include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=openswan
-PKG_VERSION:=2.4.8
+PKG_VERSION:=2.4.10
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.openswan.org/download
-PKG_MD5SUM:=918cc56ccf8e5d14cd2047e47450b34a
+PKG_MD5SUM:=2b36785342c74d524d8d86bde89a445f
include $(INCLUDE_DIR)/package.mk
$(call Package/openswan/Default)
SECTION:=net
CATEGORY:=Network
- DEPENDS:=@LINUX_2_4 +kmod-openswan +libgmp +ip
+ DEPENDS:=+kmod-openswan +libgmp +ip
TITLE+= (daemon)
URL:=http://www.openswan.org/
endef
define KernelPackage/openswan
$(call Package/openswan/Default)
SUBMENU:=Network Support
- DEPENDS:=@LINUX_2_4
TITLE+= (kernel module)
FILES:=$(PKG_BUILD_DIR)/modobj*/ipsec.$(LINUX_KMOD_SUFFIX)
endef
This package contains the Openswan kernel module.
endef
+TARGET_CPPFLAGS = \
+ -I$(STAGING_DIR)/usr/include \
+ -I$(LINUX_DIR)/include
-PKG_MAKE_OPTS:= \
- LINUX_RELEASE="$(LINUX_RELEASE)" \
- KERNELSRC="$(LINUX_DIR)" \
- ARCH="$(LINUX_KARCH)" \
- CROSS_COMPILE="$(TARGET_CROSS)" \
- USERCOMPILE="$(TARGET_CFLAGS) -I./linux/include $(TARGET_CPPFLAGS) $(TARGET_LDFLAGS)" \
- IPSECDIR="/usr/lib/ipsec" \
- INC_USRLOCAL="/usr" \
+TARGET_LDFLAGS = \
+ -L$(STAGING_DIR)/usr/lib
+
+OPENSWAN_MAKE := $(MAKE) -C $(PKG_BUILD_DIR) \
+ $(TARGET_CONFIGURE_OPTS) \
+ LINUX_RELEASE="$(LINUX_RELEASE)" \
+ KERNELSRC="$(LINUX_DIR)" \
+ ARCH="$(LINUX_KARCH)" \
+ CROSS_COMPILE="$(TARGET_CROSS)" \
+ USERCOMPILE="$(TARGET_CFLAGS) -I$(PKG_BUILD_DIR)/linux/include $(TARGET_CPPFLAGS) $(TARGET_LDFLAGS)" \
+ IPSECDIR="/usr/lib/ipsec" \
+ INC_USRLOCAL="/usr" \
+ INC_RCDEFAULT="/etc/init.d" \
+ MODPROBE="/sbin/insmod" \
+ LDFLAGS="$(TARGET_LDFLAGS)" \
+ DESTDIR="$(PKG_INSTALL_DIR)"
define Build/Compile
- $(MAKE) -C $(PKG_BUILD_DIR) \
- $(TARGET_CONFIGURE_OPTS) \
- $(PKG_MAKE_OPTS) \
- LDFLAGS="$(TARGET_LDFLAGS)" \
- DESTDIR="$(PKG_INSTALL_DIR)" \
+ $(OPENSWAN_MAKE) \
programs module install
endef
-Index: openswan-2.4.8/programs/loggerfix
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ openswan-2.4.8/programs/loggerfix 2007-06-04 13:22:50.209222320 +0200
+diff -urN openswan.old/programs/loggerfix openswan.dev/programs/loggerfix
+--- openswan.old/programs/loggerfix 1970-01-01 01:00:00.000000000 +0100
++++ openswan.dev/programs/loggerfix 2006-10-08 20:41:08.000000000 +0200
@@ -0,0 +1,5 @@
+#!/bin/sh
+# use filename instead of /dev/null to log, but dont log to flash or ram
+# pref. log to nfs mount
+echo "$*" >> /dev/null
+exit 0
-Index: openswan-2.4.8/programs/look/look.in
-===================================================================
---- openswan-2.4.8.orig/programs/look/look.in 2007-06-04 13:22:49.874273240 +0200
-+++ openswan-2.4.8/programs/look/look.in 2007-06-04 13:22:50.209222320 +0200
-@@ -84,7 +84,7 @@
- then
- pat="$pat|$defaultroutephys\$|$defaultroutevirt\$"
- else
-- for i in `echo "$IPSECinterfaces" | sed 's/=/ /'`
-+ for i in `echo "$IPSECinterfaces" | tr '=' ' '`
- do
- pat="$pat|$i\$"
- done
-Index: openswan-2.4.8/programs/_plutorun/_plutorun.in
-===================================================================
---- openswan-2.4.8.orig/programs/_plutorun/_plutorun.in 2007-06-04 13:22:49.880272328 +0200
-+++ openswan-2.4.8/programs/_plutorun/_plutorun.in 2007-06-04 13:22:50.209222320 +0200
+diff -urN openswan.old/programs/_plutorun/_plutorun.in openswan.dev/programs/_plutorun/_plutorun.in
+--- openswan.old/programs/_plutorun/_plutorun.in 2006-10-08 20:43:21.000000000 +0200
++++ openswan.dev/programs/_plutorun/_plutorun.in 2006-10-08 20:41:08.000000000 +0200
@@ -147,7 +147,7 @@
exit 1
fi
then
echo Cannot write to directory to create \"$stderrlog\".
exit 1
-Index: openswan-2.4.8/programs/_realsetup/_realsetup.in
-===================================================================
---- openswan-2.4.8.orig/programs/_realsetup/_realsetup.in 2007-06-04 13:22:49.888271112 +0200
-+++ openswan-2.4.8/programs/_realsetup/_realsetup.in 2007-06-04 13:22:50.210222168 +0200
+diff -urN openswan.old/programs/_realsetup/_realsetup.in openswan.dev/programs/_realsetup/_realsetup.in
+--- openswan.old/programs/_realsetup/_realsetup.in 2006-10-08 20:43:21.000000000 +0200
++++ openswan.dev/programs/_realsetup/_realsetup.in 2006-10-08 20:41:08.000000000 +0200
@@ -232,7 +232,7 @@
# misc pre-Pluto setup
if test " $IPSECforwardcontrol" = " yes"
then
-Index: openswan-2.4.8/programs/send-pr/send-pr.in
-===================================================================
---- openswan-2.4.8.orig/programs/send-pr/send-pr.in 2007-06-04 13:22:49.894270200 +0200
-+++ openswan-2.4.8/programs/send-pr/send-pr.in 2007-06-04 13:22:50.210222168 +0200
-@@ -402,7 +402,7 @@
- else
- if [ "$fieldname" != "Category" ]
- then
-- values=`${BINDIR}/query-pr --valid-values $fieldname | sed ':a;N;$!ba;s/\n/ /g' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
-+ values=`${BINDIR}/query-pr --valid-values $fieldname | tr '\n' ' ' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
- valslen=`echo "$values" | wc -c`
- else
- values="choose from a category listed above"
-@@ -414,7 +414,7 @@
- else
- desc="<${values} (one line)>";
- fi
-- dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
-+ dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
- echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
- fi
- echo "${fmtname}${desc}" >> $file
-@@ -425,7 +425,7 @@
- desc=" $default_val";
- else
- desc=" <`${BINDIR}/query-pr --field-description $fieldname` (multiple lines)>";
-- dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
-+ dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
- echo "s/^${dpat}//" >> $FIXFIL
- fi
- echo "${fmtname}" >> $file;
-@@ -437,7 +437,7 @@
- desc="${default_val}"
- else
- desc="<`${BINDIR}/query-pr --field-description $fieldname` (one line)>"
-- dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
-+ dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
- echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
- fi
- echo "${fmtname}${desc}" >> $file
-Index: openswan-2.4.8/programs/setup/setup.in
-===================================================================
---- openswan-2.4.8.orig/programs/setup/setup.in 2007-06-04 13:22:49.902268984 +0200
-+++ openswan-2.4.8/programs/setup/setup.in 2007-06-04 13:22:50.210222168 +0200
-@@ -117,12 +117,21 @@
- # do it
- case "$1" in
- start|--start|stop|--stop|_autostop|_autostart)
-- if test " `id -u`" != " 0"
-+ if [ "x${USER}" != "xroot" ]
- then
- echo "permission denied (must be superuser)" |
- logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
- exit 1
- fi
-+ # make sure all required directories exist
-+ if [ ! -d /var/run/pluto ]
-+ then
-+ mkdir -p /var/run/pluto
-+ fi
-+ if [ ! -d /var/lock/subsys ]
-+ then
-+ mkdir -p /var/lock/subsys
-+ fi
- tmp=/var/run/pluto/ipsec_setup.st
- outtmp=/var/run/pluto/ipsec_setup.out
- (
-Index: openswan-2.4.8/programs/showhostkey/showhostkey.in
-===================================================================
---- openswan-2.4.8.orig/programs/showhostkey/showhostkey.in 2007-06-04 13:22:49.908268072 +0200
-+++ openswan-2.4.8/programs/showhostkey/showhostkey.in 2007-06-04 13:22:50.214221560 +0200
-@@ -63,7 +63,7 @@
- exit 1
- fi
-
--host="`hostname --fqdn`"
-+host="`cat /proc/sys/kernel/hostname`"
-
- awk ' BEGIN {
- inkey = 0
-@@ -81,7 +81,7 @@
- os = "[ \t]*"
- x = "[^ \t]+"
- oc = "(#.*)?"
-- suffix = ":" os "[rR][sS][aA]" os "{" os oc "$"
-+ suffix = ":" os "[rR][sS][aA]" os "[{]" os oc "$"
- if (id == "") {
- pat = "^" suffix
- printid = "default"
-Index: openswan-2.4.8/programs/starter/klips.c
-===================================================================
---- openswan-2.4.8.orig/programs/starter/klips.c 2007-06-04 13:22:49.914267160 +0200
-+++ openswan-2.4.8/programs/starter/klips.c 2007-06-04 13:22:50.214221560 +0200
-@@ -83,7 +83,7 @@
- if (stat(PROC_MODULES,&stb)==0) {
- unsetenv("MODPATH");
- unsetenv("MODULECONF");
-- system("depmod -a >/dev/null 2>&1 && modprobe ipsec");
-+ system("depmod -a >/dev/null 2>&1 && insmod ipsec");
- }
- if (stat(PROC_IPSECVERSION,&stb)==0) {
- _klips_module_loaded = 1;
-Index: openswan-2.4.8/programs/starter/netkey.c
-===================================================================
---- openswan-2.4.8.orig/programs/starter/netkey.c 2007-06-04 13:22:49.920266248 +0200
-+++ openswan-2.4.8/programs/starter/netkey.c 2007-06-04 13:22:50.214221560 +0200
-@@ -75,7 +75,7 @@
- if (stat(PROC_MODULES,&stb)==0) {
- unsetenv("MODPATH");
- unsetenv("MODULECONF");
-- system("depmod -a >/dev/null 2>&1 && modprobe xfrm4_tunnel esp4 ah4 af_key");
-+ system("depmod -a >/dev/null 2>&1 && insmod xfrm4_tunnel esp4 ah4 af_key");
- }
- if (stat(PROC_NETKEY,&stb)==0) {
- _netkey_module_loaded = 1;
-Index: openswan-2.4.8/programs/_startklips/_startklips.in
-===================================================================
---- openswan-2.4.8.orig/programs/_startklips/_startklips.in 2007-06-04 13:22:49.928265032 +0200
-+++ openswan-2.4.8/programs/_startklips/_startklips.in 2007-06-04 13:22:50.215221408 +0200
-@@ -272,16 +272,16 @@
- echo "FATAL ERROR: Both KLIPS and NETKEY IPsec code is present in kernel"
- exit
- fi
--if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn ipsec
-+if test ! -f $ipsecversion && test ! -f $netkey
- then
- # statically compiled KLIPS/NETKEY not found; but there seems to be an ipsec module
-- modprobe ipsec 2> /dev/null
-+ insmod -q ipsec 2> /dev/null
- fi
-
--if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn af_key
-+if test ! -f $ipsecversion && test ! -f $netkey
- then
- # netkey should work then
-- modprobe af_key 2> /dev/null
-+ insmod -q af_key 2> /dev/null
- fi
- if test ! -f $ipsecversion && test ! -f $netkey
- then
-@@ -294,27 +294,27 @@
- # modules shared between klips and netkey
- if test -f $modules
- then
-- # we modprobe hw_random so ipsec verify can complain about not using it
-- modprobe -q hw_random 2> /dev/null
-+ # we insmod hw_random so ipsec verify can complain about not using it
-+ insmod -q hw_random 2> /dev/null
- # padlock must load before aes module
-- modprobe -q padlock 2> /dev/null
-+ insmod -q padlock 2> /dev/null
- # load the most common ciphers/algo's
-- modprobe -q sha256 2> /dev/null
-- modprobe -q sha1 2> /dev/null
-- modprobe -q md5 2> /dev/null
-- modprobe -q des 2> /dev/null
-- modprobe -q aes 2> /dev/null
-+ insmod -q sha256 2> /dev/null
-+ insmod -q sha1 2> /dev/null
-+ insmod -q md5 2> /dev/null
-+ insmod -q des 2> /dev/null
-+ insmod -q aes 2> /dev/null
-
- if test -f $netkey
- then
- klips=false
-- modprobe -q ah4 2> /dev/null
-- modprobe -q esp4 2> /dev/null
-- modprobe -q ipcomp 2> /dev/null
-+ insmod -q ah4 2> /dev/null
-+ insmod -q esp4 2> /dev/null
-+ insmod -q ipcomp 2> /dev/null
- # xfrm4_tunnel is needed by ipip and ipcomp
-- modprobe -q xfrm4_tunnel 2> /dev/null
-+ insmod -q xfrm4_tunnel 2> /dev/null
- # xfrm_user contains netlink support for IPsec
-- modprobe -q xfrm_user 2> /dev/null
-+ insmod -q xfrm_user 2> /dev/null
- fi
-
- if test ! -f $ipsecversion && $klips
-@@ -327,7 +327,7 @@
- fi
- unset MODPATH MODULECONF # no user overrides!
- depmod -a >/dev/null 2>&1
-- modprobe -v ipsec
-+ insmod -v ipsec
- if test ! -f $ipsecversion
- then
- echo "kernel appears to lack IPsec support (neither CONFIG_KLIPS or CONFIG_NET_KEY are set)"