From 7ce890a23f4f148089d80fea8e8da9d41598ee28 Mon Sep 17 00:00:00 2001 From: Luka Perkov Date: Sat, 14 Jul 2012 23:12:52 +0000 Subject: [PATCH] strongswan4: remove package SVN-Revision: 32715 --- net/strongswan4/Config.in | 52 -- net/strongswan4/Makefile | 464 ------------------ net/strongswan4/files/ipsec.secrets | 1 - net/strongswan4/patches/201-no-modprobe.patch | 28 -- net/strongswan4/patches/203-uci.patch | 20 - .../patches/300-compile-fixes.patch | 11 - .../patches/400-CVE-2012-2388.patch | 21 - 7 files changed, 597 deletions(-) delete mode 100644 net/strongswan4/Config.in delete mode 100644 net/strongswan4/Makefile delete mode 100644 net/strongswan4/files/ipsec.secrets delete mode 100644 net/strongswan4/patches/201-no-modprobe.patch delete mode 100644 net/strongswan4/patches/203-uci.patch delete mode 100644 net/strongswan4/patches/300-compile-fixes.patch delete mode 100644 net/strongswan4/patches/400-CVE-2012-2388.patch diff --git a/net/strongswan4/Config.in b/net/strongswan4/Config.in deleted file mode 100644 index 18820d2f3..000000000 --- a/net/strongswan4/Config.in +++ /dev/null @@ -1,52 +0,0 @@ -menu "Configuration" - depends on PACKAGE_strongswan4 - -# --enable-cisco-quirks -config STRONGSWAN4_ENABLE_CISCO_QUIRKS - bool - prompt "Enable support of Cisco VPN client" - default y - -# --enable-nat-transport -config STRONGSWAN4_ENABLE_NAT_TRANSPORT - bool - prompt "Enable NAT traversal with IPsec transport mode in" - default y - -# --enable-vendor-id -config STRONGSWAN4_ENABLE_VENDOR_ID - bool - prompt "Enable sending of the strongSwan vendor ID" - default y - -# --enable-xauth-vid -config STRONGSWAN4_ENABLE_XAUTH_VID - bool - prompt "Enable sending of the XAUTH vendor ID" - default y - -# --with-random-device -config STRONGSWAN4_DEVICE_RANDOM - string - prompt "Set the device to read real random data from" - default "/dev/random" - -# --with-urandom-device -config STRONGSWAN4_DEVICE_URANDOM - string - prompt "Set the device to read pseudo random data from" - default "/dev/urandom" - -# --with-routing-table -config STRONGSWAN4_ROUTING_TABLE - string - prompt "Set the IPsec routing table ID" - default "220" - -# --with-routing-table-prio -config STRONGSWAN4_ROUTING_TABLE_PRIO - string - prompt "Set the IPsec routing table priority" - default "220" - -endmenu diff --git a/net/strongswan4/Makefile b/net/strongswan4/Makefile deleted file mode 100644 index 44c60e8ec..000000000 --- a/net/strongswan4/Makefile +++ /dev/null @@ -1,464 +0,0 @@ -# -# Copyright (C) 2010-2012 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=strongswan -PKG_VERSION:=4.5.3 -PKG_RELEASE:=3 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 -PKG_SOURCE_URL:=http://download.strongswan.org/ -PKG_MD5SUM:=ee7c50a90c91307b111e8085f2479890 - -PKG_MOD_AVAILABLE:= \ - aes \ - af-alg \ - agent \ - attr \ - attr-sql \ - blowfish \ - constraints \ - coupling \ - curl \ - des \ - dhcp \ - dnskey \ - duplicheck \ - eap-md5 \ - eap-mschapv2 \ - eap-radius \ - farp \ - fips-prf \ - gcrypt \ - gmp \ - hmac \ - kernel-klips \ - kernel-netlink \ - kernel-pfkey \ - ldap \ - led \ - load-tester \ - md5 \ - medcli \ - medsrv \ - mysql \ - padlock \ - pem \ - pgp \ - pkcs1 \ - pubkey \ - random \ - resolve \ - revocation \ - sha1 \ - sha2 \ - smp \ - socket-default \ - socket-raw \ - sql \ - sqlite \ - stroke \ - uci \ - updown \ - whitelist \ - x509 \ - xauth \ - xcbc \ - -PKG_CONFIG_DEPENDS:= \ - CONFIG_STRONGSWAN4_ENABLE_CISCO_QUIRKS \ - CONFIG_STRONGSWAN4_ENABLE_NAT_TRANSPORT \ - CONFIG_STRONGSWAN4_ENABLE_VENDOR_ID \ - CONFIG_STRONGSWAN4_ENABLE_XAUTH_VID \ - CONFIG_STRONGSWAN4_DEVICE_RANDOM \ - CONFIG_STRONGSWAN4_DEVICE_URANDOM \ - CONFIG_STRONGSWAN4_ROUTING_TABLE \ - CONFIG_STRONGSWAN4_ROUTING_TABLE_PRIO \ - $(patsubst %,CONFIG_PACKAGE_strongswan4-mod-%,$(PKG_MOD_AVAILABLE)) \ - -PKG_FIXUP:=autoreconf -PKG_INSTALL:=1 -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/strongswan4/Default - SUBMENU:=VPN - SECTION:=net - CATEGORY:=Network - TITLE:=StrongSwan - URL:=http://www.strongswan.org/ -endef - -define Package/strongswan4/description/Default - StrongSwan is an OpenSource IPsec implementation for the Linux operating system. - -endef - -define Package/strongswan4 -$(call Package/strongswan4/Default) - DEPENDS:= +libpthread +ip \ - +kmod-crypto-authenc \ - +kmod-ipsec +kmod-ipsec4 \ - +kmod-ipt-ipsec +iptables-mod-ipsec -endef - -define Package/strongswan4/config - source "$(SOURCE)/Config.in" -endef - -define Package/strongswan4/description -$(call Package/strongswan4/description/Default) - This package contains shared libraries and scripts. -endef - -define Package/strongswan4-full -$(call Package/strongswan4/Default) - TITLE+= (full) - DEPENDS:= +strongswan4 \ - +strongswan4-app-charon \ - +strongswan4-app-pluto \ - +strongswan4-libfast \ - +strongswan4-mod-aes \ - +strongswan4-mod-af-alg \ - +strongswan4-mod-agent \ - +strongswan4-mod-attr \ - +strongswan4-mod-attr-sql \ - +strongswan4-mod-blowfish \ - +strongswan4-mod-constraints \ - +strongswan4-mod-coupling \ - +strongswan4-mod-curl \ - +strongswan4-mod-des \ - +strongswan4-mod-dhcp \ - +strongswan4-mod-dnskey \ - +strongswan4-mod-duplicheck \ - +strongswan4-mod-eap-md5 \ - +strongswan4-mod-eap-mschapv2 \ - +strongswan4-mod-eap-radius \ - +strongswan4-mod-farp \ - +strongswan4-mod-fips-prf \ - +strongswan4-mod-gcrypt \ - +strongswan4-mod-gmp \ - +strongswan4-mod-hmac \ - +strongswan4-mod-kernel-netlink \ - +strongswan4-mod-kernel-pfkey \ - +strongswan4-mod-ldap \ - +strongswan4-mod-led \ - +strongswan4-mod-load-tester \ - +strongswan4-mod-md5 \ - +strongswan4-mod-medcli \ - +strongswan4-mod-medsrv \ - +strongswan4-mod-mysql \ - +TARGET_x86:strongswan4-mod-padlock \ - +strongswan4-mod-pem \ - +strongswan4-mod-pgp \ - +strongswan4-mod-pkcs1 \ - +strongswan4-mod-pubkey \ - +strongswan4-mod-random \ - +strongswan4-mod-resolve \ - +strongswan4-mod-revocation \ - +strongswan4-mod-sha1 \ - +strongswan4-mod-sha2 \ - +strongswan4-mod-smp \ - +strongswan4-mod-socket-raw \ - +strongswan4-mod-sql \ - +strongswan4-mod-sqlite \ - +strongswan4-mod-stroke \ - +strongswan4-mod-uci \ - +strongswan4-mod-updown \ - +strongswan4-mod-whitelist \ - +strongswan4-mod-x509 \ - +strongswan4-mod-xauth \ - +strongswan4-mod-xcbc \ - +strongswan4-utils \ - @DEVEL -endef - -define Package/strongswan4-full/description -$(call Package/strongswan4/description/Default) - This meta-package contains dependencies for all of the strongswan4 plugins - except kernel-klips and socket-default which are ommitted in favor of the - kernel-netlink and socket-raw plugins. -endef - - -define Package/strongswan4-default -$(call Package/strongswan4/Default) - TITLE+= (default) - DEPENDS:= +strongswan4 \ - +strongswan4-app-charon \ - +strongswan4-app-pluto \ - +strongswan4-mod-aes \ - +strongswan4-mod-constraints \ - +strongswan4-mod-attr \ - +strongswan4-mod-des \ - +strongswan4-mod-dnskey \ - +strongswan4-mod-fips-prf \ - +strongswan4-mod-gmp \ - +strongswan4-mod-hmac \ - +strongswan4-mod-kernel-netlink \ - +strongswan4-mod-md5 \ - +strongswan4-mod-pem \ - +strongswan4-mod-pgp \ - +strongswan4-mod-pkcs1 \ - +strongswan4-mod-pubkey \ - +strongswan4-mod-random \ - +strongswan4-mod-revocation \ - +strongswan4-mod-resolve \ - +strongswan4-mod-sha1 \ - +strongswan4-mod-sha2 \ - +strongswan4-mod-socket-raw \ - +strongswan4-mod-stroke \ - +strongswan4-mod-updown \ - +strongswan4-mod-x509 \ - +strongswan4-mod-xauth \ - +strongswan4-mod-xcbc \ - +strongswan4-utils -endef - -define Package/strongswan4-default/description -$(call Package/strongswan4/description/Default) - This meta-package contains only dependencies to match upstream defaults. -endef - -define Package/strongswan4-minimal -$(call Package/strongswan4/Default) - TITLE+= (minimal) - DEPENDS:= +strongswan4 \ - +strongswan4-app-charon \ - +strongswan4-mod-aes \ - +strongswan4-mod-gmp \ - +strongswan4-mod-hmac \ - +strongswan4-mod-kernel-netlink \ - +strongswan4-mod-pubkey \ - +strongswan4-mod-random \ - +strongswan4-mod-sha1 \ - +strongswan4-mod-socket-default \ - +strongswan4-mod-stroke \ - +strongswan4-mod-updown \ - +strongswan4-mod-x509 \ - +strongswan4-mod-xcbc -endef - -define Package/strongswan4-minimal/description -$(call Package/strongswan4/description/Default) - This meta-package contains only dependencies for a minimal IKEv2 setup. -endef - -define Package/strongswan4-app-charon -$(call Package/strongswan4/Default) - TITLE+= IKEv2 keying daemon - DEPENDS:= +strongswan4 -endef - -define Package/strongswan4-app-charon/description -$(call Package/strongswan4/description/Default) - This package contains charon, an IKEv2 keying daemon. -endef - -define Package/strongswan4-app-pluto -$(call Package/strongswan4/Default) - TITLE+= IKEv1 keying daemon - DEPENDS:= +strongswan4 -endef - -define Package/strongswan4-app-pluto/description -$(call Package/strongswan4/description/Default) - This package contains pluto, an IKEv1 keying daemon. -endef - -define Package/strongswan4-libfast -$(call Package/strongswan4/Default) - TITLE+= libfast - DEPENDS:= +strongswan4 \ - +PACKAGE_strongswan4-libfast:zlib \ - +PACKAGE_strongswan4-libfast:fcgi \ - +PACKAGE_strongswan4-libfast:clearsilver -endef - -define Package/strongswan4-libfast/description -$(call Package/strongswan4/description/Default) - This package contains libfast, a lightweight framework to build native web - applications using ClearSilver and FastCGI. -endef - -define Package/strongswan4-utils -$(call Package/strongswan4/Default) - TITLE+= utilities - DEPENDS:= +strongswan4 -endef - -define Package/strongswan4-utils/description -$(call Package/strongswan4/description/Default) - This package contains the openac, pki & scepclient utilities. -endef - -define BuildPlugin - define Package/strongswan4-mod-$(1) - $$(call Package/strongswan4/Default) - TITLE:= StrongSwan $(2) plugin - DEPENDS:= +strongswan4 $(3) - endef - - define Package/strongswan4-mod-$(1)/install - $(INSTALL_DIR) $$(1)/usr/lib/ipsec/plugins - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-$(1).so \ - $$(1)/usr/lib/ipsec/plugins/ ; - $(call Plugin/$(1)/install,$$(1)) - endef - - $$(eval $$(call BuildPackage,strongswan4-mod-$(1))) -endef - -CONFIGURE_ARGS+= \ - $(if $(CONFIG_STRONGSWAN4_ENABLE_CISCO_QUIRKS),--enable-cisco-quirks,--disable-cisco-quirks) \ - $(if $(CONFIG_STRONGSWAN4_ENABLE_NAT_TRANSPORT),--enable-nat-transport,--disable-nat-transport) \ - $(if $(CONFIG_STRONGSWAN4_ENABLE_VENDOR_ID),--enable-vendor-id,--disable-vendor-id) \ - $(if $(CONFIG_STRONGSWAN4_ENABLE_XAUTH_VID),--enable-xauth-vid,--disable-xauth-vid) \ - --disable-scripts \ - --disable-static \ - $(if $(CONFIG_PACKAGE_strongswan4-libfast),--enable-fast,--disable-fast) \ - $(if $(CONFIG_PACKAGE_strongswan4-utils),--enable-tools,--disable-tools) \ - --with-random-device="$(call qstrip,$(CONFIG_STRONGSWAN4_DEVICE_RANDOM))" \ - --with-urandom-device="$(call qstrip,$(CONFIG_STRONGSWAN4_DEVICE_URANDOM))" \ - --with-routing-table="$(call qstrip,$(CONFIG_STRONGSWAN4_ROUTING_TABLE))" \ - --with-routing-table-prio="$(call qstrip,$(CONFIG_STRONGSWAN4_ROUTING_TABLE_PRIO))" \ - $(foreach m,$(PKG_MOD_AVAILABLE), \ - $(if $(CONFIG_PACKAGE_strongswan4-mod-$(m)),--enable-$(m),--disable-$(m)) \ - ) \ - -ifneq ($(CONFIG_PACKAGE_strongswan4-libfast),) - EXTRA_CPPFLAGS+= -I$(STAGING_DIR)/usr/include/ClearSilver -endif - -EXTRA_LDFLAGS+= -Wl,-rpath-link,$(STAGING_DIR)/usr/lib - -define Package/strongswan4/conffiles -/etc/ipsec.conf -/etc/ipsec.secrets -/etc/strongswan.conf -endef - -define Package/strongswan4/install - $(INSTALL_DIR) $(1)/etc - $(CP) -R $(PKG_INSTALL_DIR)/etc/ipsec.d $(1)/etc/ - $(CP) $(PKG_INSTALL_DIR)/etc/{ipsec.conf,strongswan.conf} $(1)/etc/ - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{libstrongswan.so.*,libhydra.so.*} $(1)/usr/lib/ipsec/ - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/ - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_copyright,starter} $(1)/usr/lib/ipsec/ - $(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/ -endef - -define Package/strongswan4-default/install - true -endef - -define Package/strongswan4-full/install - true -endef - -define Package/strongswan4-minimal/install - true -endef - -define Package/strongswan4-app-charon/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libcharon.so.* $(1)/usr/lib/ipsec/ - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{charon,stroke} $(1)/usr/lib/ipsec/ -endef - -define Package/strongswan4-app-pluto/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{pluto,_pluto_adns,whack} $(1)/usr/lib/ipsec/ -endef - -define Package/strongswan4-libfast/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libfast.so.* $(1)/usr/lib/ipsec/ -endef - -define Package/strongswan4-utils/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{openac,pki,scepclient} $(1)/usr/lib/ipsec/ -endef - -define Plugin/attr-sql/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/pool $(1)/usr/lib/ipsec/ -endef - -define Plugin/updown/install - $(INSTALL_DIR) $(1)/usr/lib/ipsec - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_updown,_updown_espmark} $(1)/usr/lib/ipsec/ -endef - -$(eval $(call BuildPackage,strongswan4)) -$(eval $(call BuildPackage,strongswan4-default)) -$(eval $(call BuildPackage,strongswan4-full)) -$(eval $(call BuildPackage,strongswan4-minimal)) -$(eval $(call BuildPackage,strongswan4-app-charon)) -$(eval $(call BuildPackage,strongswan4-app-pluto)) -$(eval $(call BuildPackage,strongswan4-libfast)) -$(eval $(call BuildPackage,strongswan4-utils)) -$(eval $(call BuildPlugin,aes,AES crypto,)) -$(eval $(call BuildPlugin,agent,SSH agent signing,)) -$(eval $(call BuildPlugin,af-alg,AF_ALG Linux crypto API,+kmod-crypto-user)) -$(eval $(call BuildPlugin,attr,File-based config attr,)) -$(eval $(call BuildPlugin,attr-sql,SQL-based config attrib,+strongswan4-mod-sql)) -$(eval $(call BuildPlugin,blowfish,Blowfish crypto,)) -$(eval $(call BuildPlugin,constraints,X.509 constraint checking,)) -$(eval $(call BuildPlugin,coupling,Peer certificate coupling,)) -$(eval $(call BuildPlugin,curl,cURL,+PACKAGE_strongswan4-mod-curl:libcurl)) -$(eval $(call BuildPlugin,des,DES crypto,)) -$(eval $(call BuildPlugin,dhcp,DHCP-based IP and DNS,)) -$(eval $(call BuildPlugin,dnskey,DNS RR key decoding,)) -$(eval $(call BuildPlugin,duplicheck,Duplicate checking,)) -$(eval $(call BuildPlugin,eap-md5,MD5 EAP (CHAP) auth,)) -$(eval $(call BuildPlugin,eap-mschapv2,MS-CHAPv2 EAP auth,)) -$(eval $(call BuildPlugin,eap-radius,RADIUS proxy auth,)) -$(eval $(call BuildPlugin,farp,Fake arp respsonses,)) -$(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,)) -$(eval $(call BuildPlugin,gcrypt,libgcrypt,+PACKAGE_strongswan4-mod-gcrypt:libgcrypt)) -$(eval $(call BuildPlugin,gmp,libgmp,+PACKAGE_strongswan4-mod-gmp:libgmp)) -$(eval $(call BuildPlugin,hmac,HMAC crypto,)) -$(eval $(call BuildPlugin,kernel-klips,KLIPS kernel interface,)) -$(eval $(call BuildPlugin,kernel-netlink,netlink kernel interface,)) -$(eval $(call BuildPlugin,kernel-pfkey,PK_KEY kernel interface,)) -$(eval $(call BuildPlugin,ldap,LDAP,+PACKAGE_strongswan4-mod-ldap:libopenldap)) -$(eval $(call BuildPlugin,led,LED blink on IKE activity,)) -$(eval $(call BuildPlugin,load-tester,load testing,)) -$(eval $(call BuildPlugin,md5,MD5 crypto,)) -$(eval $(call BuildPlugin,medcli,mediation client configuration database,)) -$(eval $(call BuildPlugin,medsrv,mediation server configuration database,)) -$(eval $(call BuildPlugin,mysql,MySQL database interface,+strongswan4-mod-sql +PACKAGE_strongswan4-mod-mysql:libmysqlclient-r)) -$(eval $(call BuildPlugin,padlock,VIA PadLock crypto,@TARGET_x86)) -$(eval $(call BuildPlugin,pem,PEM decoding,)) -$(eval $(call BuildPlugin,pgp,PGP key decoding,)) -$(eval $(call BuildPlugin,pkcs1,PKCS1 key decoding,)) -$(eval $(call BuildPlugin,pubkey,raw public key,)) -$(eval $(call BuildPlugin,random,RNG,)) -$(eval $(call BuildPlugin,resolve,DNS resolver,)) -$(eval $(call BuildPlugin,revocation,X.509 revocation checking,)) -$(eval $(call BuildPlugin,sha1,SHA1 crypto,)) -$(eval $(call BuildPlugin,sha2,SHA2 crypto,)) -$(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan4-mod-smp:libxml2)) -$(eval $(call BuildPlugin,socket-default,default socket for IKEv2,)) -$(eval $(call BuildPlugin,socket-raw,RAW socket for IKEv1 and IKEv2,)) -$(eval $(call BuildPlugin,sql,SQL database interface,)) -$(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan4-mod-sql +PACKAGE_strongswan4-mod-sqlite:libsqlite3)) -$(eval $(call BuildPlugin,stroke,Stroke,)) -$(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan4-mod-uci:libuci)) -$(eval $(call BuildPlugin,updown,updown firewall,)) -$(eval $(call BuildPlugin,whitelist,Peer identity whitelisting,)) -$(eval $(call BuildPlugin,x509,x509 certificate,)) -$(eval $(call BuildPlugin,xauth,XAUTH authentication,)) -$(eval $(call BuildPlugin,xcbc,xcbc crypto,)) diff --git a/net/strongswan4/files/ipsec.secrets b/net/strongswan4/files/ipsec.secrets deleted file mode 100644 index ddd495699..000000000 --- a/net/strongswan4/files/ipsec.secrets +++ /dev/null @@ -1 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file diff --git a/net/strongswan4/patches/201-no-modprobe.patch b/net/strongswan4/patches/201-no-modprobe.patch deleted file mode 100644 index bba3bb6ca..000000000 --- a/net/strongswan4/patches/201-no-modprobe.patch +++ /dev/null @@ -1,28 +0,0 @@ ---- a/src/starter/netkey.c -+++ b/src/starter/netkey.c -@@ -34,7 +34,7 @@ starter_netkey_init(void) - /* af_key module makes the netkey proc interface visible */ - if (stat(PROC_MODULES, &stb) == 0) - { -- ignore_result(system("modprobe -qv af_key")); -+ ignore_result(system("insmod -qv af_key")); - } - - /* now test again */ -@@ -50,11 +50,11 @@ starter_netkey_init(void) - /* make sure that all required IPsec modules are loaded */ - if (stat(PROC_MODULES, &stb) == 0) - { -- ignore_result(system("modprobe -qv ah4")); -- ignore_result(system("modprobe -qv esp4")); -- ignore_result(system("modprobe -qv ipcomp")); -- ignore_result(system("modprobe -qv xfrm4_tunnel")); -- ignore_result(system("modprobe -qv xfrm_user")); -+ ignore_result(system("insmod -qv ah4")); -+ ignore_result(system("insmod -qv esp4")); -+ ignore_result(system("insmod -qv ipcomp")); -+ ignore_result(system("insmod -qv xfrm4_tunnel")); -+ ignore_result(system("insmod -qv xfrm_user")); - } - - DBG(DBG_CONTROL, diff --git a/net/strongswan4/patches/203-uci.patch b/net/strongswan4/patches/203-uci.patch deleted file mode 100644 index 04f297310..000000000 --- a/net/strongswan4/patches/203-uci.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- a/src/libcharon/plugins/uci/uci_parser.c -+++ b/src/libcharon/plugins/uci/uci_parser.c -@@ -80,7 +80,7 @@ static bool section_enumerator_enumerate - if (uci_lookup(this->ctx, &element, this->package, - this->current->name, "name") == UCI_OK) - { /* use "name" attribute as config name if available ... */ -- *value = uci_to_option(element)->value; -+ *value = uci_to_option(element)->v.string; - } - else - { /* ... or the section name becomes config name */ -@@ -95,7 +95,7 @@ static bool section_enumerator_enumerate - if (value && uci_lookup(this->ctx, &element, this->package, - this->current->name, this->keywords[i]) == UCI_OK) - { -- *value = uci_to_option(element)->value; -+ *value = uci_to_option(element)->v.string; - } - } - va_end(args); diff --git a/net/strongswan4/patches/300-compile-fixes.patch b/net/strongswan4/patches/300-compile-fixes.patch deleted file mode 100644 index 49154fc64..000000000 --- a/net/strongswan4/patches/300-compile-fixes.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/pluto/adns.c -+++ b/src/pluto/adns.c -@@ -179,7 +179,7 @@ write_pipe(int fd, const unsigned char * - res_query(dname, class, type, answer, anslen) - # define res_nclose(statp) res_close() - --static struct __res_state *statp = &_res; -+#define statp ((struct __res_state *)(&_res)) - - #else /* !OLD_RESOLVER */ - diff --git a/net/strongswan4/patches/400-CVE-2012-2388.patch b/net/strongswan4/patches/400-CVE-2012-2388.patch deleted file mode 100644 index 2ea59184e..000000000 --- a/net/strongswan4/patches/400-CVE-2012-2388.patch +++ /dev/null @@ -1,21 +0,0 @@ -From 5a858c3197bbda9acda5289003e9015bef560dc7 Mon Sep 17 00:00:00 2001 -From: Martin Willi -Date: Mon, 7 May 2012 13:51:46 +0200 -Subject: [PATCH] Fix boolean return value if an empty RSA signature is - detected in gmp plugin - ---- - src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - ---- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c -+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c -@@ -137,7 +137,7 @@ static bool verify_emsa_pkcs1_signature( - - if (signature.len == 0 || signature.len > this->k) - { -- return INVALID_ARG; -+ return FALSE; - } - - /* unpack signature */ -- 2.30.2