added fwknop-2.0.4 OpenBSD port from Vlad Glagolev
authorMichael Rash <mbr@cipherdyne.org>
Fri, 14 Dec 2012 02:07:53 +0000 (21:07 -0500)
committerMichael Rash <mbr@cipherdyne.org>
Fri, 14 Dec 2012 02:07:53 +0000 (21:07 -0500)
ChangeLog
extras/openbsd/fwknop-2.0.4/Makefile [new file with mode: 0644]
extras/openbsd/fwknop-2.0.4/distinfo [new file with mode: 0644]
extras/openbsd/fwknop-2.0.4/pkg/DESCR [new file with mode: 0644]
extras/openbsd/fwknop-2.0.4/pkg/PFRAG.shared [new file with mode: 0644]
extras/openbsd/fwknop-2.0.4/pkg/PLIST [new file with mode: 0644]
extras/openbsd/fwknop-2.0.4/pkg/fwknopd.rc [new file with mode: 0644]

index f2593a4..de62bb5 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+fwknop-2.0.5 (//2013):
+    - (Vlad Glagolev) Submitted an OpenBSD port for fwknop-2.0.4, and this has
+      been checked in under the extras/openbsd/fwknop-2.0.4 directory.
+
 fwknop-2.0.4 (12/09/2012):
     - [client] Misc fixes and the addition of save_args and last command 
       (.fwknop.last) support on the Windows platform.
diff --git a/extras/openbsd/fwknop-2.0.4/Makefile b/extras/openbsd/fwknop-2.0.4/Makefile
new file mode 100644 (file)
index 0000000..f2964f5
--- /dev/null
@@ -0,0 +1,46 @@
+# $OpenBSD$
+
+COMMENT=               Single Packet Authorization and Port Knocking
+
+VERSION=               2.0.4
+DISTNAME=              fwknop-${VERSION}
+EXTRACT_SUFX=          .tar.bz2
+CATEGORIES=            net security mystuff
+
+MAINTAINER=            Vlad Glagolev <stealth@sourcemage.org>
+
+HOMEPAGE=              http://www.cipherdyne.org/fwknop/
+
+MASTER_SITES=          http://www.cipherdyne.org/fwknop/download/
+
+SHARED_LIBS+=          fko     1.0
+
+# GPL
+PERMIT_PACKAGE_CDROM=  Yes
+PERMIT_PACKAGE_FTP=    Yes
+PERMIT_DISTFILES_CDROM=        Yes
+PERMIT_DISTFILES_FTP=  Yes
+
+WANTLIB=               c pcap iconv intl
+WANTLIB+=              gpg-error gpgme assuan
+WANTLIB+=              gdbm
+
+CONFIGURE_STYLE=       gnu
+USE_GMAKE=             Yes
+USE_GROFF=             Yes
+
+# fixes GDBM detection
+CONFIGURE_ENV=         LDFLAGS="-L${LOCALBASE}/lib" \
+                       CFLAGS="-I${LOCALBASE}/include"
+
+CONFIGURE_ARGS+=       --localstatedir='$${DESTDIR}/var' \
+                       --enable-client \
+                       --enable-server \
+                       --enable-digest-cache \
+                       --disable-file-cache \
+                       --with-gpgme
+
+LIB_DEPENDS+=          databases/gdbm
+LIB_DEPENDS+=          security/gpgme
+
+.include <bsd.port.mk>
diff --git a/extras/openbsd/fwknop-2.0.4/distinfo b/extras/openbsd/fwknop-2.0.4/distinfo
new file mode 100644 (file)
index 0000000..029e91e
--- /dev/null
@@ -0,0 +1,5 @@
+MD5 (fwknop-2.0.4.tar.bz2) = mHgTfdXTUqGWO2GKlkcviw==
+RMD160 (fwknop-2.0.4.tar.bz2) = EKwI3hgbIAFBn7P4ycYfdbkzsWI=
+SHA1 (fwknop-2.0.4.tar.bz2) = rPhumfUKKbktna8Z5BOAuqX6rcc=
+SHA256 (fwknop-2.0.4.tar.bz2) = ooZRWMCcZEaQPZ712BxYHCDXevPcUjQn0RI3AjKYedQ=
+SIZE (fwknop-2.0.4.tar.bz2) = 1251804
diff --git a/extras/openbsd/fwknop-2.0.4/pkg/DESCR b/extras/openbsd/fwknop-2.0.4/pkg/DESCR
new file mode 100644 (file)
index 0000000..7c22734
--- /dev/null
@@ -0,0 +1,14 @@
+fwknop stands for the "FireWall KNock OPerator", and implements an authorization
+scheme called Single Packet Authorization (SPA) that is based around packet
+filter and libpcap.
+
+SPA requires only a single encrypted packet in order to communicate various
+pieces of information including desired access through a packet filter's policy
+and/or complete commands to execute on the target system. By using packet filter
+to maintain a "default drop" stance, the main application of this program is to
+protect services such as OpenSSH with an additional layer of security in order
+to make the exploitation of vulnerabilities (both 0-day and unpatched code) much
+more difficult.
+
+With fwknop deployed, anyone using nmap to look for sshd can't even tell that it
+is listening; it makes no difference if they have a 0-day exploit or not.
diff --git a/extras/openbsd/fwknop-2.0.4/pkg/PFRAG.shared b/extras/openbsd/fwknop-2.0.4/pkg/PFRAG.shared
new file mode 100644 (file)
index 0000000..ad3ce29
--- /dev/null
@@ -0,0 +1,2 @@
+@comment $OpenBSD$
+@lib lib/libfko.so.${LIBfko_VERSION}
diff --git a/extras/openbsd/fwknop-2.0.4/pkg/PLIST b/extras/openbsd/fwknop-2.0.4/pkg/PLIST
new file mode 100644 (file)
index 0000000..64fd1f9
--- /dev/null
@@ -0,0 +1,11 @@
+@comment $OpenBSD$
+%%SHARED%%
+@bin bin/fwknop
+include/fko.h
+@info info/libfko.info
+lib/libfko.a
+@comment lib/libfko.la
+@man man/man8/fwknop.8
+@man man/man8/fwknopd.8
+@bin sbin/fwknopd
+@rcscript ${RCDIR}/fwknopd
diff --git a/extras/openbsd/fwknop-2.0.4/pkg/fwknopd.rc b/extras/openbsd/fwknop-2.0.4/pkg/fwknopd.rc
new file mode 100644 (file)
index 0000000..121d405
--- /dev/null
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# $OpenBSD$
+
+daemon="${TRUEPREFIX}/sbin/fwknopd"
+
+. /etc/rc.d/rc.subr
+
+rc_cmd $1