-# $FreeBSD: head/security/openiked/Makefile david@lapinbilly.eu $
+# $FreeBSD: head/security/openiked-portable/Makefile david@lapinbilly.eu
-PORTNAME= openiked-portable
+PORTNAME=openiked-portable
CATEGORIES= security net
MAINTAINER= portmgr@FreeBSD.org
USES= cmake
-USE_GITHUB= yes
-GH_ACCOUNT= openiked
-GH_TAGNAME= 45352722b7320ed97c6abe3bd961bea5acccf43d
+USE_GITHUB= yes
+GH_ACCOUNT= openiked
+GH_TAGNAME= 7efaa952cabc5fa6441392677147b5702d1bfbb8
DISTVERSION= g20210119
USE_RC_SUBR= iked
USERS= _iked
GROUPS= _iked
+post-install:
+ ${MV} ${STAGEDIR}${PREFIX}/etc/iked.conf \
+ ${STAGEDIR}${PREFIX}/etc/iked.conf.sample
.include <bsd.port.mk>
-TIMESTAMP = 1611090438
-SHA256 (openiked-openiked-portable-g20210119-45352722b7320ed97c6abe3bd961bea5acccf43d_GH0.tar.gz) = 66d7aedb9f2c2a5e9fe8f0c161188017ecc859009f59cbd8346095ae3333013a
-SIZE (openiked-openiked-portable-g20210119-45352722b7320ed97c6abe3bd961bea5acccf43d_GH0.tar.gz) = 271269
+TIMESTAMP = 1611258184
+SHA256 (openiked-openiked-portable-g20210119-7efaa952cabc5fa6441392677147b5702d1bfbb8_GH0.tar.gz) = d2300f1055a77f7dfe928de59f995af2ac56709b7ca5bab5581a9955aca76351
+SIZE (openiked-openiked-portable-g20210119-7efaa952cabc5fa6441392677147b5702d1bfbb8_GH0.tar.gz) = 275522
else
# Create a key pair if not already present.
if test ! -f $iked_privkey; then
- /usr/bin/openssl genrsa -out $iked_privkey 2048
- /bin/chmod 600 $iked_privkey
- /usr/bin/openssl rsa -out $iked_pubkey \
- -in $iked_privkey -pubout
+ /usr/bin/openssl ecparam -genkey -name prime256v1 -noout -out "$iked_privkey"
+ /bin/chmod 600 "$iked_privkey"
+ openssl ec -in "$iked_privkey" -pubout -out "$iked_pubkey"
fi
fi
--- /dev/null
+--- CMakeLists.txt.ori
++++ CMakeLists.txt
+@@ -24,6 +24,12 @@ include(CheckIncludeFiles)
+ include_directories("/usr/local/include")
+ link_directories("/usr/local/lib")
+
++
++if (NOT DEFINED CMAKE_INSTALL_SYSCONFDIR )
++ set (CMAKE_INSTALL_SYSCONFDIR ${CMAKE_INSTALL_PREFIX}/etc)
++endif()
++set (SYSCONFDIR ${CMAKE_INSTALL_SYSCONFDIR}/iked)
++
+ if (CMAKE_SYSTEM_NAME MATCHES "Darwin")
+ include_directories("/usr/local/opt/openssl@1.1/include")
+ link_directories("/usr/local/opt/openssl@1.1/lib")
+@@ -32,8 +38,8 @@ elseif(CMAKE_SYSTEM_NAME MATCHES "OpenBSD")
+ add_definitions(-DHAVE_ATTRIBUTE__DEAD__)
+ add_definitions(-DHAVE_SOCKADDR_SA_LEN)
+ elseif(CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
+- add_definitions(-DIKED_CONFIG="/usr/local/etc/iked.conf")
+- add_definitions(-DIKED_CA="/usr/local/etc/iked/")
++ add_definitions(-DIKED_CONFIG="${CMAKE_INSTALL_SYSCONFDIR}/iked.conf")
++ add_definitions(-DIKED_CA="${SYSCONFDIR}")
+ elseif(CMAKE_SYSTEM_NAME MATCHES "Linux")
+ add_definitions(-D_GNU_SOURCE)
+ add_definitions(-D_DEFAULT_SOURCE)
--- /dev/null
+--- iked/CMakeLists.txt.ori
++++ iked/CMakeLists.txt
+@@ -194,3 +194,12 @@ add_custom_command(
+ )
+
+ install(TARGETS iked RUNTIME DESTINATION sbin)
++install(FILES ${CMAKE_SOURCE_DIR}/iked.conf DESTINATION ${CMAKE_INSTALL_SYSCONFDIR})
++install(DIRECTORY DESTINATION ${SYSCONFDIR}/ca)
++install(DIRECTORY DESTINATION ${SYSCONFDIR}/certs)
++install(DIRECTORY DESTINATION ${SYSCONFDIR}/crls)
++install(DIRECTORY DESTINATION ${SYSCONFDIR}/private)
++install(DIRECTORY DESTINATION ${SYSCONFDIR}/pubkeys/ipv4)
++install(DIRECTORY DESTINATION ${SYSCONFDIR}/pubkeys/ipv6)
++install(DIRECTORY DESTINATION ${SYSCONFDIR}/pubkeys/fqdn)
++install(DIRECTORY DESTINATION ${SYSCONFDIR}/pubkeys/ufqdn)
+@sample etc/iked.conf.sample
etc/rc.d/iked
sbin/ikectl
sbin/iked
+@dir etc/iked/ca
+@dir etc/iked/certs
+@dir etc/iked/crls
+@dir(,,700) etc/iked/private
+@dir etc/iked/pubkeys/fqdn
+@dir etc/iked/pubkeys/ipv4
+@dir etc/iked/pubkeys/ipv6
+@dir etc/iked/pubkeys/ufqdn