update openswan to 0.4.10, reenable 2.6 support, sync with included openwrt packaging...
authorFelix Fietkau <nbd@openwrt.org>
Mon, 3 Dec 2007 19:48:11 +0000 (19:48 +0000)
committerFelix Fietkau <nbd@openwrt.org>
Mon, 3 Dec 2007 19:48:11 +0000 (19:48 +0000)
SVN-Revision: 9651

package/openswan/Makefile
package/openswan/patches/100-pluto_includes.patch [deleted file]
package/openswan/patches/110-scripts.patch
package/openswan/patches/130-sysctl_api_change.patch [deleted file]
package/openswan/patches/140-linux_moduleparam.patch [deleted file]

index 9e786156b7bf261e551df79991f671607b96f4b8..b53d1cbfc1ca3cf85b6869f6243b6645cd66380c 100644 (file)
@@ -10,12 +10,12 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=openswan
-PKG_VERSION:=2.4.8
+PKG_VERSION:=2.4.10
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.openswan.org/download
-PKG_MD5SUM:=918cc56ccf8e5d14cd2047e47450b34a
+PKG_MD5SUM:=2b36785342c74d524d8d86bde89a445f
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -32,7 +32,7 @@ define Package/openswan
 $(call Package/openswan/Default)
   SECTION:=net
   CATEGORY:=Network
-  DEPENDS:=@LINUX_2_4 +kmod-openswan +libgmp +ip
+  DEPENDS:=+kmod-openswan +libgmp +ip
   TITLE+= (daemon)
   URL:=http://www.openswan.org/
 endef
@@ -45,7 +45,6 @@ endef
 define KernelPackage/openswan
 $(call Package/openswan/Default)
   SUBMENU:=Network Support
-  DEPENDS:=@LINUX_2_4 
   TITLE+= (kernel module)
   FILES:=$(PKG_BUILD_DIR)/modobj*/ipsec.$(LINUX_KMOD_SUFFIX)
 endef
@@ -55,22 +54,29 @@ $(call Package/openswan/Default/description)
  This package contains the Openswan kernel module.
 endef
 
+TARGET_CPPFLAGS = \
+       -I$(STAGING_DIR)/usr/include \
+       -I$(LINUX_DIR)/include
 
-PKG_MAKE_OPTS:= \
-               LINUX_RELEASE="$(LINUX_RELEASE)" \
-               KERNELSRC="$(LINUX_DIR)" \
-               ARCH="$(LINUX_KARCH)" \
-               CROSS_COMPILE="$(TARGET_CROSS)" \
-               USERCOMPILE="$(TARGET_CFLAGS) -I./linux/include $(TARGET_CPPFLAGS) $(TARGET_LDFLAGS)" \
-               IPSECDIR="/usr/lib/ipsec" \
-               INC_USRLOCAL="/usr" \
+TARGET_LDFLAGS = \
+       -L$(STAGING_DIR)/usr/lib
+
+OPENSWAN_MAKE := $(MAKE) -C $(PKG_BUILD_DIR) \
+       $(TARGET_CONFIGURE_OPTS) \
+       LINUX_RELEASE="$(LINUX_RELEASE)" \
+       KERNELSRC="$(LINUX_DIR)" \
+       ARCH="$(LINUX_KARCH)" \
+       CROSS_COMPILE="$(TARGET_CROSS)" \
+       USERCOMPILE="$(TARGET_CFLAGS) -I$(PKG_BUILD_DIR)/linux/include $(TARGET_CPPFLAGS) $(TARGET_LDFLAGS)" \
+       IPSECDIR="/usr/lib/ipsec" \
+       INC_USRLOCAL="/usr" \
+       INC_RCDEFAULT="/etc/init.d" \
+       MODPROBE="/sbin/insmod" \
+       LDFLAGS="$(TARGET_LDFLAGS)" \
+       DESTDIR="$(PKG_INSTALL_DIR)"
 
 define Build/Compile
-       $(MAKE) -C $(PKG_BUILD_DIR) \
-               $(TARGET_CONFIGURE_OPTS) \
-               $(PKG_MAKE_OPTS) \
-               LDFLAGS="$(TARGET_LDFLAGS)" \
-               DESTDIR="$(PKG_INSTALL_DIR)" \
+       $(OPENSWAN_MAKE) \
                programs module install
 endef
 
diff --git a/package/openswan/patches/100-pluto_includes.patch b/package/openswan/patches/100-pluto_includes.patch
deleted file mode 100644 (file)
index cb16d72..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-Index: openswan-2.4.8/programs/pluto/Makefile
-===================================================================
---- openswan-2.4.8.orig/programs/pluto/Makefile        2007-06-04 13:22:49.950261688 +0200
-+++ openswan-2.4.8/programs/pluto/Makefile     2007-06-04 13:22:50.017251504 +0200
-@@ -265,7 +265,7 @@
- LIBSPLUTO+=$(HAVE_THREADS_LIBS) ${XAUTHPAM_LIBS}
- LIBSPLUTO+=${CURL_LIBS} 
- LIBSPLUTO+=${EXTRA_CRYPTO_LIBS}
--LIBSPLUTO+= -lgmp -lresolv # -lefence
-+LIBSPLUTO+=$(EXTRA_LIBS) -lgmp -lresolv # -lefence
- ifneq ($(LD_LIBRARY_PATH),)
- LDFLAGS=-L$(LD_LIBRARY_PATH)
index 28269f32752beb94e0f21d95296d1cf0844b954e..d605ceaba4c68c62baa55d24644aaed3dcb99e80 100644 (file)
@@ -1,30 +1,15 @@
-Index: openswan-2.4.8/programs/loggerfix
-===================================================================
---- /dev/null  1970-01-01 00:00:00.000000000 +0000
-+++ openswan-2.4.8/programs/loggerfix  2007-06-04 13:22:50.209222320 +0200
+diff -urN openswan.old/programs/loggerfix openswan.dev/programs/loggerfix
+--- openswan.old/programs/loggerfix    1970-01-01 01:00:00.000000000 +0100
++++ openswan.dev/programs/loggerfix    2006-10-08 20:41:08.000000000 +0200
 @@ -0,0 +1,5 @@
 +#!/bin/sh
 +# use filename instead of /dev/null to log, but dont log to flash or ram
 +# pref. log to nfs mount
 +echo "$*" >> /dev/null
 +exit 0
-Index: openswan-2.4.8/programs/look/look.in
-===================================================================
---- openswan-2.4.8.orig/programs/look/look.in  2007-06-04 13:22:49.874273240 +0200
-+++ openswan-2.4.8/programs/look/look.in       2007-06-04 13:22:50.209222320 +0200
-@@ -84,7 +84,7 @@
- then
-       pat="$pat|$defaultroutephys\$|$defaultroutevirt\$"
- else
--      for i in `echo "$IPSECinterfaces" | sed 's/=/ /'`
-+      for i in `echo "$IPSECinterfaces" | tr '=' ' '`
-       do
-               pat="$pat|$i\$"
-       done
-Index: openswan-2.4.8/programs/_plutorun/_plutorun.in
-===================================================================
---- openswan-2.4.8.orig/programs/_plutorun/_plutorun.in        2007-06-04 13:22:49.880272328 +0200
-+++ openswan-2.4.8/programs/_plutorun/_plutorun.in     2007-06-04 13:22:50.209222320 +0200
+diff -urN openswan.old/programs/_plutorun/_plutorun.in openswan.dev/programs/_plutorun/_plutorun.in
+--- openswan.old/programs/_plutorun/_plutorun.in       2006-10-08 20:43:21.000000000 +0200
++++ openswan.dev/programs/_plutorun/_plutorun.in       2006-10-08 20:41:08.000000000 +0200
 @@ -147,7 +147,7 @@
                        exit 1
                fi
@@ -34,10 +19,9 @@ Index: openswan-2.4.8/programs/_plutorun/_plutorun.in
                then
                        echo Cannot write to directory to create \"$stderrlog\".
                        exit 1
-Index: openswan-2.4.8/programs/_realsetup/_realsetup.in
-===================================================================
---- openswan-2.4.8.orig/programs/_realsetup/_realsetup.in      2007-06-04 13:22:49.888271112 +0200
-+++ openswan-2.4.8/programs/_realsetup/_realsetup.in   2007-06-04 13:22:50.210222168 +0200
+diff -urN openswan.old/programs/_realsetup/_realsetup.in openswan.dev/programs/_realsetup/_realsetup.in
+--- openswan.old/programs/_realsetup/_realsetup.in     2006-10-08 20:43:21.000000000 +0200
++++ openswan.dev/programs/_realsetup/_realsetup.in     2006-10-08 20:41:08.000000000 +0200
 @@ -232,7 +232,7 @@
  
        # misc pre-Pluto setup
@@ -47,193 +31,3 @@ Index: openswan-2.4.8/programs/_realsetup/_realsetup.in
  
        if test " $IPSECforwardcontrol" = " yes"
        then
-Index: openswan-2.4.8/programs/send-pr/send-pr.in
-===================================================================
---- openswan-2.4.8.orig/programs/send-pr/send-pr.in    2007-06-04 13:22:49.894270200 +0200
-+++ openswan-2.4.8/programs/send-pr/send-pr.in 2007-06-04 13:22:50.210222168 +0200
-@@ -402,7 +402,7 @@
-                   else
-                       if [ "$fieldname" != "Category" ]
-                       then
--                          values=`${BINDIR}/query-pr --valid-values $fieldname | sed ':a;N;$!ba;s/\n/ /g' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
-+                          values=`${BINDIR}/query-pr --valid-values $fieldname | tr '\n' ' ' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
-                           valslen=`echo "$values" | wc -c`
-                       else
-                           values="choose from a category listed above"
-@@ -414,7 +414,7 @@
-                       else
-                               desc="<${values} (one line)>";
-                       fi
--                      dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
-+                      dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
-                       echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
-                   fi
-                   echo "${fmtname}${desc}" >> $file
-@@ -425,7 +425,7 @@
-                       desc="  $default_val";
-                   else
-                       desc="  <`${BINDIR}/query-pr --field-description $fieldname` (multiple lines)>";
--                      dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
-+                      dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
-                       echo "s/^${dpat}//" >> $FIXFIL
-                   fi
-                   echo "${fmtname}" >> $file;
-@@ -437,7 +437,7 @@
-                       desc="${default_val}"
-                   else
-                       desc="<`${BINDIR}/query-pr --field-description $fieldname` (one line)>"
--                      dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
-+                      dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
-                       echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
-                   fi
-                   echo "${fmtname}${desc}" >> $file
-Index: openswan-2.4.8/programs/setup/setup.in
-===================================================================
---- openswan-2.4.8.orig/programs/setup/setup.in        2007-06-04 13:22:49.902268984 +0200
-+++ openswan-2.4.8/programs/setup/setup.in     2007-06-04 13:22:50.210222168 +0200
-@@ -117,12 +117,21 @@
- # do it
- case "$1" in
-   start|--start|stop|--stop|_autostop|_autostart)
--      if test " `id -u`" != " 0"
-+      if [ "x${USER}" != "xroot" ]
-       then
-               echo "permission denied (must be superuser)" |
-                       logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
-               exit 1
-       fi
-+      # make sure all required directories exist
-+      if [ ! -d /var/run/pluto ]
-+      then
-+              mkdir -p /var/run/pluto
-+      fi
-+      if [ ! -d /var/lock/subsys ]
-+      then
-+              mkdir -p /var/lock/subsys
-+      fi
-       tmp=/var/run/pluto/ipsec_setup.st
-       outtmp=/var/run/pluto/ipsec_setup.out
-       (
-Index: openswan-2.4.8/programs/showhostkey/showhostkey.in
-===================================================================
---- openswan-2.4.8.orig/programs/showhostkey/showhostkey.in    2007-06-04 13:22:49.908268072 +0200
-+++ openswan-2.4.8/programs/showhostkey/showhostkey.in 2007-06-04 13:22:50.214221560 +0200
-@@ -63,7 +63,7 @@
-       exit 1
- fi
--host="`hostname --fqdn`"
-+host="`cat /proc/sys/kernel/hostname`"
- awk ' BEGIN {
-               inkey = 0
-@@ -81,7 +81,7 @@
-               os = "[ \t]*"
-               x = "[^ \t]+"
-               oc = "(#.*)?"
--              suffix = ":" os "[rR][sS][aA]" os "{" os oc "$"
-+              suffix = ":" os "[rR][sS][aA]" os "[{]" os oc "$"
-               if (id == "") {
-                       pat = "^" suffix
-                       printid = "default"
-Index: openswan-2.4.8/programs/starter/klips.c
-===================================================================
---- openswan-2.4.8.orig/programs/starter/klips.c       2007-06-04 13:22:49.914267160 +0200
-+++ openswan-2.4.8/programs/starter/klips.c    2007-06-04 13:22:50.214221560 +0200
-@@ -83,7 +83,7 @@
-               if (stat(PROC_MODULES,&stb)==0) {
-                       unsetenv("MODPATH");
-                       unsetenv("MODULECONF");
--                      system("depmod -a >/dev/null 2>&1 && modprobe ipsec");
-+                      system("depmod -a >/dev/null 2>&1 && insmod ipsec");
-               }
-               if (stat(PROC_IPSECVERSION,&stb)==0) {
-                       _klips_module_loaded = 1;
-Index: openswan-2.4.8/programs/starter/netkey.c
-===================================================================
---- openswan-2.4.8.orig/programs/starter/netkey.c      2007-06-04 13:22:49.920266248 +0200
-+++ openswan-2.4.8/programs/starter/netkey.c   2007-06-04 13:22:50.214221560 +0200
-@@ -75,7 +75,7 @@
-               if (stat(PROC_MODULES,&stb)==0) {
-                       unsetenv("MODPATH");
-                       unsetenv("MODULECONF");
--                      system("depmod -a >/dev/null 2>&1 && modprobe xfrm4_tunnel esp4 ah4 af_key");
-+                      system("depmod -a >/dev/null 2>&1 && insmod xfrm4_tunnel esp4 ah4 af_key");
-               }
-               if (stat(PROC_NETKEY,&stb)==0) {
-                       _netkey_module_loaded = 1;
-Index: openswan-2.4.8/programs/_startklips/_startklips.in
-===================================================================
---- openswan-2.4.8.orig/programs/_startklips/_startklips.in    2007-06-04 13:22:49.928265032 +0200
-+++ openswan-2.4.8/programs/_startklips/_startklips.in 2007-06-04 13:22:50.215221408 +0200
-@@ -272,16 +272,16 @@
-     echo "FATAL ERROR: Both KLIPS and NETKEY IPsec code is present in kernel"
-     exit
- fi
--if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn ipsec
-+if test ! -f $ipsecversion && test ! -f $netkey
- then
-       # statically compiled KLIPS/NETKEY not found; but there seems to be an ipsec module
--      modprobe ipsec 2> /dev/null
-+      insmod -q ipsec 2> /dev/null
- fi
--if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn af_key
-+if test ! -f $ipsecversion && test ! -f $netkey
- then
-       # netkey should work then
--      modprobe af_key 2> /dev/null
-+      insmod -q af_key 2> /dev/null
- fi
- if test ! -f $ipsecversion && test ! -f $netkey 
- then
-@@ -294,27 +294,27 @@
- # modules shared between klips and netkey
- if test -f $modules
- then
--      # we modprobe hw_random so ipsec verify can complain about not using it
--      modprobe -q hw_random 2> /dev/null
-+      # we insmod hw_random so ipsec verify can complain about not using it
-+      insmod -q hw_random 2> /dev/null
-       # padlock must load before aes module
--      modprobe -q padlock 2> /dev/null
-+      insmod -q padlock 2> /dev/null
-       # load the most common ciphers/algo's
--      modprobe -q sha256 2> /dev/null
--      modprobe -q sha1 2> /dev/null
--      modprobe -q md5 2> /dev/null
--      modprobe -q des 2> /dev/null
--      modprobe -q aes 2> /dev/null
-+      insmod -q sha256 2> /dev/null
-+      insmod -q sha1 2> /dev/null
-+      insmod -q md5 2> /dev/null
-+      insmod -q des 2> /dev/null
-+      insmod -q aes 2> /dev/null
-       if test -f $netkey
-       then
-               klips=false
--              modprobe -q ah4 2> /dev/null
--              modprobe -q esp4 2> /dev/null
--              modprobe -q ipcomp 2> /dev/null
-+              insmod -q ah4 2> /dev/null
-+              insmod -q esp4 2> /dev/null
-+              insmod -q ipcomp 2> /dev/null
-               #  xfrm4_tunnel is needed by ipip and ipcomp
--              modprobe -q xfrm4_tunnel 2> /dev/null
-+              insmod -q xfrm4_tunnel 2> /dev/null
-               # xfrm_user contains netlink support for IPsec 
--              modprobe -q xfrm_user 2> /dev/null
-+              insmod -q xfrm_user 2> /dev/null
-       fi
-       if test ! -f $ipsecversion && $klips
-@@ -327,7 +327,7 @@
-               fi
-                       unset MODPATH MODULECONF        # no user overrides!
-                       depmod -a >/dev/null 2>&1
--                      modprobe -v ipsec
-+                      insmod -v ipsec
-               if test ! -f $ipsecversion
-               then
-                       echo "kernel appears to lack IPsec support (neither CONFIG_KLIPS or CONFIG_NET_KEY are set)"
diff --git a/package/openswan/patches/130-sysctl_api_change.patch b/package/openswan/patches/130-sysctl_api_change.patch
deleted file mode 100644 (file)
index 894d273..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-Index: openswan-2.4.8/linux/net/ipsec/sysctl_net_ipsec.c
-===================================================================
---- openswan-2.4.8.orig/linux/net/ipsec/sysctl_net_ipsec.c     2007-06-04 13:22:49.815282208 +0200
-+++ openswan-2.4.8/linux/net/ipsec/sysctl_net_ipsec.c  2007-06-04 13:22:51.852972432 +0200
-@@ -130,7 +130,11 @@
- int ipsec_sysctl_register(void)
- {
--        ipsec_table_header = register_sysctl_table(ipsec_root_table, 0);
-+#if LINUX_VERSION_CODE > KERNEL_VERSION(2,6,20)
-+              ipsec_table_header = register_sysctl_table(ipsec_root_table);
-+#else
-+              ipsec_table_header = register_sysctl_table(ipsec_root_table, 0);
-+#endif
-         if (!ipsec_table_header) {
-                 return -ENOMEM;
-       }
diff --git a/package/openswan/patches/140-linux_moduleparam.patch b/package/openswan/patches/140-linux_moduleparam.patch
deleted file mode 100644 (file)
index 8fbc358..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -urN openswan-2.4.8/linux/net/ipsec/ipsec_proc.c openswan-2.4.8.new/linux/net/ipsec/ipsec_proc.c
---- openswan-2.4.8/linux/net/ipsec/ipsec_proc.c        2006-11-15 23:21:39.000000000 +0100
-+++ openswan-2.4.8.new/linux/net/ipsec/ipsec_proc.c    2007-06-13 20:00:51.000000000 +0200
-@@ -27,6 +27,9 @@
- #include <linux/version.h>
- #define __NO_VERSION__
- #include <linux/module.h>
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
-+#include <linux/moduleparam.h>
-+#endif
- #include <linux/kernel.h> /* printk() */
- #include "openswan/ipsec_kversion.h"