summaryrefslogtreecommitdiff
path: root/package/strongswan
diff options
context:
space:
mode:
authorWaldemar Brodkorb <wbx@openadk.org>2010-07-15 18:31:13 +0200
committerWaldemar Brodkorb <wbx@openadk.org>2010-07-15 18:31:13 +0200
commit3a1b33357be26332f5bdcb74011170f42a60239c (patch)
tree084e23271cab318221558992f62acb07abb47aba /package/strongswan
parent7c38c7a7843d881837f000b9465bd59a0e918f7f (diff)
fix kernel module choices for strongswan
Diffstat (limited to 'package/strongswan')
-rw-r--r--package/strongswan/Makefile12
-rw-r--r--package/strongswan/files/strongswan.conffiles3
-rw-r--r--package/strongswan/patches/patch-src_starter_interfaces_c20
-rw-r--r--package/strongswan/patches/patch-src_starter_netkey_c19
4 files changed, 48 insertions, 6 deletions
diff --git a/package/strongswan/Makefile b/package/strongswan/Makefile
index c5c364c5a..b67311e3c 100644
--- a/package/strongswan/Makefile
+++ b/package/strongswan/Makefile
@@ -12,6 +12,9 @@ PKG_SECTION:= net/security
PKG_DEPENDS:= libgmp ip libpthread kmod-net-key kmod-xfrm-user
PKG_DEPENDS+= kmod-inet-ah kmod-inet-esp kmod-inet-ipcomp
PKG_DEPENDS+= kmod-inet-xfrm-mode-tunnel kmod-inet-xfrm-mode-transport
+PKG_DEPENDS+= kmod-crypto-sha1 kmod-crypto-aes kmod-crypto-md5
+PKG_DEPENDS+= kmod-crypto-des kmod-crypto-hmac
+PKG_DEPENDS+= kmod-crypto-null kmod-crypto-cbc
PKG_BUILDDEP+= gmp
PKG_URL:= http://strongswan.org/index.htm
PKG_SITES:= http://download.strongswan.org/
@@ -20,6 +23,9 @@ include $(TOPDIR)/mk/package.mk
$(eval $(call PKG_template,STRONGSWAN,$(PKG_NAME),$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
+CONFIGURE_ARGS+= --disable-tools \
+ --disable-sha2
+
post-install:
$(INSTALL_DIR) $(IDIR_STRONGSWAN)/etc
$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/sbin
@@ -30,8 +36,6 @@ post-install:
$(CP) $(WRKINST)/etc/* $(IDIR_STRONGSWAN)/etc
$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/charon \
$(IDIR_STRONGSWAN)/usr/libexec/ipsec
- $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/openac \
- $(IDIR_STRONGSWAN)/usr/libexec/ipsec
$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_pluto_adns \
$(IDIR_STRONGSWAN)/usr/libexec/ipsec
$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/starter \
@@ -42,12 +46,8 @@ post-install:
$(IDIR_STRONGSWAN)/usr/libexec/ipsec
$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_copyright \
$(IDIR_STRONGSWAN)/usr/libexec/ipsec
- $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/pki \
- $(IDIR_STRONGSWAN)/usr/libexec/ipsec
$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/pluto \
$(IDIR_STRONGSWAN)/usr/libexec/ipsec
- $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/scepclient \
- $(IDIR_STRONGSWAN)/usr/libexec/ipsec
$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/stroke \
$(IDIR_STRONGSWAN)/usr/libexec/ipsec
$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_updown_espmark \
diff --git a/package/strongswan/files/strongswan.conffiles b/package/strongswan/files/strongswan.conffiles
new file mode 100644
index 000000000..852aa250d
--- /dev/null
+++ b/package/strongswan/files/strongswan.conffiles
@@ -0,0 +1,3 @@
+/etc/ipsec.secrets
+/etc/ipsec.conf
+/etc/strongswan.conf
diff --git a/package/strongswan/patches/patch-src_starter_interfaces_c b/package/strongswan/patches/patch-src_starter_interfaces_c
new file mode 100644
index 000000000..80d774a2e
--- /dev/null
+++ b/package/strongswan/patches/patch-src_starter_interfaces_c
@@ -0,0 +1,20 @@
+--- strongswan-4.4.0.orig/src/starter/interfaces.c 2010-03-15 21:52:51.000000000 +0100
++++ strongswan-4.4.0/src/starter/interfaces.c 2010-07-14 17:36:33.959074540 +0200
+@@ -56,7 +56,7 @@ get_defaultroute(defaultroute_t *default
+ ssize_t msglen;
+ int fd;
+
+- bzero(&rtu, sizeof(rtu));
++ memset(&rtu, 0, sizeof(rtu));
+ rtu.m.nh.nlmsg_len = NLMSG_LENGTH(sizeof(rtu.m.rt));
+ rtu.m.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_DUMP;
+ rtu.m.nh.nlmsg_type = RTM_GETROUTE;
+@@ -142,7 +142,7 @@ get_defaultroute(defaultroute_t *default
+ plog("could not open AF_INET socket");
+ break;
+ }
+- bzero(&req, sizeof(req));
++ memset(&req, 0, sizeof(req));
+ req.ifr_ifindex = iface_idx;
+ if (ioctl(fd, SIOCGIFNAME, &req) < 0 ||
+ ioctl(fd, SIOCGIFADDR, &req) < 0)
diff --git a/package/strongswan/patches/patch-src_starter_netkey_c b/package/strongswan/patches/patch-src_starter_netkey_c
new file mode 100644
index 000000000..eae417f7b
--- /dev/null
+++ b/package/strongswan/patches/patch-src_starter_netkey_c
@@ -0,0 +1,19 @@
+--- strongswan-4.4.0.orig/src/starter/netkey.c 2010-03-15 21:52:51.000000000 +0100
++++ strongswan-4.4.0/src/starter/netkey.c 2010-07-14 19:05:06.911085736 +0200
+@@ -48,6 +48,8 @@ starter_netkey_init(void)
+ }
+
+ /* make sure that all required IPsec modules are loaded */
++ /* OpenADK loads all kernel modules already */
++#if 0
+ if (stat(PROC_MODULES, &stb) == 0)
+ {
+ ignore_result(system("modprobe -qv ah4"));
+@@ -60,6 +62,7 @@ starter_netkey_init(void)
+ DBG(DBG_CONTROL,
+ DBG_log("Found netkey IPsec stack")
+ )
++#endif
+ return TRUE;
+ }
+