Home Explore Help
Sign In
oss
/
openadk
4
1
Fork 3
Files Issues 1 Pull Requests 0 Wiki
Browse Source

test and fix openswan package.

enable needed kernel modules, disable removing of
any kernel modules on restart.
Waldemar Brodkorb 14 years ago
parent
f03f1d5071
commit
1b8fff1f57
5 changed files with 44 additions and 5 deletions
Split View Show Diff Stats
  1. 1 1
      mk/modules.mk
  2. 0 1
      package/cpufrequtils/Makefile
  3. 11 3
      package/openswan/Makefile
  4. 26 0
      package/openswan/patches/patch-programs__realsetup__realsetup_in
  5. 6 0
      target/linux/config/Config.in.crypto

+ 1 - 1
mk/modules.mk
View File 

@@ -747,7 +747,7 @@ $(eval $(call KMOD_template,DM_SNAPSHOT,dm-snapshot,\
 
 
 $(eval $(call KMOD_template,CRYPTO_DEV_GEODE,crypto-dev-geode,\
 
     $(MODULES_DIR)/kernel/drivers/crypto/geode-aes \
 
-,10))
 
+,20))
 
 
 $(eval $(call KMOD_template,CRYPTO_ALGAPI,crypto-algapi,\
 
     $(MODULES_DIR)/kernel/crypto/crypto_algapi \

+ 0 - 1
package/cpufrequtils/Makefile
View File 

@@ -11,7 +11,6 @@ PKG_DESCR:=		utilities for the Linux kernel cpufreq subsystem
 
 PKG_SECTION:=		utils
 
 PKG_URL:=		http://www.kernel.org/pub/linux/utils/kernel/cpufreq/cpufrequtils.html
 
 PKG_SITES:=		http://www.kernel.org/pub/linux/utils/kernel/cpufreq/
 
-PKG_NO_PARALLEL:=	1
 
 
 include $(TOPDIR)/mk/package.mk

+ 11 - 3
package/openswan/Makefile
View File 

@@ -5,11 +5,16 @@ include ${TOPDIR}/rules.mk
 
 
 PKG_NAME:=		openswan
 
 PKG_VERSION:=		2.6.27
 
-PKG_RELEASE:=		1
 
+PKG_RELEASE:=		2
 
 PKG_MD5SUM:=		5177b7401bb89e84ca1c89029143441e
 
-PKG_DESCR:=		IPSec software
 
+PKG_DESCR:=		IPsec software
 
 PKG_SECTION:=		net/security
 
-PKG_DEPENDS:=		ip libgmp
 
+PKG_DEPENDS:=		ip libgmp libpthread kmod-net-key kmod-xfrm-user
 
+PKG_DEPENDS+=		kmod-inet-ah kmod-inet-esp
 
+PKG_DEPENDS+=		kmod-inet-xfrm-mode-tunnel kmod-inet-xfrm-mode-transport
 
+PKG_DEPENDS+=		kmod-crypto-sha1 kmod-crypto-md5
 
+PKG_DEPENDS+=		kmod-crypto-null kmod-crypto-des kmod-crypto-aes
 
+PKG_DEPENDS+=		kmod-crypto-hmac kmod-crypto-cbc kmod-crypto-authenc
 
 PKG_BUILDDEP+=		gmp
 
 PKG_URL:=		http://www.openswan.org/
 
 PKG_SITES:=		http://www.openswan.org/download/
 
@@ -39,6 +44,9 @@ post-install:
 
 	${CP} ${WRKINST}/etc/ipsec.d/* ${IDIR_OPENSWAN}/etc/ipsec.d
 
 	${CP} ${WRKINST}/usr/lib/ipsec/* ${IDIR_OPENSWAN}/usr/lib/ipsec
 
 	${CP} ${WRKINST}/usr/libexec/ipsec/* ${IDIR_OPENSWAN}/usr/libexec/ipsec
 
+	rm ${IDIR_OPENSWAN}/usr/libexec/ipsec/setup
 
+	${INSTALL_BIN} ${WRKINST}/etc/rc.d/init.d/ipsec \
 
+		${IDIR_OPENSWAN}/usr/libexec/ipsec/setup
 
 	${INSTALL_BIN} ${WRKINST}/usr/sbin/ipsec ${IDIR_OPENSWAN}/usr/sbin
 
 
 include ${TOPDIR}/mk/pkg-bottom.mk

+ 26 - 0
package/openswan/patches/patch-programs__realsetup__realsetup_in
View File 

@@ -0,0 +1,26 @@
 
+--- openswan-2.6.27.orig/programs/_realsetup/_realsetup.in	2010-06-21 17:43:35.000000000 +0200
 
++++ openswan-2.6.27/programs/_realsetup/_realsetup.in	2010-07-27 19:27:30.327023350 +0200
 
+@@ -374,14 +374,15 @@ case "$1" in
 
+ 	rm -f /var/run/pluto.pid
 
+ 
+ 	# When we exit we clean up (remove) the modules we are using, even the kame'ish ones
 
+-	if test -e ${kamepfkey}; then
 
+-		for mod in ipcomp ipcomp6 xfrm6_tunnel xfrm6_mode_tunnel xfrm6_mode_beet xfrm6_mode_ro \
 
+-			xfrm6_mode_transport xfrm4_mode_transport xfrm4_mode_tunnel  xfrm_user \
 
+-			xfrm4_tunnel xfrm4_mode_beet esp4 esp6 ah4 ah6 af_key
 
+-		    do
 
+-			lsmod 2>&1 | grep "^$mod" > /dev/null && rmmod  $mod
 
+-		    done
 
+-	fi 
++	# do not touch kernel modules, no reason to unload on embedded systems
 
++	#if test -e ${kamepfkey}; then
 
++	#	for mod in ipcomp ipcomp6 xfrm6_tunnel xfrm6_mode_tunnel xfrm6_mode_beet xfrm6_mode_ro \
 
++	#		xfrm6_mode_transport xfrm4_mode_transport xfrm4_mode_tunnel  xfrm_user \
 
++	#		xfrm4_tunnel xfrm4_mode_beet esp4 esp6 ah4 ah6 af_key
 
++	#	    do
 
++	#		lsmod 2>&1 | grep "^$mod" > /dev/null && rmmod  $mod
 
++	#	    done
 
++	#fi 
+ 
+ 	perform test -d $subsysdir "&&" rm -f $subsyslock
 
+

+ 6 - 0
target/linux/config/Config.in.crypto
View File 

@@ -47,7 +47,12 @@ config ADK_KPACKAGE_KMOD_CRYPTO_DEV_GEODE
 
 	tristate
 
 	select ADK_KERNEL_CRYPTO_HW
 
 	select ADK_KERNEL_CRYPTO
 
+	select ADK_KPACKAGE_KMOD_CRYPTO_ECB
 
+	select ADK_KPACKAGE_KMOD_CRYPTO_CBC
 
 	depends on ADK_LINUX_ALIX
 
+	default y if (ADK_LINUX_ALIX && ADK_PACKAGE_OPENSWAN)
 
+	default y if (ADK_LINUX_ALIX && ADK_PACKAGE_STRONGSWAN)
 
+	default n
 
 	help
 
 	  Say 'Y' here to use the AMD Geode LX processor on-board AES
 
 	  engine for the CryptoAPI AES algorithm.
 
@@ -60,6 +65,7 @@ config ADK_KPACKAGE_KMOD_CRYPTO_DEV_HIFN_795X
 
 	select ADK_KPACKAGE_KMOD_CRYPTO_BLKCIPHER
 
 	select ADK_KPACKAGE_KMOD_CRYPTO_ALGAPI
 
 	select ADK_KPACKAGE_KMOD_CRYPTO_DES
 
+	default n
 
 	help
 
 	  This option allows you to have support for HIFN 795x crypto adapters.