summaryrefslogtreecommitdiff
path: root/package/openswan/patches
diff options
context:
space:
mode:
authorWaldemar Brodkorb <wbx@openadk.org>2009-08-09 14:23:21 +0200
committerWaldemar Brodkorb <wbx@openadk.org>2009-08-09 14:23:21 +0200
commit1c47490f586071528b387edc46e531c88bd77dc7 (patch)
treef271e5a7124d085b4d7b9acbf311c6f55b257549 /package/openswan/patches
parent4e4a2f5a1d86ce0e2b79a8b8f6b150226913582f (diff)
update openswan, try to use both IPsec implementations
Diffstat (limited to 'package/openswan/patches')
-rw-r--r--package/openswan/patches/patch-Makefile_inc19
-rw-r--r--package/openswan/patches/patch-programs_Makefile_program6
-rw-r--r--package/openswan/patches/patch-programs_ikeping_ikeping_c6
3 files changed, 23 insertions, 8 deletions
diff --git a/package/openswan/patches/patch-Makefile_inc b/package/openswan/patches/patch-Makefile_inc
index 653528eb9..872f21335 100644
--- a/package/openswan/patches/patch-Makefile_inc
+++ b/package/openswan/patches/patch-Makefile_inc
@@ -1,5 +1,5 @@
---- openswan-2.6.21.orig/Makefile.inc 2009-03-30 15:11:28.000000000 +0200
-+++ openswan-2.6.21/Makefile.inc 2009-06-13 14:48:55.000000000 +0200
+--- openswan-2.6.22.orig/Makefile.inc 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/Makefile.inc 2009-07-23 20:09:34.556071786 +0200
@@ -163,7 +163,7 @@ INSTALL=install
# how backup names are composed.
# Note that the install procedures will never overwrite an existing config
@@ -9,3 +9,18 @@
INSTSUIDFLAGS=--mode=u+rxs,g+rx,o+rx --group=root -b --suffix=.old
INSTMANFLAGS=
INSTCONFFLAGS=
+@@ -262,12 +262,12 @@ RH_KERNELSRC?=/lib/modules/2.6.9-1.681_F
+ # Note you need a locally running bind9 nameserver with lwres{} enabled
+ # to use this, or have the "lwres" package installed and running.
+ # This only affects conns that use DNS for keys in lookups.
+-USE_LWRES?=false
++USE_LWRES?=true
+
+ # Do a new lookup every time a connection is (re)started. This works better
+ # on hosts with some dyndns service, since DPD will cause a new dns lookup,
+ # but it could be a potential security issue if receiving spoofed dns.
+-USE_DYNAMICDNS?=true
++USE_DYNAMICDNS?=false
+
+ # Do we want all the configuration files like ipsec.conf and ipsec.secrets
+ # and any certificates to be in a single directory defined by
diff --git a/package/openswan/patches/patch-programs_Makefile_program b/package/openswan/patches/patch-programs_Makefile_program
index 74f5c8751..154fd06c2 100644
--- a/package/openswan/patches/patch-programs_Makefile_program
+++ b/package/openswan/patches/patch-programs_Makefile_program
@@ -1,6 +1,6 @@
$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
---- openswan-2.6.21.orig/programs/Makefile.program 2009-03-30 15:11:28.000000000 +0200
-+++ openswan-2.6.21/programs/Makefile.program 2009-06-13 14:42:38.000000000 +0200
+--- openswan-2.6.22.orig/programs/Makefile.program 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/programs/Makefile.program 2009-07-23 19:46:18.635264333 +0200
@@ -49,9 +49,9 @@ CFLAGS+=-DFINALCONFFILE=\"${FINALCONFFIL
CFLAGS+=-DFINALVARDIR=\"${FINALVARDIR}\"
@@ -14,7 +14,7 @@ $Id: update-patches 24 2008-08-31 14:56:13Z wbx $
CFLAGS+= ${WERROR}
-@@ -108,67 +108,67 @@ endif
+@@ -104,67 +104,67 @@ endif
ifneq ($(NOINSTALL),true)
doinstall:: $(PROGRAM) $(CONFFILES) $(EXTRA8MAN) $(EXTRA5MAN) $(EXTRA5PROC) $(LIBFILES) $(CONFDFILES)
diff --git a/package/openswan/patches/patch-programs_ikeping_ikeping_c b/package/openswan/patches/patch-programs_ikeping_ikeping_c
index 5e8bde61b..4be18fcdb 100644
--- a/package/openswan/patches/patch-programs_ikeping_ikeping_c
+++ b/package/openswan/patches/patch-programs_ikeping_ikeping_c
@@ -1,7 +1,7 @@
$Id: update-patches 24 2008-08-31 14:56:13Z wbx $
---- openswan-2.6.18.orig/programs/ikeping/ikeping.c 2008-10-06 18:52:49.000000000 +0200
-+++ openswan-2.6.18/programs/ikeping/ikeping.c 2008-10-14 13:09:06.000000000 +0200
-@@ -316,7 +316,7 @@ main(int argc, char **argv)
+--- openswan-2.6.22.orig/programs/ikeping/ikeping.c 2009-06-23 04:53:08.000000000 +0200
++++ openswan-2.6.22/programs/ikeping/ikeping.c 2009-07-23 19:46:18.643265912 +0200
+@@ -319,7 +319,7 @@ main(int argc, char **argv)
natt=0;
listen_only=0;
noDNS=0;