| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Remove non-existing configure options --enable-debug and --with-pkgversion.
Remove option NATTF that changed --enable-natt=yes to --enable-natt=kernel
that is exactly same for FreeBSD releases since 8.0-RELEASE.
Notes:
svn path=/head/; revision=555023
|
|
|
|
|
|
|
|
|
|
|
|
| |
mail/bogofilter security/ipsec-tools:
Patch Makefile.in instead of Makefile.am so automake is not required.
PR: 245599
Approved by: portmgr (antoine)
Exp-run by: antoine
Notes:
svn path=/head/; revision=532998
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While here, modernize some comments in Mk/bsd.*.mk.
Note that graphics/drm-fbsd11.2-kmod is not renamed yet, this was somewhat
under discussion.
Submitted by: rene
Reviewed by: antoine, jbeich, mat, zeising
Differential Revision: https://reviews.freebsd.org/D21974
Notes:
svn path=/head/; revision=516983
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Specifying required_dirs and creating it at prestart stage does not work
because required_dirs is checked before running prestart these days.
So it fails to start for mfs-based /var even if racoon_create_dirs=YES
Unbreak this by replacing "required_dirs" and "mkdir -p"
in the racoon_prestart with "install -d" that returns error in case
of failure and does nothing if the directory already exists.
Reported by: Cybil Courraud <freebsd@cyb.fr>
Notes:
svn path=/head/; revision=514225
|
|
|
|
|
|
|
|
|
|
|
|
| |
Wilcard patch exposures existing bug where agressive tunnels using ip addresses
for identification were not matching the entry in the PSK file,
due to the identifier not being cast to a 'xxx.xxx.xxx.xxx' notation.
PR: 203308
Submitted by: andywhite@gmail.com (based on)
Notes:
svn path=/head/; revision=505537
|
|
|
|
|
|
|
|
|
| |
Check for IPSEC support in kernel and auto-load ipsec.ko
if needed while starting racoon except of 11.0-RELEASE
that had not IPSEC as a module.
Notes:
svn path=/head/; revision=501380
|
|
|
|
|
|
|
|
|
| |
This change fixes rare case for "site to site" IPSec tunnel mode
when remote peer is behind NAT and has its own LAN behind.
Now this works too (previously NATT worked only for single host behind NAT).
Notes:
svn path=/head/; revision=496938
|
|
|
|
|
|
|
|
| |
PR: 232169
Submitted by: Michael Grimm <trashcan@ellael.org>
Notes:
svn path=/head/; revision=492078
|
|
|
|
| |
Notes:
svn path=/head/; revision=491745
|
|
|
|
|
|
|
|
|
| |
PR: 232169
Submitted by: Walter Schwarzenfeld <w.schwarzenfeld@utanet.at>
Obtained from: https://bugs.archlinux.org/task/59734
Notes:
svn path=/head/; revision=485900
|
|
|
|
|
|
|
|
|
| |
- enable options ADMINPORT and WCPSKEY by default;
- polish NATT_DESC a bit as we have releases past 11.0-STABLE;
- bump PORTREVISION.
Notes:
svn path=/head/; revision=481154
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- added patch introducing racoon compatibility with multiple
if_ipsec(4) interfaces (*);
- MAINTAINER reset due to nearly 3 years maintainer inactivity;
- bump PORTREVISION.
Submitted by: ae (*)
Approved by: vanhu (implicitly)
Notes:
svn path=/head/; revision=476825
|
|
|
|
|
|
|
|
|
| |
PR: 192774, 222065
Submitted by: Andreas Longwitz <longwitz@incore.de>
Approved by: VANHULLEBUS Yvan (maintainer, implicitly)
Notes:
svn path=/head/; revision=468617
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable
computational-complexity attack when parsing and storing ISAKMP fragments.
The implementation permits a remote attacker to exhaust computational
resources on the remote endpoint by repeatedly sending ISAKMP fragment
packets in a particular order such that the worst-case computational
complexity is realized in the algorithm utilized to determine
if reassembly of the fragments can take place.
The fix obtained from NetBSD CVS head with a command:
cvs diff -D 2017-01-24 -D 2017-09-01 \
src/racoon/handler.h \
src/racoon/isakmp.c \
src/racoon/isakmp_frag.c \
src/racoon/isakmp_inf.c
While here, add LICENSE.
PR: 225066
Approved by: VANHULLEBUS Yvan (maintainer timeout, 3 months)
Obtained from: NetBSD
MFH: 2018Q1
Security: CVE-2016-10396
Notes:
svn path=/head/; revision=467313
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
encapsulation defined in RFC3948.
The natt.diff patch contains the following changes:
* added support for SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR PF_KEY messages;
* used NAT address instead of original for SAs created by racoon;
* NAT-T keep-alives now sends only by NATed host.
Tested with 11.0-STABLE after projects/ipsec merge.
PR: 217131
Submitted by: Andrey V. Elsukov
Approved by: VANHULLEBUS Yvan (maintainer timeout, 2 months), vsevolod (mentor)
Notes:
svn path=/head/; revision=438782
|
|
|
|
|
|
|
| |
Sponsored by: Absolight
Notes:
svn path=/head/; revision=436247
|
|
|
|
|
|
|
|
|
|
| |
PR: 213570
Submitted by: mat
Exp-run by: antoine
Sponsored by: Absolight
Notes:
svn path=/head/; revision=424411
|
|
|
|
|
|
|
|
|
| |
- Drop 8.x support
Approved by: portmgr blanket
Notes:
svn path=/head/; revision=399091
|
|
|
|
|
|
|
|
|
|
| |
PR: 200334 (reported in)
Submitted by: brd
Approved by: bdrewery (mentor, portmgr)
MFH: 2015Q2
Notes:
svn path=/head/; revision=386793
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From ChangeLog:
- Fix admin port establish-sa for tunnel mode SAs (Alexander Sbitnev)
- Fix source port selection regression from version 0.8.1
- Various logging improvements
- Additional compliance and build fixes
From submitter:
- extra patch to adding wildcard psk option
PR: 196930
Submitted by: Harald Schmalzbauer <bugzilla.freebsd@omnilan.de>,
Ed Schouten <ed@80368.nl>
Approved by: vanhu (maintainer)
Notes:
svn path=/head/; revision=378554
|
|
|
|
|
|
|
| |
Modernize a bit
Notes:
svn path=/head/; revision=369008
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD
databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip
databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample
databases/libgdamm:
- Drop :keepla
- USES=tar:bzip2
- Use INSTALL_TARGET=install-strip
databases/libgdamm5:
- Add INSTALL_TARGET=install-strip
- Drop --enable-static (inherited from old repocopy)
devel/anjuta x11-toolkits/py-gnome-extras:
- Drop :keepla
dns/powerdns dns/powerdns-devel:
- Convert to USES=libtool
- Add INSTALL_TARGET=install-strip
- Disable static modules
- Stop creating library symlinks with .0 suffix, not needed for dynamically
opened modules
mail/dovecot2:
- Add USES=libtool
mail/dovecot2-pigeonhole:
- Drop CONFIGURE_TARGET (incorrect for Dragonfly)
- Add USES=libtool and INSTALL_TARGET=install-strip
math/gnumeric:
- USES=libtool tar:xz
Approved by: portmgr (implicit, bump unstaged ports)
Notes:
svn path=/head/; revision=362835
|
|
|
|
|
|
|
| |
Approved by: portmgr blanket
Notes:
svn path=/head/; revision=356692
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
exists, libtool will add all libraries libB.la refers to (dependency_libs
field) to the linker command line and store them in the dependency_libs
field of libA.la. So everything that subsequently links with libA will also
link to these extra libraries. This causes too much overlinking.
This commit modifies Mk/Uses/libtool.mk so it empties the dependency_libs
field in .la libraries during staging. However, because .la libraries have
very limited use when dependency_libs is empty it makes sense to completely
remove them during staging.
So with this commit USES=libtool is modified to remove .la libraries and a
new form (USES=libtool:keepla) is introduced in case they need to be kept
(dependency_libs is still emptied).
PORTREVISION is bumped on all ports with USES=libtool that install .la
libraries. Most ports are also changed to add :keepla because .la
libraries have to be kept around as long as there are dependent ports with
.la libraries that refer to them in their dependency_libs field. In most
cases :keepla can be removed again as soon as all dependent ports that
install .la libraries have some form of USES=libtool added to their
Makefile.
PR: ports/188759
Exp-run: bdrewery
Approved by: portmgr (bdrewery)
Notes:
svn path=/head/; revision=351936
|
|
|
|
| |
Notes:
svn path=/head/; revision=351846
|
|
|
|
| |
Notes:
svn path=/head/; revision=351747
|
|
|
|
| |
Notes:
svn path=/head/; revision=344766
|
|
|
|
|
|
|
|
|
| |
code build with clang
Reported by: olgeni
Notes:
svn path=/head/; revision=343733
|
|
|
|
|
|
|
|
| |
Convert to USES=libtool
Strip binaries
Notes:
svn path=/head/; revision=343652
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Update to 0.8.1 [1]
- Allow staging [1]
- Remove FreeBSD < 8.x message
PR: ports/182758 [1]
Submitted by: Kurt Jaeger <fbsd-ports opsec.eu>
Notes:
svn path=/head/; revision=331989
|
|
|
|
|
|
|
| |
security)
Notes:
svn path=/head/; revision=327769
|
|
|
|
|
|
|
| |
- Create configuration directory we try to remove on uninstall
Notes:
svn path=/head/; revision=320838
|
|
|
|
|
|
|
|
| |
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig and
USE_GETTEXT=yes to USES=gettext while here
Notes:
svn path=/head/; revision=316683
|
|
|
|
|
|
|
|
|
| |
Removed optionnal dependency on the deprecated py-visual for net/scapy
Approved by: maintainer (vanhu)
Notes:
svn path=/head/; revision=310136
|
|
|
|
|
|
|
|
|
| |
Where necessary add $FreeBSD$ to the file
No PORTREVISION bump necessary because this is a no-op
Notes:
svn path=/head/; revision=302141
|
|
|
|
|
|
|
|
| |
Spotted by: Jason Hellenthal <jhell at DataIX.net>
Approved by: crees,rene (mentors,implicit)
Notes:
svn path=/head/; revision=289764
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
Notes:
svn path=/head/; revision=289156
|
|
|
|
|
|
|
| |
and various other cleanups.
Notes:
svn path=/head/; revision=278070
|
|
|
|
|
|
|
|
|
|
|
| |
- Bump portrevision.
PR: ports/148605
Submitted by: John Hein <jhein@symmetricom.com>
Approved by: maho (mentor) and vanhu@netasq.com (maintainer)
Notes:
svn path=/head/; revision=277930
|
|
|
|
|
|
|
|
| |
PR: ports/155883
Submitted by: vanhu (maintainer)
Notes:
svn path=/head/; revision=271556
|
|
|
|
| |
Notes:
svn path=/head/; revision=265663
|
|
|
|
|
|
|
| |
s#. %%RC_SUBR%%#. /etc/rc.subr#
Notes:
svn path=/head/; revision=251553
|
|
|
|
|
|
|
| |
Reported by: pointyhat
Notes:
svn path=/head/; revision=251275
|
|
|
|
|
|
|
|
| |
PR: 137966
Submitted by: VANHULLEBUS Yvan <vanhu@netasq.com> (maintainer)
Notes:
svn path=/head/; revision=240359
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.
It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.
With help: marcus and kwm
Pointyhat-exp: a few times by pav
Tested by: pgollucci, "Romain Tartière" <romain@blogreen.org>, and
a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by: marcus
Approved by: portmgr
Notes:
svn path=/head/; revision=238781
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
propogated by copy and paste.
1. Primarily the "empty variable" default assignment, which is mostly
${name}_flags="", but fix a few others as well.
2. Where they are not already documented, add the existence of the _flags
(or other deleted empties) option to the comments, and in some cases add
comments from scratch.
3. Replace things that look like:
prefix=%%PREFIX%%
command=${prefix}/sbin/foo
to just use %%PREFIX%%. In many cases the $prefix variable is only used
once, and in some cases it is not used at all.
4. In a few cases remove ${name}_flags from command_args
5. Remove a long-stale comment about putting the port's rc.d script in
/etc/rc.d (which is no longer necessary).
No PORTREVISION bumps because all of these changes are noops.
Notes:
svn path=/head/; revision=237892
|
|
|
|
|
|
|
|
|
|
| |
fragmentation reassembly.
PR: ports/133922
Submitted by: VANHULLEBUS Yvan <vanhu@netasq.com> (maintainer)
Notes:
svn path=/head/; revision=232588
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.
To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.
To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.
Changes to Mk/*:
- Add runtime detection magic in bsd.port.mk
- Remove CONFIGURE_TARGET hack in various bsd.*.mk
- USE_GNOME=gnometarget is now an no-op
Changes to individual ports, other than removing the CONFIGURE_TARGET hack:
= pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables)
- comms/gnuradio
- science/abinit
- science/elmer-fem
- science/elmer-matc
- science/elmer-meshgen2d
- science/elmerfront
- science/elmerpost
= use x86_64 as ARCH
- devel/g-wrap
= other changes
- print/magicfilter
GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf
Total # of ports modified: 1,027
Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes)
PR: 126524 (obsoletes 52917)
Submitted by: rafan
Tested on: two pointyhat 7-amd64 exp runs (by pav)
Approved by: portmgr (pav)
Notes:
svn path=/head/; revision=218938
|