head	1.4;
access;
symbols
	RELEASE_8_3_0:1.4
	RELEASE_9_0_0:1.4
	RELEASE_7_4_0:1.4
	RELEASE_8_2_0:1.4
	RELEASE_6_EOL:1.4
	RELEASE_8_1_0:1.4
	RELEASE_7_3_0:1.4
	RELEASE_8_0_0:1.4
	RELEASE_7_2_0:1.4
	RELEASE_7_1_0:1.4
	RELEASE_6_4_0:1.4
	RELEASE_5_EOL:1.4
	RELEASE_7_0_0:1.4
	RELEASE_6_3_0:1.4
	PRE_XORG_7:1.4
	RELEASE_4_EOL:1.4
	RELEASE_6_2_0:1.4
	RELEASE_6_1_0:1.2
	RELEASE_5_5_0:1.2;
locks; strict;
comment	@# @;


1.4
date	2006.08.16.14.00.59;	author sat;	state Exp;
branches;
next	1.3;

1.3
date	2006.05.03.16.01.58;	author garga;	state Exp;
branches;
next	1.2;

1.2
date	2005.09.15.12.11.48;	author vsevolod;	state Exp;
branches;
next	1.1;

1.1
date	2005.09.05.14.13.42;	author vsevolod;	state Exp;
branches;
next	;


desc
@@


1.4
log
@- There should be only one site in the WWW line and kame is obsolete anyway
@
text
@racoon speaks IKE (ISAKMP/Oakley) key management protocol, to
establish security association with other hosts.

This is the IPSec-tools version of racoon.

Enchancements:
- Support of NAT-T and IKE fragmentation.
- Support of many authentication algorithms.
- Tons of bugfixes.

Known issues:
- Non-threaded implementation.  Simultaneous key negotiation performance
  should be improved.
- Cannot negotiate keys for per-socket policy.
- Cryptic configuration syntax - blame IPsec specification too...
- Needs more documentation.

Design choice, not a bug:
- racoon negotiate IPsec keys only.  It does not negotiate policy.  Policy must
  be configured into the kernel separately from racoon.  If you want to
  support roaming clients, you may need to have a mechanism to put policy
  for the roaming client after phase 1 finishes.

WWW: http://ipsec-tools.sourceforge.net/
@


1.3
log
@Makefile:
- introduce OPTIONS to enable/disable features
- add more features to the OPTION dialog
- choose reasonable defaults for OPTIONS (disabled patented stuff)
- remove usesless WRKSRC line
- move LDFLAGS to the place where it is necessary
- extend CONFIGURE_ARGS to set the directory for the adminport socket
  * Note: racoonctl is useless without adminport enabled
  * create the socket dir in post-install
- bump PORTREVISION that users notice the changes
- finally: remove one item from the TODO list on top of the Makefile ;)

pkg-descr:
- shortened by one line to please portlint

pkg-plist:
- slight reorganization
- add create instructions for the adminport socket dir for the
  "installing from package" case
- add removal instructions for the adminport socket dir

files/patch-configure:
- add some stuff to detect libiconv when the GSSAPI OPTION is enabled
- iconv is required for GSSAPI but the library is not added to LIBS
  in the original configure script
- Why not use USE_AUTOTOOLS and patch configure.ac?
  * because the leads to configure running twice which is useless
    overhead. I found no way to avoid this so we patch configure.

files/racoon.sh.in:
- add the adminsocket directory to required_dirs

PR:		ports/96368
Submitted by:	Joerg Pulz <Joerg.Pulz@@frm2.tum.de>
Approved by:	maintainer
@
text
@d24 1
a24 1
WWW: http://www.kame.net/ and http://ipsec-tools.sf.net
@


1.2
log
@Update to 0.6.1

Submitted by:	Yvan Vanhullebus (maintainer)
@
text
@d7 1
a7 2
- Support of NAT-T.
- Support of IKE fragmentation.
@


1.1
log
@Add IPSec tools port - the new "official" version of racoon,
is the only one which is maintained and have lots of new features.

PR:		85544
Submitted by:	VANHULLEBUS Yvan <vanhu@@netasq.com>
Approved by:	perky (mentor)
@
text
@a12 1
- Too many use of dynamic memory allocation, which leads to memory leak.
@

