update openswan, try to use both IPsec implementations

3 files changed, 23 insertions, 8 deletions

diff --git a/package/openswan/patches/patch-Makefile_inc b/package/openswan/patches/patch-Makefile_inc
index 653528eb9..872f21335 100644
--- a/package/openswan/patches/patch-Makefile_inc
+++ b/package/openswan/patches/patch-Makefile_inc
@@ -1,5 +1,5 @@
---- openswan-2.6.21.orig/Makefile.inc	2009-03-30 15:11:28.000000000 +0200
-+++ openswan-2.6.21/Makefile.inc	2009-06-13 14:48:55.000000000 +0200
+--- openswan-2.6.22.orig/Makefile.inc	2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/Makefile.inc	2009-07-23 20:09:34.556071786 +0200
 @@ -163,7 +163,7 @@ INSTALL=install
  # how backup names are composed.
  # Note that the install procedures will never overwrite an existing config
@@ -9,3 +9,18 @@
  INSTSUIDFLAGS=--mode=u+rxs,g+rx,o+rx --group=root -b --suffix=.old
  INSTMANFLAGS=
  INSTCONFFLAGS=
+@@ -262,12 +262,12 @@ RH_KERNELSRC?=/lib/modules/2.6.9-1.681_F
+ # Note you need a locally running bind9 nameserver with lwres{} enabled
+ # to use this, or have the "lwres" package installed and running.
+ # This only affects conns that use DNS for keys in lookups.
+-USE_LWRES?=false
++USE_LWRES?=true
+ 
+ # Do a new lookup every time a connection is (re)started. This works better
+ # on hosts with some dyndns service, since DPD will cause a new dns lookup,
+ # but it could be a potential security issue if receiving spoofed dns.
+-USE_DYNAMICDNS?=true
++USE_DYNAMICDNS?=false
+ 
+ # Do we want all the configuration files like ipsec.conf and ipsec.secrets
+ # and any certificates to be in a single directory defined by 
diff --git a/package/openswan/patches/patch-programs_Makefile_program b/package/openswan/patches/patch-programs_Makefile_program
index 74f5c8751..154fd06c2 100644
--- a/package/openswan/patches/patch-programs_Makefile_program
+++ b/package/openswan/patches/patch-programs_Makefile_program
@@ -1,6 +1,6 @@
 $Id: update-patches 24 2008-08-31 14:56:13Z wbx $
---- openswan-2.6.21.orig/programs/Makefile.program	2009-03-30 15:11:28.000000000 +0200
-+++ openswan-2.6.21/programs/Makefile.program	2009-06-13 14:42:38.000000000 +0200
+--- openswan-2.6.22.orig/programs/Makefile.program	2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/programs/Makefile.program	2009-07-23 19:46:18.635264333 +0200
 @@ -49,9 +49,9 @@ CFLAGS+=-DFINALCONFFILE=\"${FINALCONFFIL
  CFLAGS+=-DFINALVARDIR=\"${FINALVARDIR}\"
  
@@ -14,7 +14,7 @@ $Id: update-patches 24 2008-08-31 14:56:13Z wbx $
  
  CFLAGS+= ${WERROR}
  
-@@ -108,67 +108,67 @@ endif
+@@ -104,67 +104,67 @@ endif
  ifneq ($(NOINSTALL),true)
  
  doinstall:: $(PROGRAM) $(CONFFILES) $(EXTRA8MAN) $(EXTRA5MAN) $(EXTRA5PROC) $(LIBFILES) $(CONFDFILES)
diff --git a/package/openswan/patches/patch-programs_ikeping_ikeping_c b/package/openswan/patches/patch-programs_ikeping_ikeping_c
index 5e8bde61b..4be18fcdb 100644
--- a/package/openswan/patches/patch-programs_ikeping_ikeping_c
+++ b/package/openswan/patches/patch-programs_ikeping_ikeping_c
@@ -1,7 +1,7 @@
 $Id: update-patches 24 2008-08-31 14:56:13Z wbx $
---- openswan-2.6.18.orig/programs/ikeping/ikeping.c	2008-10-06 18:52:49.000000000 +0200
-+++ openswan-2.6.18/programs/ikeping/ikeping.c	2008-10-14 13:09:06.000000000 +0200
-@@ -316,7 +316,7 @@ main(int argc, char **argv)
+--- openswan-2.6.22.orig/programs/ikeping/ikeping.c	2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/programs/ikeping/ikeping.c	2009-07-23 19:46:18.643265912 +0200
+@@ -319,7 +319,7 @@ main(int argc, char **argv)
    natt=0;
    listen_only=0;
    noDNS=0;