<pre style='margin:0'>
Perry E. Metzger (pmetzger) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/9010c9428a0acabc6fe8f0ca7d68614376b5daae">https://github.com/macports/macports-ports/commit/9010c9428a0acabc6fe8f0ca7d68614376b5daae</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'> new 9010c94 macos-vpn-server: Add hard-coded network settings to address portindex issue
</span>9010c94 is described below
<span style='display:block; white-space:pre;color:#808000;'>commit 9010c9428a0acabc6fe8f0ca7d68614376b5daae
</span>Author: Steven Thomas Smith <s.t.smith@ieee.org>
AuthorDate: Wed Jul 3 04:49:36 2019 -0400
<span style='display:block; white-space:pre;color:#404040;'> macos-vpn-server: Add hard-coded network settings to address portindex issue
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> * Use default hard-coded example configuration settings
</span><span style='display:block; white-space:pre;color:#404040;'> * Put network settings in `post-activate` block as recommended
</span><span style='display:block; white-space:pre;color:#404040;'> * Use `awks`'s `$NF` to get default interfaces
</span><span style='display:block; white-space:pre;color:#404040;'> * Related: https://github.com/macports/macports-ports/pull/4741
</span><span style='display:block; white-space:pre;color:#404040;'> * Related: https://trac.macports.org/ticket/58668
</span>---
net/macos-vpn-server/Portfile | 114 ++++++++++++++++++++++--------------------
1 file changed, 59 insertions(+), 55 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/net/macos-vpn-server/Portfile b/net/macos-vpn-server/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index b763831..5111265 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/net/macos-vpn-server/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/net/macos-vpn-server/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -5,6 +5,7 @@ PortSystem 1.0
</span> name macos-vpn-server
# use the latest macOS version as the version number of this port
version 10.14.5
<span style='display:block; white-space:pre;background:#e0ffe0;'>+revision 1
</span> homepage https://opensource.apple.com/source/ppp/ppp-838/Helpers/vpnd/vpnd.5.auto.html
categories net
platforms darwin
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -28,56 +29,25 @@ long_description ${description} \
</span>
use_configure no
<span style='display:block; white-space:pre;background:#ffe0e0;'>-# Network configuration
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-set vpn_vpnhost [exec /bin/hostname -f]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-set vpn_offeredsearchdomain [exec /bin/hostname -f | /usr/bin/sed -E -e "s|^\[^.\]+\\.(.*)\$|\\1.|"]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-set vpn_offeredserveraddress [exec /usr/sbin/scutil --dns | /usr/bin/grep "DNS configuration (for scoped queries)" -A 7 | /usr/bin/grep nameserver | /usr/bin/sed -E -e "s|^\[\[:space:\]\]*nameserver.+\[\[:space:\]\]*:\[\[:space:\]\]+||" | /usr/bin/head -1]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-set vpn_network [exec /bin/sh -c "/sbin/ifconfig `/usr/sbin/netstat -nr | /usr/bin/awk '{ if (\$1 ~/default/) { print \$6} }' | /usr/bin/head -1` | /usr/bin/awk '{ if (\$1 ~/inet\$/) { print \$2} }' | /usr/bin/sed -E -e 's|\\.\[0-9\]{1,3}\$|\\.|'"]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-set vpn_destaddressrange_start ${vpn_network}245
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-set vpn_destaddressrange_end ${vpn_network}254
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span> build {}
<span style='display:block; white-space:pre;background:#ffe0e0;'>-set LaunchDaemonsPath /Library/LaunchDaemons
</span> set sharePath ${prefix}/share/${name}
destroot {
xinstall -d \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- ${destroot}${sharePath}${LaunchDaemonsPath} \
</span> ${destroot}${sharePath}${SystemConfigurationPath}
xinstall -m 0644 -W ${filespath} \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- org.macports.ppp.l2tp.plist \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${destroot}${sharePath}${LaunchDaemonsPath}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ui_msg "Configuring VPN Network with:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- VPNHost ${vpn_vpnhost}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- OfferedServerAddresses (DNS) ${vpn_offeredserveraddress}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- OfferedSearchDomains ${vpn_offeredsearchdomain}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- DestAddressRanges ${vpn_destaddressrange_start} to ${vpn_destaddressrange_end}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- This configuration can be changed in the file\:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist\[.macports\]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- See `man 5 vpnd` for details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- xinstall -m 0644 -W ${filespath} \
</span> com.apple.RemoteAccessServers.plist.macports \
${destroot}${sharePath}${SystemConfigurationPath}
<span style='display:block; white-space:pre;background:#ffe0e0;'>- reinplace "s|@VPN_OFFEREDSEARCHDOMAIN@|${vpn_offeredsearchdomain}|g" \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${destroot}${sharePath}${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist.macports
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- reinplace "s|@VPN_OFFEREDSERVERADDRESS@|${vpn_offeredserveraddress}|g" \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${destroot}${sharePath}${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist.macports
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- reinplace "s|@VPN_DESTADDRESSRANGE_START@|${vpn_destaddressrange_start}|g" \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${destroot}${sharePath}${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist.macports
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- reinplace "s|@VPN_DESTADDRESSRANGE_END@|${vpn_destaddressrange_end}|g" \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${destroot}${sharePath}${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist.macports
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- reinplace "s|@VPN_VPNHOST@|${vpn_vpnhost}|g" \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ${destroot}${sharePath}${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist.macports
</span> }
<span style='display:block; white-space:pre;background:#e0ffe0;'>+startupitem.create yes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+startupitem.name ${name}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+startupitem.executable /usr/sbin/vpnd \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ -x \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ -i \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ org.macports.ppp.l2tp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span> pre-activate {
# Add the necessary keychain item for the VPN PSK
set vpn_keychain_item [exec /bin/sh -c "RV=\"\" ; /usr/bin/security find-generic-password -a org.macports.ppp.l2tp -s com.apple.net.racoon /Library/Keychains/System.keychain 1> /dev/null 2>&1 && RV=com.apple.net.racoon || /usr/bin/true ; echo \"\${RV}\""]
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -93,17 +63,53 @@ pre-activate {
</span> }
}
<span style='display:block; white-space:pre;background:#ffe0e0;'>-startupitem.create yes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-startupitem.name ${name}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-startupitem.executable /usr/sbin/vpnd \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- -x \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- -i \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- org.macports.ppp.l2tp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Network configuration
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# hard-coded examples
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+set vpn_vpnhost host.domain.tld
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+set vpn_offeredsearchdomain \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ domain.tld.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+set vpn_offeredserveraddress \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 10.0.1.1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+set vpn_network 10.0.1.
</span>
post-activate {
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ # copy to actual config file if it doesn't already exist
</span> if ![file exists ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist] {
xinstall -m 0644 ${sharePath}${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist.macports \
${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist
<span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # use network settings for installed example configuration
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set vpn_vpnhost [exec /bin/hostname -f]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set vpn_offeredsearchdomain [exec /bin/hostname -f | /usr/bin/sed -E -e "s|^\[^.\]+\\.(.*)\$|\\1.|"]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set vpn_offeredserveraddress [exec /usr/sbin/scutil --dns | /usr/bin/grep "DNS configuration (for scoped queries)" -A 7 | /usr/bin/grep nameserver | /usr/bin/sed -E -e "s|^\[\[:space:\]\]*nameserver.+\[\[:space:\]\]*:\[\[:space:\]\]+||" | /usr/bin/head -1]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set vpn_network [exec /bin/sh -c "/sbin/ifconfig `/usr/sbin/netstat -nr | /usr/bin/awk '{ if (\$1 ~/default/) { print \$NF} }' | /usr/bin/head -1` | /usr/bin/awk '{ if (\$1 ~/inet\$/) { print \$2} }' | /usr/bin/sed -E -e 's|\\.\[0-9\]{1,3}\$|\\.|'"]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set vpn_destaddressrange_start ${vpn_network}245
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set vpn_destaddressrange_end ${vpn_network}254
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ reinplace "s|@VPN_OFFEREDSEARCHDOMAIN@|${vpn_offeredsearchdomain}|g" \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ reinplace "s|@VPN_OFFEREDSERVERADDRESS@|${vpn_offeredserveraddress}|g" \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ reinplace "s|@VPN_DESTADDRESSRANGE_START@|${vpn_destaddressrange_start}|g" \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ reinplace "s|@VPN_DESTADDRESSRANGE_END@|${vpn_destaddressrange_end}|g" \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ reinplace "s|@VPN_VPNHOST@|${vpn_vpnhost}|g" \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ui_msg "Configuring VPN Network with:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ VPNHost ${vpn_vpnhost}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ OfferedServerAddresses (DNS) ${vpn_offeredserveraddress}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ OfferedSearchDomains ${vpn_offeredsearchdomain}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ DestAddressRanges ${vpn_destaddressrange_start} to ${vpn_destaddressrange_end}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ This configuration can be changed in the file:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ See `man 5 vpnd` for details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+"
</span> }
# Add launchd.plist keys to MacPorts launchdaemon
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -117,22 +123,20 @@ post-activate {
</span> ${prefix}/etc/${startupitem.location}/org.macports.${name}/org.macports.${name}.plist
}
<span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span> notes "
<span style='display:block; white-space:pre;background:#ffe0e0;'>-macOS VPN Server is configured with:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-VPN Network configuration:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+The macOS VPN Server's initial configuration uses installation-time network
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+settings to provide a basic, working VPN server.
</span>
<span style='display:block; white-space:pre;background:#ffe0e0;'>- VPNHost ${vpn_vpnhost}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- OfferedServerAddresses (DNS) ${vpn_offeredserveraddress}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- OfferedSearchDomains ${vpn_offeredsearchdomain}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- DestAddressRanges ${vpn_destaddressrange_start} to ${vpn_destaddressrange_end}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+Users must reconfigure the installation for their own network
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+specifics by editing the files:
</span>
<span style='display:block; white-space:pre;background:#ffe0e0;'>- This configuration can be changed in the file (see `man 5 vpnd`):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist
</span>
<span style='display:block; white-space:pre;background:#ffe0e0;'>- ${SystemConfigurationPath}/com.apple.RemoteAccessServers.plist\[.macports\]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+See `man 5 vpnd` for details.
</span>
<span style='display:block; white-space:pre;background:#ffe0e0;'>-System Keychain item com.apple.net.racoon: VPN Pre-Shared Secret
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+The VPN Pre-Shared Secret is stored in the System Keychain item
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+com.apple.net.racoon, available within Keychain Access.app or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+/usr/bin/security.
</span>
Post Installation:
</pre><pre style='margin:0'>
</pre>