diff options
author | Martin Jansa <Martin.Jansa@gmail.com> | 2012-12-02 02:16:54 +0100 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2012-12-10 19:05:52 +0100 |
commit | a88d613e358b37ca527d3f8d78f01e5b4424171b (patch) | |
tree | bbbe9b00cf54c719a43bb60e8a661d7cbaa72a8e /meta-networking/recipes-connectivity | |
parent | f17102c7ab81305ab9a5a2271b69550c990c29b7 (diff) | |
download | meta-openembedded-a88d613e358b37ca527d3f8d78f01e5b4424171b.tar.gz |
vpnc: import from OE-classic
* needed for exalt
* fix LICENSE
* add LIC_FILES_CHKSUM
* .inc merged to .bb and cleaned files
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-networking/recipes-connectivity')
5 files changed, 263 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/vpnc/vpnc/default.conf b/meta-networking/recipes-connectivity/vpnc/vpnc/default.conf new file mode 100644 index 000000000..48b15eca6 --- /dev/null +++ b/meta-networking/recipes-connectivity/vpnc/vpnc/default.conf | |||
@@ -0,0 +1,19 @@ | |||
1 | # Comment out the options you need. | ||
2 | # Verify your config with "vpnc --print-config". | ||
3 | # You might also try "vpnc --long-help" or look into the documentation. | ||
4 | |||
5 | # Needed (you will be prompted if this is missing): | ||
6 | #IPSec gateway 10.1.2.3 | ||
7 | #IPSec ID YOURPEERSID | ||
8 | #IPSec secret YOURPEERSSECRET | ||
9 | #Xauth username YOURUSERNAME | ||
10 | #Xauth password YOURPASSWORD | ||
11 | |||
12 | # Optional: | ||
13 | #UDP Encapsulate | ||
14 | #UDP Encapsulation Port 10000 | ||
15 | #Noninteractive | ||
16 | #No Detach | ||
17 | #Debug 99 | ||
18 | #Interface name tun0 | ||
19 | #Script /etc/vpnc/vpnc-script | ||
diff --git a/meta-networking/recipes-connectivity/vpnc/vpnc/long-help b/meta-networking/recipes-connectivity/vpnc/vpnc/long-help new file mode 100644 index 000000000..fbec25414 --- /dev/null +++ b/meta-networking/recipes-connectivity/vpnc/vpnc/long-help | |||
@@ -0,0 +1,168 @@ | |||
1 | Usage: vpnc [--version] [--print-config] [--help] [--long-help] [options] [config files] | ||
2 | |||
3 | Options: | ||
4 | --gateway <ip/hostname> | ||
5 | IP/name of your IPSec gateway | ||
6 | conf-variable: IPSec gateway <ip/hostname> | ||
7 | |||
8 | --id <ASCII string> | ||
9 | your group name | ||
10 | conf-variable: IPSec ID <ASCII string> | ||
11 | |||
12 | (configfile only option) | ||
13 | your group password (cleartext) | ||
14 | conf-variable: IPSec secret <ASCII string> | ||
15 | |||
16 | (configfile only option) | ||
17 | your group password (obfuscated) | ||
18 | conf-variable: IPSec obfuscated secret <hex string> | ||
19 | |||
20 | --username <ASCII string> | ||
21 | your username | ||
22 | conf-variable: Xauth username <ASCII string> | ||
23 | |||
24 | (configfile only option) | ||
25 | your password (cleartext) | ||
26 | conf-variable: Xauth password <ASCII string> | ||
27 | |||
28 | (configfile only option) | ||
29 | your password (obfuscated) | ||
30 | conf-variable: Xauth obfuscated password <hex string> | ||
31 | |||
32 | --domain <ASCII string> | ||
33 | (NT-) Domain name for authentication | ||
34 | conf-variable: Domain <ASCII string> | ||
35 | |||
36 | --xauth-inter | ||
37 | enable interactive extended authentication (for challenge response auth) | ||
38 | conf-variable: Xauth interactive | ||
39 | |||
40 | --vendor <cisco/netscreen> | ||
41 | vendor of your IPSec gateway | ||
42 | Default: cisco | ||
43 | conf-variable: Vendor <cisco/netscreen> | ||
44 | |||
45 | --natt-mode <natt/none/force-natt/cisco-udp> | ||
46 | Which NAT-Traversal Method to use: | ||
47 | * natt -- NAT-T as defined in RFC3947 | ||
48 | * none -- disable use of any NAT-T method | ||
49 | * force-natt -- always use NAT-T encapsulation even | ||
50 | without presence of a NAT device | ||
51 | (useful if the OS captures all ESP traffic) | ||
52 | * cisco-udp -- Cisco proprietary UDP encapsulation, commonly over Port 10000 | ||
53 | Note: cisco-tcp encapsulation is not yet supported | ||
54 | Default: natt | ||
55 | conf-variable: NAT Traversal Mode <natt/none/force-natt/cisco-udp> | ||
56 | |||
57 | --script <command> | ||
58 | command is executed using system() to configure the interface, | ||
59 | routing and so on. Device name, IP, etc. are passed using enviroment | ||
60 | variables, see README. This script is executed right after ISAKMP is | ||
61 | done, but before tunneling is enabled. It is called when vpnc | ||
62 | terminates, too | ||
63 | Default: /etc/vpnc/vpnc-script | ||
64 | conf-variable: Script <command> | ||
65 | |||
66 | --dh <dh1/dh2/dh5> | ||
67 | name of the IKE DH Group | ||
68 | Default: dh2 | ||
69 | conf-variable: IKE DH Group <dh1/dh2/dh5> | ||
70 | |||
71 | --pfs <nopfs/dh1/dh2/dh5/server> | ||
72 | Diffie-Hellman group to use for PFS | ||
73 | Default: server | ||
74 | conf-variable: Perfect Forward Secrecy <nopfs/dh1/dh2/dh5/server> | ||
75 | |||
76 | --enable-1des | ||
77 | enables weak single DES encryption | ||
78 | conf-variable: Enable Single DES | ||
79 | |||
80 | --enable-no-encryption | ||
81 | enables using no encryption for data traffic (key exchanged must be encrypted) | ||
82 | conf-variable: Enable no encryption | ||
83 | |||
84 | --application-version <ASCII string> | ||
85 | Application Version to report. Note: Default string is generated at runtime. | ||
86 | Default: Cisco Systems VPN Client 0.5.3-394:Linux | ||
87 | conf-variable: Application version <ASCII string> | ||
88 | |||
89 | --ifname <ASCII string> | ||
90 | visible name of the TUN/TAP interface | ||
91 | conf-variable: Interface name <ASCII string> | ||
92 | |||
93 | --ifmode <tun/tap> | ||
94 | mode of TUN/TAP interface: | ||
95 | * tun: virtual point to point interface (default) | ||
96 | * tap: virtual ethernet interface | ||
97 | Default: tun | ||
98 | conf-variable: Interface mode <tun/tap> | ||
99 | |||
100 | --debug <0/1/2/3/99> | ||
101 | Show verbose debug messages | ||
102 | * 0: Do not print debug information. | ||
103 | * 1: Print minimal debug information. | ||
104 | * 2: Show statemachine and packet/payload type information. | ||
105 | * 3: Dump everything exluding authentication data. | ||
106 | * 99: Dump everything INCLUDING AUTHENTICATION data (e.g. PASSWORDS). | ||
107 | conf-variable: Debug <0/1/2/3/99> | ||
108 | |||
109 | --no-detach | ||
110 | Don't detach from the console after login | ||
111 | conf-variable: No Detach | ||
112 | |||
113 | --pid-file <filename> | ||
114 | store the pid of background process in <filename> | ||
115 | Default: /var/run/vpnc/pid | ||
116 | conf-variable: Pidfile <filename> | ||
117 | |||
118 | --local-addr <ip/hostname> | ||
119 | local IP to use for ISAKMP / ESP / ... (0.0.0.0 == automatically assign) | ||
120 | Default: 0.0.0.0 | ||
121 | conf-variable: Local Addr <ip/hostname> | ||
122 | |||
123 | --local-port <0-65535> | ||
124 | local ISAKMP port number to use (0 == use random port) | ||
125 | Default: 500 | ||
126 | conf-variable: Local Port <0-65535> | ||
127 | |||
128 | --udp-port <0-65535> | ||
129 | Local UDP port number to use (0 == use random port). | ||
130 | This is only relevant if cisco-udp nat-traversal is used. | ||
131 | This is the _local_ port, the remote udp port is discovered automatically. | ||
132 | It is especially not the cisco-tcp port. | ||
133 | Default: 10000 | ||
134 | conf-variable: Cisco UDP Encapsulation Port <0-65535> | ||
135 | |||
136 | --dpd-idle <0,10-86400> | ||
137 | Send DPD packet after not receiving anything for <idle> seconds. | ||
138 | Use 0 to disable DPD completely (both ways). | ||
139 | Default: 300 | ||
140 | conf-variable: DPD idle timeout (our side) <0,10-86400> | ||
141 | |||
142 | --non-inter | ||
143 | Don't ask anything, exit on missing options | ||
144 | conf-variable: Noninteractive | ||
145 | |||
146 | --auth-mode <psk/cert/hybrid> | ||
147 | Authentication mode: | ||
148 | * psk: pre-shared key (default) | ||
149 | * cert: server + client certificate (not implemented yet) | ||
150 | * hybrid: server certificate + xauth (if built with openssl support) | ||
151 | Default: psk | ||
152 | conf-variable: IKE Authmode <psk/cert/hybrid> | ||
153 | |||
154 | --ca-file <filename> | ||
155 | filename and path to the CA-PEM-File | ||
156 | conf-variable: CA-File <filename> | ||
157 | |||
158 | --ca-dir <directory> | ||
159 | path of the trusted CA-Directory | ||
160 | Default: /etc/ssl/certs | ||
161 | conf-variable: CA-Dir <directory> | ||
162 | |||
163 | --target-network <target network/netmask> | ||
164 | Target network in dotted decimal or CIDR notation | ||
165 | Default: 0.0.0.0/0.0.0.0 | ||
166 | conf-variable: IPSEC target network <target network/netmask> | ||
167 | |||
168 | Report bugs to vpnc@unix-ag.uni-kl.de | ||
diff --git a/meta-networking/recipes-connectivity/vpnc/vpnc/makeman.patch b/meta-networking/recipes-connectivity/vpnc/vpnc/makeman.patch new file mode 100644 index 000000000..f394e6abd --- /dev/null +++ b/meta-networking/recipes-connectivity/vpnc/vpnc/makeman.patch | |||
@@ -0,0 +1,11 @@ | |||
1 | --- vpnc-0.5.1/makeman.pl.old 2008-03-16 02:17:59.000000000 -0500 | ||
2 | +++ vpnc-0.5.1/makeman.pl 2008-03-16 02:29:34.000000000 -0500 | ||
3 | @@ -29,7 +29,7 @@ my $vpnc = './vpnc'; | ||
4 | # indenting lists (those originally starting with an asterisk). I hope | ||
5 | # this pays off when converting the manpage to HTML or such. | ||
6 | |||
7 | -open my $LONGHELP, '-|', "$vpnc --long-help"; | ||
8 | +open my $LONGHELP, '-|', "cat ../long-help"; | ||
9 | my $vpnc_options = ''; | ||
10 | my $relative_indent = 0; | ||
11 | my $indent_needed = 0; | ||
diff --git a/meta-networking/recipes-connectivity/vpnc/vpnc/vpnc-install.patch b/meta-networking/recipes-connectivity/vpnc/vpnc/vpnc-install.patch new file mode 100644 index 000000000..3de65ec35 --- /dev/null +++ b/meta-networking/recipes-connectivity/vpnc/vpnc/vpnc-install.patch | |||
@@ -0,0 +1,35 @@ | |||
1 | --- a/Makefile~ 2009-01-20 18:44:30.000000000 +0100 | ||
2 | +++ b/Makefile 2009-01-20 18:44:30.000000000 +0100 | ||
3 | @@ -119,21 +119,21 @@ | ||
4 | else \ | ||
5 | install vpnc-script $(DESTDIR)$(ETCDIR); \ | ||
6 | fi | ||
7 | - install -m600 vpnc.conf $(DESTDIR)$(ETCDIR)/default.conf | ||
8 | - install -m755 vpnc-disconnect $(DESTDIR)$(SBINDIR) | ||
9 | - install -m755 pcf2vpnc $(DESTDIR)$(BINDIR) | ||
10 | - install -m644 vpnc.8 $(DESTDIR)$(MANDIR)/man8 | ||
11 | - install -m644 pcf2vpnc.1 $(DESTDIR)$(MANDIR)/man1 | ||
12 | - install -m644 cisco-decrypt.1 $(DESTDIR)$(MANDIR)/man1 | ||
13 | - install -m644 COPYING $(DESTDIR)$(DOCDIR) | ||
14 | + install -m 600 vpnc.conf $(DESTDIR)$(ETCDIR)/default.conf | ||
15 | + install -m 755 vpnc-disconnect $(DESTDIR)$(SBINDIR) | ||
16 | + install -m 755 pcf2vpnc $(DESTDIR)$(BINDIR) | ||
17 | + install -m 644 vpnc.8 $(DESTDIR)$(MANDIR)/man8 | ||
18 | + install -m 644 pcf2vpnc.1 $(DESTDIR)$(MANDIR)/man1 | ||
19 | + install -m 644 cisco-decrypt.1 $(DESTDIR)$(MANDIR)/man1 | ||
20 | + install -m 644 COPYING $(DESTDIR)$(DOCDIR) | ||
21 | |||
22 | install : install-common | ||
23 | - install -m755 vpnc $(DESTDIR)$(SBINDIR) | ||
24 | - install -m755 cisco-decrypt $(DESTDIR)$(BINDIR) | ||
25 | + install -m 755 vpnc $(DESTDIR)$(SBINDIR) | ||
26 | + install -m 755 cisco-decrypt $(DESTDIR)$(BINDIR) | ||
27 | |||
28 | install-strip : install-common | ||
29 | - install -s -m755 vpnc $(DESTDIR)$(SBINDIR) | ||
30 | - install -s -m755 cisco-decrypt $(DESTDIR)$(BINDIR) | ||
31 | + install -s -m 755 vpnc $(DESTDIR)$(SBINDIR) | ||
32 | + install -s -m 755 cisco-decrypt $(DESTDIR)$(BINDIR) | ||
33 | |||
34 | uninstall : | ||
35 | rm -f $(DESTDIR)$(SBINDIR)/vpnc \ | ||
diff --git a/meta-networking/recipes-connectivity/vpnc/vpnc_0.5.3.bb b/meta-networking/recipes-connectivity/vpnc/vpnc_0.5.3.bb new file mode 100644 index 000000000..1b2b8bf66 --- /dev/null +++ b/meta-networking/recipes-connectivity/vpnc/vpnc_0.5.3.bb | |||
@@ -0,0 +1,30 @@ | |||
1 | DESCRIPTION = "A client for the Cisco3000 VPN Concentrator" | ||
2 | HOMEPAGE = "http://www.unix-ag.uni-kl.de/~massar/vpnc/" | ||
3 | AUTHOR = "Maurice Massar vpnc@unix-ag.uni-kl.de" | ||
4 | SECTION = "console/network" | ||
5 | PRIORITY = "optional" | ||
6 | LICENSE = "GPL-2.0+" | ||
7 | LIC_FILES_CHKSUM = "file://COPYING;md5=173b74cb8ac640a9992c03f3bce22a33" | ||
8 | DEPENDS = "libgcrypt" | ||
9 | RDEPENDS_${PN} = "kernel-module-tun" | ||
10 | |||
11 | CFLAGS_append = ' -DVERSION=\\"${PV}\\"' | ||
12 | LDFLAGS_append = " -lgcrypt -lgpg-error" | ||
13 | |||
14 | do_install () { | ||
15 | sed -i s:m600:m\ 600:g Makefile | ||
16 | oe_runmake 'DESTDIR=${D}' 'PREFIX=/usr' install | ||
17 | rm -f ${D}${sysconfdir}/vpnc/vpnc.conf #This file is useless | ||
18 | install ${WORKDIR}/default.conf ${D}${sysconfdir}/vpnc/default.conf | ||
19 | } | ||
20 | |||
21 | CONFFILES_${PN} = "${sysconfdir}/vpnc/default.conf" | ||
22 | |||
23 | SRC_URI = "http://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-${PV}.tar.gz \ | ||
24 | file://makeman.patch \ | ||
25 | file://vpnc-install.patch \ | ||
26 | file://long-help \ | ||
27 | file://default.conf" | ||
28 | |||
29 | SRC_URI[md5sum] = "4378f9551d5b077e1770bbe09995afb3" | ||
30 | SRC_URI[sha256sum] = "46cea3bd02f207c62c7c6f2f22133382602baeda1dc320747809e94881414884" | ||