr, current);
++			syslog(this->facility|LOG_INFO, tmp);
+ 			current = next;
+ 		}
+ 	}
diff --git a/security/strongswan/files/patch-src__libcharon__plugins__kernel_pfkey__kernel_pfkey_ipsec.c b/security/strongswan/files/patch-src__libcharon__plugins__kernel_pfkey__kernel_pfkey_ipsec.c
deleted file mode 100644
index a71cd11c0a39..000000000000
--- a/security/strongswan/files/patch-src__libcharon__plugins__kernel_pfkey__kernel_pfkey_ipsec.c
+++ /dev/null
@@ -1,102 +0,0 @@
-diff -u -r srcold/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
---- srcold/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c	2010-03-19 17:56:54.000000000 +0200
-+++ src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c	2010-05-28 15:58:12.000000000 +0200
-@@ -600,17 +600,43 @@
- }
- 
- /**
-- * add a host behind a sadb_address extension
-+ * Copy a host_t as sockaddr_t to the given memory location. Ports are
-+ * reset to zero as per RFC 2367.
-+ * @returns		the number of bytes copied
-  */
--static void host2ext(host_t *host, struct sadb_address *ext)
-+static size_t hostcpy(void *dest, host_t *host)
- {
--	sockaddr_t *host_addr = host->get_sockaddr(host);
-+	sockaddr_t *addr = host->get_sockaddr(host), *dest_addr = dest;
- 	socklen_t *len = host->get_sockaddr_len(host);
-+	memcpy(dest, addr, *len);
- #ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
--	host_addr->sa_len = *len;
-+	dest_addr->sa_len = *len;
- #endif
--	memcpy((char*)(ext + 1), host_addr, *len);
--	ext->sadb_address_len = PFKEY_LEN(sizeof(*ext) + *len);
-+	switch (dest_addr->sa_family)
-+	{
-+		case AF_INET:
-+		{
-+			struct sockaddr_in *sin = dest;
-+			sin->sin_port = 0;
-+			break;
-+		}
-+		case AF_INET6:
-+		{
-+			struct sockaddr_in6 *sin6 = dest;
-+			sin6->sin6_port = 0;
-+			break;
-+		}
-+	}
-+	return *len;
-+}
-+
-+/**
-+ * add a host behind an sadb_address extension
-+ */
-+static void host2ext(host_t *host, struct sadb_address *ext)
-+{
-+	size_t len = hostcpy(ext + 1, host);
-+	ext->sadb_address_len = PFKEY_LEN(sizeof(*ext) + len);
- }
- 
- /**
-@@ -1019,6 +1045,7 @@
- }
- #endif /*SADB_X_MIGRATE*/
- 
-+#ifndef __FreeBSD__
- #ifdef HAVE_NATT
- /**
-  * Process a SADB_X_NAT_T_NEW_MAPPING message from the kernel
-@@ -1076,6 +1103,7 @@
- 	}
- }
- #endif /*HAVE_NATT*/
-+#endif /*__FreeBSD__*/
- 
- /**
-  * Receives events from kernel
-@@ -1137,11 +1165,13 @@
- 			process_migrate(this, msg);
- 			break;
- #endif /*SADB_X_MIGRATE*/
-+#ifndef __FreeBSD__
- #ifdef HAVE_NATT
- 		case SADB_X_NAT_T_NEW_MAPPING:
- 			process_mapping(this, msg);
- 			break;
- #endif /*HAVE_NATT*/
-+#endif /*__FreeBSD__*/
- 		default:
- 			break;
- 	}
-@@ -1679,14 +1709,10 @@
- 	req->sadb_x_ipsecrequest_level = IPSEC_LEVEL_UNIQUE;
- 	if (mode == MODE_TUNNEL)
- 	{
--		sockaddr_t *sa;
--		socklen_t sl;
--		sa = src->get_sockaddr(src);
--		sl = *src->get_sockaddr_len(src);
--		memcpy(req + 1, sa, sl);
--		sa = dst->get_sockaddr(dst);
--		memcpy((u_int8_t*)(req + 1) + sl, sa, sl);
--		req->sadb_x_ipsecrequest_len += sl * 2;
-+		len = hostcpy(req + 1, src);
-+		req->sadb_x_ipsecrequest_len += len;
-+		len = hostcpy((char*)(req + 1) + len, dst);
-+		req->sadb_x_ipsecrequest_len += len;
- 	}
- 
- 	pol->sadb_x_policy_len += PFKEY_LEN(req->sadb_x_ipsecrequest_len);
diff --git a/security/strongswan/pkg-plist b/security/strongswan/pkg-plist
index 7c1e8216ec6a..72509bec68b7 100644
--- a/security/strongswan/pkg-plist
+++ b/security/strongswan/pkg-plist
@@ -25,6 +25,9 @@ libexec/ipsec/plugins/libstrongswan-attr.so
 libexec/ipsec/plugins/libstrongswan-des.a
 libexec/ipsec/plugins/libstrongswan-des.la
 libexec/ipsec/plugins/libstrongswan-des.so
+libexec/ipsec/plugins/libstrongswan-constraints.a
+libexec/ipsec/plugins/libstrongswan-constraints.la
+libexec/ipsec/plugins/libstrongswan-constraints.so
 libexec/ipsec/plugins/libstrongswan-dnskey.a
 libexec/ipsec/plugins/libstrongswan-dnskey.la
 libexec/ipsec/plugins/libstrongswan-dnskey.so
@@ -70,6 +73,9 @@ libexec/ipsec/plugins/libstrongswan-sha1.so
 libexec/ipsec/plugins/libstrongswan-sha2.a
 libexec/ipsec/plugins/libstrongswan-sha2.la
 libexec/ipsec/plugins/libstrongswan-sha2.so
+libexec/ipsec/plugins/libstrongswan-revocation.a
+libexec/ipsec/plugins/libstrongswan-revocation.la
+libexec/ipsec/plugins/libstrongswan-revocation.so
 libexec/ipsec/plugins/libstrongswan-socket-default.a
 libexec/ipsec/plugins/libstrongswan-socket-default.la
 libexec/ipsec/plugins/libstrongswan-socket-default.so