diff options
Diffstat (limited to 'package/strongswan')
| -rw-r--r-- | package/strongswan/Makefile | 64 | ||||
| -rw-r--r-- | package/strongswan/files/strongswan.conffiles | 3 | ||||
| -rw-r--r-- | package/strongswan/patches/patch-src_pluto_alg_info_c | 11 | ||||
| -rw-r--r-- | package/strongswan/patches/patch-src_starter_interfaces_c | 20 | ||||
| -rw-r--r-- | package/strongswan/patches/patch-src_starter_netkey_c | 19 |
5 files changed, 117 insertions, 0 deletions
diff --git a/package/strongswan/Makefile b/package/strongswan/Makefile new file mode 100644 index 000000000..88887d2b3 --- /dev/null +++ b/package/strongswan/Makefile @@ -0,0 +1,64 @@ +# This file is part of the OpenADK project. OpenADK is copyrighted +# material, please see the LICENCE file in the top-level directory. + +include $(TOPDIR)/rules.mk + +PKG_NAME:= strongswan +PKG_VERSION:= 4.4.0 +PKG_RELEASE:= 1 +PKG_MD5SUM:= 22dae13782f493ec675d54b67d79a66d +PKG_DESCR:= IPsec software +PKG_SECTION:= net/security +PKG_DEPENDS:= libgmp ip libpthread kmod-net-key kmod-xfrm-user +PKG_DEPENDS+= kmod-inet-ah kmod-inet-esp kmod-inet-ipcomp +PKG_DEPENDS+= kmod-inet-xfrm-mode-tunnel kmod-inet-xfrm-mode-transport +PKG_DEPENDS+= kmod-crypto-sha1 kmod-crypto-sha256 kmod-crypto-md5 +PKG_DEPENDS+= kmod-crypto-null kmod-crypto-des kmod-crypto-aes +PKG_DEPENDS+= kmod-crypto-hmac kmod-crypto-cbc kmod-crypto-authenc +PKG_DEPENDS+= kmod-crypto-deflate +PKG_BUILDDEP+= gmp +PKG_URL:= http://strongswan.org/index.htm +PKG_SITES:= http://download.strongswan.org/ + +include $(TOPDIR)/mk/package.mk + +$(eval $(call PKG_template,STRONGSWAN,$(PKG_NAME),$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION})) + +CONFIGURE_ARGS+= --disable-tools \ + --disable-fips-prf \ + --enable-kernel-pfkey \ + --disable-xcbc + +post-install: + $(INSTALL_DIR) $(IDIR_STRONGSWAN)/etc + $(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/sbin + $(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/lib + $(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/libexec/ipsec/plugins + touch $(IDIR_STRONGSWAN)/etc/ipsec.secrets + $(CP) $(WRKINST)/usr/libexec/ipsec/plugins/*.so \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec/plugins + $(CP) $(WRKINST)/etc/* $(IDIR_STRONGSWAN)/etc + $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/charon \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec + $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_pluto_adns \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec + $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/starter \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec + $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_updown \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec + $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/whack \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec + $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_copyright \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec + $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/pluto \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec + $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/stroke \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec + $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_updown_espmark \ + $(IDIR_STRONGSWAN)/usr/libexec/ipsec + $(INSTALL_BIN) $(WRKINST)/usr/sbin/ipsec \ + $(IDIR_STRONGSWAN)/usr/sbin + $(CP) $(WRKINST)/usr/lib/lib*.so* \ + $(IDIR_STRONGSWAN)/usr/lib + +include ${TOPDIR}/mk/pkg-bottom.mk diff --git a/package/strongswan/files/strongswan.conffiles b/package/strongswan/files/strongswan.conffiles new file mode 100644 index 000000000..852aa250d --- /dev/null +++ b/package/strongswan/files/strongswan.conffiles @@ -0,0 +1,3 @@ +/etc/ipsec.secrets +/etc/ipsec.conf +/etc/strongswan.conf diff --git a/package/strongswan/patches/patch-src_pluto_alg_info_c b/package/strongswan/patches/patch-src_pluto_alg_info_c new file mode 100644 index 000000000..8c65188c2 --- /dev/null +++ b/package/strongswan/patches/patch-src_pluto_alg_info_c @@ -0,0 +1,11 @@ +--- strongswan-4.4.0.orig/src/pluto/alg_info.c 2010-03-15 21:52:51.000000000 +0100 ++++ strongswan-4.4.0/src/pluto/alg_info.c 2010-07-13 22:49:11.775081075 +0200 +@@ -414,7 +414,7 @@ struct alg_info_esp *alg_info_esp_create + alg_info_esp = malloc_thing (struct alg_info_esp); + zero(alg_info_esp); + +- pfs_name=index (alg_str, ';'); ++ pfs_name=strchr (alg_str, ';'); + if (pfs_name) + { + memcpy(esp_buf, alg_str, pfs_name-alg_str); diff --git a/package/strongswan/patches/patch-src_starter_interfaces_c b/package/strongswan/patches/patch-src_starter_interfaces_c new file mode 100644 index 000000000..80d774a2e --- /dev/null +++ b/package/strongswan/patches/patch-src_starter_interfaces_c @@ -0,0 +1,20 @@ +--- strongswan-4.4.0.orig/src/starter/interfaces.c 2010-03-15 21:52:51.000000000 +0100 ++++ strongswan-4.4.0/src/starter/interfaces.c 2010-07-14 17:36:33.959074540 +0200 +@@ -56,7 +56,7 @@ get_defaultroute(defaultroute_t *default + ssize_t msglen; + int fd; + +- bzero(&rtu, sizeof(rtu)); ++ memset(&rtu, 0, sizeof(rtu)); + rtu.m.nh.nlmsg_len = NLMSG_LENGTH(sizeof(rtu.m.rt)); + rtu.m.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_DUMP; + rtu.m.nh.nlmsg_type = RTM_GETROUTE; +@@ -142,7 +142,7 @@ get_defaultroute(defaultroute_t *default + plog("could not open AF_INET socket"); + break; + } +- bzero(&req, sizeof(req)); ++ memset(&req, 0, sizeof(req)); + req.ifr_ifindex = iface_idx; + if (ioctl(fd, SIOCGIFNAME, &req) < 0 || + ioctl(fd, SIOCGIFADDR, &req) < 0) diff --git a/package/strongswan/patches/patch-src_starter_netkey_c b/package/strongswan/patches/patch-src_starter_netkey_c new file mode 100644 index 000000000..eae417f7b --- /dev/null +++ b/package/strongswan/patches/patch-src_starter_netkey_c @@ -0,0 +1,19 @@ +--- strongswan-4.4.0.orig/src/starter/netkey.c 2010-03-15 21:52:51.000000000 +0100 ++++ strongswan-4.4.0/src/starter/netkey.c 2010-07-14 19:05:06.911085736 +0200 +@@ -48,6 +48,8 @@ starter_netkey_init(void) + } + + /* make sure that all required IPsec modules are loaded */ ++ /* OpenADK loads all kernel modules already */ ++#if 0 + if (stat(PROC_MODULES, &stb) == 0) + { + ignore_result(system("modprobe -qv ah4")); +@@ -60,6 +62,7 @@ starter_netkey_init(void) + DBG(DBG_CONTROL, + DBG_log("Found netkey IPsec stack") + ) ++#endif + return TRUE; + } + |