summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>2007-12-03 19:48:11 +0000
committernbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>2007-12-03 19:48:11 +0000
commit002ca8c7a6d9334e0f1f23348d7f59383226cdcd (patch)
treeed143d2fc039a196e821331a5c5a467c7c863c8f
parentdea7198af1ad5255feb72902d15ac75cddeb0589 (diff)
update openswan to 0.4.10, reenable 2.6 support, sync with included openwrt packaging code (ported from wr to kamikaze)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9651 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r--package/openswan/Makefile40
-rw-r--r--package/openswan/patches/100-pluto_includes.patch13
-rw-r--r--package/openswan/patches/110-scripts.patch224
-rw-r--r--package/openswan/patches/130-sysctl_api_change.patch17
-rw-r--r--package/openswan/patches/140-linux_moduleparam.patch13
5 files changed, 32 insertions, 275 deletions
diff --git a/package/openswan/Makefile b/package/openswan/Makefile
index 9e786156b..b53d1cbfc 100644
--- a/package/openswan/Makefile
+++ b/package/openswan/Makefile
@@ -10,12 +10,12 @@ include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=openswan
-PKG_VERSION:=2.4.8
+PKG_VERSION:=2.4.10
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.openswan.org/download
-PKG_MD5SUM:=918cc56ccf8e5d14cd2047e47450b34a
+PKG_MD5SUM:=2b36785342c74d524d8d86bde89a445f
include $(INCLUDE_DIR)/package.mk
@@ -32,7 +32,7 @@ define Package/openswan
$(call Package/openswan/Default)
SECTION:=net
CATEGORY:=Network
- DEPENDS:=@LINUX_2_4 +kmod-openswan +libgmp +ip
+ DEPENDS:=+kmod-openswan +libgmp +ip
TITLE+= (daemon)
URL:=http://www.openswan.org/
endef
@@ -45,7 +45,6 @@ endef
define KernelPackage/openswan
$(call Package/openswan/Default)
SUBMENU:=Network Support
- DEPENDS:=@LINUX_2_4
TITLE+= (kernel module)
FILES:=$(PKG_BUILD_DIR)/modobj*/ipsec.$(LINUX_KMOD_SUFFIX)
endef
@@ -55,22 +54,29 @@ $(call Package/openswan/Default/description)
This package contains the Openswan kernel module.
endef
+TARGET_CPPFLAGS = \
+ -I$(STAGING_DIR)/usr/include \
+ -I$(LINUX_DIR)/include
-PKG_MAKE_OPTS:= \
- LINUX_RELEASE="$(LINUX_RELEASE)" \
- KERNELSRC="$(LINUX_DIR)" \
- ARCH="$(LINUX_KARCH)" \
- CROSS_COMPILE="$(TARGET_CROSS)" \
- USERCOMPILE="$(TARGET_CFLAGS) -I./linux/include $(TARGET_CPPFLAGS) $(TARGET_LDFLAGS)" \
- IPSECDIR="/usr/lib/ipsec" \
- INC_USRLOCAL="/usr" \
+TARGET_LDFLAGS = \
+ -L$(STAGING_DIR)/usr/lib
+
+OPENSWAN_MAKE := $(MAKE) -C $(PKG_BUILD_DIR) \
+ $(TARGET_CONFIGURE_OPTS) \
+ LINUX_RELEASE="$(LINUX_RELEASE)" \
+ KERNELSRC="$(LINUX_DIR)" \
+ ARCH="$(LINUX_KARCH)" \
+ CROSS_COMPILE="$(TARGET_CROSS)" \
+ USERCOMPILE="$(TARGET_CFLAGS) -I$(PKG_BUILD_DIR)/linux/include $(TARGET_CPPFLAGS) $(TARGET_LDFLAGS)" \
+ IPSECDIR="/usr/lib/ipsec" \
+ INC_USRLOCAL="/usr" \
+ INC_RCDEFAULT="/etc/init.d" \
+ MODPROBE="/sbin/insmod" \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ DESTDIR="$(PKG_INSTALL_DIR)"
define Build/Compile
- $(MAKE) -C $(PKG_BUILD_DIR) \
- $(TARGET_CONFIGURE_OPTS) \
- $(PKG_MAKE_OPTS) \
- LDFLAGS="$(TARGET_LDFLAGS)" \
- DESTDIR="$(PKG_INSTALL_DIR)" \
+ $(OPENSWAN_MAKE) \
programs module install
endef
diff --git a/package/openswan/patches/100-pluto_includes.patch b/package/openswan/patches/100-pluto_includes.patch
deleted file mode 100644
index cb16d72e5..000000000
--- a/package/openswan/patches/100-pluto_includes.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Index: openswan-2.4.8/programs/pluto/Makefile
-===================================================================
---- openswan-2.4.8.orig/programs/pluto/Makefile 2007-06-04 13:22:49.950261688 +0200
-+++ openswan-2.4.8/programs/pluto/Makefile 2007-06-04 13:22:50.017251504 +0200
-@@ -265,7 +265,7 @@
- LIBSPLUTO+=$(HAVE_THREADS_LIBS) ${XAUTHPAM_LIBS}
- LIBSPLUTO+=${CURL_LIBS}
- LIBSPLUTO+=${EXTRA_CRYPTO_LIBS}
--LIBSPLUTO+= -lgmp -lresolv # -lefence
-+LIBSPLUTO+=$(EXTRA_LIBS) -lgmp -lresolv # -lefence
-
- ifneq ($(LD_LIBRARY_PATH),)
- LDFLAGS=-L$(LD_LIBRARY_PATH)
diff --git a/package/openswan/patches/110-scripts.patch b/package/openswan/patches/110-scripts.patch
index 28269f327..d605ceaba 100644
--- a/package/openswan/patches/110-scripts.patch
+++ b/package/openswan/patches/110-scripts.patch
@@ -1,30 +1,15 @@
-Index: openswan-2.4.8/programs/loggerfix
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openswan-2.4.8/programs/loggerfix 2007-06-04 13:22:50.209222320 +0200
+diff -urN openswan.old/programs/loggerfix openswan.dev/programs/loggerfix
+--- openswan.old/programs/loggerfix 1970-01-01 01:00:00.000000000 +0100
++++ openswan.dev/programs/loggerfix 2006-10-08 20:41:08.000000000 +0200
@@ -0,0 +1,5 @@
+#!/bin/sh
+# use filename instead of /dev/null to log, but dont log to flash or ram
+# pref. log to nfs mount
+echo "$*" >> /dev/null
+exit 0
-Index: openswan-2.4.8/programs/look/look.in
-===================================================================
---- openswan-2.4.8.orig/programs/look/look.in 2007-06-04 13:22:49.874273240 +0200
-+++ openswan-2.4.8/programs/look/look.in 2007-06-04 13:22:50.209222320 +0200
-@@ -84,7 +84,7 @@
- then
- pat="$pat|$defaultroutephys\$|$defaultroutevirt\$"
- else
-- for i in `echo "$IPSECinterfaces" | sed 's/=/ /'`
-+ for i in `echo "$IPSECinterfaces" | tr '=' ' '`
- do
- pat="$pat|$i\$"
- done
-Index: openswan-2.4.8/programs/_plutorun/_plutorun.in
-===================================================================
---- openswan-2.4.8.orig/programs/_plutorun/_plutorun.in 2007-06-04 13:22:49.880272328 +0200
-+++ openswan-2.4.8/programs/_plutorun/_plutorun.in 2007-06-04 13:22:50.209222320 +0200
+diff -urN openswan.old/programs/_plutorun/_plutorun.in openswan.dev/programs/_plutorun/_plutorun.in
+--- openswan.old/programs/_plutorun/_plutorun.in 2006-10-08 20:43:21.000000000 +0200
++++ openswan.dev/programs/_plutorun/_plutorun.in 2006-10-08 20:41:08.000000000 +0200
@@ -147,7 +147,7 @@
exit 1
fi
@@ -34,10 +19,9 @@ Index: openswan-2.4.8/programs/_plutorun/_plutorun.in
then
echo Cannot write to directory to create \"$stderrlog\".
exit 1
-Index: openswan-2.4.8/programs/_realsetup/_realsetup.in
-===================================================================
---- openswan-2.4.8.orig/programs/_realsetup/_realsetup.in 2007-06-04 13:22:49.888271112 +0200
-+++ openswan-2.4.8/programs/_realsetup/_realsetup.in 2007-06-04 13:22:50.210222168 +0200
+diff -urN openswan.old/programs/_realsetup/_realsetup.in openswan.dev/programs/_realsetup/_realsetup.in
+--- openswan.old/programs/_realsetup/_realsetup.in 2006-10-08 20:43:21.000000000 +0200
++++ openswan.dev/programs/_realsetup/_realsetup.in 2006-10-08 20:41:08.000000000 +0200
@@ -232,7 +232,7 @@
# misc pre-Pluto setup
@@ -47,193 +31,3 @@ Index: openswan-2.4.8/programs/_realsetup/_realsetup.in
if test " $IPSECforwardcontrol" = " yes"
then
-Index: openswan-2.4.8/programs/send-pr/send-pr.in
-===================================================================
---- openswan-2.4.8.orig/programs/send-pr/send-pr.in 2007-06-04 13:22:49.894270200 +0200
-+++ openswan-2.4.8/programs/send-pr/send-pr.in 2007-06-04 13:22:50.210222168 +0200
-@@ -402,7 +402,7 @@
- else
- if [ "$fieldname" != "Category" ]
- then
-- values=`${BINDIR}/query-pr --valid-values $fieldname | sed ':a;N;$!ba;s/\n/ /g' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
-+ values=`${BINDIR}/query-pr --valid-values $fieldname | tr '\n' ' ' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
- valslen=`echo "$values" | wc -c`
- else
- values="choose from a category listed above"
-@@ -414,7 +414,7 @@
- else
- desc="<${values} (one line)>";
- fi
-- dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
-+ dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
- echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
- fi
- echo "${fmtname}${desc}" >> $file
-@@ -425,7 +425,7 @@
- desc=" $default_val";
- else
- desc=" <`${BINDIR}/query-pr --field-description $fieldname` (multiple lines)>";
-- dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
-+ dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
- echo "s/^${dpat}//" >> $FIXFIL
- fi
- echo "${fmtname}" >> $file;
-@@ -437,7 +437,7 @@
- desc="${default_val}"
- else
- desc="<`${BINDIR}/query-pr --field-description $fieldname` (one line)>"
-- dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
-+ dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
- echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
- fi
- echo "${fmtname}${desc}" >> $file
-Index: openswan-2.4.8/programs/setup/setup.in
-===================================================================
---- openswan-2.4.8.orig/programs/setup/setup.in 2007-06-04 13:22:49.902268984 +0200
-+++ openswan-2.4.8/programs/setup/setup.in 2007-06-04 13:22:50.210222168 +0200
-@@ -117,12 +117,21 @@
- # do it
- case "$1" in
- start|--start|stop|--stop|_autostop|_autostart)
-- if test " `id -u`" != " 0"
-+ if [ "x${USER}" != "xroot" ]
- then
- echo "permission denied (must be superuser)" |
- logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
- exit 1
- fi
-+ # make sure all required directories exist
-+ if [ ! -d /var/run/pluto ]
-+ then
-+ mkdir -p /var/run/pluto
-+ fi
-+ if [ ! -d /var/lock/subsys ]
-+ then
-+ mkdir -p /var/lock/subsys
-+ fi
- tmp=/var/run/pluto/ipsec_setup.st
- outtmp=/var/run/pluto/ipsec_setup.out
- (
-Index: openswan-2.4.8/programs/showhostkey/showhostkey.in
-===================================================================
---- openswan-2.4.8.orig/programs/showhostkey/showhostkey.in 2007-06-04 13:22:49.908268072 +0200
-+++ openswan-2.4.8/programs/showhostkey/showhostkey.in 2007-06-04 13:22:50.214221560 +0200
-@@ -63,7 +63,7 @@
- exit 1
- fi
-
--host="`hostname --fqdn`"
-+host="`cat /proc/sys/kernel/hostname`"
-
- awk ' BEGIN {
- inkey = 0
-@@ -81,7 +81,7 @@
- os = "[ \t]*"
- x = "[^ \t]+"
- oc = "(#.*)?"
-- suffix = ":" os "[rR][sS][aA]" os "{" os oc "$"
-+ suffix = ":" os "[rR][sS][aA]" os "[{]" os oc "$"
- if (id == "") {
- pat = "^" suffix
- printid = "default"
-Index: openswan-2.4.8/programs/starter/klips.c
-===================================================================
---- openswan-2.4.8.orig/programs/starter/klips.c 2007-06-04 13:22:49.914267160 +0200
-+++ openswan-2.4.8/programs/starter/klips.c 2007-06-04 13:22:50.214221560 +0200
-@@ -83,7 +83,7 @@
- if (stat(PROC_MODULES,&stb)==0) {
- unsetenv("MODPATH");
- unsetenv("MODULECONF");
-- system("depmod -a >/dev/null 2>&1 && modprobe ipsec");
-+ system("depmod -a >/dev/null 2>&1 && insmod ipsec");
- }
- if (stat(PROC_IPSECVERSION,&stb)==0) {
- _klips_module_loaded = 1;
-Index: openswan-2.4.8/programs/starter/netkey.c
-===================================================================
---- openswan-2.4.8.orig/programs/starter/netkey.c 2007-06-04 13:22:49.920266248 +0200
-+++ openswan-2.4.8/programs/starter/netkey.c 2007-06-04 13:22:50.214221560 +0200
-@@ -75,7 +75,7 @@
- if (stat(PROC_MODULES,&stb)==0) {
- unsetenv("MODPATH");
- unsetenv("MODULECONF");
-- system("depmod -a >/dev/null 2>&1 && modprobe xfrm4_tunnel esp4 ah4 af_key");
-+ system("depmod -a >/dev/null 2>&1 && insmod xfrm4_tunnel esp4 ah4 af_key");
- }
- if (stat(PROC_NETKEY,&stb)==0) {
- _netkey_module_loaded = 1;
-Index: openswan-2.4.8/programs/_startklips/_startklips.in
-===================================================================
---- openswan-2.4.8.orig/programs/_startklips/_startklips.in 2007-06-04 13:22:49.928265032 +0200
-+++ openswan-2.4.8/programs/_startklips/_startklips.in 2007-06-04 13:22:50.215221408 +0200
-@@ -272,16 +272,16 @@
- echo "FATAL ERROR: Both KLIPS and NETKEY IPsec code is present in kernel"
- exit
- fi
--if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn ipsec
-+if test ! -f $ipsecversion && test ! -f $netkey
- then
- # statically compiled KLIPS/NETKEY not found; but there seems to be an ipsec module
-- modprobe ipsec 2> /dev/null
-+ insmod -q ipsec 2> /dev/null
- fi
-
--if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn af_key
-+if test ! -f $ipsecversion && test ! -f $netkey
- then
- # netkey should work then
-- modprobe af_key 2> /dev/null
-+ insmod -q af_key 2> /dev/null
- fi
- if test ! -f $ipsecversion && test ! -f $netkey
- then
-@@ -294,27 +294,27 @@
- # modules shared between klips and netkey
- if test -f $modules
- then
-- # we modprobe hw_random so ipsec verify can complain about not using it
-- modprobe -q hw_random 2> /dev/null
-+ # we insmod hw_random so ipsec verify can complain about not using it
-+ insmod -q hw_random 2> /dev/null
- # padlock must load before aes module
-- modprobe -q padlock 2> /dev/null
-+ insmod -q padlock 2> /dev/null
- # load the most common ciphers/algo's
-- modprobe -q sha256 2> /dev/null
-- modprobe -q sha1 2> /dev/null
-- modprobe -q md5 2> /dev/null
-- modprobe -q des 2> /dev/null
-- modprobe -q aes 2> /dev/null
-+ insmod -q sha256 2> /dev/null
-+ insmod -q sha1 2> /dev/null
-+ insmod -q md5 2> /dev/null
-+ insmod -q des 2> /dev/null
-+ insmod -q aes 2> /dev/null
-
- if test -f $netkey
- then
- klips=false
-- modprobe -q ah4 2> /dev/null
-- modprobe -q esp4 2> /dev/null
-- modprobe -q ipcomp 2> /dev/null
-+ insmod -q ah4 2> /dev/null
-+ insmod -q esp4 2> /dev/null
-+ insmod -q ipcomp 2> /dev/null
- # xfrm4_tunnel is needed by ipip and ipcomp
-- modprobe -q xfrm4_tunnel 2> /dev/null
-+ insmod -q xfrm4_tunnel 2> /dev/null
- # xfrm_user contains netlink support for IPsec
-- modprobe -q xfrm_user 2> /dev/null
-+ insmod -q xfrm_user 2> /dev/null
- fi
-
- if test ! -f $ipsecversion && $klips
-@@ -327,7 +327,7 @@
- fi
- unset MODPATH MODULECONF # no user overrides!
- depmod -a >/dev/null 2>&1
-- modprobe -v ipsec
-+ insmod -v ipsec
- if test ! -f $ipsecversion
- then
- echo "kernel appears to lack IPsec support (neither CONFIG_KLIPS or CONFIG_NET_KEY are set)"
diff --git a/package/openswan/patches/130-sysctl_api_change.patch b/package/openswan/patches/130-sysctl_api_change.patch
deleted file mode 100644
index 894d273f5..000000000
--- a/package/openswan/patches/130-sysctl_api_change.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Index: openswan-2.4.8/linux/net/ipsec/sysctl_net_ipsec.c
-===================================================================
---- openswan-2.4.8.orig/linux/net/ipsec/sysctl_net_ipsec.c 2007-06-04 13:22:49.815282208 +0200
-+++ openswan-2.4.8/linux/net/ipsec/sysctl_net_ipsec.c 2007-06-04 13:22:51.852972432 +0200
-@@ -130,7 +130,11 @@
-
- int ipsec_sysctl_register(void)
- {
-- ipsec_table_header = register_sysctl_table(ipsec_root_table, 0);
-+#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,20)
-+ ipsec_table_header = register_sysctl_table(ipsec_root_table);
-+#else
-+ ipsec_table_header = register_sysctl_table(ipsec_root_table, 0);
-+#endif
- if (!ipsec_table_header) {
- return -ENOMEM;
- }
diff --git a/package/openswan/patches/140-linux_moduleparam.patch b/package/openswan/patches/140-linux_moduleparam.patch
deleted file mode 100644
index 8fbc358bc..000000000
--- a/package/openswan/patches/140-linux_moduleparam.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -urN openswan-2.4.8/linux/net/ipsec/ipsec_proc.c openswan-2.4.8.new/linux/net/ipsec/ipsec_proc.c
---- openswan-2.4.8/linux/net/ipsec/ipsec_proc.c 2006-11-15 23:21:39.000000000 +0100
-+++ openswan-2.4.8.new/linux/net/ipsec/ipsec_proc.c 2007-06-13 20:00:51.000000000 +0200
-@@ -27,6 +27,9 @@
- #include <linux/version.h>
- #define __NO_VERSION__
- #include <linux/module.h>
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
-+#include <linux/moduleparam.h>
-+#endif
- #include <linux/kernel.h> /* printk() */
-
- #include "openswan/ipsec_kversion.h"