14 роки тому · 3a1b33357b
--- a/package/strongswan/Makefile
+++ b/package/strongswan/Makefile
@@ -12,6 +12,9 @@ PKG_SECTION:=		net/security
 
				 PKG_DEPENDS:=		libgmp ip libpthread kmod-net-key kmod-xfrm-user
			
 
				 PKG_DEPENDS+=		kmod-inet-ah kmod-inet-esp kmod-inet-ipcomp
			
 
				 PKG_DEPENDS+=		kmod-inet-xfrm-mode-tunnel kmod-inet-xfrm-mode-transport
			
 
				+PKG_DEPENDS+=		kmod-crypto-sha1 kmod-crypto-aes kmod-crypto-md5
			
 
				+PKG_DEPENDS+=		kmod-crypto-des kmod-crypto-hmac
			
 
				+PKG_DEPENDS+=		kmod-crypto-null kmod-crypto-cbc
			
 
				 PKG_BUILDDEP+=		gmp
			
 
				 PKG_URL:=		http://strongswan.org/index.htm
			
 
				 PKG_SITES:=		http://download.strongswan.org/
			
@@ -20,6 +23,9 @@ include $(TOPDIR)/mk/package.mk
 
				 
			
 
				 $(eval $(call PKG_template,STRONGSWAN,$(PKG_NAME),$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
			
 
				 
			
 
				+CONFIGURE_ARGS+=	--disable-tools \
			
 
				+			--disable-sha2
			
 
				+
			
 
				 post-install:
			
 
				 	$(INSTALL_DIR) $(IDIR_STRONGSWAN)/etc
			
 
				 	$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/sbin
			
@@ -30,8 +36,6 @@ post-install:
 
				 	$(CP) $(WRKINST)/etc/* $(IDIR_STRONGSWAN)/etc
			
 
				 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/charon \
			
 
				 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
			
 
				-	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/openac \
			
 
				-		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
			
 
				 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_pluto_adns \
			
 
				 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
			
 
				 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/starter \
			
@@ -42,12 +46,8 @@ post-install:
 
				 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
			
 
				 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_copyright \
			
 
				 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
			
 
				-	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/pki \
			
 
				-		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
			
 
				 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/pluto \
			
 
				 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
			
 
				-	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/scepclient \
			
 
				-		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
			
 
				 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/stroke \
			
 
				 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
			
 
				 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_updown_espmark \
			
--- a/package/strongswan/files/strongswan.conffiles
+++ b/package/strongswan/files/strongswan.conffiles
@@ -0,0 +1,3 @@
 
				+/etc/ipsec.secrets
			
 
				+/etc/ipsec.conf
			
 
				+/etc/strongswan.conf
			
--- a/package/strongswan/patches/patch-src_starter_interfaces_c
+++ b/package/strongswan/patches/patch-src_starter_interfaces_c
@@ -0,0 +1,20 @@
 
				+--- strongswan-4.4.0.orig/src/starter/interfaces.c	2010-03-15 21:52:51.000000000 +0100
			
 
				++++ strongswan-4.4.0/src/starter/interfaces.c	2010-07-14 17:36:33.959074540 +0200
			
 
				+@@ -56,7 +56,7 @@ get_defaultroute(defaultroute_t *default
			
 
				+ 	ssize_t msglen;
			
 
				+ 	int fd;
			
 
				+ 
			
 
				+-	bzero(&rtu, sizeof(rtu));
			
 
				++	memset(&rtu, 0, sizeof(rtu));
			
 
				+ 	rtu.m.nh.nlmsg_len = NLMSG_LENGTH(sizeof(rtu.m.rt));
			
 
				+ 	rtu.m.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_DUMP;
			
 
				+ 	rtu.m.nh.nlmsg_type = RTM_GETROUTE;
			
 
				+@@ -142,7 +142,7 @@ get_defaultroute(defaultroute_t *default
			
 
				+ 				plog("could not open AF_INET socket");
			
 
				+ 				break;
			
 
				+ 			}
			
 
				+-			bzero(&req, sizeof(req));
			
 
				++			memset(&req, 0, sizeof(req));
			
 
				+ 			req.ifr_ifindex = iface_idx;
			
 
				+ 			if (ioctl(fd, SIOCGIFNAME, &req) < 0 ||
			
 
				+ 				ioctl(fd, SIOCGIFADDR, &req) < 0)
			
--- a/package/strongswan/patches/patch-src_starter_netkey_c
+++ b/package/strongswan/patches/patch-src_starter_netkey_c
@@ -0,0 +1,19 @@
 
				+--- strongswan-4.4.0.orig/src/starter/netkey.c	2010-03-15 21:52:51.000000000 +0100
			
 
				++++ strongswan-4.4.0/src/starter/netkey.c	2010-07-14 19:05:06.911085736 +0200
			
 
				+@@ -48,6 +48,8 @@ starter_netkey_init(void)
			
 
				+ 	}
			
 
				+ 
			
 
				+ 	/* make sure that all required IPsec modules are loaded */
			
 
				++	/* OpenADK loads all kernel modules already */
			
 
				++#if 0
			
 
				+ 	if (stat(PROC_MODULES, &stb) == 0)
			
 
				+ 	{
			
 
				+ 		ignore_result(system("modprobe -qv ah4"));
			
 
				+@@ -60,6 +62,7 @@ starter_netkey_init(void)
			
 
				+ 	DBG(DBG_CONTROL,
			
 
				+ 		DBG_log("Found netkey IPsec stack")
			
 
				+ 	)
			
 
				++#endif
			
 
				+ 	return TRUE;
			
 
				+ }
			
 
				+