Home Explore Help
Sign In
oss
/
openadk
4
1
Fork 3
Files Issues 1 Pull Requests 0 Wiki
Browse Source

strongswan: update to 5.9.5

Waldemar Brodkorb 2 years ago
parent
f715dd8d40
commit
7b6d51bed2
7 changed files with 53 additions and 31 deletions
Split View Show Diff Stats
  1. 2 2
      package/strongswan/Makefile
  2. 5 5
      package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c
  3. 21 3
      package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c.orig
  4. 11 0
      package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_private_key_c
  5. 11 0
      package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_public_key_c
  6. 3 3
      package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_x_diffie_hellman_c
  7. 0 18
      package/strongswan/patches/patch-src_starter_netkey_c

+ 2 - 2
package/strongswan/Makefile
View File 

@@ -4,9 +4,9 @@
 
 include $(ADK_TOPDIR)/rules.mk
 
 
 PKG_NAME:=		strongswan
 
-PKG_VERSION:=		5.8.1
 
+PKG_VERSION:=		5.9.5
 
 PKG_RELEASE:=		1
 
-PKG_HASH:=		d86490a09160016d1c1a20020fef832559a22531eb9a1b1659256e3ca1c8c97d
 
+PKG_HASH:=		6db028c9033dfd7cab578ca7e4b0075922cffec7af8bffc7d67cac67f348a5be
 
 PKG_DESCR:=		ipsec based vpn software
 
 PKG_SECTION:=		net/security
 
 PKG_KDEPENDS:=		net-key inet-esp xfrm-user inet-xfrm-mode-transport

+ 5 - 5
package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c
View File 

@@ -1,6 +1,6 @@
 
---- strongswan-5.8.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c	2019-08-27 15:26:53.000000000 +0200
 
-+++ strongswan-5.8.1/src/libstrongswan/plugins/openssl/openssl_plugin.c	2019-10-08 02:05:20.954742229 +0200
 
-@@ -310,7 +310,7 @@ static private_key_t *openssl_private_ke
 
+--- strongswan-5.9.5.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c	2022-01-08 12:54:02.000000000 +0100
 
++++ strongswan-5.9.5/src/libstrongswan/plugins/openssl/openssl_plugin.c	2022-03-21 16:41:08.736944525 +0100
 
+@@ -329,7 +329,7 @@ static private_key_t *openssl_private_ke
 
  				case EVP_PKEY_EC:
 
  					return openssl_ec_private_key_create(key, FALSE);
 
  #endif
 
@@ -9,7 +9,7 @@
 
  				case EVP_PKEY_ED25519:
 
  				case EVP_PKEY_ED448:
 
  					return openssl_ed_private_key_create(key, FALSE);
 
-@@ -462,7 +462,7 @@ static private_key_t *openssl_private_ke
 
+@@ -481,7 +481,7 @@ static private_key_t *openssl_private_ke
 
  		case EVP_PKEY_EC:
 
  			return openssl_ec_private_key_create(key, TRUE);
 
  #endif
 
@@ -18,7 +18,7 @@
 
  		case EVP_PKEY_ED25519:
 
  		case EVP_PKEY_ED448:
 
  			return openssl_ed_private_key_create(key, TRUE);
 
-@@ -814,7 +814,7 @@ plugin_t *openssl_plugin_create()
 
+@@ -980,7 +980,7 @@ plugin_t *openssl_plugin_create()
 
  		},
 
  	);

+ 21 - 3
package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c.orig
View File 

@@ -1,6 +1,24 @@
 
---- strongswan-5.5.0.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c	2016-06-30 16:20:10.000000000 +0200
 
-+++ strongswan-5.5.0/src/libstrongswan/plugins/openssl/openssl_plugin.c	2016-09-30 05:36:45.015692462 +0200
 
-@@ -573,7 +573,7 @@ plugin_t *openssl_plugin_create()
 
+--- strongswan-5.8.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c	2019-08-27 15:26:53.000000000 +0200
 
++++ strongswan-5.8.1/src/libstrongswan/plugins/openssl/openssl_plugin.c	2019-10-08 02:05:20.954742229 +0200
 
+@@ -310,7 +310,7 @@ static private_key_t *openssl_private_ke
 
+ 				case EVP_PKEY_EC:
 
+ 					return openssl_ec_private_key_create(key, FALSE);
 
+ #endif
 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_EC)
 
++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER)
 
+ 				case EVP_PKEY_ED25519:
 
+ 				case EVP_PKEY_ED448:
 
+ 					return openssl_ed_private_key_create(key, FALSE);
 
+@@ -462,7 +462,7 @@ static private_key_t *openssl_private_ke
 
+ 		case EVP_PKEY_EC:
 
+ 			return openssl_ec_private_key_create(key, TRUE);
 
+ #endif
 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_EC)
 
++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER)
 
+ 		case EVP_PKEY_ED25519:
 
+ 		case EVP_PKEY_ED448:
 
+ 			return openssl_ed_private_key_create(key, TRUE);
 
+@@ -814,7 +814,7 @@ plugin_t *openssl_plugin_create()
 
  		},
 
  	);

+ 11 - 0
package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_private_key_c
View File 

@@ -0,0 +1,11 @@
 
+--- strongswan-5.9.5.orig/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c	2021-12-29 12:08:27.000000000 +0100
 
++++ strongswan-5.9.5/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c	2022-03-21 16:48:57.605794714 +0100
 
+@@ -280,7 +280,7 @@ METHOD(private_key_t, sign, bool,
 
+ 			return build_emsa_pkcs1_signature(this, NID_sha384, data, signature);
 
+ 		case SIGN_RSA_EMSA_PKCS1_SHA2_512:
 
+ 			return build_emsa_pkcs1_signature(this, NID_sha512, data, signature);
 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SHA3)
 
++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SHA3) && !defined(LIBRESSL_VERSION_NUMBER)
 
+ 		case SIGN_RSA_EMSA_PKCS1_SHA3_224:
 
+ 			return build_emsa_pkcs1_signature(this, NID_sha3_224, data, signature);
 
+ 		case SIGN_RSA_EMSA_PKCS1_SHA3_256:

+ 11 - 0
package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_public_key_c
View File 

@@ -0,0 +1,11 @@
 
+--- strongswan-5.9.5.orig/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c	2021-12-29 12:08:27.000000000 +0100
 
++++ strongswan-5.9.5/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c	2022-03-21 16:49:30.581005593 +0100
 
+@@ -281,7 +281,7 @@ METHOD(public_key_t, verify, bool,
 
+ 			return verify_emsa_pkcs1_signature(this, NID_sha384, data, signature);
 
+ 		case SIGN_RSA_EMSA_PKCS1_SHA2_512:
 
+ 			return verify_emsa_pkcs1_signature(this, NID_sha512, data, signature);
 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SHA3)
 
++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SHA3) && !defined(LIBRESSL_VERSION_NUMBER)
 
+ 		case SIGN_RSA_EMSA_PKCS1_SHA3_224:
 
+ 			return verify_emsa_pkcs1_signature(this, NID_sha3_224, data, signature);
 
+ 		case SIGN_RSA_EMSA_PKCS1_SHA3_256:

+ 3 - 3
package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_x_diffie_hellman_c
View File 

@@ -1,5 +1,5 @@
 
---- strongswan-5.8.1.orig/src/libstrongswan/plugins/openssl/openssl_x_diffie_hellman.c	2018-12-14 16:48:24.000000000 +0100
 
-+++ strongswan-5.8.1/src/libstrongswan/plugins/openssl/openssl_x_diffie_hellman.c	2019-10-08 02:05:54.116867134 +0200
 
+--- strongswan-5.9.5.orig/src/libstrongswan/plugins/openssl/openssl_x_diffie_hellman.c	2022-01-08 12:54:02.000000000 +0100
 
++++ strongswan-5.9.5/src/libstrongswan/plugins/openssl/openssl_x_diffie_hellman.c	2022-03-21 16:41:08.744944336 +0100
 
 @@ -17,7 +17,7 @@
 
  
  /* basic support for X25519 was added with 1.1.0a, but we require features (e.g.
 
@@ -8,4 +8,4 @@
 
 +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_ECDH) && !defined(LIBRESSL_VERSION_NUMBER)
 
  
  #include "openssl_x_diffie_hellman.h"
 
- 
+ #include "openssl_util.h"

+ 0 - 18
package/strongswan/patches/patch-src_starter_netkey_c
View File 

@@ -1,18 +0,0 @@
 
---- strongswan-5.5.0.orig/src/starter/netkey.c	2016-04-22 22:01:35.000000000 +0200
 
-+++ strongswan-5.5.0/src/starter/netkey.c	2016-09-30 05:30:43.681874545 +0200
 
-@@ -42,6 +42,7 @@ bool starter_netkey_init(void)
 
- 	}
 
- 
- 	/* make sure that all required IPsec modules are loaded */
 
-+	/*
 
- 	if (stat(PROC_MODULES, &stb) == 0)
 
- 	{
 
- 		ignore_result(system("modprobe -qv ah4"));
 
-@@ -50,6 +51,7 @@ bool starter_netkey_init(void)
 
- 		ignore_result(system("modprobe -qv xfrm4_tunnel"));
 
- 		ignore_result(system("modprobe -qv xfrm_user"));
 
- 	}
 
-+	*/
 
- 
- 	DBG2(DBG_APP, "found netkey IPsec stack");
 
- 	return TRUE;