security/softether-devel: update to v4.27-9668-beta

As security/softether and -devel are created and maintained by different people for a long time, there was a lot of difference between and no consistency between both ports. I grab both ports and renew this port based on security/softether. Now there're least differences such as VERSION, COMMENT, CONFLICTS between both. To make both ports consistent, I quit fetching from GitHub. Using upstream site[1] instead. Upstream distributes -rtm and -beta suffixed tarballs. -rtm corresponds to security/softether, -beta does to security/softether-devel now. [1] https://www.softether-download.com/ Approved by: mentors (implicit)
2018-11-05 02:57:19 +00:00 · 2018-11-05 02:57:19 +00:00 · 2119784436
commit 2119784436
parent 09b85e3d91
25 changed files with 465 additions and 285 deletions
--- a/security/softether-devel/Makefile
+++ b/security/softether-devel/Makefile
@ -1,31 +1,30 @@
 # $FreeBSD$

-PORTNAME=	softether-devel
-PORTVERSION=	4.21.9613
-PORTREVISION=	2
+PORTNAME=	softether
+DISTVERSION=	4.27-9668-beta
 CATEGORIES=	security
+MASTER_SITES=	https://www.softether-download.com/files/softether/v${DISTVERSION}-2018.05.29-tree/Source_Code/
+PKGNAMESUFFIX=	-devel
+DISTNAME=	${PORTNAME}-src-v${DISTVERSION}

 MAINTAINER=	meta@FreeBSD.org
-COMMENT=	Cross-platform Multi-protocol VPN Software
+COMMENT=	Softether VPN solution (development version)

 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE

-CONFLICTS_INSTALL=	softether
+ONLY_FOR_ARCHS=	amd64 i386
+ONLY_FOR_ARCHS_REASON=	Upstream only supports amd64 and i386: https://www.softether.org/3-spec

-USES=		dos2unix gmake iconv localbase readline ssl
-DOS2UNIX_FILES=	src/Mayaqua/Network.c
-USE_GITHUB=	yes
-GH_ACCOUNT=	SoftEtherVPN
-GH_PROJECT=	SoftEtherVPN
-GH_TAGNAME=	1e17c9b
-ALL_TARGET=	build
-MAKE_ENV=	STAGEDIR=${STAGEDIR} ICONV_LIB=${ICONV_LIB}
-USE_RC_SUBR=	vpnserver vpnclient vpnbridge
-PORTDOCS=	AUTHORS.TXT BUILD_UNIX.TXT ChangeLog README THIRD_PARTY.TXT \
-		WARNING.TXT
+USES=		dos2unix gmake iconv:wchar_t localbase:ldflags ncurses \
+		readline ssl
+USE_RC_SUBR=	softether_bridge softether_client softether_server

-OPTIONS_DEFINE= DOCS UNLOCK
+DOS2UNIX_FILES=	ChangeLog LICENSE README *.TXT \
+		src/Cedar/*.* src/Mayaqua/*.*
+SUB_FILES=	vpncmd
+
+OPTIONS_DEFINE=	DOCS UNLOCK

 # Use of some functions in Japan and China is restricted.
 # This option Unlocks regional lockout following functions:
@ -34,16 +33,54 @@ OPTIONS_DEFINE= DOCS UNLOCK
 #  - Deep-inspect packet logging function
 #  - Source IP address control list function
 #  - syslog transfer function
-UNLOCK_DESC= Unlock regional lockout (JP and CN)
-UNLOCK_EXTRA_PATCHES=   ${FILESDIR}/extra-patch-unrestrict-enterprise-functions
+UNLOCK_DESC=	Unlock regional lockout (JP and CN)
+UNLOCK_EXTRA_PATCHES=	${FILESDIR}/extra-patch-unrestrict-enterprise-functions
+
+CONFLICTS_INSTALL=	softether
+PORTDOCS=	AUTHORS.TXT ChangeLog LICENSE README THIRD_PARTY.TXT WARNING.TXT
+
+LOGDIR?=	/var/log/softether
+PLIST_SUB=	LOGDIR="${LOGDIR}"
+SUB_LIST=	LOGDIR="${LOGDIR}"
+
+CPPFLAGS+=	-I${LOCALBASE}/include
+LDFLAGS+=	-L${LOCALBASE}/lib
+
+# a pity the source directory has such a naming scheme, but well
+WRKSRC=		${WRKDIR}/v4.27-9668
+
+ALL_TARGET=	build
+
+.include <bsd.port.options.mk>

 post-patch:
-	${INSTALL_DATA} ${WRKSRC}/src/makefiles/freebsd_32bit.mak \
-	    ${WRKSRC}/Makefile
+	# skip configure at all and copy the corresponding Makefile in place
+.if ${ARCH} != "amd64"
+	@${CP} ${WRKSRC}/src/makefiles/freebsd_32bit.mak ${WRKSRC}/Makefile
+.else
+	@${CP} ${WRKSRC}/src/makefiles/freebsd_64bit.mak ${WRKSRC}/Makefile
+.endif
+	# pull in user specific CFLAGS and LDFLAGS
+	@${REINPLACE_CMD} -e "s|OPTIONS_COMPILE_RELEASE=|OPTIONS_COMPILE_RELEASE=${CFLAGS} |g" ${WRKSRC}/Makefile
+	@${REINPLACE_CMD} -e "s|OPTIONS_LINK_RELEASE=|OPTIONS_LINK_RELEASE=${LDFLAGS} |g" ${WRKSRC}/Makefile

-post-install-DOCS-on:
+# manually install to ${PREFIX}/libexec/softether, then the final install will copy scripts
+# into ${PREFIX}/sbin
+do-install:
+	${MKDIR} ${STAGEDIR}/${PREFIX}/libexec/softether
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpnbridge/vpnbridge ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpnbridge
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpnclient/vpnclient ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpnclient
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpncmd/vpncmd ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpncmd
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpnserver/vpnserver ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpnserver
+	${INSTALL_DATA} ${WRKSRC}/bin/vpnserver/hamcore.se2 ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/hamcore.se2
+	${INSTALL_SCRIPT} ${WRKDIR}/vpncmd ${STAGEDIR}/${PREFIX}/sbin/vpncmd
+.for i in vpnbridge vpnclient vpncmd vpnserver
+	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/${PORTNAME}/${i}
+.endfor
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
-	cd ${WRKSRC} && \
-	    ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR}
+	@${MKDIR} ${STAGEDIR}${LOGDIR}
+.for doc in ${PORTDOCS}
+	${INSTALL_DATA} ${WRKSRC}/${doc} ${STAGEDIR}${DOCSDIR}
+.endfor

 .include <bsd.port.mk>
--- a/security/softether-devel/distinfo
+++ b/security/softether-devel/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1479531912
-SHA256 (SoftEtherVPN-SoftEtherVPN-4.21.9613-1e17c9b_GH0.tar.gz) = 3ba427abd3684e6f3fa1896512d240890f07beee179aef0823cbfd165b06def5
-SIZE (SoftEtherVPN-SoftEtherVPN-4.21.9613-1e17c9b_GH0.tar.gz) = 33681928
+TIMESTAMP = 1532578431
+SHA256 (softether-src-v4.27-9668-beta.tar.gz) = 42f74c3eee12ccafe6e2eaa833385406f953aed284d3bf79e0dcf164cbda0e77
+SIZE (softether-src-v4.27-9668-beta.tar.gz) = 33786372
--- a/security/softether-devel/files/extra-patch-unrestrict-enterprise-functions
+++ b/security/softether-devel/files/extra-patch-unrestrict-enterprise-functions
@ -1,27 +1,27 @@
 --- src/Cedar/Server.c.orig	2016-04-24 14:49:31 UTC
 +++ src/Cedar/Server.c
@@ -10822,23 +10822,7 @@ bool SiCheckCurrentRegion(CEDAR *c, char
- // 
- bool SiIsEnterpriseFunctionsRestrictedOnOpenSource(CEDAR *c)
- {
-	char region[128];
-	bool ret = false;
-	// Validate arguments
-	if (c == NULL)
-	{
-		return false;
-	}
-
-
-	SiGetCurrentRegion(c, region, sizeof(region));
-
-	if (StrCmpi(region, "JP") == 0 || StrCmpi(region, "CN") == 0)
-	{
-		ret = true;
-	}
-
-	return ret;
-+	return false;
- }
- 
- // Update the current region
+ // 
+ bool SiIsEnterpriseFunctionsRestrictedOnOpenSource(CEDAR *c)
+ {
+-	char region[128];
+-	bool ret = false;
+-	// Validate arguments
+-	if (c == NULL)
+-	{
+-		return false;
+-	}
+-
+-
+-	SiGetCurrentRegion(c, region, sizeof(region));
+-
+-	if (StrCmpi(region, "JP") == 0 || StrCmpi(region, "CN") == 0)
+-	{
+-		ret = true;
+-	}
+-
+-	return ret;
+	return false;
+ }
+ 
+ // Update the current region
--- a/security/softether-devel/files/patch-src-makefiles-freebsd_32bit.mak
+++ b/security/softether-devel/files/patch-src-makefiles-freebsd_32bit.mak
@ -1,110 +0,0 @@
--- src/makefiles/freebsd_32bit.mak.orig	2016-04-24 14:49:31 UTC
-+++ src/makefiles/freebsd_32bit.mak
-@@ -25,19 +25,19 @@
- 
- #CC=gcc
- 
-OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_BSD -DBRIDGE_BPF -DNO_VLAN -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -I/usr/local/include -I/usr/include -g -fsigned-char
-+OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_BSD -DBRIDGE_BPF -DNO_VLAN -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -g -fsigned-char
- 
-OPTIONS_LINK_DEBUG=-g -fsigned-char -L/usr/local/lib -L/usr/lib -lm -lpthread -lssl -lcrypto -liconv -lreadline -lncurses -lz
-+OPTIONS_LINK_DEBUG=-g -fsigned-char -lm -lpthread -lssl -lcrypto ${ICONV_LIB} -lreadline -lncurses -lz
- 
-OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_BSD -DBRIDGE_BPF -DNO_VLAN -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -I/usr/local/include -I/usr/include -O2 -fsigned-char
-+OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_BSD -DBRIDGE_BPF -DNO_VLAN -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -fsigned-char ${CFLAGS}
- 
-OPTIONS_LINK_RELEASE=-O2 -fsigned-char -L/usr/local/lib -L/usr/lib -lm -lpthread -lssl -lcrypto -liconv -lreadline -lncurses -lz
-+OPTIONS_LINK_RELEASE=-fsigned-char ${LDFLAGS} ${LIBS} -lm -lpthread -lssl -lcrypto ${ICONV_LIB} -lreadline -lncurses -lz
- 
-INSTALL_BINDIR=/usr/bin/
-INSTALL_VPNSERVER_DIR=/usr/vpnserver/
-INSTALL_VPNBRIDGE_DIR=/usr/vpnbridge/
-INSTALL_VPNCLIENT_DIR=/usr/vpnclient/
-INSTALL_VPNCMD_DIR=/usr/vpncmd/
-+INSTALL_BINDIR=${PREFIX}/sbin/
-+INSTALL_VPNSERVER_DIR=${PREFIX}/softethervpn/vpnserver/
-+INSTALL_VPNBRIDGE_DIR=${PREFIX}/softethervpn/vpnbridge/
-+INSTALL_VPNCLIENT_DIR=${PREFIX}/softethervpn/vpnclient/
-+INSTALL_VPNCMD_DIR=${PREFIX}/softethervpn/vpncmd/
- 
- ifeq ($(DEBUG),YES)
- 	OPTIONS_COMPILE=$(OPTIONS_COMPILE_DEBUG)
-@@ -379,7 +379,7 @@ tmp/objs/vpncmd.o: src/vpncmd/vpncmd.c $
- 	$(CC) $(OPTIONS_COMPILE) -c src/vpncmd/vpncmd.c -o tmp/objs/vpncmd.o
- 
- # Install
-install: $(INSTALL_BINDIR)vpnserver $(INSTALL_BINDIR)vpnbridge $(INSTALL_BINDIR)vpnclient $(INSTALL_BINDIR)vpncmd
-+install: $(STAGEDIR)$(INSTALL_BINDIR)vpnserver $(STAGEDIR)$(INSTALL_BINDIR)vpnbridge $(STAGEDIR)$(INSTALL_BINDIR)vpnclient $(STAGEDIR)$(INSTALL_BINDIR)vpncmd
- 	@echo
- 	@echo "--------------------------------------------------------------------"
- 	@echo "Installation completed successfully."
-@@ -391,41 +391,37 @@ install: $(INSTALL_BINDIR)vpnserver $(IN
- 	@echo "--------------------------------------------------------------------"
- 	@echo
- 
-$(INSTALL_BINDIR)vpnserver: bin/vpnserver/hamcore.se2 bin/vpnserver/vpnserver
-	@mkdir -p $(INSTALL_VPNSERVER_DIR)
-	cp bin/vpnserver/hamcore.se2 $(INSTALL_VPNSERVER_DIR)hamcore.se2
-	cp bin/vpnserver/vpnserver $(INSTALL_VPNSERVER_DIR)vpnserver
-	echo "#!/bin/sh" > $(INSTALL_BINDIR)vpnserver
-	echo $(INSTALL_VPNSERVER_DIR)vpnserver '"$$@"' >> $(INSTALL_BINDIR)vpnserver
-	echo 'exit $$?' >> $(INSTALL_BINDIR)vpnserver
-	chmod 755 $(INSTALL_BINDIR)vpnserver
-+$(STAGEDIR)$(INSTALL_BINDIR)vpnserver: bin/vpnserver/hamcore.se2 bin/vpnserver/vpnserver
-+	@mkdir -p $(STAGEDIR)$(INSTALL_VPNSERVER_DIR)
-+	cp bin/vpnserver/hamcore.se2 $(STAGEDIR)$(INSTALL_VPNSERVER_DIR)hamcore.se2
-+	$(BSD_INSTALL_PROGRAM) bin/vpnserver/vpnserver $(STAGEDIR)$(INSTALL_VPNSERVER_DIR)vpnserver
-+	echo "#!/bin/sh" > $(STAGEDIR)$(INSTALL_BINDIR)vpnserver
-+	echo exec $(INSTALL_VPNSERVER_DIR)vpnserver '"$$@"' >> $(STAGEDIR)$(INSTALL_BINDIR)vpnserver
-+	chmod 755 $(STAGEDIR)$(INSTALL_BINDIR)vpnserver
- 
-$(INSTALL_BINDIR)vpnbridge: bin/vpnbridge/hamcore.se2 bin/vpnbridge/vpnbridge
-	@mkdir -p $(INSTALL_VPNBRIDGE_DIR)
-	cp bin/vpnbridge/hamcore.se2 $(INSTALL_VPNBRIDGE_DIR)hamcore.se2
-	cp bin/vpnbridge/vpnbridge $(INSTALL_VPNBRIDGE_DIR)vpnbridge
-	echo "#!/bin/sh" > $(INSTALL_BINDIR)vpnbridge
-	echo $(INSTALL_VPNBRIDGE_DIR)vpnbridge '"$$@"' >> $(INSTALL_BINDIR)vpnbridge
-	echo 'exit $$?' >> $(INSTALL_BINDIR)vpnbridge
-	chmod 755 $(INSTALL_BINDIR)vpnbridge
-+$(STAGEDIR)$(INSTALL_BINDIR)vpnbridge: bin/vpnbridge/hamcore.se2 bin/vpnbridge/vpnbridge
-+	@mkdir -p $(STAGEDIR)$(INSTALL_VPNBRIDGE_DIR)
-+	cp bin/vpnbridge/hamcore.se2 $(STAGEDIR)$(INSTALL_VPNBRIDGE_DIR)hamcore.se2
-+	$(BSD_INSTALL_PROGRAM) bin/vpnbridge/vpnbridge $(STAGEDIR)$(INSTALL_VPNBRIDGE_DIR)vpnbridge
-+	echo "#!/bin/sh" > $(STAGEDIR)$(INSTALL_BINDIR)vpnbridge
-+	echo exec $(INSTALL_VPNBRIDGE_DIR)vpnbridge '"$$@"' >> $(STAGEDIR)$(INSTALL_BINDIR)vpnbridge
-+	chmod 755 $(STAGEDIR)$(INSTALL_BINDIR)vpnbridge
- 
-$(INSTALL_BINDIR)vpnclient: bin/vpnclient/hamcore.se2 bin/vpnclient/vpnclient
-	@mkdir -p $(INSTALL_VPNCLIENT_DIR)
-	cp bin/vpnclient/hamcore.se2 $(INSTALL_VPNCLIENT_DIR)hamcore.se2
-	cp bin/vpnclient/vpnclient $(INSTALL_VPNCLIENT_DIR)vpnclient
-	echo "#!/bin/sh" > $(INSTALL_BINDIR)vpnclient
-	echo $(INSTALL_VPNCLIENT_DIR)vpnclient '"$$@"' >> $(INSTALL_BINDIR)vpnclient
-	echo 'exit $$?' >> $(INSTALL_BINDIR)vpnclient
-	chmod 755 $(INSTALL_BINDIR)vpnclient
-+$(STAGEDIR)$(INSTALL_BINDIR)vpnclient: bin/vpnclient/hamcore.se2 bin/vpnclient/vpnclient
-+	@mkdir -p $(STAGEDIR)$(INSTALL_VPNCLIENT_DIR)
-+	cp bin/vpnclient/hamcore.se2 $(STAGEDIR)$(INSTALL_VPNCLIENT_DIR)hamcore.se2
-+	$(BSD_INSTALL_PROGRAM) bin/vpnclient/vpnclient $(STAGEDIR)$(INSTALL_VPNCLIENT_DIR)vpnclient
-+	echo "#!/bin/sh" > $(STAGEDIR)$(INSTALL_BINDIR)vpnclient
-+	echo exec $(INSTALL_VPNCLIENT_DIR)vpnclient '"$$@"' >> $(STAGEDIR)$(INSTALL_BINDIR)vpnclient
-+	chmod 755 $(STAGEDIR)$(INSTALL_BINDIR)vpnclient
- 
-$(INSTALL_BINDIR)vpncmd: bin/vpncmd/hamcore.se2 bin/vpncmd/vpncmd
-	@mkdir -p $(INSTALL_VPNCMD_DIR)
-	cp bin/vpncmd/hamcore.se2 $(INSTALL_VPNCMD_DIR)hamcore.se2
-	cp bin/vpncmd/vpncmd $(INSTALL_VPNCMD_DIR)vpncmd
-	echo "#!/bin/sh" > $(INSTALL_BINDIR)vpncmd
-	echo $(INSTALL_VPNCMD_DIR)vpncmd '"$$@"' >> $(INSTALL_BINDIR)vpncmd
-	echo 'exit $$?' >> $(INSTALL_BINDIR)vpncmd
-	chmod 755 $(INSTALL_BINDIR)vpncmd
-+$(STAGEDIR)$(INSTALL_BINDIR)vpncmd: bin/vpncmd/hamcore.se2 bin/vpncmd/vpncmd
-+	@mkdir -p $(STAGEDIR)$(INSTALL_VPNCMD_DIR)
-+	cp bin/vpncmd/hamcore.se2 $(STAGEDIR)$(INSTALL_VPNCMD_DIR)hamcore.se2
-+	$(BSD_INSTALL_PROGRAM) bin/vpncmd/vpncmd $(STAGEDIR)$(INSTALL_VPNCMD_DIR)vpncmd
-+	echo "#!/bin/sh" > $(STAGEDIR)$(INSTALL_BINDIR)vpncmd
-+	echo exec $(INSTALL_VPNCMD_DIR)vpncmd '"$$@"' >> $(STAGEDIR)$(INSTALL_BINDIR)vpncmd
-+	chmod 755 $(STAGEDIR)$(INSTALL_BINDIR)vpncmd
- 
- # Clean
- clean:
--- a/security/softether-devel/files/patch-src_Mayaqua_Network.c
+++ b/security/softether-devel/files/patch-src_Mayaqua_Network.c
@ -1,14 +0,0 @@
--- src/Mayaqua/Network.c.orig	2017-01-12 14:15:02 UTC
-+++ src/Mayaqua/Network.c
-@@ -12983,7 +12983,11 @@ bool StartSSLEx(SOCK *sock, X *x, K *pri
- 		{
- 			if (client_tls == false)
- 			{
-+#ifndef OPENSSL_NO_SSL3_METHOD
- 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
-+#else
-+				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
-+#endif
- 			}
- 			else
- 			{
--- a/security/softether-devel/files/patch-srcCedarCedar.h
+++ b/security/softether-devel/files/patch-srcCedarCedar.h
@ -0,0 +1,75 @@
+--- src/Cedar/Cedar.h.orig	2016-05-03 06:16:53 UTC
+++ src/Cedar/Cedar.h
+@@ -510,22 +510,22 @@
+ #define	LOG_ENGINE_BUFFER_CACHE_SIZE_MAX	(10 * 1024 * 1024)	// Write cache size
+ 
+ // Constant such as a file name
+-#define	SERVER_LOG_DIR_NAME			"@server_log"
+#define	SERVER_LOG_DIR_NAME			"/var/log/softether/server"
+ #define	BRIDGE_LOG_DIR_NAME			SERVER_LOG_DIR_NAME
+ #define	SERVER_LOG_PERFIX			"vpn"
+ 
+-#define	HUB_SECURITY_LOG_DIR_NAME	"@security_log"
+-#define	HUB_SECURITY_LOG_FILE_NAME	"@security_log/%s"
+#define	HUB_SECURITY_LOG_DIR_NAME	"/var/log/softether/security"
+#define	HUB_SECURITY_LOG_FILE_NAME	"/var/log/softether/security/%s"
+ #define	HUB_SECURITY_LOG_PREFIX		"sec"
+-#define	HUB_PACKET_LOG_DIR_NAME		"@packet_log"
+-#define	HUB_PACKET_LOG_FILE_NAME	"@packet_log/%s"
+#define	HUB_PACKET_LOG_DIR_NAME		"/var/log/softether/packet"
+#define	HUB_PACKET_LOG_FILE_NAME	"/var/log/softether/packet/%s"
+ #define	HUB_PACKET_LOG_PREFIX		"pkt"
+ 
+-#define	NAT_LOG_DIR_NAME			"@secure_nat_log"
+-#define	NAT_LOG_FILE_NAME			"@secure_nat_log/%s"
+#define	NAT_LOG_DIR_NAME			"/var/log/softether/secure_nat"
+#define	NAT_LOG_FILE_NAME			"/var/log/softether/secure_nat/%s"
+ #define	NAT_LOG_PREFIX				"snat"
+ 
+-#define	CLIENT_LOG_DIR_NAME			"@client_log"
+#define	CLIENT_LOG_DIR_NAME			"/var/log/softether/client"
+ #define	CLIENT_LOG_PREFIX			"client"
+ 
+ // Packet log settings
+@@ -560,8 +560,8 @@
+ #define	DISK_FREE_CHECK_INTERVAL_DEFAULT	(5 * 60 * 1000)
+ 
+ // Simple log
+-#define TINY_LOG_DIRNAME			"@tiny_log"
+-#define TINY_LOG_FILENAME			"@tiny_log/%04u%02u%02u_%02u%02u%02u.log"
+#define TINY_LOG_DIRNAME			"/var/log/softether/tiny"
+#define TINY_LOG_FILENAME			"/var/log/softether/tiny/%04u%02u%02u_%02u%02u%02u.log"
+ 
+ 
+ //////////////////////////////////////////////////////////////////////
+@@ -574,7 +574,7 @@
+ //#define CE_SNAPSHOT_INTERVAL		((UINT64)(3000))
+ #define CE_SNAPSHOT_POLLING_INTERVAL	(1 * 1000)
+ #define CE_SNAPSHOT_POLLING_INTERVAL_LICENSE	(30 * 1000)
+-#define CE_SNAPSHOT_DIR_NAME		"@carrier_log"
+#define CE_SNAPSHOT_DIR_NAME		"/var/log/softether/carrier"
+ #define CE_SNAPSHOT_PREFIX			"carrier"
+ 
+ 
+@@ -591,7 +591,7 @@
+ // Expiration date of random size cache
+ #define	RAND_SIZE_CACHE_EXPIRE		(24 * 60 * 60 * 1000)
+ // Management allowed IP address list file name
+-#define	ADMINIP_TXT					"@adminip.txt"
+#define	ADMINIP_TXT					"/var/db/softether/adminip.txt"
+ 
+ #define NON_SSL_MIN_COUNT			60
+ #define NON_SSL_ENTRY_EXPIRES		(10 * 60 * 1000)
+@@ -642,9 +642,9 @@
+ //////////////////////////////////////////////////////////////////////
+ 
+ #define	EL_ADMIN_PORT			22888
+-#define	EL_CONFIG_FILENAME		"@etherlogger.config"
+-#define	EL_PACKET_LOG_DIR_NAME	"@etherlogger_log"
+-#define	EL_PACKET_LOG_FILE_NAME	"@etherlogger_log/%s"
+#define	EL_CONFIG_FILENAME		"/var/db/softether/etherlogger.config"
+#define	EL_PACKET_LOG_DIR_NAME	"/var/log/softether/etherlogger"
+#define	EL_PACKET_LOG_FILE_NAME	"/var/log/softether/etherlogger/%s"
+ #define	EL_PACKET_LOG_PREFIX	"pkt"
+ #define	EL_LICENSE_CHECK_SPAN	(10 * 1000)
+ 
--- a/security/softether-devel/files/patch-srcCedarClient.h
+++ b/security/softether-devel/files/patch-srcCedarClient.h
@ -0,0 +1,20 @@
+--- src/Cedar/Client.h.orig	2016-05-03 06:16:53 UTC
+++ src/Cedar/Client.h
+@@ -125,7 +125,7 @@
+ 
+ 
+ // Constants
+-#define	CLIENT_CONFIG_FILE_NAME				"@vpn_client.config"
+#define	CLIENT_CONFIG_FILE_NAME				"/var/db/softether/vpn_client.config"
+ #define	CLIENT_DEFAULT_KEEPALIVE_HOST		"keepalive.softether.org"
+ #define	CLIENT_DEFAULT_KEEPALIVE_PORT		80
+ #define	CLIENT_DEFAULT_KEEPALIVE_INTERVAL	KEEP_INTERVAL_DEFAULT
+@@ -145,7 +145,7 @@
+ #define	CLIENT_WIN32_EXE_FILENAME_X64		"vpnclient_x64.exe"
+ #define	CLIENT_WIN32_EXE_FILENAME_IA64		"vpnclient_ia64.exe"
+ 
+-#define CLIENT_CUSTOM_INI_FILENAME			"@custom.ini"
+#define CLIENT_CUSTOM_INI_FILENAME			"/var/db/softether/custom.ini"
+ 
+ #define	CLIENT_GLOBAL_PULSE_NAME			"clientglobalpulse"
+ 
--- a/security/softether-devel/files/patch-srcCedarNat.h
+++ b/security/softether-devel/files/patch-srcCedarNat.h
@ -0,0 +1,11 @@
+--- src/Cedar/Nat.h.orig	2016-05-03 06:16:53 UTC
+++ src/Cedar/Nat.h
+@@ -115,7 +115,7 @@
+ #define	NAT_H
+ 
+ // Constants
+-#define	NAT_CONFIG_FILE_NAME			"@vpn_router.config"	// NAT configuration file
+#define	NAT_CONFIG_FILE_NAME			"/var/db/softether/vpn_router.config"	// NAT configuration file
+ #define	DEFAULT_NAT_ADMIN_PORT			2828		// Default port number for management
+ #define	NAT_ADMIN_PORT_LISTEN_INTERVAL	1000		// Interval for trying to open a port for management
+ #define	NAT_FILE_SAVE_INTERVAL			(30 * 1000)	// Interval to save
--- a/security/softether-devel/files/patch-srcCedarServer.c
+++ b/security/softether-devel/files/patch-srcCedarServer.c
@ -0,0 +1,30 @@
+--- src/Cedar/Server.c.orig	2016-05-03 06:16:53 UTC
+++ src/Cedar/Server.c
+@@ -115,12 +115,12 @@
+ 
+ static SERVER *server = NULL;
+ static LOCK *server_lock = NULL;
+-char *SERVER_CONFIG_FILE_NAME = "@vpn_server.config";
+-char *SERVER_CONFIG_FILE_NAME_IN_CLIENT = "@vpn_gate_svc.config";
+-char *SERVER_CONFIG_FILE_NAME_IN_CLIENT_RELAY = "@vpn_gate_relay.config";
+-char *BRIDGE_CONFIG_FILE_NAME = "@vpn_bridge.config";
+-char *SERVER_CONFIG_TEMPLATE_NAME = "@vpn_server_template.config";
+-char *BRIDGE_CONFIG_TEMPLATE_NAME = "@vpn_server_template.config";
+char *SERVER_CONFIG_FILE_NAME = "/var/db/softether/vpn_server.config";
+char *SERVER_CONFIG_FILE_NAME_IN_CLIENT = "/var/db/softether/vpn_gate_svc.config";
+char *SERVER_CONFIG_FILE_NAME_IN_CLIENT_RELAY = "/var/db/softether/vpn_gate_relay.config";
+char *BRIDGE_CONFIG_FILE_NAME = "/var/db/softether/vpn_bridge.config";
+char *SERVER_CONFIG_TEMPLATE_NAME = "/var/db/softether/vpn_server_template.config";
+char *BRIDGE_CONFIG_TEMPLATE_NAME = "/var/db/softether/vpn_server_template.config";
+ 
+ static bool server_reset_setting = false;
+ 
+@@ -10916,7 +10916,7 @@ SERVER *SiNewServerEx(bool bridge, bool 
+ #endif	// OS_WIN32
+ 
+ #ifdef	ENABLE_AZURE_SERVER
+-	if (IsFileExists("@azureserver.config"))
+	if (IsFileExists("/var/db/softether/azureserver.config"))
+ 	{
+ 		DisableRDUPServerGlobally();
+ 		s->AzureServer = NewAzureServer(s->Cedar);
--- a/security/softether-devel/files/patch-srcMayaquaCfg.c
+++ b/security/softether-devel/files/patch-srcMayaquaCfg.c
@ -0,0 +1,11 @@
+--- src/Mayaqua/Cfg.c.orig	2016-05-03 06:16:53 UTC
+++ src/Mayaqua/Cfg.c
+@@ -139,7 +139,7 @@ void BackupCfgWEx(CFG_RW *rw, FOLDER *f,
+ 	}
+ 
+ 	// Determine the directory name
+-	UniFormat(dirname, sizeof(dirname), L"@backup.%s", original[0] == L'@' ? original + 1 : original);
+	UniFormat(dirname, sizeof(dirname), L"/var/db/softether/backup.%s", original[0] == L'@' ? original + 1 : original);
+ 
+ 	// Determine the file name
+ 	LocalTime(&st);
--- a/security/softether-devel/files/patch-srcMayaquaCfg.h
+++ b/security/softether-devel/files/patch-srcMayaquaCfg.h
@ -0,0 +1,11 @@
+--- src/Mayaqua/Cfg.h.orig	2016-05-03 06:16:53 UTC
+++ src/Mayaqua/Cfg.h
+@@ -117,7 +117,7 @@
+ // Macro
+ //#define	CHECK_CFG_NAME_EXISTS			// Check duplication of the existing name
+ 
+-#define	SAVE_BINARY_FILE_NAME_SWITCH	L"@save_binary"
+#define	SAVE_BINARY_FILE_NAME_SWITCH	L"/var/db/softether/save_binary"
+ 
+ // Constants
+ #define	TAG_DECLARE			"declare"
--- a/security/softether-devel/files/patch-srcMayaquaKernel.c
+++ b/security/softether-devel/files/patch-srcMayaquaKernel.c
@ -0,0 +1,11 @@
+--- src/Mayaqua/Kernel.c.orig	2016-05-03 06:16:53 UTC
+++ src/Mayaqua/Kernel.c
+@@ -2213,7 +2213,7 @@ void AbortExitEx(char *msg)
+ 		msg = "Unknown Error";
+ 	}
+ 
+-	f = fopen("abort_error_log.txt", "w");
+	f = fopen("/var/db/softether/abort_error_log.txt", "w");
+ 	if (f != NULL)
+ 	{
+ 		fwrite(msg, 1, strlen(msg), f);
--- a/security/softether-devel/files/patch-srcMayaquaNetwork.c
+++ b/security/softether-devel/files/patch-srcMayaquaNetwork.c
@ -0,0 +1,19 @@
+--- src/Mayaqua/Network.c.orig	2016-05-03 06:16:53 UTC
+++ src/Mayaqua/Network.c
+@@ -13025,10 +13025,15 @@
+ 		{
+ 			if (client_tls == false)
+ 			{
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#ifndef OPENSSL_NO_SSL3
+ 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
+ #else
+ 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
+				SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_TLSv1
+#ifdef SSL_OP_NO_TLSv1_2
+				| SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
+#endif
+				);
+ #endif
+ 			}
+ 			else
--- a/security/softether-devel/files/patch-srcMayaquaTable.h
+++ b/security/softether-devel/files/patch-srcMayaquaTable.h
@ -0,0 +1,11 @@
+--- src/Mayaqua/Table.h.orig	2016-05-03 06:16:53 UTC
+++ src/Mayaqua/Table.h
+@@ -119,7 +119,7 @@
+ #define	LANGLIST_FILENAME		"|languages.txt"
+ #define	LANGLIST_FILENAME_WINE	"|languages_wine.txt"
+ 
+-#define	LANG_CONFIG_FILENAME	L"@lang.config"
+#define	LANG_CONFIG_FILENAME	L"/var/db/softether/lang.config"
+ #define	LANG_CONFIG_TEMPLETE	"|lang.config"
+ 
+ // Language constant
--- a/security/softether-devel/files/patch-srcMayaquaUnix.c
+++ b/security/softether-devel/files/patch-srcMayaquaUnix.c
@ -0,0 +1,29 @@
+--- src/Mayaqua/Unix.c.orig	2016-05-03 06:16:53 UTC
+++ src/Mayaqua/Unix.c
+@@ -931,7 +931,7 @@ void *UnixNewSingleInstance(char *instan
+ 	GetExeDir(dir, sizeof(dir));
+ 
+ 	// File name generation
+-	Format(name, sizeof(name), "%s/.%s", dir, tmp);
+	Format(name, sizeof(name), "/var/db/softether/.%s", tmp);
+ 
+ 	fd = open(name, O_WRONLY);
+ 	if (fd == -1)
+@@ -2320,7 +2320,7 @@ void UnixGenPidFileName(char *name, UINT
+ 	Hash(hash, exe_name, StrLen(exe_name), false);
+ 	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+ 
+-	Format(name, size, "%s/.pid_%s", dir, tmp1);
+	Format(name, size, "/var/db/softether/%s.pid", tmp1);
+ }
+ 
+ // Delete the PID file
+@@ -2365,7 +2365,7 @@ void UnixGenCtlFileName(char *name, UINT
+ 	Hash(hash, exe_name, StrLen(exe_name), false);
+ 	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
+ 
+-	Format(name, size, "%s/.ctl_%s", dir, tmp1);
+	Format(name, size, "/var/db/softether/.ctl_%s", tmp1);
+ }
+ 
+ // Write the CTL file
--- a/security/softether-devel/files/softether_bridge.in
+++ b/security/softether-devel/files/softether_bridge.in
@ -0,0 +1,36 @@
+#!/bin/sh
+
+# PROVIDE: softether_bridge
+# REQUIRE: NETWORKING SERVERS
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable softether_bridge:
+# softether_bridge_enable (bool):  Set to "NO" by default.
+#                                  Set it to "YES" to enable
+#
+. /etc/rc.subr
+
+name=softether_bridge
+rcvar=softether_bridge_enable
+load_rc_config ${name}
+
+: ${softether_bridge_enable:=NO}
+
+command="%%PREFIX%%/libexec/softether/vpnbridge"
+
+datadir="/var/db/softether"
+
+start_precmd="${name}_precmd"
+start_cmd="${command} start"
+stop_cmd="${command} stop"
+
+softether_bridge_precmd()
+{
+	if [ ! -d "${datadir}" ]; then
+	    mkdir -p ${datadir}
+	fi
+}
+
+run_rc_command "$1"
--- a/security/softether-devel/files/softether_client.in
+++ b/security/softether-devel/files/softether_client.in
@ -0,0 +1,36 @@
+#!/bin/sh
+
+# PROVIDE: softether_client
+# REQUIRE: NETWORKING SERVERS
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable softether_client:
+# softether_client_enable (bool):  Set to "NO" by default.
+#                                  Set it to "YES" to enable
+#
+. /etc/rc.subr
+
+name=softether_client
+rcvar=softether_client_enable
+load_rc_config ${name}
+
+: ${softether_client_enable:=NO}
+
+command="%%PREFIX%%/libexec/softether/vpnclient"
+
+datadir="/var/db/softether"
+
+start_precmd="${name}_precmd"
+start_cmd="${command} start"
+stop_cmd="${command} stop"
+
+softether_client_precmd()
+{
+	if [ ! -d "${datadir}" ]; then
+	    mkdir -p ${datadir}
+	fi
+}
+
+run_rc_command "$1"
--- a/security/softether-devel/files/softether_server.in
+++ b/security/softether-devel/files/softether_server.in
@ -0,0 +1,36 @@
+#!/bin/sh
+
+# PROVIDE: softether_server
+# REQUIRE: NETWORKING SERVERS
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable softether_server:
+# softether_server_enable (bool):  Set to "NO" by default.
+#                                  Set it to "YES" to enable
+#
+. /etc/rc.subr
+
+name=softether_server
+rcvar=softether_server_enable
+load_rc_config ${name}
+
+: ${softether_server_enable:=NO}
+
+command="%%PREFIX%%/libexec/softether/vpnserver"
+
+datadir="/var/db/softether"
+
+start_precmd="${name}_precmd"
+start_cmd="${command} start"
+stop_cmd="${command} stop"
+
+softether_server_precmd()
+{
+	if [ ! -d "${datadir}" ]; then
+	    mkdir -p ${datadir}
+	fi
+}
+
+run_rc_command "$1"
--- a/security/softether-devel/files/vpnbridge.in
+++ b/security/softether-devel/files/vpnbridge.in
@ -1,30 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-# PROVIDE: vpnbridge
-# REQUIRE: LOGIN
-#
-. /etc/rc.subr
-
-name=vpnbridge
-rcvar=${name}_enable
-command=%%PREFIX%%/sbin/${name}
-start_cmd="${name}_start"
-stop_cmd="${name}_stop"
-
-vpnbridge_start()
-{
-
-	$command start
-}
-
-vpnbridge_stop()
-{
-
-	$command stop
-}
-
-load_rc_config $name
-: ${vpnbridge_enable:=NO}
-run_rc_command "$1"
--- a/security/softether-devel/files/vpnclient.in
+++ b/security/softether-devel/files/vpnclient.in
@ -1,30 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-# PROVIDE: vpnclient
-# REQUIRE: LOGIN
-#
-. /etc/rc.subr
-
-name=vpnclient
-rcvar=${name}_enable
-command=%%PREFIX%%/sbin/${name}
-start_cmd="${name}_start"
-stop_cmd="${name}_stop"
-
-vpnclient_start()
-{
-
-	$command start
-}
-
-vpnclient_stop()
-{
-
-	$command stop
-}
-
-load_rc_config $name
-: ${vpnclient_enable:=NO}
-run_rc_command "$1"
--- a/security/softether-devel/files/vpncmd.in
+++ b/security/softether-devel/files/vpncmd.in
@ -0,0 +1,6 @@
+#!/bin/sh
+#
+# wrapper script for vpncmd, the configuration binary for
+# SoftEther vpn
+#
+%%PREFIX%%/libexec/softether/vpncmd ${1+"$@"}
--- a/security/softether-devel/files/vpnserver.in
+++ b/security/softether-devel/files/vpnserver.in
@ -1,30 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-# PROVIDE: vpnserver
-# REQUIRE: LOGIN
-#
-. /etc/rc.subr
-
-name=vpnserver
-rcvar=${name}_enable
-command=%%PREFIX%%/sbin/${name}
-start_cmd="${name}_start"
-stop_cmd="${name}_stop"
-
-vpnserver_start()
-{
-
-	$command start
-}
-
-vpnserver_stop()
-{
-
-	$command stop
-}
-
-load_rc_config $name
-: ${vpnserver_enable:=NO}
-run_rc_command "$1"
--- a/security/softether-devel/pkg-descr
+++ b/security/softether-devel/pkg-descr
@ -1,10 +1,7 @@
-SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the
-world's most powerful and easy-to-use multi-protocol VPN software.
+SoftEther VPN ("SoftEther" means "Software Ethernet") is a powerful,
+multi-OS and easy-to-use multi-protocol VPN software. It supports
+SSL-VPN (HTTPS), as well as OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3
+and EtherIP tunneling protocols and has a clone function to support
+OpenVPN clients.

-SoftEther VPN runs on Windows, Linux, Mac, FreeBSD and Solaris.
-
-SoftEther VPN supports most of widely-used VPN protocols
-including SSL-VPN, OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3 and EtherIP
-by the single SoftEther VPN Server program.
-
-WWW: http://www.softether.org/
+WWW: https://www.softether.org
--- a/security/softether-devel/pkg-message
+++ b/security/softether-devel/pkg-message
@ -0,0 +1,22 @@
+**************************************************************************
+
+To run softether vpn client from startup, run
+sysrc softether_client_enable=yes
+
+To run softether vpn server from startup, run
+sysrc softether_server_enable=yes
+
+To run softether vpn bridge from startup, run
+sysrc softether_bridge_enable=yes
+
+Initial and further configuration of all softether services can be
+done either by using a Windows client to connect to the running
+services or by vpncmd from command line.
+
+Please note client and bridge functionality is not fully
+supported on FreeBSD right now.
+
+When removing SoftEther VPN without the desire to reinstall, please
+ensure to remove the directory /var/db/softether as well.
+
+**************************************************************************
--- a/security/softether-devel/pkg-plist
+++ b/security/softether-devel/pkg-plist
@ -1,12 +1,8 @@
-sbin/vpnserver
-sbin/vpnbridge
-sbin/vpnclient
+libexec/softether/hamcore.se2
+libexec/softether/vpnbridge
+libexec/softether/vpnclient
+libexec/softether/vpncmd
+libexec/softether/vpnserver
 sbin/vpncmd
-softethervpn/vpnbridge/hamcore.se2
-softethervpn/vpnbridge/vpnbridge
-softethervpn/vpnclient/hamcore.se2
-softethervpn/vpnclient/vpnclient
-softethervpn/vpncmd/hamcore.se2
-softethervpn/vpncmd/vpncmd
-softethervpn/vpnserver/hamcore.se2
-softethervpn/vpnserver/vpnserver
+@dir libexec/softether
+@dir %%LOGDIR%%