[Lunar-commits] <moonbase> openconnect: Adding to moonbase. Wile be an optional_depends for
Dennis `stumbles` Veatch
stumbles at lunar-linux.org
Tue Jan 10 16:59:00 CET 2012
commit c64eb3ff5732f930cfcfd03b7d5f22d99e4d5a4b
Author: Dennis `stumbles` Veatch <stumbles at lunar-linux.org>
Date: Tue Jan 10 10:59:00 2012 -0500
openconnect: Adding to moonbase. Wile be an optional_depends for
then next connman bump.
---
net/openconnect/BUILD | 11 +++++++++++
net/openconnect/DEPENDS | 6 ++++++
net/openconnect/DETAILS | 29 +++++++++++++++++++++++++++++
3 files changed, 46 insertions(+), 0 deletions(-)
diff --git a/net/openconnect/BUILD b/net/openconnect/BUILD
new file mode 100644
index 0000000..1a63927
--- /dev/null
+++ b/net/openconnect/BUILD
@@ -0,0 +1,11 @@
+(
+
+ if in_depends $MODULE openssl ; then
+ sedit "s:I\${with_openssl}/:I/usr/:" configure &&
+ sedit "s:\${with_openssl}/libssl.a:/usr/lib/libssl.so:" configure &&
+ sedit "s:\${with_openssl}/libcrypto.a:/usr/lib/libcrypto.so:" configure
+ fi &&
+
+ default_build
+
+) > $C_FIFO 2>&1
diff --git a/net/openconnect/DEPENDS b/net/openconnect/DEPENDS
new file mode 100644
index 0000000..f36593c
--- /dev/null
+++ b/net/openconnect/DEPENDS
@@ -0,0 +1,6 @@
+depends zlib
+depends libxml2
+depends libproxy
+depends Python
+
+optional_depends "openssl" "--with-openssl" "--without-openssl" "for Secure Sockets Layer support"
diff --git a/net/openconnect/DETAILS b/net/openconnect/DETAILS
new file mode 100644
index 0000000..bc684b1
--- /dev/null
+++ b/net/openconnect/DETAILS
@@ -0,0 +1,29 @@
+ MODULE=openconnect
+ VERSION=3.15
+ SOURCE=$MODULE-$VERSION.tar.gz
+ SOURCE_URL=ftp://ftp.infradead.org/pub/openconnect/
+ SOURCE_VFY=sha1:2649f2b498a06acf677f0562cc121b32135f5dbd
+ WEB_SITE=http://www.infradead.org/openconnect/
+ ENTERED=20120110
+ UPDATED=20120110
+ SHORT="client for Cisco's AnyConnect SSL VPN"
+
+cat << EOF
+OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is supported by
+the ASA5500 Series, by IOS 12.4(9)T or later on Cisco SR500, 870, 880, 1800,
+2800, 3800, 7200 Series and Cisco 7301 Routers, and probably others.
+
+Development of OpenConnect was started after a trial of their "official" client under Linux found it to have many deficiencies:
+
+ Inability to use SSL certificates from a TPM, or even use a passphrase.
+ Lack of support for Linux platforms other than i386.
+ Lack of integration with NetworkManager on the Linux desktop.
+ Lack of proper (RPM/DEB) packaging for Linux distributions.
+ "Stealth" use of libraries with dlopen(), even using the development-only symlinks such as libz.so ? making it hard to
+ properly discover the dependencies which proper packaging would have expressed
+ Tempfile races allowing unprivileged users to trick it into overwriting arbitrary files, as root.
+ Unable to run as an unprivileged user, which would have reduced the severity of the above bug.
+ Inability to audit the source code for further such "Security 101" bugs.
+
+Naturally, OpenConnect addresses all of the above issues, and more.
+EOF
More information about the Lunar-commits
mailing list