Browse Source

openswan: update to 3.0.0

Waldemar Brodkorb 2 years ago
parent
commit
1f0b1b4dc9

+ 8 - 5
package/openswan/Makefile

@@ -4,19 +4,20 @@
 include ${ADK_TOPDIR}/rules.mk
 
 PKG_NAME:=		openswan
-PKG_VERSION:=		2.6.51.5
+PKG_VERSION:=		3.0.0
 PKG_RELEASE:=		1
-PKG_HASH:=		4124f4ce970089f301c34b9c48f54b021cf6b2b8813877942337f8022104f70d
+PKG_HASH:=		69fe7a71e54aaf0ea93b874db4963057c1ff4904b3617b36f2c9be2010c23331
 PKG_DESCR:=		ipsec software
 PKG_SECTION:=		net/security
 PKG_DEPENDS:=		libgmp
 PKG_BUILDDEP:=		gmp
 PKG_NEEDS:=		threads
 PKG_URL:=		http://www.openswan.org/
-PKG_SITES:=		http://www.openswan.org/download/
+PKG_SITES:=		https://github.com/xelerance/Openswan/archive/refs/tags/
 PKG_NOPARALLEL:=	1
 
-DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
+DISTFILES:=		v${PKG_VERSION}.tar.gz
+WRKDIST=		$(WRKDIR)/Openswan-$(PKG_VERSION)
 
 # GLOB_BRACE usage
 PKG_LIBC_DEPENDS:=	uclibc-ng glibc
@@ -32,7 +33,9 @@ XAKE_FLAGS+=		KERNELSRC="${LINUX_DIR}" \
 			MODPROBE="insmod" \
 			OSDEP="linux" \
 			WERROR="" \
-			BUILDENV="linux"
+			BUILDENV="linux" \
+			ARCH=$(ADK_TARGET_KARCH) \
+			V=1
 ALL_TARGET:=		programs
 
 openswan-install:

+ 14 - 9
package/openswan/patches/patch-Makefile_inc

@@ -1,15 +1,20 @@
---- openswan-2.6.51.5.orig/Makefile.inc	2019-06-14 21:35:45.000000000 +0200
-+++ openswan-2.6.51.5/Makefile.inc	2019-10-07 20:44:06.511702433 +0200
-@@ -194,10 +194,10 @@ BISONOSFLAGS=
- #Example for a cross compile:
- #USERCOMPILE?=-g ${PORTDEFINE} -I/usr/local/arm_tools/arm-elf/inc -L/usr/local/arm_tools/lib/gcc-lib
- GCC_LINT ?= -DGCC_LINT
--USERCOMPILE?=-g -O3 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 ${WERROR} $(GCC_LINT) ${USERCOMPILEEXTRA}
-+USERCOMPILE?=-g -fPIC -Wformat -Wformat-security -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 ${WERROR} $(GCC_LINT) ${USERCOMPILEEXTRA}
+--- Openswan-3.0.0.orig/Makefile.inc	2021-01-22 19:25:50.000000000 +0100
++++ Openswan-3.0.0/Makefile.inc	2022-03-21 19:40:09.287360911 +0100
+@@ -188,7 +188,7 @@ BISONOSFLAGS=
+ # USER* should be empty for end users/vendors to use
+ 
+ OPTIMIZE?=-g -O3
+-GCCOPTIONS=${OPTIMIZE} -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 ${WERROR} $(GCC_LINT) ${USERCOMPILEEXTRA}
++GCCOPTIONS=${OPTIMIZE} -fPIE -Wformat -Wformat-security -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 ${WERROR} $(GCC_LINT) ${USERCOMPILEEXTRA}
+ # extra compile flags, for userland and kernel stuff, e.g. -g for debug info
+ # you can add to this in the defaults file using +=
+ # -DGCC_LINT uses gcc-specific declarations to improve compile-time diagnostics.
+@@ -199,7 +199,7 @@ GCC_LINT ?= -DGCC_LINT
+ USERCOMPILE?=${GCCOPTIONS}
  # on fedora/rhel
  #USERCOMPILE?=-g -O2 -g -pipe -Wall -Wp,-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4  -m64 -mtune=generic -fPIE -pie -DSUPPORT_BROKEN_ANDROID_ICS
 -KLIPSCOMPILE=-O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -DCONFIG_KLIPS_ALG -DDISABLE_UDP_CHECKSUM
-+KLIPSCOMPILE=-O2 -Wformat -Wformat-security -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -DCONFIG_KLIPS_ALG -DDISABLE_UDP_CHECKSUM
++KLIPSCOMPILE=-O2 -fPIE -Wformat -Wformat-security -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -DCONFIG_KLIPS_ALG -DDISABLE_UDP_CHECKSUM
  # Additional debugging for developers (warning: can crash openswan!)
  #USERCOMPILE?=-g -DLEAK_DETECTIVE ${LIBEFENCE}
  # You can also run this before starting openswan on glibc systems:

+ 0 - 128
package/openswan/patches/patch-include_arpa_nameser_h

@@ -1,128 +0,0 @@
---- openswan-2.6.38.orig/include/arpa/nameser.h	2012-03-23 22:33:43.000000000 +0100
-+++ openswan-2.6.38/include/arpa/nameser.h	2014-03-26 19:50:18.000000000 +0100
-@@ -55,7 +55,6 @@
- 
- #include <sys/param.h>
- #include <sys/types.h>
--#include <sys/cdefs.h>
- 
- /*
-  * Revision information.  This is the release date in YYYYMMDD format.
-@@ -505,62 +504,66 @@ typedef enum __ns_cert_types {
- #define	ns_makecanon		__ns_makecanon
- #define	ns_samename		__ns_samename
- 
--__BEGIN_DECLS
--int		ns_msg_getflag __P((ns_msg, int));
--u_int		ns_get16 __P((const u_char *));
--u_long		ns_get32 __P((const u_char *));
--void		ns_put16 __P((u_int, u_char *));
--void		ns_put32 __P((u_long, u_char *));
--int		ns_initparse __P((const u_char *, int, ns_msg *));
--int		ns_skiprr __P((const u_char *, const u_char *, ns_sect, int));
--int		ns_parserr __P((ns_msg *, ns_sect, int, ns_rr *));
--int		ns_sprintrr __P((const ns_msg *, const ns_rr *,
--				 const char *, const char *, char *, size_t));
--int		ns_sprintrrf __P((const u_char *, size_t, const char *,
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+int		ns_msg_getflag (ns_msg, int);
-+u_int		ns_get16 (const u_char *);
-+u_long		ns_get32 (const u_char *);
-+void		ns_put16 (u_int, u_char *);
-+void		ns_put32 (u_long, u_char *);
-+int		ns_initparse (const u_char *, int, ns_msg *);
-+int		ns_skiprr (const u_char *, const u_char *, ns_sect, int);
-+int		ns_parserr (ns_msg *, ns_sect, int, ns_rr *);
-+int		ns_sprintrr (const ns_msg *, const ns_rr *,
-+				 const char *, const char *, char *, size_t);
-+int		ns_sprintrrf (const u_char *, size_t, const char *,
- 				  ns_class, ns_type, u_long, const u_char *,
- 				  size_t, const char *, const char *,
--				  char *, size_t));
--int		ns_format_ttl __P((u_long, char *, size_t));
--int		ns_parse_ttl __P((const char *, u_long *));
--u_int32_t	ns_datetosecs __P((const char *cp, int *errp));
--int		ns_name_ntol __P((const u_char *, u_char *, size_t));
--int		ns_name_ntop __P((const u_char *, char *, size_t));
--int		ns_name_pton __P((const char *, u_char *, size_t));
--int		ns_name_unpack __P((const u_char *, const u_char *,
--				    const u_char *, u_char *, size_t));
--int		ns_name_pack __P((const u_char *, u_char *, int,
--				  const u_char **, const u_char **));
--int		ns_name_uncompress __P((const u_char *, const u_char *,
--					const u_char *, char *, size_t));
--int		ns_name_compress __P((const char *, u_char *, size_t,
--				      const u_char **, const u_char **));
--int		ns_name_skip __P((const u_char **, const u_char *));
--void		ns_name_rollback __P((const u_char *, const u_char **,
--				      const u_char **));
--int		ns_sign __P((u_char *, int *, int, int, void *,
--			     const u_char *, int, u_char *, int *, time_t));
--int		ns_sign2 __P((u_char *, int *, int, int, void *,
-+				  char *, size_t);
-+int		ns_format_ttl (u_long, char *, size_t);
-+int		ns_parse_ttl (const char *, u_long *);
-+u_int32_t	ns_datetosecs (const char *cp, int *errp);
-+int		ns_name_ntol (const u_char *, u_char *, size_t);
-+int		ns_name_ntop (const u_char *, char *, size_t);
-+int		ns_name_pton (const char *, u_char *, size_t);
-+int		ns_name_unpack (const u_char *, const u_char *,
-+				    const u_char *, u_char *, size_t);
-+int		ns_name_pack (const u_char *, u_char *, int,
-+				  const u_char **, const u_char **);
-+int		ns_name_uncompress (const u_char *, const u_char *,
-+					const u_char *, char *, size_t);
-+int		ns_name_compress (const char *, u_char *, size_t,
-+				      const u_char **, const u_char **);
-+int		ns_name_skip (const u_char **, const u_char *);
-+void		ns_name_rollback (const u_char *, const u_char **,
-+				      const u_char **);
-+int		ns_sign (u_char *, int *, int, int, void *,
-+			     const u_char *, int, u_char *, int *, time_t);
-+int		ns_sign2 (u_char *, int *, int, int, void *,
- 			      const u_char *, int, u_char *, int *, time_t,
--			      u_char **, u_char **));
--int		ns_sign_tcp __P((u_char *, int *, int, int,
--				 ns_tcp_tsig_state *, int));
--int		ns_sign_tcp2 __P((u_char *, int *, int, int,
-+			      u_char **, u_char **);
-+int		ns_sign_tcp (u_char *, int *, int, int,
-+				 ns_tcp_tsig_state *, int);
-+int		ns_sign_tcp2 (u_char *, int *, int, int,
- 				  ns_tcp_tsig_state *, int,
--				  u_char **, u_char **));
--int		ns_sign_tcp_init __P((void *, const u_char *, int,
--					ns_tcp_tsig_state *));
--u_char		*ns_find_tsig __P((u_char *, u_char *));
--int		ns_verify __P((u_char *, int *, void *,
-+				  u_char **, u_char **);
-+int		ns_sign_tcp_init (void *, const u_char *, int,
-+					ns_tcp_tsig_state *);
-+u_char		*ns_find_tsig (u_char *, u_char *);
-+int		ns_verify (u_char *, int *, void *,
- 			       const u_char *, int, u_char *, int *,
--			       time_t *, int));
--int		ns_verify_tcp __P((u_char *, int *, ns_tcp_tsig_state *, int));
--int		ns_verify_tcp_init __P((void *, const u_char *, int,
--					ns_tcp_tsig_state *));
--int		ns_samedomain __P((const char *, const char *));
--int		ns_subdomain __P((const char *, const char *));
--int		ns_makecanon __P((const char *, char *, size_t));
--int		ns_samename __P((const char *, const char *));
--__END_DECLS
-+			       time_t *, int);
-+int		ns_verify_tcp (u_char *, int *, ns_tcp_tsig_state *, int);
-+int		ns_verify_tcp_init (void *, const u_char *, int,
-+					ns_tcp_tsig_state *);
-+int		ns_samedomain (const char *, const char *);
-+int		ns_subdomain (const char *, const char *);
-+int		ns_makecanon (const char *, char *, size_t);
-+int		ns_samename (const char *, const char *);
-+#ifdef __cplusplus
-+}
-+#endif
- 
- #ifdef BIND_4_COMPAT
- #include <arpa/nameser_compat.h>

+ 0 - 11
package/openswan/patches/patch-lib_libopenswan_kernel_alg_c

@@ -1,11 +0,0 @@
---- openswan-2.6.38.orig/lib/libopenswan/kernel_alg.c	2012-03-23 22:33:43.000000000 +0100
-+++ openswan-2.6.38/lib/libopenswan/kernel_alg.c	2014-03-26 20:04:18.000000000 +0100
-@@ -27,7 +27,7 @@
- #include <netinet/in.h>
- #include <arpa/inet.h>
- #include <unistd.h>
--#include <sys/queue.h>
-+#include "queue.h"
- 
- #include <openswan.h>
-