Changeset 26789


Ignore:
Timestamp:
2011-04-29T17:26:26+02:00 (7 years ago)
Author:
jow
Message:

[PATCH] strongswan4 update to 4.5.1
This patch updates the strongswan4 package from 4.3.7 to 4.5.1. I have
added the following plugins which get built as strongswan4-mod-<plugin>
packages:

constraints - X.509 constraint checking
dhcp - DHCP-based IP and DNS
farp - Fake arp responses
led - LED blink on IKE activity
revocation - X.509 revocation checking
socket-default - Default socket for IKEv2
socket-raw - RAW socket of IKEv1 and IKEv2
xauth - XAUTH authentication

Upstream default plugins were added to the strongswan4-default meta
package. "socket-default" and "kernel-netlink" plugins were added to the
strongswan4-minimal meta package since a socket and a kernel interface are
required for a working setup and these are the upstream defaults in this
case. The whack command was moved to strongswan4-app-pluto.

The 202-clone.patch has been fixed upstream so it can be removed. The
other patches were rebased for the new strongswan4 release.

I have been using strongswan 4.5.1 with backfire and trunk for a couple
weeks now. There are some missing kernel modules in trunk that are
required for strongswan4 to work (also true for 4.3.7). There are already
a couple of tickets on trac addressing these kernel modules:

https://dev.archive.openwrt.org/ticket/9234.html
https://dev.archive.openwrt.org/ticket/8928.html

I also have my own patch that just packages all of the missing modules
into a single kmod-crypto-ipsec package. It would be nice to get some
discussion how these modules should be packaged so we can get working
ipsec support in trunk.

Signed-off-by: Lars Hjersted <lars at hjersted.com>

Location:
packages/net/strongswan4
Files:
1 deleted
3 edited

Legend:

Unmodified
Added
Removed
  • packages/net/strongswan4/Makefile

    r23849 r26789  
    11#  
    2 # Copyright (C) 2010 OpenWrt.org 
     2# Copyright (C) 2010-2011 OpenWrt.org 
    33# 
    44# This is free software, licensed under the GNU General Public License v2. 
     
    99 
    1010PKG_NAME:=strongswan 
    11 PKG_VERSION:=4.3.7 
     11PKG_VERSION:=4.5.1 
    1212PKG_RELEASE:=1 
    1313 
    1414PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 
    1515PKG_SOURCE_URL:=http://download.strongswan.org/ 
    16 PKG_MD5SUM:=02adcea934ef536e704d03c5d0f934f8 
     16PKG_MD5SUM:=81a4a699c4a1a49b74061dfa47b5a033 
    1717 
    1818PKG_MOD_AVAILABLE:= \ 
     
    2222        attr-sql \ 
    2323        blowfish \ 
     24        constraints \ 
    2425        curl \ 
    2526        des \ 
     27        dhcp \ 
    2628        dnskey \ 
    2729        eap-md5 \ 
    2830        eap-mschapv2 \ 
    2931        eap-radius \ 
     32        farp \ 
    3033        fips-prf \ 
    3134        gcrypt \ 
     
    3639        kernel-pfkey \ 
    3740        ldap \ 
     41        led \ 
    3842        load-tester \ 
    3943        md5 \ 
     
    4852        random \ 
    4953        resolve \ 
     54        revocation \ 
    5055        sha1 \ 
    5156        sha2 \ 
    5257        smp \ 
     58        socket-default \ 
     59        socket-raw \ 
    5360        sql \ 
    5461        sqlite \ 
     
    5764        updown \ 
    5865        x509 \ 
     66        xauth \ 
    5967        xcbc \ 
    6068 
     
    7482        $(patsubst %,CONFIG_PACKAGE_strongswan4-mod-%,$(PKG_MOD_AVAILABLE)) \ 
    7583 
    76 PKG_FIXUP:=libtool 
     84PKG_FIXUP:=autoreconf 
    7785PKG_INSTALL:=1 
    7886PKG_BUILD_PARALLEL:=1 
     
    126134        +strongswan4-mod-attr-sql \ 
    127135        +strongswan4-mod-blowfish \ 
     136        +strongswan4-mod-constraints \ 
    128137        +strongswan4-mod-curl \ 
    129138        +strongswan4-mod-des \ 
     139        +strongswan4-mod-dhcp \ 
    130140        +strongswan4-mod-dnskey \ 
    131141        +strongswan4-mod-eap-md5 \ 
    132142        +strongswan4-mod-eap-mschapv2 \ 
    133143        +strongswan4-mod-eap-radius \ 
     144        +strongswan4-mod-farp \ 
    134145        +strongswan4-mod-fips-prf \ 
    135146        +strongswan4-mod-gcrypt \ 
     
    140151        +strongswan4-mod-kernel-pfkey \ 
    141152        +strongswan4-mod-ldap \ 
     153        +strongswan4-mod-led \ 
    142154        +strongswan4-mod-load-tester \ 
    143155        +strongswan4-mod-md5 \ 
     
    152164        +strongswan4-mod-random \ 
    153165        +strongswan4-mod-resolve \ 
     166        +strongswan4-mod-revocation \ 
    154167        +strongswan4-mod-sha1 \ 
    155168        +strongswan4-mod-sha2 \ 
    156169        +strongswan4-mod-smp \ 
     170        +strongswan4-mod-socket-default \ 
     171        +strongswan4-mod-socket-raw \ 
    157172        +strongswan4-mod-sql \ 
    158173        +strongswan4-mod-sqlite \ 
     
    161176        +strongswan4-mod-updown \ 
    162177        +strongswan4-mod-x509 \ 
     178        +strongswan4-mod-xauth \ 
    163179        +strongswan4-mod-xcbc \ 
    164180        +strongswan4-utils 
     
    179195        +strongswan4-app-pluto \ 
    180196        +strongswan4-mod-aes \ 
     197        +strongswan4-mod-constraints \ 
    181198        +strongswan4-mod-attr \ 
    182199        +strongswan4-mod-des \ 
     
    185202        +strongswan4-mod-gmp \ 
    186203        +strongswan4-mod-hmac \ 
     204        +strongswan4-mod-kernel-netlink \ 
    187205        +strongswan4-mod-md5 \ 
    188206        +strongswan4-mod-pem \ 
     
    191209        +strongswan4-mod-pubkey \ 
    192210        +strongswan4-mod-random \ 
     211        +strongswan4-mod-revocation \ 
    193212        +strongswan4-mod-resolve \ 
    194213        +strongswan4-mod-sha1 \ 
    195214        +strongswan4-mod-sha2 \ 
     215        +strongswan4-mod-socket-raw \ 
    196216        +strongswan4-mod-stroke \ 
    197217        +strongswan4-mod-updown \ 
    198218        +strongswan4-mod-x509 \ 
     219        +strongswan4-mod-xauth \ 
    199220        +strongswan4-mod-xcbc \ 
    200221        +strongswan4-utils 
     
    217238        +strongswan4-mod-gmp \ 
    218239        +strongswan4-mod-hmac \ 
     240        +strongswan4-mod-kernel-netlink \ 
    219241        +strongswan4-mod-pubkey \ 
    220242        +strongswan4-mod-random \ 
    221243        +strongswan4-mod-sha1 \ 
     244        +strongswan4-mod-socket-default \ 
    222245        +strongswan4-mod-stroke \ 
    223246        +strongswan4-mod-updown \ 
     
    229252$(call Package/strongswan4/description/Default) 
    230253 . 
    231  This meta-package contains only dependencies for a minimal setup. 
     254 This meta-package contains only dependencies for a minimal IKEv2 setup. 
    232255endef 
    233256 
     
    325348        $(CP) -R $(PKG_INSTALL_DIR)/etc/ipsec.d $(1)/etc/ 
    326349        $(INSTALL_DIR) $(1)/usr/lib 
    327         $(CP) $(PKG_INSTALL_DIR)/usr/lib/libstrongswan.so.* $(1)/usr/lib/ 
     350        $(CP) \ 
     351                $(PKG_INSTALL_DIR)/usr/lib/libstrongswan.so.* \ 
     352                $(PKG_INSTALL_DIR)/usr/lib/libhydra.so.* \ 
     353                $(1)/usr/lib/ 
    328354        $(INSTALL_DIR) $(1)/usr/sbin 
    329355        $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/ 
     
    332358                $(PKG_INSTALL_DIR)/usr/lib/ipsec/_copyright \ 
    333359                $(PKG_INSTALL_DIR)/usr/lib/ipsec/starter \ 
    334                 $(PKG_INSTALL_DIR)/usr/lib/ipsec/whack \ 
    335360                $(1)/usr/lib/ipsec/ 
    336361        $(INSTALL_CONF) \ 
     
    358383 
    359384define Package/strongswan4-app-charon/install 
     385        $(INSTALL_DIR) $(1)/usr/lib 
     386        $(CP) $(PKG_INSTALL_DIR)/usr/lib/libcharon.so.* $(1)/usr/lib/ 
    360387        $(INSTALL_DIR) $(1)/usr/lib/ipsec 
    361388        $(CP) \ 
     
    371398                $(PKG_INSTALL_DIR)/usr/lib/ipsec/pluto \ 
    372399                $(PKG_INSTALL_DIR)/usr/lib/ipsec/_pluto_adns \ 
     400                $(PKG_INSTALL_DIR)/usr/lib/ipsec/whack \ 
    373401                $(1)/usr/lib/ipsec/ 
    374402endef 
     
    414442$(eval $(call BuildPlugin,attr-sql,SQL-based config attrib,+strongswan4-mod-sql)) 
    415443$(eval $(call BuildPlugin,blowfish,Blowfish crypto,)) 
     444$(eval $(call BuildPlugin,constraints,X.509 constraint checking,)) 
    416445$(eval $(call BuildPlugin,curl,cURL,+libcurl)) 
    417446$(eval $(call BuildPlugin,des,DES crypto,)) 
     447$(eval $(call BuildPlugin,dhcp,DHCP-based IP and DNS,)) 
    418448$(eval $(call BuildPlugin,dnskey,DNS RR key decoding,)) 
    419449$(eval $(call BuildPlugin,eap-md5,MD5 EAP (CHAP) auth,)) 
    420450$(eval $(call BuildPlugin,eap-mschapv2,MS-CHAPv2 EAP auth,)) 
    421451$(eval $(call BuildPlugin,eap-radius,RADIUS proxy auth,)) 
     452$(eval $(call BuildPlugin,farp,Fake arp respsonses,)) 
    422453$(eval $(call BuildPlugin,fips-prf,FIPS PRF crypto,)) 
    423454$(eval $(call BuildPlugin,gcrypt,libgcrypt,+libgcrypt)) 
     
    428459$(eval $(call BuildPlugin,kernel-pfkey,PK_KEY kernel interface,)) 
    429460$(eval $(call BuildPlugin,ldap,LDAP,+libopenldap)) 
     461$(eval $(call BuildPlugin,led,LED blink on IKE activity,)) 
    430462$(eval $(call BuildPlugin,load-tester,load testing,)) 
    431463$(eval $(call BuildPlugin,md5,MD5 crypto,)) 
     
    440472$(eval $(call BuildPlugin,random,RNG,)) 
    441473$(eval $(call BuildPlugin,resolve,DNS resolver,)) 
     474$(eval $(call BuildPlugin,revocation,X.509 revocation checking,)) 
    442475$(eval $(call BuildPlugin,sha1,SHA1 crypto,)) 
    443476$(eval $(call BuildPlugin,sha2,SHA2 crypto,)) 
    444477$(eval $(call BuildPlugin,smp,SMP configuration and control interface,+PACKAGE_strongswan4-mod-smp:libxml2)) 
     478$(eval $(call BuildPlugin,socket-default,default socket for IKEv2,)) 
     479$(eval $(call BuildPlugin,socket-raw,RAW socket for IKEv1 and IKEv2,)) 
    445480$(eval $(call BuildPlugin,sql,SQL database interface,)) 
    446481$(eval $(call BuildPlugin,sqlite,SQLite database interface,+strongswan4-mod-sql +PACKAGE_strongswan4-mod-sqlite:libsqlite3)) 
     
    449484$(eval $(call BuildPlugin,updown,updown firewall,)) 
    450485$(eval $(call BuildPlugin,x509,x509 certificate,)) 
     486$(eval $(call BuildPlugin,xauth,XAUTH authentication,)) 
    451487$(eval $(call BuildPlugin,xcbc,xcbc crypto,)) 
  • packages/net/strongswan4/patches/203-uci.patch

    r20965 r26789  
    1 --- a/src/charon/plugins/uci/uci_parser.c 
    2 +++ b/src/charon/plugins/uci/uci_parser.c 
     1--- a/src/libcharon/plugins/uci/uci_parser.c 
     2+++ b/src/libcharon/plugins/uci/uci_parser.c 
    33@@ -80,7 +80,7 @@ static bool section_enumerator_enumerate 
    44                if (uci_lookup(this->ctx, &element, this->package, 
  • packages/net/strongswan4/patches/300-compile-fixes.patch

    r23848 r26789  
    1 Index: strongswan-4.3.7/src/pluto/adns.c 
    2 =================================================================== 
    3 --- strongswan-4.3.7.orig/src/pluto/adns.c      2010-11-04 01:34:39.497000001 +0100 
    4 +++ strongswan-4.3.7/src/pluto/adns.c   2010-11-04 01:35:10.609000001 +0100 
    5 @@ -179,7 +179,7 @@ 
     1--- a/src/pluto/adns.c 
     2+++ b/src/pluto/adns.c 
     3@@ -179,7 +179,7 @@ write_pipe(int fd, const unsigned char * 
    64        res_query(dname, class, type, answer, anslen) 
    75 # define res_nclose(statp) res_close() 
Note: See TracChangeset for help on using the changeset viewer.