notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)

Two new features

Two two features were added on 2020-05-30:
  1. Repology links - each port now has a link to repology.org. See issue 148 for details.
  2. Ports I maintain report - port maintainers can now subscribe to a daily report of commits to the ports they maintain. See Watch ports I maintain at Report Subscriptions. Details at issue 138
Port details
ipsec-tools KAME racoon IKE daemon, ipsec-tools version
0.8.2_11 security on this many watch lists=20 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. 0.8.2_11Version of this port present on the latest quarterly branch.
There is no maintainer for this port.
Any concerns regarding this port should be directed to the FreeBSD Ports mailing list via ports@FreeBSD.org
search for ports maintained by this maintainer
Port Added: 2005-09-05 14:14:25
Last Update: 2020-04-26 10:00:01
SVN Revision: 532998

People watching this port, also watch: rsync, expat, m4, gmake, pcre

License: BSD3CLAUSE
Description:
SVNWeb : Homepage
pkg-plist: as obtained via: make generate-plist
Expand this list (42 items)
  1. include/racoon/openssl_compat.h
  2. @ldconfig
  3. /usr/local/share/licenses/ipsec-tools-0.8.2_11/catalog.mk
  4. /usr/local/share/licenses/ipsec-tools-0.8.2_11/LICENSE
  5. /usr/local/share/licenses/ipsec-tools-0.8.2_11/BSD3CLAUSE
  6. sbin/plainrsa-gen
  7. sbin/racoon
  8. sbin/racoonctl
  9. sbin/setkey
  10. include/libipsec/libpfkey.h
  11. include/racoon/admin.h
  12. include/racoon/evt.h
  13. include/racoon/gcmalloc.h
  14. include/racoon/ipsec_doi.h
  15. include/racoon/isakmp.h
  16. include/racoon/isakmp_cfg.h
  17. include/racoon/isakmp_unity.h
  18. include/racoon/isakmp_var.h
  19. include/racoon/isakmp_xauth.h
  20. include/racoon/misc.h
  21. include/racoon/racoonctl.h
  22. include/racoon/schedule.h
  23. include/racoon/sockmisc.h
  24. include/racoon/var.h
  25. include/racoon/vmbuf.h
  26. lib/libipsec.a
  27. lib/libipsec.so
  28. lib/libipsec.so.0
  29. lib/libipsec.so.0.0.1
  30. lib/libracoon.a
  31. lib/libracoon.so
  32. lib/libracoon.so.0
  33. lib/libracoon.so.0.0.0
  34. man/man3/ipsec_set_policy.3.gz
  35. man/man3/ipsec_strerror.3.gz
  36. man/man5/racoon.conf.5.gz
  37. man/man8/plainrsa-gen.8.gz
  38. man/man8/racoon.8.gz
  39. man/man8/racoonctl.8.gz
  40. man/man8/setkey.8.gz
  41. @dir etc/racoon
  42. @dir /var/db/racoon
Collapse this list.
Dependency lines:
  • ipsec-tools>0:security/ipsec-tools
  • libipsec.so:security/ipsec-tools
Conflicts:
CONFLICTS:
  • racoon-[0-9]*
Conflicts Matches:
There are no Conflicts Matches for this port. This is usually an error.
To install the port: cd /usr/ports/security/ipsec-tools/ && make install clean
To add the package: pkg install ipsec-tools
PKGNAME: ipsec-tools
Flavors: there is no flavor information for this port.
distinfo:
Packages:
ipsec-tools
ABIlatestquarterly
FreeBSD:11:aarch640.8.2_50.8.2_11
FreeBSD:11:amd640.8.2_110.8.2_11
FreeBSD:11:armv60.8.2_10.8.2_11
FreeBSD:11:i3860.8.2_110.8.2_11
FreeBSD:11:mips0.8.2_10.8.2_11
FreeBSD:11:mips640.8.2_10.8.2_11
FreeBSD:12:aarch640.8.2_60.8.2_11
FreeBSD:12:amd640.8.2_110.8.2_11
FreeBSD:12:armv60.8.2_60.8.2_11
FreeBSD:12:armv7-0.8.2_11
FreeBSD:12:i3860.8.2_110.8.2_11
FreeBSD:12:mips-0.8.2_11
FreeBSD:12:mips64-0.8.2_11
FreeBSD:12:powerpc64-0.8.2_11
FreeBSD:13:aarch640.8.2_11-
FreeBSD:13:amd640.8.2_11-
FreeBSD:13:armv60.8.2_11-
FreeBSD:13:armv70.8.2_11-
FreeBSD:13:i3860.8.2_11-
FreeBSD:13:mips0.8.2_11-
FreeBSD:13:mips640.8.2_11-
FreeBSD:13:powerpc640.8.2_11-
 

There are no ports dependent upon this port

Configuration Options

USES:

Master Sites:
  1. http://downloads.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  2. http://excellmedia.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  3. http://freefr.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  4. http://jaist.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  5. http://kent.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  6. http://nchc.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  7. http://netcologne.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  8. http://netix.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  9. http://superb-dca2.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  10. http://superb-sea2.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  11. http://ufpr.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  12. http://vorboss.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  13. https://downloads.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  14. https://excellmedia.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  15. https://freefr.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  16. https://jaist.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  17. https://kent.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  18. https://nchc.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  19. https://netcologne.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  20. https://netix.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  21. https://superb-dca2.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  22. https://superb-sea2.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  23. https://ufpr.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/
  24. https://vorboss.dl.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/

Number of commits found: 76

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
26 Apr 2020 09:00:01
Original commit files touched by this commit  0.8.2_11
Revision:532998
tijl search for other commits by this committer
Update devel/automake to 1.16.2.

mail/bogofilter security/ipsec-tools:
Patch Makefile.in instead of Makefile.am so automake is not required.

PR:		245599
Approved by:	portmgr (antoine)
Exp-run by:	antoine
07 Nov 2019 16:30:12
Original commit files touched by this commit  0.8.2_11
Revision:516983
rene search for other commits by this committer
Clean up support for FreeBSD 11.2.

While here, modernize some comments in Mk/bsd.*.mk.

Note that graphics/drm-fbsd11.2-kmod is not renamed yet, this was somewhat
under discussion.

Submitted by:	rene
Reviewed by:	antoine, jbeich, mat, zeising
Differential Revision:	https://reviews.freebsd.org/D21974
10 Oct 2019 13:15:14
Original commit files touched by this commit  0.8.2_11
Revision:514225
eugen search for other commits by this committer
security/ipsec-tools: unbreak racoon_create_dirs

Specifying required_dirs and creating it at prestart stage does not work
because required_dirs is checked before running prestart these days.
So it fails to start for mfs-based /var even if racoon_create_dirs=YES

Unbreak this by replacing "required_dirs" and "mkdir -p"
in the racoon_prestart with "install -d" that returns error in case
of failure and does nothing if the directory already exists.

Reported by:	Cybil Courraud <freebsd@cyb.fr>
01 Jul 2019 04:49:33
Original commit files touched by this commit  0.8.2_10
Revision:505537
eugen search for other commits by this committer
security/ipsec-tools: fix aggressive mode tunnels with wildcard-psk config

Wilcard patch exposures existing bug where agressive tunnels using ip addresses
for identification were not matching the entry in the PSK file,
due to the identifier not being cast to a 'xxx.xxx.xxx.xxx' notation.

PR:		203308
Submitted by:	andywhite@gmail.com (based on)
12 May 2019 13:22:28
Original commit files touched by this commit  0.8.2_9
Revision:501380
eugen search for other commits by this committer
security/ipsec-tools: autoload ipsec.ko if possible

Check for IPSEC support in kernel and auto-load ipsec.ko
if needed while starting racoon except of 11.0-RELEASE
that had not IPSEC as a module.
27 Mar 2019 08:56:35
Original commit files touched by this commit  0.8.2_8
Revision:496938
eugen search for other commits by this committer
security/ipsec-tools: small correction NATT patch

This change fixes rare case for "site to site" IPSec tunnel mode
when remote peer is behind NAT and has its own LAN behind.
Now this works too (previously NATT worked only for single host behind NAT).
03 Feb 2019 21:04:24
Original commit files touched by this commit  0.8.2_7
Revision:492078
olivier search for other commits by this committer
Fix build on 12-stable when using OpenSSL from port.

PR:		232169
Submitted by:	Michael Grimm <trashcan@ellael.org>
31 Jan 2019 17:59:50
Original commit files touched by this commit  0.8.2_7
Revision:491745
tobik search for other commits by this committer
security/ipsec-tools: Only append to BUILD_DEPENDS after bsd.port.pre.mk
25 Nov 2018 20:35:22
Original commit files touched by this commit  0.8.2_7
Revision:485900
olivier search for other commits by this committer
Fix openssl 1.1.1 breakage

PR:		232169
Submitted by:	Walter Schwarzenfeld <w.schwarzenfeld@utanet.at>
Obtained from:	https://bugs.archlinux.org/task/59734
03 Oct 2018 10:08:15
Original commit files touched by this commit  0.8.2_6
Revision:481154
eugen search for other commits by this committer
security/ipsec-tools: make binary package more useful

- enable options ADMINPORT and WCPSKEY by default;
- polish NATT_DESC a bit as we have releases past 11.0-STABLE;
- bump PORTREVISION.
10 Aug 2018 10:03:31
Original commit files touched by this commit  0.8.2_5
Revision:476825
eugen search for other commits by this committer
security/ipsec-tools: add support for multiple if_ipsec(4) interfaces

- added patch introducing racoon compatibility with multiple
  if_ipsec(4) interfaces (*);
- MAINTAINER reset due to nearly 3 years maintainer inactivity;
- bump PORTREVISION.

Submitted by:	ae (*)
Approved by:	vanhu (implicitly)
29 Apr 2018 10:00:01
Original commit files touched by this commit  0.8.2_4
Revision:468617
eugen search for other commits by this committer
Fix phase 1 initiation in the racoon daemon after base system change r285204

PR:		192774, 222065
Submitted by:	Andreas Longwitz <longwitz@incore.de>
Approved by:	VANHULLEBUS Yvan (maintainer, implicitly)
14 Apr 2018 12:07:58
Original commit files touched by this commit  0.8.2_3
Revision:467313
eugen search for other commits by this committer
security/ipsec-tools: fix CVE-2016-10396

The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable
computational-complexity attack when parsing and storing ISAKMP fragments.
The implementation permits a remote attacker to exhaust computational
resources on the remote endpoint by repeatedly sending ISAKMP fragment
packets in a particular order such that the worst-case computational
complexity is realized in the algorithm utilized to determine
if reassembly of the fragments can take place.

The fix obtained from NetBSD CVS head with a command:

cvs diff -D 2017-01-24 -D 2017-09-01 \
	src/racoon/handler.h \
	src/racoon/isakmp.c \
	src/racoon/isakmp_frag.c \
	src/racoon/isakmp_inf.c

While here, add LICENSE.

PR:		225066
Approved by:	VANHULLEBUS Yvan (maintainer timeout, 3 months)
Obtained from:	NetBSD
MFH:		2018Q1
Security:	CVE-2016-10396
18 Apr 2017 14:36:08
Original commit files touched by this commit  0.8.2_2
Revision:438782 This port version is marked as vulnerable.
eugen search for other commits by this committer
This patch adds NATT_EXTRA_PATCHES=natt.diff and enables only UDP encapsulation
defined in RFC3948.

The natt.diff patch contains the following changes:
* added support for SADB_X_EXT_NAT_T_OAI and SADB_X_EXT_NAT_T_OAR PF_KEY
messages;
* used NAT address instead of original for SAs created by racoon;
* NAT-T keep-alives now sends only by NATed host.

Tested with 11.0-STABLE after projects/ipsec merge.

PR:		217131
Submitted by:	Andrey V. Elsukov
Approved by:	VANHULLEBUS Yvan (maintainer timeout, 2 months), vsevolod (mentor)
15 Mar 2017 14:45:31
Original commit files touched by this commit  0.8.2_1
Revision:436247 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove all USE_OPENSSL occurrences.

Sponsored by:	Absolight
21 Oct 2016 12:51:41
Original commit files touched by this commit  0.8.2_1
Revision:424411  Sanity Test Failure This port version is marked as vulnerable.
mat search for other commits by this committer
${RM} already has -f.

PR:		213570
Submitted by:	mat
Exp-run by:	antoine
Sponsored by:	Absolight
11 Oct 2015 15:13:52
Original commit files touched by this commit  0.8.2_1
Revision:399091 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Switch to options helpers
- Drop 8.x support

Approved by:	portmgr blanket
19 May 2015 17:00:57
Original commit files touched by this commit  0.8.2_1
Revision:386793 This port version is marked as vulnerable.
brd search for other commits by this committer
Update ipsec-tools with a patch from NetBSD to fix a memory leak.

PR:		200334 (reported in)
Submitted by:	brd
Approved by:	bdrewery (mentor, portmgr)
MFH:		2015Q2
06 Feb 2015 20:31:54
Original commit files touched by this commit  0.8.2
Revision:378554 This port version is marked as vulnerable.
pi search for other commits by this committer
security/ipsec-tools: 0.8.1 -> 0.8.2

From ChangeLog:
- Fix admin port establish-sa for tunnel mode SAs (Alexander Sbitnev)
- Fix source port selection regression from version 0.8.1
- Various logging improvements
- Additional compliance and build fixes

From submitter:
- extra patch to adding wildcard psk option

PR:		196930
Submitted by:	Harald Schmalzbauer <bugzilla.freebsd@omnilan.de>,
		Ed Schouten <ed@80368.nl>
Approved by:	vanhu (maintainer)
23 Sep 2014 09:29:00
Original commit files touched by this commit  0.8.1_7
Revision:369008 This port version is marked as vulnerable.
bapt search for other commits by this committer
Simplify plist
Modernize a bit
24 Jul 2014 18:34:16
Original commit files touched by this commit  0.8.1_7
Revision:362835 This port version is marked as vulnerable.
tijl search for other commits by this committer
net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample
(Only the first 15 lines of the commit message are shown above View all of this commit message)
05 Jun 2014 19:55:52
Original commit files touched by this commit  0.8.1_6
Revision:356692 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Drop .la files, no dependees require them

Approved by:	portmgr blanket
23 Apr 2014 13:25:17
Original commit files touched by this commit  0.8.1_5
Revision:351936 This port version is marked as vulnerable.
tijl search for other commits by this committer
When linking a library libA with a library libB using libtool, if libB.la
exists, libtool will add all libraries libB.la refers to (dependency_libs
field) to the linker command line and store them in the dependency_libs
field of libA.la.  So everything that subsequently links with libA will also
link to these extra libraries.  This causes too much overlinking.

This commit modifies Mk/Uses/libtool.mk so it empties the dependency_libs
field in .la libraries during staging.  However, because .la libraries have
very limited use when dependency_libs is empty it makes sense to completely
remove them during staging.

So with this commit USES=libtool is modified to remove .la libraries and a
new form (USES=libtool:keepla) is introduced in case they need to be kept
(dependency_libs is still emptied).
(Only the first 15 lines of the commit message are shown above View all of this commit message)
22 Apr 2014 15:17:41
Original commit files touched by this commit  0.8.1_4
Revision:351846 This port version is marked as vulnerable.
linimon search for other commits by this committer
Restore vanhu as maintainer: bounce was due to mail configuration error.
22 Apr 2014 02:55:43
Original commit files touched by this commit  0.8.1_4
Revision:351747 This port version is marked as vulnerable.
linimon search for other commits by this committer
Reset vanhu@netasq.com: email bounces.
17 Feb 2014 14:50:48
Original commit files touched by this commit  0.8.1_4
Revision:344766 This port version is marked as vulnerable.
bapt search for other commits by this committer
Fix build with clang 3.4
11 Feb 2014 11:20:52
Original commit files touched by this commit  0.8.1_4
Revision:343733 This port version is marked as vulnerable.
bapt search for other commits by this committer
Remove CFLAGS unsupported by ancient gcc and just remove -Werror to have the
code build with clang

Reported by:	olgeni
10 Feb 2014 16:42:40
Original commit files touched by this commit  0.8.1_4
Revision:343652 This port version is marked as vulnerable.
bapt search for other commits by this committer
Fix build with clang,
Convert to USES=libtool
Strip binaries
29 Oct 2013 20:03:39
Original commit files touched by this commit  0.8.1_3
Revision:331989 This port version is marked as vulnerable.
wg search for other commits by this committer
security/ipsec-tools: update to 0.8.1

- Update to 0.8.1 [1]
- Allow staging [1]
- Remove FreeBSD < 8.x message

PR:		ports/182758 [1]
Submitted by:	Kurt Jaeger <fbsd-ports opsec.eu>
20 Sep 2013 22:55:26
Original commit files touched by this commit  0.8.0_3
Revision:327769 This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
13 Jun 2013 20:39:52
Original commit files touched by this commit  0.8.0_3
Revision:320838 This port version is marked as vulnerable.
antoine search for other commits by this committer
- Fix a typo in PORT_OPTIONS conversion
- Create configuration directory we try to remove on uninstall
27 Apr 2013 18:25:25
Original commit files touched by this commit  0.8.0_3
Revision:316683 This port version is marked as vulnerable.
mva search for other commits by this committer
- Convert USE_ICONV=yes to USES=iconv
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig and
  USE_GETTEXT=yes to USES=gettext while here
09 Jan 2013 11:06:33
Original commit files touched by this commit  0.8.0_3
Revision:310136 This port version is marked as vulnerable.
bapt search for other commits by this committer
Convert vanhu@ ports to new options framework
Removed optionnal dependency on the deprecated py-visual for net/scapy

Approved by:	maintainer (vanhu)
05 Aug 2012 23:19:40
Original commit files touched by this commit  0.8.0_3
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Move the rc.d scripts of the form *.sh.in to *.in

Where necessary add $FreeBSD$ to the file

No PORTREVISION bump necessary because this is a no-op
25 Jan 2012 06:13:53
Original commit files touched by this commit  0.8.0_3
 This port version is marked as vulnerable.
jgh search for other commits by this committer
Apply utmp patch from ${FILESDIR} (not files) if OSVERSION <  900007

Spotted by: Jason Hellenthal <jhell at DataIX.net>
Approved by:    crees,rene (mentors,implicit)
14 Jan 2012 08:57:23
Original commit files touched by this commit  0.8.0_2
 This port version is marked as vulnerable.
dougb search for other commits by this committer
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
21 Jul 2011 05:14:57
Original commit files touched by this commit  0.8.0_2
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Fix the rc.d script to avoid unconditional code execution,
and various other cleanups.
19 Jul 2011 03:33:26
Original commit files touched by this commit  0.8.0_1
 This port version is marked as vulnerable.
stephen search for other commits by this committer
- Fix startup script rc.d/racoon.
- Bump portrevision.

PR:             ports/148605
Submitted by:   John Hein <jhein@symmetricom.com>
Approved by:    maho (mentor) and vanhu@netasq.com (maintainer)
23 Mar 2011 19:48:10
Original commit files touched by this commit  0.8.0
 This port version is marked as vulnerable.
flo search for other commits by this committer
- update to 0.8.0

PR:             ports/155883
Submitted by:   vanhu (maintainer)
04 Dec 2010 07:34:27
Original commit files touched by this commit  0.7.3
 This port version is marked as vulnerable.
ade search for other commits by this committer
Sync to new bsd.autotools.mk
27 Mar 2010 00:15:24
Original commit files touched by this commit  0.7.3
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Begin the process of deprecating sysutils/rc_subr by
s#. %%RC_SUBR%%#. /etc/rc.subr#
20 Mar 2010 15:12:15
Original commit files touched by this commit  0.7.3
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Mark BROKEN on HEAD: fails to build with new utmpx

Reported by:    pointyhat
26 Aug 2009 16:37:22
Original commit files touched by this commit  0.7.3
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Update to 0.7.3

PR:             137966
Submitted by:   VANHULLEBUS Yvan <vanhu@netasq.com> (maintainer)
02 Aug 2009 19:36:34
Original commit files touched by this commit  0.7.2
 This port version is marked as vulnerable.
mezz search for other commits by this committer
-Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.

It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.

With help:      marcus and kwm
Pointyhat-exp:  a few times by pav
Tested by:      pgollucci, "Romain Tartière" <romain@blogreen.org>, and
                a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by:    marcus
Approved by:    portmgr
15 Jul 2009 16:56:10
Original commit files touched by this commit  0.7.2
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Fix a few "bad example" problems in the rc.d scripts that have been
propogated by copy and paste.

1. Primarily the "empty variable" default assignment, which is mostly
${name}_flags="", but fix a few others as well.
2. Where they are not already documented, add the existence of the _flags
(or other deleted empties) option to the comments, and in some cases add
comments from scratch.
3. Replace things that look like:
prefix=%%PREFIX%%
command=${prefix}/sbin/foo
to just use %%PREFIX%%. In many cases the $prefix variable is only used
once, and in some cases it is not used at all.
4. In a few cases remove ${name}_flags from command_args
5. Remove a long-stale comment about putting the port's rc.d script in
/etc/rc.d (which is no longer necessary).

No PORTREVISION bumps because all of these changes are noops.
23 Apr 2009 16:02:44
Original commit files touched by this commit  0.7.2
 This port version is marked as vulnerable.
wxs search for other commits by this committer
- Update to 0.7.2. This release fixes a remote DoS bug with IKE
  fragmentation reassembly.

PR:             ports/133922
Submitted by:   VANHULLEBUS Yvan <vanhu@netasq.com> (maintainer)
21 Aug 2008 06:18:49
Original commit files touched by this commit  0.7.1
 This port version is marked as vulnerable.
rafan search for other commits by this committer
Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk
(Only the first 15 lines of the commit message are shown above View all of this commit message)
01 Aug 2008 12:57:25
Original commit files touched by this commit  0.7.1
 This port version is marked as vulnerable.
arved search for other commits by this committer
Add an WITH_LDAP option
enable hybrid, xauth and mode-cfg per default

PR:             125748
Submitted by:   Matthew Grooms
Approved by:    vanhu (maintainer)
25 Jul 2008 21:39:29
Original commit files touched by this commit  0.7.1
 This port version is marked as vulnerable.
beech search for other commits by this committer
- Update to 0.7.1

PR:             ports/125957
Submitted by:   VANHULLEBUS Yvan <vanhu@netasq.com> (maintainer)
07 Jul 2008 23:59:33
Original commit files touched by this commit  0.7
 This port version is marked as vulnerable.
tmclaugh search for other commits by this committer
Fix build on 7.x when RC5 support is enabled.

PR:             103084, 122187
Submitted by:   Dmitry A Grigorovich
Approved by:    maintainer
02 Jul 2008 04:19:30
Original commit files touched by this commit  0.7
 This port version is marked as vulnerable.
beech search for other commits by this committer
- Fix: Have the racoon startup script [optionally] create its required dirs.

PR:             ports/117128
Submitted by:   John Hein <jhein@timing.com>
Approved by:    VANHULLEBUS Yvan <vanhu@netasq.com> (maintainer)
04 Oct 2007 06:00:24
Original commit files touched by this commit  0.7
 This port version is marked as vulnerable.
edwin search for other commits by this committer
Remove always-false/true conditions based on OSVERSION 500000
02 Sep 2007 16:48:50
Original commit files touched by this commit  0.7
 This port version is marked as vulnerable.
arved search for other commits by this committer
Update to 0.7

PR:             115978
Submitted by:   VANHULLEBUS Yvan <vanhu@netasq.com>
04 Aug 2007 11:41:31
Original commit files touched by this commit  0.6.7
 This port version is marked as vulnerable.
gabor search for other commits by this committer
- Remove the DESTDIR modifications from individual ports as we have a new,
  fully chrooted DESTDIR, which does not need such any more.

Sponsored by:   Google Summer of Code 2007
Approved by:    portmgr (pav)
03 Jul 2007 05:40:12
Original commit files touched by this commit  0.6.7
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Revert changes to patch-configure. It was slipped in when committing
  fix for gcc 4.x

Noticed by:   sat
Approved by:  maintainer (implicit)
02 Jul 2007 17:00:01
Original commit files touched by this commit  0.6.7
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Fix build with gcc 4.x
- While I'm here, remove extra empty line in distinfo

PR:            ports/113383
Submitted by:  rafan
Approved by:   VANHULLEBUS Yvan <yvan.vanhullebus at netasq.com> (maintainer)
07 Apr 2007 04:23:27
Original commit files touched by this commit  0.6.7
 This port version is marked as vulnerable.
clsung search for other commits by this committer
- Version 0.6.7 of ipsec-tools is out, which fixes an easy to exploit
  Denial of Service (CVE-2007-1841).

PR:             ports/111319
Submitted by:   maintainer (VANHULLEBUS Yvan)
Security:       CVE-2007-1841
01 Feb 2007 02:42:06
Original commit files touched by this commit  0.6.6
 This port version is marked as vulnerable.
kris search for other commits by this committer
Use libtool port instead of included version to avoid objformat a.out botch
04 Dec 2006 10:24:33
Original commit files touched by this commit  0.6.6
 This port version is marked as vulnerable.
sat search for other commits by this committer
- An option to force NATT functionality
- Sneak in master sites beautification and use_ldconfig
  while I'm here

PR:             ports/105488
Submitted by:   bz
Approved by:    VANHULLEBUS Yvan <yvan.vanhullebus@netasq.com> (maintainer)
16 Aug 2006 14:00:59
Original commit files touched by this commit  0.6.6
 This port version is marked as vulnerable.
sat search for other commits by this committer
- There should be only one site in the WWW line and kame is obsolete anyway
20 Jun 2006 09:53:50
Original commit files touched by this commit  0.6.6
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Add patch for people having trouble compiling OpenSSL bits

PR:             ports/97442
Submitted by:   Dmitry Andrianov <dimas@dataart.com>
Approved by:    VANHULLEBUS Yvan <yvan.vanhullebus@netasq.com> (maintainer)
16 Jun 2006 16:02:54
Original commit files touched by this commit  0.6.6
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Update to 0.6.6

PR:             ports/98902
Submitted by:   VANHULLEBUS Yvan <vanhu@netasq.com> (maintainer)
03 May 2006 16:01:58
Original commit files touched by this commit  0.6.5_2
 This port version is marked as vulnerable.
garga search for other commits by this committer
Makefile:
- introduce OPTIONS to enable/disable features
- add more features to the OPTION dialog
- choose reasonable defaults for OPTIONS (disabled patented stuff)
- remove usesless WRKSRC line
- move LDFLAGS to the place where it is necessary
- extend CONFIGURE_ARGS to set the directory for the adminport socket
  * Note: racoonctl is useless without adminport enabled
  * create the socket dir in post-install
- bump PORTREVISION that users notice the changes
- finally: remove one item from the TODO list on top of the Makefile ;)

pkg-descr:
- shortened by one line to please portlint
(Only the first 15 lines of the commit message are shown above View all of this commit message)
23 Feb 2006 10:40:45
Original commit files touched by this commit  0.6.5_1
 This port version is marked as vulnerable.
ade search for other commits by this committer
Conversion to a single libtool environment.

Approved by:    portmgr (kris)
20 Feb 2006 20:47:50
Original commit files touched by this commit  0.6.5
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Remove the FreeBSD KEYWORD from all rc.d scripts where it appears.
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
06 Feb 2006 00:17:05
Original commit files touched by this commit  0.6.5
 This port version is marked as vulnerable.
barner search for other commits by this committer
- Update to 0.6.5

Submitted by:   VANHULLEBUS Yvan <vanhu@netasq.com> (maintainer)
PR:             ports/92838
24 Jan 2006 09:18:44
Original commit files touched by this commit  0.6.4_2
 This port version is marked as vulnerable.
vd search for other commits by this committer
Change facility from daemon to security, because daemon.info goes to
devnull by default

PR:             ports/91047
Submitted by:   PR: Brian Candler <B.Candler@pobox.com>, patch: VANHULLEBUS Yvan
<vanhu@netasq.com> (maintainer)
Approved by:    garga (mentor)
22 Jan 2006 02:50:55
Original commit files touched by this commit  0.6.4_1
 This port version is marked as vulnerable.
edwin search for other commits by this committer
Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry

Approved by:    krion@
PR:             ports/88711 (related)
04 Jan 2006 20:48:49
Original commit files touched by this commit  0.6.4_1
 This port version is marked as vulnerable.
edwin search for other commits by this committer
ports/security/ipsec-tools enables itself at startup

        ports/security/ipsec-tools rc.d script defaults to 'enabled'

        It also installs its own versions of setkey and libipsec.so
        which seems redundant as they are part of the base system
        and should be used in preference.

Submitted by:   Vivek Khera <vivek@khera.org>
PR:             ports/91317
13 Dec 2005 20:04:01
Original commit files touched by this commit  0.6.4
 This port version is marked as vulnerable.
mnag search for other commits by this committer
Update to 0.6.4

PR:             90326
Submitted by:   maintainer
02 Dec 2005 11:28:06
Original commit files touched by this commit  0.6.3
 This port version is marked as vulnerable.
lawrance search for other commits by this committer
- Change the location of racoon configuration files to /usr/local/etc/racoon,
  bringing it in line with the old security/racoon port and the handbook [1]
- Make use of USE_RC_SUBR instead of home-grown substitution and install
- Prevent installation of some intermediate sample configuration files

PR:             ports/89273 [1]
Submitted by:   Angelo Turetta <aturetta@bestunion.it> [1]
Approved by:    VANHULLEBUS Yvan <vanhu@netasq.com> (maintainer)
21 Nov 2005 23:29:18
Original commit files touched by this commit  0.6.3
 This port version is marked as vulnerable.
sem search for other commits by this committer
- Update to 0.6.3. It fixes some crashes,
  including potential DoS in aggressive mode.
- Add SHA256

PR:             ports/89365
Submitted by:   ANHULLEBUS Yvan (maintainer)
15 Nov 2005 06:52:12
Original commit files touched by this commit  0.6.2
 This port version is marked as vulnerable.
ade search for other commits by this committer
Mass-conversion to the USE_AUTOTOOLS New World Order.  The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.

Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.

Preliminary documentation can be found at:
        http://people.FreeBSD.org/~ade/autotools.txt

which is in the process of being SGMLized before introduction into the
Porters Handbook.

Light blue touch-paper.  Run.
26 Oct 2005 18:49:58
Original commit files touched by this commit  0.6.2
 This port version is marked as vulnerable.
ehaupt search for other commits by this committer
Update to 0.6.2

PR:             88042
Submitted by:   VANHULLEBUS Yvan <yvan.vanhullebus@netasq.com> (maintainer)
15 Sep 2005 12:11:48
Original commit files touched by this commit  0.6.1
 This port version is marked as vulnerable.
vsevolod search for other commits by this committer
Update to 0.6.1

Submitted by:   Yvan Vanhullebus (maintainer)
05 Sep 2005 14:13:42
Original commit files touched by this commit  0.6
 This port version is marked as vulnerable.
vsevolod search for other commits by this committer
Add IPSec tools port - the new "official" version of racoon,
is the only one which is maintained and have lots of new features.

PR:             85544
Submitted by:   VANHULLEBUS Yvan <vanhu@netasq.com>
Approved by:    perky (mentor)

Number of commits found: 76

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
chromiumJun 05
gitlab-ceJun 04
gnutlsJun 04
py-django22Jun 04
py-django30Jun 04
libnghttp2Jun 03
nghttp2Jun 03
rubygem-websocket-extensionsJun 03
giteaMay 31
powerdns-recursor*May 29
gitlab-ceMay 28
rubygem-kaminari-coreMay 28
sane-backendsMay 28
sympaMay 26
chromiumMay 24

18 vulnerabilities affecting 99 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2020-06-05 11:54:25


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 39485
Broken 91
Deprecated 618
Ignore 333
Forbidden 5
Restricted 147
No CDROM 76
Vulnerable 22
Expired 11
Set to expire 567
Interactive 0
new 24 hours 6
new 48 hours9
new 7 days36
new fortnight67
new month176

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2020 Dan Langille. All rights reserved.