summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--mk/modules.mk4
-rw-r--r--package/openswan/Makefile18
-rw-r--r--package/strongswan/Makefile60
-rw-r--r--package/strongswan/patches/patch-src_pluto_alg_info_c11
-rw-r--r--target/linux/config/Config.in.ipsec19
5 files changed, 92 insertions, 20 deletions
diff --git a/mk/modules.mk b/mk/modules.mk
index 54c1deda0..d7383eef2 100644
--- a/mk/modules.mk
+++ b/mk/modules.mk
@@ -279,6 +279,10 @@ $(eval $(call KMOD_template,NET_KEY,net-key,\
$(MODULES_DIR)/kernel/net/key/af_key \
,60))
+$(eval $(call KMOD_template,XFRM_USER,xfrm-user,\
+ $(MODULES_DIR)/kernel/net/xfrm/xfrm_user \
+,61))
+
$(eval $(call KMOD_template,INET_AH,inet-ah,\
$(MODULES_DIR)/kernel/net/ipv4/ah4 \
,65))
diff --git a/package/openswan/Makefile b/package/openswan/Makefile
index a85dd29a2..4406fe3e2 100644
--- a/package/openswan/Makefile
+++ b/package/openswan/Makefile
@@ -4,16 +4,15 @@
include ${TOPDIR}/rules.mk
PKG_NAME:= openswan
-PKG_VERSION:= 2.6.26
+PKG_VERSION:= 2.6.27
PKG_RELEASE:= 1
-PKG_MD5SUM:= ac514a8c09d871407b16848c67d0d806
+PKG_MD5SUM:= 5177b7401bb89e84ca1c89029143441e
PKG_DESCR:= IPSec software
PKG_SECTION:= net/security
PKG_DEPENDS:= ip libgmp
PKG_BUILDDEP+= gmp
-PKG_URL:= http://www.openswan.org
-PKG_SITES:= http://www.openswan.org/download/ \
- ftp://ftp.openswan.org/openswan/
+PKG_URL:= http://www.openswan.org/
+PKG_SITES:= http://www.openswan.org/download/
PKG_NOPARALLEL:= 1
@@ -21,16 +20,7 @@ include ${TOPDIR}/mk/package.mk
$(eval $(call PKG_template,OPENSWAN,${PKG_NAME},${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
-#ifeq ($(ADK_COMPILE_OPENSWAN_WITH_NETKEY),y)
-#XAKE_FLAGS+= USE_KLIPS=false USE_NETKEY=true
-#endif
-
-#ifeq ($(ADK_COMPILE_OPENSWAN_WITH_KLIPS),y)
-#XAKE_FLAGS+= USE_KLIPS=true USE_NETKEY=false
-#endif
-
CONFIG_STYLE:= manual
-
XAKE_FLAGS+= KERNELSRC="${LINUX_DIR}" \
IPSECDIR="/usr/lib/ipsec" \
INC_USRLOCAL="/usr" \
diff --git a/package/strongswan/Makefile b/package/strongswan/Makefile
new file mode 100644
index 000000000..c5c364c5a
--- /dev/null
+++ b/package/strongswan/Makefile
@@ -0,0 +1,60 @@
+# This file is part of the OpenADK project. OpenADK is copyrighted
+# material, please see the LICENCE file in the top-level directory.
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:= strongswan
+PKG_VERSION:= 4.4.0
+PKG_RELEASE:= 1
+PKG_MD5SUM:= 22dae13782f493ec675d54b67d79a66d
+PKG_DESCR:= IPsec software
+PKG_SECTION:= net/security
+PKG_DEPENDS:= libgmp ip libpthread kmod-net-key kmod-xfrm-user
+PKG_DEPENDS+= kmod-inet-ah kmod-inet-esp kmod-inet-ipcomp
+PKG_DEPENDS+= kmod-inet-xfrm-mode-tunnel kmod-inet-xfrm-mode-transport
+PKG_BUILDDEP+= gmp
+PKG_URL:= http://strongswan.org/index.htm
+PKG_SITES:= http://download.strongswan.org/
+
+include $(TOPDIR)/mk/package.mk
+
+$(eval $(call PKG_template,STRONGSWAN,$(PKG_NAME),$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
+
+post-install:
+ $(INSTALL_DIR) $(IDIR_STRONGSWAN)/etc
+ $(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/sbin
+ $(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/lib
+ $(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/libexec/ipsec/plugins
+ $(CP) $(WRKINST)/usr/libexec/ipsec/plugins/*.so \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec/plugins
+ $(CP) $(WRKINST)/etc/* $(IDIR_STRONGSWAN)/etc
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/charon \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/openac \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_pluto_adns \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/starter \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_updown \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/whack \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_copyright \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/pki \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/pluto \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/scepclient \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/stroke \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_updown_espmark \
+ $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+ $(INSTALL_BIN) $(WRKINST)/usr/sbin/ipsec \
+ $(IDIR_STRONGSWAN)/usr/sbin
+ $(CP) $(WRKINST)/usr/lib/lib*.so* \
+ $(IDIR_STRONGSWAN)/usr/lib
+
+include ${TOPDIR}/mk/pkg-bottom.mk
diff --git a/package/strongswan/patches/patch-src_pluto_alg_info_c b/package/strongswan/patches/patch-src_pluto_alg_info_c
new file mode 100644
index 000000000..8c65188c2
--- /dev/null
+++ b/package/strongswan/patches/patch-src_pluto_alg_info_c
@@ -0,0 +1,11 @@
+--- strongswan-4.4.0.orig/src/pluto/alg_info.c 2010-03-15 21:52:51.000000000 +0100
++++ strongswan-4.4.0/src/pluto/alg_info.c 2010-07-13 22:49:11.775081075 +0200
+@@ -414,7 +414,7 @@ struct alg_info_esp *alg_info_esp_create
+ alg_info_esp = malloc_thing (struct alg_info_esp);
+ zero(alg_info_esp);
+
+- pfs_name=index (alg_str, ';');
++ pfs_name=strchr (alg_str, ';');
+ if (pfs_name)
+ {
+ memcpy(esp_buf, alg_str, pfs_name-alg_str);
diff --git a/target/linux/config/Config.in.ipsec b/target/linux/config/Config.in.ipsec
index 60497bc32..f1b17327a 100644
--- a/target/linux/config/Config.in.ipsec
+++ b/target/linux/config/Config.in.ipsec
@@ -7,15 +7,22 @@ config ADK_KPACKAGE_KMOD_NET_KEY
help
PF_KEYv2 socket family, compatible to KAME ones.
+config ADK_KPACKAGE_KMOD_XFRM_USER
+ prompt "kmod-xfrm-user.................... IPsec usertools support"
+ tristate
+ default n
+ help
+
config ADK_KPACKAGE_KMOD_INET_AH
- prompt "kmod-net-ipsec-ah................. IPsec AH support"
+ prompt "kmod-inet-ah...................... IPsec AH support"
tristate
+ select ADK_KPACKAGE_KMOD_CRYPTO_HASH
default n
help
Support for IPsec AH.
config ADK_KPACKAGE_KMOD_INET_ESP
- prompt "kmod-net-ipsec-esp................ IPsec ESP support"
+ prompt "kmod-inet-esp..................... IPsec ESP support"
tristate
select ADK_KPACKAGE_KMOD_CRYPTO_AEAD
default n
@@ -23,7 +30,7 @@ config ADK_KPACKAGE_KMOD_INET_ESP
Support for IPsec ESP.
config ADK_KPACKAGE_KMOD_INET_IPCOMP
- prompt "kmod-net-ipsec-comp................ IP Payload Compression"
+ prompt "kmod-inet-ipcomp.................. IP Payload Compression"
tristate
default n
help
@@ -31,21 +38,21 @@ config ADK_KPACKAGE_KMOD_INET_IPCOMP
typically needed for IPsec.
config ADK_KPACKAGE_KMOD_INET_XFRM_MODE_TRANSPORT
- prompt "kmod-net-ipsec-transport........... IPsec transport mode"
+ prompt "kmod-inet-xfrm-mode-transport..... IPsec transport mode"
tristate
default n
help
Support for IPsec transport mode.
config ADK_KPACKAGE_KMOD_INET_XFRM_MODE_TUNNEL
- prompt "kmod-net-ipsec-tunnel.............. IPsec tunnel mode"
+ prompt "kmod-inet-xfrm-mode-tunnel........ IPsec tunnel mode"
tristate
default n
help
Support for IPsec tunnel mode.
config ADK_KPACKAGE_KMOD_INET_XFRM_MODE_BEET
- prompt "kmod-net-ipsec-beet................ IPsec BEET mode"
+ prompt "kmod-inet-xfrm-mode-beet.......... IPsec BEET mode"
tristate
default n
help
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-17 10:18:17 +0000