SecBSD's official ports repository

net/openvpn-auth-ldap/Makefile

@@ -0,0 +1,55 @@
+COMMENT =		LDAP authentication plugin for OpenVPN 2.x
+
+VERSION =		2.0.4
+REVISION =		2
+GH_ACCOUNT =		threerings
+GH_PROJECT =		openvpn-auth-ldap
+GH_TAGNAME =		auth-ldap-${VERSION}
+PKGNAME =		openvpn-${GH_TAGNAME}
+CATEGORIES =		net security
+
+HOMEPAGE =		https://github.com/threerings/openvpn-auth-ldap
+
+# BSD
+PERMIT_PACKAGE =	Yes
+
+WANTLIB =		${COMPILER_LIBCXX} lber ldap 
+
+MODULES =		x11/gnustep
+MODGNUSTEP_NEEDS_GUI =	No
+
+RUN_DEPENDS =		net/openvpn
+LIB_DEPENDS =		databases/openldap
+BUILD_DEPENDS =		${RUN_DEPENDS} \
+			devel/re2c
+
+SEPARATE_BUILD =	Yes
+
+AUTOCONF_VERSION =	2.69
+CONFIGURE_STYLE =	autoconf
+MAKE_FILE =		Makefile
+
+.include <bsd.port.arch.mk>
+.if ${PROPERTIES:Mclang}
+LDFLAGS += -lc++abi -lpthread
+.endif
+
+CONFIGURE_ARGS =  --with-openldap=${LOCALBASE} \
+		  --with-openvpn=${LOCALBASE}/include/openvpn \
+		  CC="${CC}" \
+		  LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}" \
+		  LD="${CC}" CXX=${CXX} OBJCPP="${CC} -E" OBJC=${CC}
+
+CONFIGURE_ENV =		CPPFLAGS="-I${LOCALBASE}/include \
+			    -I${LOCALBASE}/include/gnustep"
+
+SAMPLES_DIR =		${PREFIX}/share/examples/openvpn-auth-ldap
+
+post-install:
+	${INSTALL_DATA_DIR} ${SAMPLES_DIR}
+	${INSTALL_DATA} ${WRKSRC}/auth-ldap.conf ${SAMPLES_DIR}/auth-ldap.conf
+
+do-test:
+	cd ${WRKBUILD}/tests && ${MAKE} test
+
+.include <bsd.port.mk>

net/openvpn-auth-ldap/distinfo

@@ -0,0 +1,2 @@
+SHA256 (openvpn-auth-ldap-auth-ldap-2.0.4.tar.gz) = gfYAzciK2yJY9X3x7S2H8K+pRfZsv4iXrVDnb0JQkWg=
+SIZE (openvpn-auth-ldap-auth-ldap-2.0.4.tar.gz) = 209800

net/openvpn-auth-ldap/patches/patch-Mk_autoconf_mk_in

@@ -0,0 +1,14 @@
+The bit of C code was not being built PIC.
+
+Index: Mk/autoconf.mk.in
+--- Mk/autoconf.mk.in.orig
++++ Mk/autoconf.mk.in
+@@ -2,7 +2,7 @@ SHELL			= @SHELL@
+ 
+ CC			= @CC@
+ 
+-CFLAGS			= @CFLAGS@ @DEFS@ -Wall
++CFLAGS			= -fPIC @CFLAGS@ @DEFS@ -Wall
+ OBJCFLAGS		= -fPIC @OBJCFLAGS@ ${OBJC_RUNTIME_FLAGS} ${OBJC_PTHREAD_CFLAGS} -fno-strict-aliasing ${CFLAGS}
+ OBJC_LIBS		= -fPIC @OBJC_LIBS@ ${OBJC_PTHREAD_LIBS}
+ 

net/openvpn-auth-ldap/patches/patch-aclocal_m4

@@ -0,0 +1,121 @@
+Index: aclocal.m4
+--- aclocal.m4.orig
++++ aclocal.m4
+@@ -1,4 +1,3 @@
+-builtin(include,pthread.m4)
+ builtin(include,platform.m4)
+ builtin(include,framework.m4)
+ 
+@@ -22,7 +21,7 @@ builtin(include,framework.m4)
+ #	Result is cached.
+ #
+ #	Defines one of the following preprocessor macros:
+-#		APPLE_RUNTIME GNU_RUNTIME
++#		APPLE_RUNTIME GNU_RUNTIME MODERN_RUNTIME
+ #
+ #	Substitutes the following variables:
+ #		OBJC_RUNTIME OBJC_RUNTIME_FLAGS OBJC_LIBS
+@@ -30,7 +29,7 @@ builtin(include,framework.m4)
+ #------------------------------------------------------------------------
+ AC_DEFUN([OD_OBJC_RUNTIME],[
+ 	AC_REQUIRE([AC_PROG_OBJC])
+-	AC_ARG_WITH(objc-runtime, AC_HELP_STRING([--with-objc-runtime], [Specify either "GNU" or "apple"]), [with_objc_runtime=${withval}])
++	AC_ARG_WITH(objc-runtime, AC_HELP_STRING([--with-objc-runtime], [Specify either "GNU", "apple", or "modern"]), [with_objc_runtime=${withval}])
+ 
+ 	if test x"${with_objc_runtime}" != x; then
+ 		case "${with_objc_runtime}" in
+@@ -38,8 +37,10 @@ AC_DEFUN([OD_OBJC_RUNTIME],[
+ 				;;
+ 			apple)
+ 				;;
++			modern)
++				;;
+ 			*)
+-				AC_MSG_ERROR([${with_objc_runtime} is not a valid argument to --with-objc-runtime. Please specify either "GNU" or "apple"])
++				AC_MSG_ERROR([${with_objc_runtime} is not a valid argument to --with-objc-runtime. Please specify either "GNU", "apple", or "modern"])
+ 				;;
+ 		esac
+ 	fi
+@@ -58,7 +59,7 @@ AC_DEFUN([OD_OBJC_RUNTIME],[
+ 	# Add -lobjc and -fobjc-exceptions. The following tests will ensure that the library exists and
+ 	# functions with the detected Objective C compiler
+ 	OBJCFLAGS="${OBJCFLAGS} -fobjc-exceptions"
+-	LIBS="${LIBS} -lobjc -fobjc-exceptions"
++	LIBS="${LIBS} -lobjc2 -fobjc-exceptions"
+ 
+ 	# Test if pthreads are required to link against
+ 	# libobjc - this is the case on FreeBSD.
+@@ -113,11 +114,11 @@ AC_DEFUN([OD_OBJC_RUNTIME],[
+ 	AC_MSG_RESULT(${od_cv_objc_req_pthread})
+ 
+ 	if test x"${od_cv_objc_req_pthread}" = x"no"; then
+-		OBJC_LIBS="${OBJC_LIBS} -lobjc"
++		OBJC_LIBS="${OBJC_LIBS} -lobjc2"
+ 		OBJC_PTHREAD_LIBS="${PTHREAD_LIBS} -fobjc-exceptions"
+ 		OBJC_PTHREAD_CFLAGS="${PTHREAD_CFLAGS} -fobjc-exceptions"
+ 	elif test x"${od_cv_objc_req_pthread}" = x"yes"; then
+-		OBJC_LIBS="${OBJC_LIBS} -lobjc ${PTHREAD_LIBS} -fobjc-exceptions"
++		OBJC_LIBS="${OBJC_LIBS} -lobjc2 ${PTHREAD_LIBS} -fobjc-exceptions"
+ 		OBJCFLAGS="${OBJCFLAGS} ${PTHREAD_CFLAGS} -fobjc-exceptions"
+ 	fi
+ 
+@@ -184,15 +185,51 @@ AC_DEFUN([OD_OBJC_RUNTIME],[
+ 		od_cv_objc_runtime_gnu="no"
+ 	fi
+ 
++	if test x"${with_objc_runtime}" = x || test x"${with_objc_runtime}" = x"modern"; then
++		AC_MSG_CHECKING([for Modern Objective C runtime])
++		AC_CACHE_VAL(od_cv_objc_runtime_modern, [
++			# The following uses quadrigraphs
++			# '@<:@' = '['
++			# '@:>@' = ']'
++			AC_LINK_IFELSE([
++					AC_LANG_PROGRAM([
++							#include <objc/objc.h>
++							#include <objc/runtime.h>
++						], [
++							id class = objc_lookUpClass("NSObject");
++							id obj = @<:@class alloc@:>@;
++							puts(@<:@obj name@:>@);
++						])
++					], [
++						od_cv_objc_runtime_modern="yes"
++					], [
++						od_cv_objc_runtime_modern="no"
++					]
++			)
++		])
++		AC_MSG_RESULT(${od_cv_objc_runtime_modern})
++	else
++		od_cv_objc_runtime_modern="no"
++	fi
++
+ 	# Apple runtime is prefered
+-	if test x"${od_cv_objc_runtime_apple}" = x"yes"; then
+-			OBJC_RUNTIME="APPLE_RUNTIME"
+-			AC_MSG_NOTICE([Using Apple Objective-C runtime])
+-			AC_DEFINE([APPLE_RUNTIME], 1, [Define if using the Apple Objective-C runtime and compiler.]) 
+-	elif test x"${od_cv_objc_runtime_gnu}" = x"yes"; then
+-			OBJC_RUNTIME="GNU_RUNTIME"
+-			AC_MSG_NOTICE([Using GNU Objective-C runtime])
+-			AC_DEFINE([GNU_RUNTIME], 1, [Define if using the GNU Objective-C runtime and compiler.]) 
++	if test x"${od_cv_objc_runtime_modern}" = x"yes"; then
++			OBJC_RUNTIME="MODERN_RUNTIME"
++			case "${target_os}" in
++				darwin*) OBJC_RUNTIME_FLAGS="-fnext-runtime"
++					 LDFLAGS="-framework Foundation ${LDFLAGS}";;
++				*) AC_CHECK_PROG([have_gs_config],
++				                 [gnustep-config], [yes])
++				   if test x"$have_gs_config" != x"yes"; then
++				     AC_MSG_ERROR([Cannot find gnustep-config.])
++				   else
++				   OBJC_RUNTIME_FLAGS="`gnustep-config --objc-flags`"
++				   OBJC_LIBS="`gnustep-config --base-libs`"
++				   fi
++				   ;;
++			esac
++			AC_MSG_NOTICE([Using Modern Objective-C runtime])
++			AC_DEFINE([MODERN_RUNTIME], 1, [Define if using the Modern Objective-C runtime and compiler.])
+ 	else
+ 			AC_MSG_FAILURE([Could not locate a working Objective-C runtime.])
+ 	fi

net/openvpn-auth-ldap/patches/patch-platform_m4

@@ -0,0 +1,15 @@
+Don't clobber LDFLAGS - ensures configure finds libobjc2.
+Properly pass -export-dynamic to the linker.
+
+Index: platform.m4
+--- platform.m4.orig
++++ platform.m4
+@@ -97,7 +97,7 @@ AC_DEFUN(OD_CONFIG_PLUGIN, [
+ 	    PLUGIN_LD="${CC} -shared"
+ 	    PLUGIN_LD_FLAGS=""
+ 	    PLUGIN_SUFFIX=".so"
+-	    LDFLAGS="-export-dynamic"
++	    LDFLAGS="-Wl,-export-dynamic ${LDFLAGS}"
+ 	    ;;
+     esac
+ 

net/openvpn-auth-ldap/patches/patch-src_TRLocalPacketFilter_m

@@ -0,0 +1,19 @@
+Index: src/TRLocalPacketFilter.m
+--- src/TRLocalPacketFilter.m.orig
++++ src/TRLocalPacketFilter.m
+@@ -33,6 +33,7 @@
+  */
+ 
+ #import "TRLocalPacketFilter.h"
++#import "TRLog.h"
+ 
+ #ifdef HAVE_PF
+ 
+@@ -42,6 +43,7 @@
+ #import <string.h>
+ #import <errno.h>
+ #import <assert.h>
++#import "xmalloc.h"
+ 
+ 
+ /* Private Methods */

net/openvpn-auth-ldap/patches/patch-tests_Makefile_in

@@ -0,0 +1,17 @@
+uses syntax not in recent obj-c ??
+/usr/obj/ports/openvpn-openvpn-auth-ldap-auth-ldap-2.0.4/openvpn-auth-ldap-auth-ldap-2.0.4/tests/TRLocalPacketFilterTests.m:175: undefined reference to `suite_create'                
+/usr/obj/ports/openvpn-openvpn-auth-ldap-auth-ldap-2.0.4/openvpn-auth-ldap-auth-ldap-2.0.4/tests/TRLocalPacketFilterTests.m:177: undefined reference to `tcase_create'               
+/usr/obj/ports/openvpn-openvpn-auth-ldap-auth-ldap-2.0.4/openvpn-auth-ldap-auth-ldap-2.0.4/tests/TRLocalPacketFilterTests.m:178: undefined reference to `tcase_add_checked_fixture'   
+/usr/obj/ports/openvpn-openvpn-auth-ldap-auth-ldap-2.0.4/openvpn-auth-ldap-auth-ldap-2.0.4/tests/TRLocalPacketFilterTests.m:179: undefined reference to `suite_add_tcase'    
+
+Index: tests/Makefile.in
+--- tests/Makefile.in.orig
++++ tests/Makefile.in
+@@ -25,7 +25,6 @@ TEST_OBJS=	tests.o \
+ 		TRLDAPEntryTests.o \
+ 		TRLDAPGroupConfigTests.o \
+ 		TRLDAPSearchFilterTests.o \
+-		TRLocalPacketFilterTests.o \
+ 		TRObjectTests.o \
+ 		mockpf.o \
+ 		TRPFAddressTests.o \

net/openvpn-auth-ldap/pkg/DESCR

@@ -0,0 +1 @@
+An OpenVPN plugin that implements username/password authentication via LDAP.

net/openvpn-auth-ldap/pkg/MESSAGE

@@ -0,0 +1,8 @@
+Add the following to your OpenVPN configuration file:
+
+        plugin ${PREFIX}/lib/openvpn-auth-ldap.so <config>
+
+The config directive must point to an auth-ldap configuration file - a sample
+configuration file can be found at:
+
+	${PREFIX}/share/examples/openvpn-auth-ldap/auth-ldap.conf

net/openvpn-auth-ldap/pkg/PLIST

@@ -0,0 +1,3 @@
+lib/openvpn-auth-ldap.so
+share/examples/openvpn-auth-ldap/
+share/examples/openvpn-auth-ldap/auth-ldap.conf