diff options
75 files changed, 1429 insertions, 247 deletions
diff --git a/package/axtls/Makefile b/package/axtls/Makefile index 599e814ce..6cb716b3c 100644 --- a/package/axtls/Makefile +++ b/package/axtls/Makefile @@ -4,11 +4,11 @@ include ${TOPDIR}/rules.mk PKG_NAME:= axtls -PKG_VERSION:= 1.3.2 +PKG_VERSION:= 1.4.9 PKG_RELEASE:= 1 -PKG_MD5SUM:= b2cdafaa93c033cd4f3ebfca2c7e66b4 -PKG_DESCR:= small embedded webserver -PKG_SECTION:= net/security +PKG_MD5SUM:= 6d519bc3b5f20faa6ef8d423f5062241 +PKG_DESCR:= small embedded webserver with TLS +PKG_SECTION:= www PKG_DEPENDS:= libaxtls PKG_URL:= http://axtls.sourceforge.net/ PKG_SITES:= ${MASTER_SITE_SOURCEFORGE:=axtls/} diff --git a/package/axtls/files/axhttpd.init b/package/axtls/files/axhttpd.init index a7e25938a..fd662f132 100644 --- a/package/axtls/files/axhttpd.init +++ b/package/axtls/files/axhttpd.init @@ -17,7 +17,7 @@ start) /usr/sbin/axhttpd >>/var/log/axhttpd.access ;; stop) - kill $(pgrep -f /usr/sbin/axhttpd) + kill $(pgrep -f axhttpd) ;; restart) sh $0 stop diff --git a/package/axtls/files/config b/package/axtls/files/config index a37878b3a..c2d8c2ffb 100644 --- a/package/axtls/files/config +++ b/package/axtls/files/config @@ -14,8 +14,10 @@ CONFIG_DEBUG=y # CONFIG_STRIP_UNWANTED_SECTIONS is not set # CONFIG_VISUAL_STUDIO_7_0 is not set # CONFIG_VISUAL_STUDIO_8_0 is not set +# CONFIG_VISUAL_STUDIO_10_0 is not set CONFIG_VISUAL_STUDIO_7_0_BASE="" CONFIG_VISUAL_STUDIO_8_0_BASE="" +CONFIG_VISUAL_STUDIO_10_0_BASE="" CONFIG_EXTRA_CFLAGS_OPTIONS="" CONFIG_EXTRA_LDFLAGS_OPTIONS="" @@ -70,8 +72,8 @@ CONFIG_HTTP_HAS_CGI=y CONFIG_HTTP_CGI_EXTENSIONS=".lua,.lp" # CONFIG_HTTP_ENABLE_LUA is not set CONFIG_HTTP_LUA_PREFIX="" -CONFIG_HTTP_LUA_CGI_LAUNCHER="" # CONFIG_HTTP_BUILD_LUA is not set +CONFIG_HTTP_CGI_LAUNCHER="/usr/bin/cgi" CONFIG_HTTP_DIRECTORIES=y CONFIG_HTTP_HAS_AUTHORIZATION=y # CONFIG_HTTP_HAS_IPV6 is not set diff --git a/package/easy-rsa/Makefile b/package/easy-rsa/Makefile new file mode 100644 index 000000000..9b350cd92 --- /dev/null +++ b/package/easy-rsa/Makefile @@ -0,0 +1,36 @@ +# This file is part of the OpenADK project. OpenADK is copyrighted +# material, please see the LICENCE file in the top-level directory. + +include $(TOPDIR)/rules.mk + +PKG_NAME:= easy-rsa +PKG_VERSION:= 2.0 +PKG_RELEASE:= 1 +PKG_MD5SUM:= 0937fb2f91d534d4fb961e047f714946 +PKG_DESCR:= openssl ca scripts +PKG_SECTION:= crypto +PKG_DEPENDS:= openssl-util +PKG_URL:= https://github.com/OpenVPN/easy-rsa +PKG_SITES:= http://openadk.org/distfiles/ + +include $(TOPDIR)/mk/package.mk + +$(eval $(call PKG_template,EASY_RSA,easy-rsa,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION})) + +CONFIG_STYLE:= manual +BUILD_STYLE:= manual +INSTALL_STYLE:= manual + +easy-rsa-install: + ${INSTALL_DIR} $(IDIR_EASY_RSA)/usr/sbin \ + $(IDIR_EASY_RSA)/etc/easy-rsa/keys + touch $(IDIR_EASY_RSA)/etc/easy-rsa/keys/index.txt + $(CP) ./files/serial $(IDIR_EASY_RSA)/etc/easy-rsa/keys + $(CP) $(WRKBUILD)/easy-rsa/2.0/{build-*,clean-all,inherit-inter,list-crl,pkitool,revoke-full,sign-req,whichopensslcnf} \ + $(IDIR_EASY_RSA)/usr/sbin + ${INSTALL_DATA} $(WRKBUILD)/easy-rsa/2.0/openssl-1.0.0.cnf \ + $(IDIR_EASY_RSA)/etc/easy-rsa/openssl.cnf + ${INSTALL_DATA} $(WRKBUILD)/easy-rsa/2.0/vars \ + $(IDIR_EASY_RSA)/etc/easy-rsa/vars + +include ${TOPDIR}/mk/pkg-bottom.mk diff --git a/package/openvpn/files/serial b/package/easy-rsa/files/serial index 8a0f05e16..8a0f05e16 100644 --- a/package/openvpn/files/serial +++ b/package/easy-rsa/files/serial diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_build-dh b/package/easy-rsa/patches/patch-easy-rsa_2_0_build-dh index 771800a17..771800a17 100644 --- a/package/openvpn/patches/patch-easy-rsa_2_0_build-dh +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_build-dh diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_clean-all b/package/easy-rsa/patches/patch-easy-rsa_2_0_clean-all index 03df1d1c9..03df1d1c9 100644 --- a/package/openvpn/patches/patch-easy-rsa_2_0_clean-all +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_clean-all diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_list-crl b/package/easy-rsa/patches/patch-easy-rsa_2_0_list-crl index 66f5d764d..66f5d764d 100644 --- a/package/openvpn/patches/patch-easy-rsa_2_0_list-crl +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_list-crl diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_openssl-1_0_0_cnf b/package/easy-rsa/patches/patch-easy-rsa_2_0_openssl-1_0_0_cnf index 9dd542d8a..9dd542d8a 100644 --- a/package/openvpn/patches/patch-easy-rsa_2_0_openssl-1_0_0_cnf +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_openssl-1_0_0_cnf diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_pkitool b/package/easy-rsa/patches/patch-easy-rsa_2_0_pkitool index 87b0c33db..87b0c33db 100644 --- a/package/openvpn/patches/patch-easy-rsa_2_0_pkitool +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_pkitool diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_revoke-full b/package/easy-rsa/patches/patch-easy-rsa_2_0_revoke-full index ac66c4bb9..ac66c4bb9 100644 --- a/package/openvpn/patches/patch-easy-rsa_2_0_revoke-full +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_revoke-full diff --git a/package/easy-rsa/patches/patch-easy-rsa_2_0_vars b/package/easy-rsa/patches/patch-easy-rsa_2_0_vars new file mode 100644 index 000000000..964c6bc6a --- /dev/null +++ b/package/easy-rsa/patches/patch-easy-rsa_2_0_vars @@ -0,0 +1,20 @@ +--- easy-rsa-2.0.orig/easy-rsa/2.0/vars 2013-08-18 10:11:06.000000000 +0200 ++++ easy-rsa-2.0/easy-rsa/2.0/vars 2013-08-18 10:38:50.635782024 +0200 +@@ -12,7 +12,7 @@ + # This variable should point to + # the top level of the easy-rsa + # tree. +-export EASY_RSA="`pwd`" ++export EASY_RSA="/etc/easy-rsa" + + # + # This variable should point to +@@ -26,7 +26,7 @@ export GREP="grep" + # This variable should point to + # the openssl.cnf file included + # with easy-rsa. +-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` ++export KEY_CONFIG=/etc/easy-rsa/openssl.cnf + + # Edit this variable to point to + # your soon-to-be-created key diff --git a/package/gnutls/Makefile b/package/gnutls/Makefile index 2ebad3fa9..8951a1462 100644 --- a/package/gnutls/Makefile +++ b/package/gnutls/Makefile @@ -4,15 +4,15 @@ include ${TOPDIR}/rules.mk PKG_NAME:= gnutls -PKG_VERSION:= 3.0.21 -PKG_RELEASE:= 2 -PKG_MD5SUM:= 7480dff7115e5af85215893c06b3ac5c +PKG_VERSION:= 3.2.3 +PKG_RELEASE:= 1 +PKG_MD5SUM:= 7c0dd4f77dc70c64d2f385aeb2df4157 PKG_DESCR:= GNU TLS library PKG_SECTION:= crypto PKG_DEPENDS:= libgcrypt libtasn1 zlib libnettle libgmp PKG_BUILDDEP:= libgcrypt liblzo libtasn1 zlib ncurses libnettle PKG_URL:= http://www.gnu.org/software/gnutls/ -PKG_SITES:= ${MASTER_SITE_GNU:=gnutls/} +PKG_SITES:= ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/ PKG_SUBPKGS:= LIBGNUTLS GNUTLS_UTILS LIBGNUTLS_EXTRA LIBGNUTLS_OPENSSL PKGSD_GNUTLS_UTILS:= GNU TLS utilities @@ -43,8 +43,7 @@ TARGET_CFLAGS:= $(filter-out -flto,$(TARGET_CFLAGS)) TARGET_LDFLAGS+= -pthread -L$(STAGING_DIR)/usr/lib64 CONFIGURE_ARGS+= --disable-rpath \ --without-libz-prefix \ - --without-p11-kit \ - --with-libnettle-prefix="$(STAGING_DIR)/usr" + --without-p11-kit CONFIGURE_ENV+= ac_cv_prog_AR='$(TARGET_CROSS)ar' post-install: diff --git a/package/heimdal/Makefile b/package/heimdal/Makefile index 1647234a5..4c3337a08 100644 --- a/package/heimdal/Makefile +++ b/package/heimdal/Makefile @@ -76,6 +76,7 @@ CONFIGURE_ARGS+= ${CONFIGURE_OPTS} --with-cross-tools=${STAGING_HOST_DIR}/bin CONFIGURE_ENV+= ac_cv_func_getaddrinfo_numserv=yes post-extract: + (cd $(WRKBUILD);patch -p1 < $(TOPDIR)/package/heimdal/files/patch-lib_asn1_Makefile.in) (cd ${WRKBUILD}; rm -rf config.{cache,status} ; \ ./configure --prefix=$(STAGING_HOST_DIR) \ --disable-pk-init \ diff --git a/package/heimdal/files/patch-lib_asn1_Makefile.in b/package/heimdal/files/patch-lib_asn1_Makefile.in new file mode 100644 index 000000000..490b6057f --- /dev/null +++ b/package/heimdal/files/patch-lib_asn1_Makefile.in @@ -0,0 +1,12 @@ +diff -Nur heimdal-1.5.2.orig/lib/asn1/Makefile.in heimdal-1.5.2/lib/asn1/Makefile.in +--- heimdal-1.5.2.orig/lib/asn1/Makefile.in 2012-01-11 14:04:24.000000000 +0100 ++++ heimdal-1.5.2/lib/asn1/Makefile.in 2013-08-20 08:22:27.576686750 +0200 +@@ -457,7 +457,7 @@ + top_srcdir = @top_srcdir@ + SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 + DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include +-AM_CPPFLAGS = $(INCLUDES_roken) ++AM_CPPFLAGS = $(INCLUDES_roken) -I$(top_builddir)/lib/com_err + @do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME + AM_CFLAGS = $(WFLAGS) + CP = cp diff --git a/package/heimdal/patches/patch-tools_krb5-config.in b/package/heimdal/patches/patch-tools_krb5-config.in new file mode 100644 index 000000000..76f1ac7e5 --- /dev/null +++ b/package/heimdal/patches/patch-tools_krb5-config.in @@ -0,0 +1,20 @@ +diff -Nur heimdal-1.5.2.orig/tools/krb5-config.in heimdal-1.5.2/tools/krb5-config.in +--- heimdal-1.5.2.orig/tools/krb5-config.in 2012-01-10 22:53:51.000000000 +0100 ++++ heimdal-1.5.2/tools/krb5-config.in 2013-08-20 09:44:59.580220171 +0200 +@@ -120,7 +120,6 @@ + fi + + if test "$do_libs" = "yes"; then +- lib_flags="-L${libdir}" + case $library in + gssapi) + lib_flags="$lib_flags -lgssapi -lheimntlm" +@@ -142,7 +141,7 @@ + echo $lib_flags + fi + if test "$do_cflags" = "yes"; then +- echo "-I${includedir} @INCLUDE_hcrypto@" ++ echo "@INCLUDE_hcrypto@" + fi + + exit 0 diff --git a/package/iproute2/Makefile b/package/iproute2/Makefile index 4202c26f8..21e38f214 100644 --- a/package/iproute2/Makefile +++ b/package/iproute2/Makefile @@ -4,12 +4,13 @@ include ${TOPDIR}/rules.mk PKG_NAME:= iproute2 -PKG_VERSION:= 3.4.0 +PKG_VERSION:= 3.10.0 PKG_RELEASE:= 1 -PKG_MD5SUM:= 879d3fac4e90809598b2864ec4a0cbf8 +PKG_MD5SUM:= 45fb5427fc723a0001c72b92c931ba02 PKG_DESCR:= iproute2 routing control utility PKG_SECTION:= route PKG_BUILDDEP:= iptables libnl linux-atm +PKG_DEPENDS:= libnl PKG_URL:= http://www.linuxfoundation.org/en/Net:Iproute2 PKG_SITES:= http://www.kernel.org/pub/linux/utils/net/iproute2/ diff --git a/package/iproute2/patches/patch-bridge_fdb_c b/package/iproute2/patches/patch-bridge_fdb_c new file mode 100644 index 000000000..e8e899e78 --- /dev/null +++ b/package/iproute2/patches/patch-bridge_fdb_c @@ -0,0 +1,10 @@ +--- iproute2-3.10.0.orig/bridge/fdb.c 2013-07-16 19:06:36.000000000 +0200 ++++ iproute2-3.10.0/bridge/fdb.c 2013-08-17 15:23:48.127356022 +0200 +@@ -20,6 +20,7 @@ + #include <linux/if_ether.h> + #include <linux/neighbour.h> + #include <string.h> ++#include <limits.h> + + #include "libnetlink.h" + #include "br_common.h" diff --git a/package/iproute2/patches/patch-configure b/package/iproute2/patches/patch-configure deleted file mode 100644 index 0d7bea8ae..000000000 --- a/package/iproute2/patches/patch-configure +++ /dev/null @@ -1,75 +0,0 @@ - - use the compiler passed in $CC - - predefine iptables modules dir, since the check would - always fail (cause of absolute search paths) and OpenADK - (for now) doesn't compile iptables with shared objects - - do not discard compiler output from tests, they're useful - for debugging - ---- iproute2-3.3.0.orig/configure 2012-03-20 01:27:12.000000000 +0100 -+++ iproute2-3.3.0/configure 2012-03-22 20:48:53.022784090 +0100 -@@ -17,7 +17,7 @@ int main(int argc, char **argv) { - return 0; - } - EOF --gcc -I$INCLUDE -o $TMPDIR/atmtest $TMPDIR/atmtest.c -latm >/dev/null 2>&1 -+$CC -I$INCLUDE -o $TMPDIR/atmtest $TMPDIR/atmtest.c -latm >/dev/null 2>&1 - if [ $? -eq 0 ] - then - echo "TC_CONFIG_ATM:=y" >>Config -@@ -51,7 +51,7 @@ int main(int argc, char **argv) - - EOF - --if gcc -I$INCLUDE $IPTC -o $TMPDIR/ipttest $TMPDIR/ipttest.c $IPTL $(pkg-config xtables --cflags --libs) -ldl >/dev/null 2>&1 -+if $CC -I$INCLUDE $IPTC -o $TMPDIR/ipttest $TMPDIR/ipttest.c $IPTL $(pkg-config xtables --cflags --libs) -ldl >/dev/null 2>&1 - then - echo "TC_CONFIG_XT:=y" >>Config - echo "using xtables" -@@ -88,7 +88,7 @@ int main(int argc, char **argv) { - } - - EOF --gcc -I$INCLUDE $IPTC -o $TMPDIR/ipttest $TMPDIR/ipttest.c $IPTL -ldl >/dev/null 2>&1 -+$CC -I$INCLUDE $IPTC -o $TMPDIR/ipttest $TMPDIR/ipttest.c $IPTL -ldl >/dev/null 2>&1 - - if [ $? -eq 0 ] - then -@@ -128,7 +128,7 @@ int main(int argc, char **argv) { - } - - EOF --gcc -I$INCLUDE $IPTC -o $TMPDIR/ipttest $TMPDIR/ipttest.c $IPTL -ldl >/dev/null 2>&1 -+$CC -I$INCLUDE $IPTC -o $TMPDIR/ipttest $TMPDIR/ipttest.c $IPTL -ldl >/dev/null 2>&1 - - if [ $? -eq 0 ] - then -@@ -148,18 +148,8 @@ check_ipt() - - check_ipt_lib_dir() - { -- IPT_LIB_DIR="" -- for dir in /lib /usr/lib /usr/local/lib -- do -- for file in $dir/{xtables,iptables}/lib*t_*so ; do -- if [ -f $file ]; then -- echo ${file%/*} -- echo "IPT_LIB_DIR:=${file%/*}" >> Config -- return -- fi -- done -- done -- echo "not found!" -+ echo "/usr/lib/$TABLES" -+ echo "IPT_LIB_DIR:=/usr/lib/$TABLES" >> Config - } - - check_setns() -@@ -172,7 +162,7 @@ int main(int argc, char **argv) - return 0; - } - EOF --gcc -I$INCLUDE -o $TMPDIR/setnstest $TMPDIR/setnstest.c >/dev/null 2>&1 -+$CC -I$INCLUDE -o $TMPDIR/setnstest $TMPDIR/setnstest.c >/dev/null 2>&1 - if [ $? -eq 0 ] - then - echo "IP_CONFIG_SETNS:=y" >>Config diff --git a/package/iproute2/patches/patch-ip_iplink_can_c b/package/iproute2/patches/patch-ip_iplink_can_c new file mode 100644 index 000000000..aa1b2e0d7 --- /dev/null +++ b/package/iproute2/patches/patch-ip_iplink_can_c @@ -0,0 +1,11 @@ +--- iproute2-3.10.0.orig/ip/iplink_can.c 2013-07-16 19:06:36.000000000 +0200 ++++ iproute2-3.10.0/ip/iplink_can.c 2013-08-17 15:08:28.418918323 +0200 +@@ -107,7 +107,7 @@ static int can_parse_opt(struct link_uti + if (get_u32(&bt.bitrate, *argv, 0)) + invarg("invalid \"bitrate\" value\n", *argv); + } else if (matches(*argv, "sample-point") == 0) { +- float sp; ++ float sp = 0; + + NEXT_ARG(); + if (get_float(&sp, *argv)) diff --git a/package/iproute2/patches/patch-misc_ifstat_c b/package/iproute2/patches/patch-misc_ifstat_c new file mode 100644 index 000000000..7f6584649 --- /dev/null +++ b/package/iproute2/patches/patch-misc_ifstat_c @@ -0,0 +1,11 @@ +--- iproute2-3.10.0.orig/misc/ifstat.c 2013-07-16 19:06:36.000000000 +0200 ++++ iproute2-3.10.0/misc/ifstat.c 2013-08-17 15:27:59.236199157 +0200 +@@ -21,7 +21,7 @@ + #include <sys/file.h> + #include <sys/socket.h> + #include <sys/un.h> +-#include <sys/poll.h> ++#include <poll.h> + #include <sys/wait.h> + #include <sys/stat.h> + #include <signal.h> diff --git a/package/iproute2/patches/patch-misc_lnstat_h b/package/iproute2/patches/patch-misc_lnstat_h new file mode 100644 index 000000000..f87c190d1 --- /dev/null +++ b/package/iproute2/patches/patch-misc_lnstat_h @@ -0,0 +1,10 @@ +--- iproute2-3.10.0.orig/misc/lnstat.h 2013-07-16 19:06:36.000000000 +0200 ++++ iproute2-3.10.0/misc/lnstat.h 2013-08-17 15:55:30.403441174 +0200 +@@ -2,6 +2,7 @@ + #define _LNSTAT_H + + #include <limits.h> ++#include <sys/time.h> + + #define LNSTAT_VERSION "0.02 041002" + diff --git a/package/iproute2/patches/patch-misc_nstat_c b/package/iproute2/patches/patch-misc_nstat_c new file mode 100644 index 000000000..feed4df14 --- /dev/null +++ b/package/iproute2/patches/patch-misc_nstat_c @@ -0,0 +1,11 @@ +--- iproute2-3.10.0.orig/misc/nstat.c 2013-07-16 19:06:36.000000000 +0200 ++++ iproute2-3.10.0/misc/nstat.c 2013-08-17 15:27:46.412360373 +0200 +@@ -21,7 +21,7 @@ + #include <sys/file.h> + #include <sys/socket.h> + #include <sys/un.h> +-#include <sys/poll.h> ++#include <poll.h> + #include <sys/wait.h> + #include <sys/stat.h> + #include <signal.h> diff --git a/package/iproute2/patches/patch-misc_rtacct_c b/package/iproute2/patches/patch-misc_rtacct_c new file mode 100644 index 000000000..ac0c7d5e2 --- /dev/null +++ b/package/iproute2/patches/patch-misc_rtacct_c @@ -0,0 +1,11 @@ +--- iproute2-3.10.0.orig/misc/rtacct.c 2013-07-16 19:06:36.000000000 +0200 ++++ iproute2-3.10.0/misc/rtacct.c 2013-08-17 15:26:02.313669072 +0200 +@@ -22,7 +22,7 @@ + #include <sys/file.h> + #include <sys/socket.h> + #include <sys/un.h> +-#include <sys/poll.h> ++#include <poll.h> + #include <sys/wait.h> + #include <sys/stat.h> + #include <sys/mman.h> diff --git a/package/iproute2/patches/patch-tc_tc_stab_c b/package/iproute2/patches/patch-tc_tc_stab_c new file mode 100644 index 000000000..8640292c8 --- /dev/null +++ b/package/iproute2/patches/patch-tc_tc_stab_c @@ -0,0 +1,10 @@ +--- iproute2-3.10.0.orig/tc/tc_stab.c 2013-07-16 19:06:36.000000000 +0200 ++++ iproute2-3.10.0/tc/tc_stab.c 2013-08-17 15:19:18.866741086 +0200 +@@ -16,6 +16,7 @@ + #include <syslog.h> + #include <fcntl.h> + #include <math.h> ++#include <sys/param.h> + #include <sys/socket.h> + #include <netinet/in.h> + #include <arpa/inet.h> diff --git a/package/iproute2/patches/patch-tc_tc_util_c b/package/iproute2/patches/patch-tc_tc_util_c new file mode 100644 index 000000000..8891b17f6 --- /dev/null +++ b/package/iproute2/patches/patch-tc_tc_util_c @@ -0,0 +1,10 @@ +--- iproute2-3.10.0.orig/tc/tc_util.c 2013-07-16 19:06:36.000000000 +0200 ++++ iproute2-3.10.0/tc/tc_util.c 2013-08-17 15:20:53.313553729 +0200 +@@ -15,6 +15,7 @@ + #include <unistd.h> + #include <syslog.h> + #include <fcntl.h> ++#include <sys/param.h> + #include <sys/socket.h> + #include <netinet/in.h> + #include <arpa/inet.h> diff --git a/package/iptables/Makefile b/package/iptables/Makefile index 105a5d801..8557c0e64 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -4,9 +4,9 @@ include ${TOPDIR}/rules.mk PKG_NAME:= iptables -PKG_VERSION:= 1.4.16.3 +PKG_VERSION:= 1.4.20 PKG_RELEASE:= 1 -PKG_MD5SUM:= 6dd40c12fb8f4c4312a0f8434369fbcd +PKG_MD5SUM:= 387b92d3efcf4f07fe31c3bf0f1d18f5 PKG_DESCR:= The netfilter firewalling software PKG_SECTION:= firewall PKG_DEPENDS:= kmod-ip-nf-iptables kmod-nf-conntrack diff --git a/package/iptables/patches/patch-extensions_libxt_TCPOPTSTRIP_c b/package/iptables/patches/patch-extensions_libxt_TCPOPTSTRIP_c new file mode 100644 index 000000000..c9e728b85 --- /dev/null +++ b/package/iptables/patches/patch-extensions_libxt_TCPOPTSTRIP_c @@ -0,0 +1,24 @@ +--- iptables-1.4.20.orig/extensions/libxt_TCPOPTSTRIP.c 2013-08-06 17:48:43.000000000 +0200 ++++ iptables-1.4.20/extensions/libxt_TCPOPTSTRIP.c 2013-08-15 17:02:18.802154795 +0200 +@@ -12,6 +12,21 @@ + #ifndef TCPOPT_MD5SIG + # define TCPOPT_MD5SIG 19 + #endif ++#ifndef TCPOPT_MAXSEG ++# define TCPOPT_MAXSEG 2 ++#endif ++#ifndef TCPOPT_WINDOW ++# define TCPOPT_WINDOW 3 ++#endif ++#ifndef TCPOPT_SACK_PERMITTED ++# define TCPOPT_SACK_PERMITTED 4 ++#endif ++#ifndef TCPOPT_SACK ++# define TCPOPT_SACK 5 ++#endif ++#ifndef TCPOPT_TIMESTAMP ++# define TCPOPT_TIMESTAMP 8 ++#endif + + enum { + O_STRIP_OPTION = 0, diff --git a/package/iptables/patches/patch-include_libiptc_ipt_kernel_headers_h b/package/iptables/patches/patch-include_libiptc_ipt_kernel_headers_h new file mode 100644 index 000000000..4bf224f13 --- /dev/null +++ b/package/iptables/patches/patch-include_libiptc_ipt_kernel_headers_h @@ -0,0 +1,26 @@ +--- iptables-1.4.20.orig/include/libiptc/ipt_kernel_headers.h 2013-08-06 17:48:43.000000000 +0200 ++++ iptables-1.4.20/include/libiptc/ipt_kernel_headers.h 2013-08-15 16:58:51.960755143 +0200 +@@ -5,7 +5,6 @@ + + #include <limits.h> + +-#if defined(__GLIBC__) && __GLIBC__ == 2 + #include <netinet/ip.h> + #include <netinet/in.h> + #include <netinet/ip_icmp.h> +@@ -13,15 +12,4 @@ + #include <netinet/udp.h> + #include <net/if.h> + #include <sys/types.h> +-#else /* libc5 */ +-#include <sys/socket.h> +-#include <linux/ip.h> +-#include <linux/in.h> +-#include <linux/if.h> +-#include <linux/icmp.h> +-#include <linux/tcp.h> +-#include <linux/udp.h> +-#include <linux/types.h> +-#include <linux/in6.h> +-#endif + #endif diff --git a/package/iptables/patches/patch-include_linux_netfilter_ipv4_ip_tables_h b/package/iptables/patches/patch-include_linux_netfilter_ipv4_ip_tables_h new file mode 100644 index 000000000..d5eacdc58 --- /dev/null +++ b/package/iptables/patches/patch-include_linux_netfilter_ipv4_ip_tables_h @@ -0,0 +1,10 @@ +--- iptables-1.4.20.orig/include/linux/netfilter_ipv4/ip_tables.h 2013-08-06 17:48:43.000000000 +0200 ++++ iptables-1.4.20/include/linux/netfilter_ipv4/ip_tables.h 2013-08-15 17:07:14.082442619 +0200 +@@ -16,6 +16,7 @@ + #define _IPTABLES_H + + #include <linux/types.h> ++#include <sys/types.h> + + #include <linux/netfilter_ipv4.h> + diff --git a/package/iptables/patches/patch-include_linux_netfilter_ipv6_ip6_tables_h b/package/iptables/patches/patch-include_linux_netfilter_ipv6_ip6_tables_h new file mode 100644 index 000000000..9a69545eb --- /dev/null +++ b/package/iptables/patches/patch-include_linux_netfilter_ipv6_ip6_tables_h @@ -0,0 +1,10 @@ +--- iptables-1.4.20.orig/include/linux/netfilter_ipv6/ip6_tables.h 2013-08-06 17:48:43.000000000 +0200 ++++ iptables-1.4.20/include/linux/netfilter_ipv6/ip6_tables.h 2013-08-15 17:07:35.250176505 +0200 +@@ -16,6 +16,7 @@ + #define _IP6_TABLES_H + + #include <linux/types.h> ++#include <sys/types.h> + + #include <linux/netfilter_ipv6.h> + diff --git a/package/iptables/patches/patch-include_linux_netfilter_xt_osf_h b/package/iptables/patches/patch-include_linux_netfilter_xt_osf_h new file mode 100644 index 000000000..5c3422876 --- /dev/null +++ b/package/iptables/patches/patch-include_linux_netfilter_xt_osf_h @@ -0,0 +1,10 @@ +--- iptables-1.4.20.orig/include/linux/netfilter/xt_osf.h 2013-08-06 17:48:43.000000000 +0200 ++++ iptables-1.4.20/include/linux/netfilter/xt_osf.h 2013-08-15 17:04:26.116554236 +0200 +@@ -21,6 +21,7 @@ + #define _XT_OSF_H + + #include <linux/types.h> ++#include <linux/tcp.h> + + #define MAXGENRELEN 32 + diff --git a/package/libnetfilter_acct/Makefile b/package/libnetfilter_acct/Makefile index 071f956de..a61102f71 100644 --- a/package/libnetfilter_acct/Makefile +++ b/package/libnetfilter_acct/Makefile @@ -4,10 +4,10 @@ include $(TOPDIR)/rules.mk PKG_NAME:= libnetfilter_acct -PKG_VERSION:= 1.0.0 +PKG_VERSION:= 1.0.2 PKG_RELEASE:= 1 -PKG_MD5SUM:= 246e97feb9cf98f7ddf70d71a3813336 -PKG_DESCR:= API to extended accounting infrastructure. +PKG_MD5SUM:= 2118d9514c079839ebd9cb3144ad2ad7 +PKG_DESCR:= API to extended accounting infrastructure PKG_SECTION:= libs PKG_DEPENDS:= libnfnetlink PKG_BUILDDEP:= libnfnetlink diff --git a/package/libnetfilter_log/patches/patch-include_libnetfilter_log_linux_nfnetlink_log_h b/package/libnetfilter_log/patches/patch-include_libnetfilter_log_linux_nfnetlink_log_h new file mode 100644 index 000000000..9b3cdbaae --- /dev/null +++ b/package/libnetfilter_log/patches/patch-include_libnetfilter_log_linux_nfnetlink_log_h @@ -0,0 +1,10 @@ +--- libnetfilter_log-1.0.1.orig/include/libnetfilter_log/linux_nfnetlink_log.h 2008-07-21 01:04:31.000000000 +0200 ++++ libnetfilter_log-1.0.1/include/libnetfilter_log/linux_nfnetlink_log.h 2013-08-20 18:45:57.231082144 +0200 +@@ -9,6 +9,7 @@ + * and not any kind of function definitions. It is shared between kernel and + * userspace. Don't put kernel specific stuff in here */ + ++#include <sys/types.h> + #include <linux/types.h> + #include <libnfnetlink/linux_nfnetlink.h> + diff --git a/package/libnettle/Makefile b/package/libnettle/Makefile index e7240208e..a28913035 100644 --- a/package/libnettle/Makefile +++ b/package/libnettle/Makefile @@ -4,10 +4,10 @@ include $(TOPDIR)/rules.mk PKG_NAME:= libnettle -PKG_VERSION:= 2.4 +PKG_VERSION:= 2.7.1 PKG_RELEASE:= 1 -PKG_MD5SUM:= 450be8c4886d46c09f49f568ad6fa013 -PKG_DESCR:= Nettle Library +PKG_MD5SUM:= 003d5147911317931dd453520eb234a5 +PKG_DESCR:= crypto library PKG_SECTION:= libs PKG_DEPENDS:= libgmp PKG_BUILDDEP:= gmp diff --git a/package/libnfnetlink/patches/patch-include_libnfnetlink_libnfnetlink_h b/package/libnfnetlink/patches/patch-include_libnfnetlink_libnfnetlink_h new file mode 100644 index 000000000..679be187d --- /dev/null +++ b/package/libnfnetlink/patches/patch-include_libnfnetlink_libnfnetlink_h @@ -0,0 +1,10 @@ +--- libnfnetlink-1.0.1.orig/include/libnfnetlink/libnfnetlink.h 2010-05-09 23:31:56.000000000 +0200 ++++ libnfnetlink-1.0.1/include/libnfnetlink/libnfnetlink.h 2013-08-20 18:44:17.220339451 +0200 +@@ -15,6 +15,7 @@ + #define aligned_u64 unsigned long long __attribute__((aligned(8))) + #endif + ++#include <sys/types.h> + #include <sys/socket.h> /* for sa_family_t */ + #include <linux/netlink.h> + #include <libnfnetlink/linux_nfnetlink.h> diff --git a/package/libnl/Makefile b/package/libnl/Makefile index ec545b54b..fc40fd2ac 100644 --- a/package/libnl/Makefile +++ b/package/libnl/Makefile @@ -4,9 +4,9 @@ include ${TOPDIR}/rules.mk PKG_NAME:= libnl -PKG_VERSION:= 3.2.11 +PKG_VERSION:= 3.2.22 PKG_RELEASE:= 1 -PKG_MD5SUM:= 7a35f3a17b52f41ee120dceb99b2ef72 +PKG_MD5SUM:= 2e1c889494d274aca24ce5f6a748e66e PKG_DESCR:= Netlink library PKG_SECTION:= libs PKG_URL:= http://www.infradead.org/~tgr/libnl/ diff --git a/package/libtasn1/Makefile b/package/libtasn1/Makefile index 1caa6c3b5..c81736e00 100644 --- a/package/libtasn1/Makefile +++ b/package/libtasn1/Makefile @@ -4,9 +4,9 @@ include ${TOPDIR}/rules.mk PKG_NAME:= libtasn1 -PKG_VERSION:= 2.13 +PKG_VERSION:= 3.3 PKG_RELEASE:= 1 -PKG_MD5SUM:= df27eaddcc46172377e6b907e33ddc83 +PKG_MD5SUM:= 2bdd687f487c50a0382b99553866a6e0 PKG_DESCR:= an ASN.1 and DER structures manipulation library PKG_SECTION:= libs PKG_URL:= http://www.gnupg.org/ diff --git a/package/linux-atm/patches/patch-src_ilmid_io_c b/package/linux-atm/patches/patch-src_ilmid_io_c new file mode 100644 index 000000000..9b88b0b49 --- /dev/null +++ b/package/linux-atm/patches/patch-src_ilmid_io_c @@ -0,0 +1,15 @@ +--- linux-atm-2.5.1.orig/src/ilmid/io.c 2007-07-11 18:07:57.000000000 +0200 ++++ linux-atm-2.5.1/src/ilmid/io.c 2013-08-15 21:40:35.168523713 +0200 +@@ -48,6 +48,12 @@ + be manually configured (after ilmid has + registered the "official" address) - HACK */ + ++#ifndef SUN_LEN ++# include <string.h> /* For prototype of `strlen'. */ ++ /* Evaluate to actual length of the `sockaddr_un' structure. */ ++# define SUN_LEN(ptr) ((size_t) (((struct sockaddr_un *) 0)->sun_path) + strlen ((ptr)->sun_path)) ++#endif ++ + extern SysGroup *remsys; + extern State ilmi_state; + static short atm_itf = -1; /* bad value */ diff --git a/package/linux-atm/patches/patch-src_mpoad_io_c b/package/linux-atm/patches/patch-src_mpoad_io_c new file mode 100644 index 000000000..14dd75d00 --- /dev/null +++ b/package/linux-atm/patches/patch-src_mpoad_io_c @@ -0,0 +1,18 @@ +--- linux-atm-2.5.1.orig/src/mpoad/io.c 2007-12-11 18:46:12.000000000 +0100 ++++ linux-atm-2.5.1/src/mpoad/io.c 2013-08-17 14:41:53.542968628 +0200 +@@ -10,14 +10,7 @@ + #include <errno.h> + #include <sys/ioctl.h> + #include <sys/param.h> /* for OPEN_MAX */ +-#if __GLIBC__ >= 2 +-#include <sys/poll.h> +-#else /* ugly hack to make it compile on RH 4.2 - WA */ +-#include <syscall.h> +-#include <linux/poll.h> +-#define SYS_poll 168 +-_syscall3(int,poll,struct pollfd *,ufds,unsigned int,nfds,int,timeout); +-#endif ++#include <poll.h> + #include <atm.h> + #include <linux/types.h> + #include <linux/atmioc.h> diff --git a/package/linux-atm/patches/patch-src_sigd_atmsigd_c b/package/linux-atm/patches/patch-src_sigd_atmsigd_c new file mode 100644 index 000000000..7eb31abf9 --- /dev/null +++ b/package/linux-atm/patches/patch-src_sigd_atmsigd_c @@ -0,0 +1,11 @@ +--- linux-atm-2.5.1.orig/src/sigd/atmsigd.c 2004-09-25 13:25:48.000000000 +0200 ++++ linux-atm-2.5.1/src/sigd/atmsigd.c 2013-08-15 21:22:05.226477574 +0200 +@@ -517,7 +517,7 @@ int main(int argc,char **argv) + exit(0); + } + } +- (void) on_exit(trace_on_exit,NULL); ++ (void) atexit(trace_on_exit); + poll_loop(); + close_all(); + for (sig = entities; sig; sig = sig->next) stop_saal(&sig->saal); diff --git a/package/mksh/Makefile b/package/mksh/Makefile index c6f6d4541..acbf304b2 100644 --- a/package/mksh/Makefile +++ b/package/mksh/Makefile @@ -4,9 +4,9 @@ include ${TOPDIR}/rules.mk PKG_NAME:= mksh -PKG_VERSION:= 47 +PKG_VERSION:= 48b PKG_RELEASE:= 1 -PKG_MD5SUM:= 71c7cbcd78306897801b8b6691091e66 +PKG_MD5SUM:= ab9baa6b5a4de9d0e6a3ce9957c18da0 PKG_DESCR:= MirBSD Korn Shell PKG_SECTION:= shells PKG_URL:= http://www.mirbsd.org/ diff --git a/package/nginx/Makefile b/package/nginx/Makefile index ed4b7e72a..98ba1bef8 100644 --- a/package/nginx/Makefile +++ b/package/nginx/Makefile @@ -4,9 +4,9 @@ include $(TOPDIR)/rules.mk PKG_NAME:= nginx -PKG_VERSION:= 1.2.2 +PKG_VERSION:= 1.5.3 PKG_RELEASE:= 1 -PKG_MD5SUM:= 53105bbe3ac9319db54d9eb46119695b +PKG_MD5SUM:= 1e735dd6a6ade2b5c20e924b67c3d355 PKG_DESCR:= powerful http reverse proxy PKG_SECTION:= proxy PKG_BUILDDEP:= openssl pcre zlib diff --git a/package/nginx/files/nginx.init b/package/nginx/files/nginx.init index 456e90a73..0b7ee5fd2 100644 --- a/package/nginx/files/nginx.init +++ b/package/nginx/files/nginx.init @@ -12,6 +12,7 @@ autostart) start) [ -d /var/lib/nginx ] || mkdir -p /var/lib/nginx [ -d /var/log/nginx ] || mkdir -p /var/log/nginx + [ -d /var/lock/nginx ] || mkdir -p /var/lock/nginx /usr/sbin/nginx ;; stop) diff --git a/package/nginx/patches/patch-auto_cc_conf b/package/nginx/patches/patch-auto_cc_conf index bc516d82e..0f30f6605 100644 --- a/package/nginx/patches/patch-auto_cc_conf +++ b/package/nginx/patches/patch-auto_cc_conf @@ -1,6 +1,6 @@ ---- nginx-1.2.2.orig/auto/cc/conf 2012-01-18 16:07:43.000000000 +0100 -+++ nginx-1.2.2/auto/cc/conf 2012-07-16 09:27:16.000000000 +0200 -@@ -149,7 +149,7 @@ if [ "$NGX_PLATFORM" != win32 ]; then +--- nginx-1.5.3.orig/auto/cc/conf 2013-07-30 15:27:55.000000000 +0200 ++++ nginx-1.5.3/auto/cc/conf 2013-08-20 09:50:31.872042697 +0200 +@@ -155,7 +155,7 @@ if [ "$NGX_PLATFORM" != win32 ]; then else ngx_feature="C99 variadic macros" ngx_feature_name="NGX_HAVE_C99_VARIADIC_MACROS" @@ -9,7 +9,7 @@ ngx_feature_incs="#include <stdio.h> #define var(dummy, ...) sprintf(__VA_ARGS__)" ngx_feature_path= -@@ -163,7 +163,7 @@ if [ "$NGX_PLATFORM" != win32 ]; then +@@ -169,7 +169,7 @@ if [ "$NGX_PLATFORM" != win32 ]; then ngx_feature="gcc variadic macros" ngx_feature_name="NGX_HAVE_GCC_VARIADIC_MACROS" diff --git a/package/nginx/patches/patch-auto_os_linux b/package/nginx/patches/patch-auto_os_linux index bd0b5aa3b..17cd3c99a 100644 --- a/package/nginx/patches/patch-auto_os_linux +++ b/package/nginx/patches/patch-auto_os_linux @@ -1,5 +1,5 @@ ---- nginx-1.2.2.orig/auto/os/linux 2012-03-21 14:58:51.000000000 +0100 -+++ nginx-1.2.2/auto/os/linux 2012-07-16 09:27:16.000000000 +0200 +--- nginx-1.5.3.orig/auto/os/linux 2013-07-30 15:27:55.000000000 +0200 ++++ nginx-1.5.3/auto/os/linux 2013-08-20 10:00:37.444429620 +0200 @@ -48,7 +48,7 @@ fi ngx_feature="epoll" @@ -36,3 +36,24 @@ ngx_feature_incs="#include <sys/prctl.h>" ngx_feature_path= ngx_feature_libs= +@@ -133,20 +133,6 @@ ngx_feature_test="cpu_set_t mask; + sched_setaffinity(0, sizeof(cpu_set_t), &mask)" + . auto/feature + +- +-# crypt_r() +- +-ngx_feature="crypt_r()" +-ngx_feature_name="NGX_HAVE_GNU_CRYPT_R" +-ngx_feature_run=no +-ngx_feature_incs="#include <crypt.h>" +-ngx_feature_path= +-ngx_feature_libs=-lcrypt +-ngx_feature_test="struct crypt_data cd; +- crypt_r(\"key\", \"salt\", &cd);" +-. auto/feature +- +- + ngx_include="sys/vfs.h"; . auto/include + + diff --git a/package/openssh/Makefile b/package/openssh/Makefile index f7def86ad..b489a8434 100644 --- a/package/openssh/Makefile +++ b/package/openssh/Makefile @@ -47,6 +47,7 @@ CONFIGURE_ARGS+= --with-kerberos5="${STAGING_TARGET_DIR}/usr" endif ifeq ($(ADK_PACKAGE_OPENSSH_WITH_HEIMDAL),y) CONFIGURE_ARGS+= --with-kerberos5="${STAGING_TARGET_DIR}/usr" +TARGET_LDFLAGS+= -L$(STAGING_DIR)/usr/lib/heimdal -Wl,-rpath -Wl,/usr/lib/heimdal endif ifeq ($(ADK_TOOLCHAIN_GCC_USE_SSP),y) @@ -57,10 +58,12 @@ endif CONFIGURE_ENV+= LD='${TARGET_CC}' \ ac_cv_func_setlogin=no \ + ac_cv_have_decl_PR_SET_NO_NEW_PRIVS=no \ ac_cv_lib_nsl_yp_match=no CONFIGURE_ARGS+= --disable-strip \ --disable-etc-default-login \ --disable-lastlog \ + --with-sandbox=no \ --disable-utmp \ --disable-utmpx \ --disable-wtmp \ diff --git a/package/openssh/patches/patch-channels_c b/package/openssh/patches/patch-channels_c new file mode 100644 index 000000000..11b870703 --- /dev/null +++ b/package/openssh/patches/patch-channels_c @@ -0,0 +1,10 @@ +--- openssh-6.2p1.orig/channels.c 2012-12-02 23:50:55.000000000 +0100 ++++ openssh-6.2p1/channels.c 2013-08-20 18:00:56.929029538 +0200 +@@ -42,6 +42,7 @@ + #include "includes.h" + + #include <sys/types.h> ++#include <sys/param.h> + #include <sys/ioctl.h> + #include <sys/un.h> + #include <sys/socket.h> diff --git a/package/openssh/patches/patch-cipher_c b/package/openssh/patches/patch-cipher_c index 88f5d11d9..e7169b576 100644 --- a/package/openssh/patches/patch-cipher_c +++ b/package/openssh/patches/patch-cipher_c @@ -1,7 +1,7 @@ diff -Nur openssh-6.2p1.orig/cipher.c openssh-6.2p1/cipher.c --- openssh-6.2p1.orig/cipher.c 2013-02-12 01:00:35.000000000 +0100 -+++ openssh-6.2p1/cipher.c 2013-04-29 15:10:49.000000000 +0200 -@@ -69,23 +69,33 @@ ++++ openssh-6.2p1/cipher.c 2013-08-20 08:56:48.923159083 +0200 +@@ -69,23 +69,33 @@ struct Cipher { { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des }, diff --git a/package/openssh/patches/patch-mac_c b/package/openssh/patches/patch-mac_c index c06cbe38a..df8eac301 100644 --- a/package/openssh/patches/patch-mac_c +++ b/package/openssh/patches/patch-mac_c @@ -1,7 +1,7 @@ diff -Nur openssh-6.2p1.orig/mac.c openssh-6.2p1/mac.c --- openssh-6.2p1.orig/mac.c 2012-12-12 01:00:37.000000000 +0100 -+++ openssh-6.2p1/mac.c 2013-04-29 15:14:29.000000000 +0200 -@@ -68,8 +68,10 @@ ++++ openssh-6.2p1/mac.c 2013-08-20 08:56:49.123256567 +0200 +@@ -68,8 +68,10 @@ struct { #endif { "hmac-md5", SSH_EVP, EVP_md5, 0, 0, 0, 0 }, { "hmac-md5-96", SSH_EVP, EVP_md5, 96, 0, 0, 0 }, @@ -12,7 +12,7 @@ diff -Nur openssh-6.2p1.orig/mac.c openssh-6.2p1/mac.c { "umac-64@openssh.com", SSH_UMAC, NULL, 0, 128, 64, 0 }, { "umac-128@openssh.com", SSH_UMAC128, NULL, 0, 128, 128, 0 }, -@@ -82,7 +84,9 @@ +@@ -82,7 +84,9 @@ struct { #endif { "hmac-md5-etm@openssh.com", SSH_EVP, EVP_md5, 0, 0, 0, 1 }, { "hmac-md5-96-etm@openssh.com", SSH_EVP, EVP_md5, 96, 0, 0, 1 }, diff --git a/package/openssh/patches/patch-ssh-keyscan_c b/package/openssh/patches/patch-ssh-keyscan_c new file mode 100644 index 000000000..3a02711db --- /dev/null +++ b/package/openssh/patches/patch-ssh-keyscan_c @@ -0,0 +1,10 @@ +--- openssh-6.2p1.orig/ssh-keyscan.c 2012-04-22 03:24:21.000000000 +0200 ++++ openssh-6.2p1/ssh-keyscan.c 2013-08-20 18:04:48.698115807 +0200 +@@ -11,6 +11,7 @@ + + #include "openbsd-compat/sys-queue.h" + #include <sys/resource.h> ++#include <sys/param.h> + #ifdef HAVE_SYS_TIME_H + # include <sys/time.h> + #endif diff --git a/package/openssh/patches/patch-ssh-pkcs11-helper_c b/package/openssh/patches/patch-ssh-pkcs11-helper_c new file mode 100644 index 000000000..9a26694f7 --- /dev/null +++ b/package/openssh/patches/patch-ssh-pkcs11-helper_c @@ -0,0 +1,10 @@ +--- openssh-6.2p1.orig/ssh-pkcs11-helper.c 2012-07-02 14:15:39.000000000 +0200 ++++ openssh-6.2p1/ssh-pkcs11-helper.c 2013-08-20 18:05:07.349881322 +0200 +@@ -18,6 +18,7 @@ + #include "includes.h" + + #include <sys/types.h> ++#include <sys/param.h> + #ifdef HAVE_SYS_TIME_H + # include <sys/time.h> + #endif diff --git a/package/openssh/patches/patch-sshconnect_c b/package/openssh/patches/patch-sshconnect_c new file mode 100644 index 000000000..45dc91b34 --- /dev/null +++ b/package/openssh/patches/patch-sshconnect_c @@ -0,0 +1,10 @@ +--- openssh-6.2p1.orig/sshconnect.c 2012-09-17 05:25:44.000000000 +0200 ++++ openssh-6.2p1/sshconnect.c 2013-08-20 18:00:38.757257988 +0200 +@@ -16,6 +16,7 @@ + #include "includes.h" + + #include <sys/types.h> ++#include <sys/param.h> + #include <sys/wait.h> + #include <sys/stat.h> + #include <sys/socket.h> diff --git a/package/openssh/patches/patch-sshd_c b/package/openssh/patches/patch-sshd_c new file mode 100644 index 000000000..a684f3e7b --- /dev/null +++ b/package/openssh/patches/patch-sshd_c @@ -0,0 +1,10 @@ +--- openssh-6.2p1.orig/sshd.c 2013-02-12 01:04:48.000000000 +0100 ++++ openssh-6.2p1/sshd.c 2013-08-20 17:40:31.488435414 +0200 +@@ -46,6 +46,7 @@ + + #include <sys/types.h> + #include <sys/ioctl.h> ++#include <sys/param.h> + #include <sys/socket.h> + #ifdef HAVE_SYS_STAT_H + # include <sys/stat.h> diff --git a/package/openssl/Makefile b/package/openssl/Makefile index d5accbb52..cbc3460c4 100644 --- a/package/openssl/Makefile +++ b/package/openssl/Makefile @@ -4,9 +4,9 @@ include ${TOPDIR}/rules.mk PKG_NAME:= openssl -PKG_VERSION:= 1.0.1c -PKG_RELEASE:= 4 -PKG_MD5SUM:= ae412727c8c15b67880aef7bd2999b2e +PKG_VERSION:= 1.0.1e +PKG_RELEASE:= 1 +PKG_MD5SUM:= 66bf6f10f060d561929de96f9dfe5b8c PKG_DESCR:= OpenSSL (Secure Socket Layer) libraries PKG_SECTION:= libs PKG_DEPENDS:= zlib @@ -83,7 +83,7 @@ do-build: OPTIMIZATION_FLAGS="$(TARGET_CFLAGS) -fPIC" \ all build-shared -post-install: +libopenssl-install: ${INSTALL_DIR} ${IDIR_LIBOPENSSL}/usr/lib ${CP} ${WRKINST}/usr/lib*/lib*.so* ${IDIR_LIBOPENSSL}/usr/lib chmod 644 ${IDIR_LIBOPENSSL}/usr/lib/lib*.so* diff --git a/package/openssl/patches/patch-Configure b/package/openssl/patches/patch-Configure index d5ec7cc28..2f1213e0e 100644 --- a/package/openssl/patches/patch-Configure +++ b/package/openssl/patches/patch-Configure @@ -1,11 +1,11 @@ ---- openssl-1.0.1c.orig/Configure 2012-03-14 23:20:40.000000000 +0100 -+++ openssl-1.0.1c/Configure 2013-01-31 14:32:14.000000000 +0100 -@@ -400,6 +400,8 @@ my %table=( +--- openssl-1.0.1e.orig/Configure 2013-02-11 16:26:04.000000000 +0100 ++++ openssl-1.0.1e/Configure 2013-08-17 16:07:11.782623643 +0200 +@@ -402,6 +402,8 @@ my %table=( "linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", -+"linux-embedded","gcc:-DTERMIO \$(OPTIMIZATION_FLAGS) -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-embedded-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", ++"linux-embedded","gcc:-DTERMIOS \$(OPTIMIZATION_FLAGS) -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-embedded-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", # Android: linux-* but without -DTERMIO and pointers to headers and libs. "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/package/openssl/patches/patch-Makefile b/package/openssl/patches/patch-Makefile new file mode 100644 index 000000000..26e7be2f2 --- /dev/null +++ b/package/openssl/patches/patch-Makefile @@ -0,0 +1,96 @@ +--- openssl-1.0.1e.orig/Makefile 2013-02-11 16:26:04.000000000 +0100 ++++ openssl-1.0.1e/Makefile 2013-08-17 16:07:12.622613083 +0200 +@@ -11,11 +11,11 @@ SHLIB_VERSION_NUMBER=1.0.0 + SHLIB_VERSION_HISTORY= + SHLIB_MAJOR=1 + SHLIB_MINOR=0.0 +-SHLIB_EXT= +-PLATFORM=dist +-OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-zlib no-zlib-dynamic static-engine +-CONFIGURE_ARGS=dist +-SHLIB_TARGET= ++SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR) ++PLATFORM=linux-embedded ++OPTIONS=--prefix=/usr --openssldir=/etc/ssl -I/home/wbx/openadk/target_arm_musl/usr/include -L/home/wbx/openadk/target_arm_musl/usr/lib -ldl -DOPENSSL_SMALL_FOOTPRINT enable-shared enable-zlib-dynamic no-aes192 no-camellia no-cast no-ec no-ec_nistp_64_gcc_128 no-ecdh no-ecdsa no-engines no-err no-gmp no-gost no-idea no-jpake no-krb5 no-md2 no-mdc2 no-rc5 no-rfc3779 no-ripemd no-sctp no-sha0 no-smime no-store no-threads no-static-engine ++CONFIGURE_ARGS=linux-embedded --prefix=/usr --openssldir=/etc/ssl -I/home/wbx/openadk/target_arm_musl/usr/include -L/home/wbx/openadk/target_arm_musl/usr/lib -ldl -DOPENSSL_SMALL_FOOTPRINT shared no-err no-krb5 no-threads zlib-dynamic no-engines no-camellia no-idea no-rc5 no-mdc2 no-sha0 no-smime no-aes192 no-ripemd no-cast no-ec ++SHLIB_TARGET=linux-shared + + # HERE indicates where this Makefile lives. This can be used to indicate + # where sub-Makefiles are expected to be. Currently has very limited usage, +@@ -26,10 +26,10 @@ HERE=. + # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/. + # Normally it is left empty. + INSTALL_PREFIX= +-INSTALLTOP=/usr/local/ssl ++INSTALLTOP=/usr + + # Do not edit this manually. Use Configure --openssldir=DIR do change this! +-OPENSSLDIR=/usr/local/ssl ++OPENSSLDIR=/etc/ssl + + # NO_IDEA - Define to build without the IDEA algorithm + # NO_RC4 - Define to build without the RC4 algorithm +@@ -59,15 +59,15 @@ OPENSSLDIR=/usr/local/ssl + # equal 4. + # PKCS1_CHECK - pkcs1 tests. + +-CC= cc +-CFLAG= -O +-DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE ++CC= /home/wbx/openadk/host_arm_musl/bin/arm-openadk-linux-muslgnueabi-gcc ++CFLAG= -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DDSO_DLFCN -DHAVE_DLFCN_H -I/home/wbx/openadk/target_arm_musl/usr/include -DOPENSSL_SMALL_FOOTPRINT -DOPENSSL_NO_ERR -DTERMIOS $(OPTIMIZATION_FLAGS) -Wall ++DEPFLAG= -DOPENSSL_NO_AES192 -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CAST -DOPENSSL_NO_EC -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_ECDH -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ENGINES -DOPENSSL_NO_GMP -DOPENSSL_NO_GOST -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_RIPEMD -DOPENSSL_NO_SCTP -DOPENSSL_NO_SHA0 -DOPENSSL_NO_SMIME -DOPENSSL_NO_STORE + PEX_LIBS= +-EX_LIBS= ++EX_LIBS= -L/home/wbx/openadk/target_arm_musl/usr/lib -ldl -ldl + EXE_EXT= + ARFLAGS= +-AR= ar $(ARFLAGS) r +-RANLIB= /usr/bin/ranlib ++AR= /home/wbx/openadk/host_arm_musl/bin/arm-openadk-linux-muslgnueabi-ar $(ARFLAGS) r ++RANLIB= /home/wbx/openadk/host_arm_musl/bin/arm-openadk-linux-muslgnueabi-ranlib + NM= nm + PERL= /usr/bin/perl + TAR= tar +@@ -103,7 +103,7 @@ WP_ASM_OBJ= wp_block.o + CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o + MODES_ASM_OBJ= + ENGINES_ASM_OBJ= +-PERLASM_SCHEME= ++PERLASM_SCHEME= void + + # KRB5 stuff + KRB5_INCLUDES= +@@ -137,16 +137,16 @@ FIPSCANLIB= + + BASEADDR=0xFB00000 + +-DIRS= crypto ssl engines apps test tools +-ENGDIRS= ccgost ++DIRS= crypto ssl engines apps tools ++ENGDIRS= + SHLIBDIRS= crypto ssl + + # dirs in crypto to build + SDIRS= \ + objects \ +- md4 md5 sha mdc2 hmac ripemd whrlpool \ +- des aes rc2 rc4 idea bf cast camellia seed modes \ +- bn ec rsa dsa ecdsa dh ecdh dso engine \ ++ md4 md5 sha hmac whrlpool \ ++ des aes rc2 rc4 bf seed modes \ ++ bn rsa dsa dh dso engine \ + buffer bio stack lhash rand err \ + evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ + cms pqueue ts srp cmac +@@ -174,8 +174,8 @@ WDIRS= windows + LIBS= libcrypto.a libssl.a + SHARED_CRYPTO=libcrypto$(SHLIB_EXT) + SHARED_SSL=libssl$(SHLIB_EXT) +-SHARED_LIBS= +-SHARED_LIBS_LINK_EXTS= ++SHARED_LIBS=$(SHARED_CRYPTO) $(SHARED_SSL) ++SHARED_LIBS_LINK_EXTS=.so.$(SHLIB_MAJOR) .so + SHARED_LDFLAGS= + + GENERAL= Makefile diff --git a/package/openssl/patches/patch-crypto_engine_eng_cryptodev_c b/package/openssl/patches/patch-crypto_engine_eng_cryptodev_c new file mode 100644 index 000000000..7b8898a5d --- /dev/null +++ b/package/openssl/patches/patch-crypto_engine_eng_cryptodev_c @@ -0,0 +1,380 @@ +--- openssl-1.0.1e.orig/crypto/engine/eng_cryptodev.c 2013-02-11 16:26:04.000000000 +0100 ++++ openssl-1.0.1e/crypto/engine/eng_cryptodev.c 2013-08-09 16:51:49.915851335 +0200 +@@ -2,6 +2,7 @@ + * Copyright (c) 2002 Bob Beck <beck@openbsd.org> + * Copyright (c) 2002 Theo de Raadt + * Copyright (c) 2002 Markus Friedl ++ * Copyright (c) 2012 Nikos Mavrogiannopoulos + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without +@@ -74,9 +75,7 @@ struct dev_crypto_state { + int d_fd; + + #ifdef USE_CRYPTODEV_DIGESTS +- char dummy_mac_key[HASH_MAX_LEN]; +- +- unsigned char digest_res[HASH_MAX_LEN]; ++ unsigned char digest_res[64]; + char *mac_data; + int mac_len; + #endif +@@ -157,15 +156,21 @@ static struct { + static struct { + int id; + int nid; +- int keylen; ++ int digestlen; + } digests[] = { ++#if 0 ++ /* HMAC is not supported */ + { CRYPTO_MD5_HMAC, NID_hmacWithMD5, 16}, + { CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, 20}, +- { CRYPTO_RIPEMD160_HMAC, NID_ripemd160, 16/*?*/}, +- { CRYPTO_MD5_KPDK, NID_undef, 0}, +- { CRYPTO_SHA1_KPDK, NID_undef, 0}, ++ { CRYPTO_SHA2_256_HMAC, NID_hmacWithSHA256, 32}, ++ { CRYPTO_SHA2_384_HMAC, NID_hmacWithSHA384, 48}, ++ { CRYPTO_SHA2_512_HMAC, NID_hmacWithSHA512, 64}, ++#endif + { CRYPTO_MD5, NID_md5, 16}, + { CRYPTO_SHA1, NID_sha1, 20}, ++ { CRYPTO_SHA2_256, NID_sha256, 32}, ++ { CRYPTO_SHA2_384, NID_sha384, 48}, ++ { CRYPTO_SHA2_512, NID_sha512, 64}, + { 0, NID_undef, 0}, + }; + #endif +@@ -182,7 +187,7 @@ open_dev_crypto(void) + if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1) + return (-1); + /* close on exec */ +- if (fcntl(fd, F_SETFD, 1) == -1) { ++ if (fcntl(fd, F_SETFD, FD_CLOEXEC) == -1) { + close(fd); + fd = -1; + return (-1); +@@ -243,13 +248,14 @@ get_cryptodev_ciphers(const int **cnids) + static int nids[CRYPTO_ALGORITHM_MAX]; + struct session_op sess; + int fd, i, count = 0; ++ unsigned char fake_key[EVP_MAX_KEY_LENGTH]; + + if ((fd = get_dev_crypto()) < 0) { + *cnids = NULL; + return (0); + } + memset(&sess, 0, sizeof(sess)); +- sess.key = (caddr_t)"123456789abcdefghijklmno"; ++ sess.key = (void*)fake_key; + + for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { + if (ciphers[i].nid == NID_undef) +@@ -281,6 +287,7 @@ static int + get_cryptodev_digests(const int **cnids) + { + static int nids[CRYPTO_ALGORITHM_MAX]; ++ unsigned char fake_key[EVP_MAX_KEY_LENGTH]; + struct session_op sess; + int fd, i, count = 0; + +@@ -289,12 +296,12 @@ get_cryptodev_digests(const int **cnids) + return (0); + } + memset(&sess, 0, sizeof(sess)); +- sess.mackey = (caddr_t)"123456789abcdefghijklmno"; ++ sess.mackey = fake_key; + for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { + if (digests[i].nid == NID_undef) + continue; + sess.mac = digests[i].id; +- sess.mackeylen = digests[i].keylen; ++ sess.mackeylen = 8; + sess.cipher = 0; + if (ioctl(fd, CIOCGSESSION, &sess) != -1 && + ioctl(fd, CIOCFSESSION, &sess.ses) != -1) +@@ -382,14 +389,14 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, un + cryp.ses = sess->ses; + cryp.flags = 0; + cryp.len = inl; +- cryp.src = (caddr_t) in; +- cryp.dst = (caddr_t) out; ++ cryp.src = (void*) in; ++ cryp.dst = (void*) out; + cryp.mac = 0; + + cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; + + if (ctx->cipher->iv_len) { +- cryp.iv = (caddr_t) ctx->iv; ++ cryp.iv = (void*) ctx->iv; + if (!ctx->encrypt) { + iiv = in + inl - ctx->cipher->iv_len; + memcpy(save_iv, iiv, ctx->cipher->iv_len); +@@ -440,7 +447,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, + if ((state->d_fd = get_dev_crypto()) < 0) + return (0); + +- sess->key = (caddr_t)key; ++ sess->key = (void*)key; + sess->keylen = ctx->key_len; + sess->cipher = cipher; + +@@ -660,18 +667,6 @@ digest_nid_to_cryptodev(int nid) + } + + +-static int +-digest_key_length(int nid) +-{ +- int i; +- +- for (i = 0; digests[i].id; i++) +- if (digests[i].nid == nid) +- return digests[i].keylen; +- return (0); +-} +- +- + static int cryptodev_digest_init(EVP_MD_CTX *ctx) + { + struct dev_crypto_state *state = ctx->md_data; +@@ -682,7 +677,6 @@ static int cryptodev_digest_init(EVP_MD_ + printf("cryptodev_digest_init: Can't get digest \n"); + return (0); + } +- + memset(state, 0, sizeof(struct dev_crypto_state)); + + if ((state->d_fd = get_dev_crypto()) < 0) { +@@ -690,8 +684,8 @@ static int cryptodev_digest_init(EVP_MD_ + return (0); + } + +- sess->mackey = state->dummy_mac_key; +- sess->mackeylen = digest_key_length(ctx->digest->type); ++ sess->mackey = NULL; ++ sess->mackeylen = 0; + sess->mac = digest; + + if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) { +@@ -707,8 +701,8 @@ static int cryptodev_digest_init(EVP_MD_ + static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data, + size_t count) + { +- struct crypt_op cryp; + struct dev_crypto_state *state = ctx->md_data; ++ struct crypt_op cryp; + struct session_op *sess = &state->d_sess; + + if (!data || state->d_fd < 0) { +@@ -717,7 +711,7 @@ static int cryptodev_digest_update(EVP_M + } + + if (!count) { +- return (0); ++ return (1); + } + + if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) { +@@ -740,9 +734,9 @@ static int cryptodev_digest_update(EVP_M + cryp.ses = sess->ses; + cryp.flags = 0; + cryp.len = count; +- cryp.src = (caddr_t) data; ++ cryp.src = (void*) data; + cryp.dst = NULL; +- cryp.mac = (caddr_t) state->digest_res; ++ cryp.mac = (void*) state->digest_res; + if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) { + printf("cryptodev_digest_update: digest failed\n"); + return (0); +@@ -757,8 +751,6 @@ static int cryptodev_digest_final(EVP_MD + struct dev_crypto_state *state = ctx->md_data; + struct session_op *sess = &state->d_sess; + +- int ret = 1; +- + if (!md || state->d_fd < 0) { + printf("cryptodev_digest_final: illegal input\n"); + return(0); +@@ -772,7 +764,7 @@ static int cryptodev_digest_final(EVP_MD + cryp.len = state->mac_len; + cryp.src = state->mac_data; + cryp.dst = NULL; +- cryp.mac = (caddr_t)md; ++ cryp.mac = (void*)md; + if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) { + printf("cryptodev_digest_final: digest failed\n"); + return (0); +@@ -783,7 +775,7 @@ static int cryptodev_digest_final(EVP_MD + + memcpy(md, state->digest_res, ctx->digest->md_size); + +- return (ret); ++ return 1; + } + + +@@ -835,8 +827,8 @@ static int cryptodev_digest_copy(EVP_MD_ + + digest = digest_nid_to_cryptodev(to->digest->type); + +- sess->mackey = dstate->dummy_mac_key; +- sess->mackeylen = digest_key_length(to->digest->type); ++ sess->mackey = NULL; ++ sess->mackeylen = 0; + sess->mac = digest; + + dstate->d_fd = get_dev_crypto(); +@@ -861,34 +853,79 @@ static int cryptodev_digest_copy(EVP_MD_ + } + + +-const EVP_MD cryptodev_sha1 = { ++static const EVP_MD cryptodev_sha1 = { + NID_sha1, +- NID_undef, ++ NID_sha1WithRSAEncryption, + SHA_DIGEST_LENGTH, +- EVP_MD_FLAG_ONESHOT, ++ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT, + cryptodev_digest_init, + cryptodev_digest_update, + cryptodev_digest_final, + cryptodev_digest_copy, + cryptodev_digest_cleanup, +- EVP_PKEY_NULL_method, ++ EVP_PKEY_RSA_method, + SHA_CBLOCK, +- sizeof(struct dev_crypto_state), ++ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), + }; + +-const EVP_MD cryptodev_md5 = { ++static const EVP_MD cryptodev_sha256 = { ++ NID_sha256, ++ NID_sha256WithRSAEncryption, ++ SHA256_DIGEST_LENGTH, ++ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT, ++ cryptodev_digest_init, ++ cryptodev_digest_update, ++ cryptodev_digest_final, ++ cryptodev_digest_copy, ++ cryptodev_digest_cleanup, ++ EVP_PKEY_RSA_method, ++ SHA256_CBLOCK, ++ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), ++}; ++ ++static const EVP_MD cryptodev_sha384 = { ++ NID_sha384, ++ NID_sha384WithRSAEncryption, ++ SHA384_DIGEST_LENGTH, ++ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT, ++ cryptodev_digest_init, ++ cryptodev_digest_update, ++ cryptodev_digest_final, ++ cryptodev_digest_copy, ++ cryptodev_digest_cleanup, ++ EVP_PKEY_RSA_method, ++ SHA512_CBLOCK, ++ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), ++}; ++ ++static const EVP_MD cryptodev_sha512 = { ++ NID_sha512, ++ NID_sha512WithRSAEncryption, ++ SHA512_DIGEST_LENGTH, ++ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT, ++ cryptodev_digest_init, ++ cryptodev_digest_update, ++ cryptodev_digest_final, ++ cryptodev_digest_copy, ++ cryptodev_digest_cleanup, ++ EVP_PKEY_RSA_method, ++ SHA512_CBLOCK, ++ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), ++}; ++ ++static const EVP_MD cryptodev_md5 = { + NID_md5, +- NID_undef, ++ NID_md5WithRSAEncryption, + 16 /* MD5_DIGEST_LENGTH */, +- EVP_MD_FLAG_ONESHOT, ++ EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT|EVP_MD_FLAG_ONESHOT, + cryptodev_digest_init, + cryptodev_digest_update, + cryptodev_digest_final, + cryptodev_digest_copy, + cryptodev_digest_cleanup, +- EVP_PKEY_NULL_method, ++ EVP_PKEY_RSA_method, + 64 /* MD5_CBLOCK */, +- sizeof(struct dev_crypto_state), ++ sizeof(EVP_MD *)+sizeof(struct dev_crypto_state), + }; + + #endif /* USE_CRYPTODEV_DIGESTS */ +@@ -909,6 +946,15 @@ cryptodev_engine_digests(ENGINE *e, cons + case NID_sha1: + *digest = &cryptodev_sha1; + break; ++ case NID_sha256: ++ *digest = &cryptodev_sha256; ++ break; ++ case NID_sha384: ++ *digest = &cryptodev_sha384; ++ break; ++ case NID_sha512: ++ *digest = &cryptodev_sha512; ++ break; + default: + #endif /* USE_CRYPTODEV_DIGESTS */ + *digest = NULL; +@@ -940,7 +986,7 @@ bn2crparam(const BIGNUM *a, struct crpar + return (1); + memset(b, 0, bytes); + +- crp->crp_p = (caddr_t) b; ++ crp->crp_p = (void*) b; + crp->crp_nbits = bits; + + for (i = 0, j = 0; i < a->top; i++) { +@@ -1193,7 +1239,7 @@ cryptodev_dsa_do_sign(const unsigned cha + kop.crk_op = CRK_DSA_SIGN; + + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ +- kop.crk_param[0].crp_p = (caddr_t)dgst; ++ kop.crk_param[0].crp_p = (void*)dgst; + kop.crk_param[0].crp_nbits = dlen * 8; + if (bn2crparam(dsa->p, &kop.crk_param[1])) + goto err; +@@ -1233,7 +1279,7 @@ cryptodev_dsa_verify(const unsigned char + kop.crk_op = CRK_DSA_VERIFY; + + /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ +- kop.crk_param[0].crp_p = (caddr_t)dgst; ++ kop.crk_param[0].crp_p = (void*)dgst; + kop.crk_param[0].crp_nbits = dlen * 8; + if (bn2crparam(dsa->p, &kop.crk_param[1])) + goto err; +@@ -1311,7 +1357,7 @@ cryptodev_dh_compute_key(unsigned char * + goto err; + kop.crk_iparams = 3; + +- kop.crk_param[3].crp_p = (caddr_t) key; ++ kop.crk_param[3].crp_p = (void*) key; + kop.crk_param[3].crp_nbits = keylen * 8; + kop.crk_oparams = 1; + +@@ -1385,7 +1431,7 @@ ENGINE_load_cryptodev(void) + put_dev_crypto(fd); + + if (!ENGINE_set_id(engine, "cryptodev") || +- !ENGINE_set_name(engine, "BSD cryptodev engine") || ++ !ENGINE_set_name(engine, "cryptodev engine") || + !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || + !ENGINE_set_digests(engine, cryptodev_engine_digests) || + !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || diff --git a/package/openssl/patches/patch-crypto_opensslconf_h b/package/openssl/patches/patch-crypto_opensslconf_h new file mode 100644 index 000000000..77701e9b4 --- /dev/null +++ b/package/openssl/patches/patch-crypto_opensslconf_h @@ -0,0 +1,213 @@ +--- openssl-1.0.1e.orig/crypto/opensslconf.h 2013-02-11 16:26:04.000000000 +0100 ++++ openssl-1.0.1e/crypto/opensslconf.h 2013-08-17 16:07:12.626613032 +0200 +@@ -5,12 +5,39 @@ + #ifndef OPENSSL_DOING_MAKEDEPEND + + ++#ifndef OPENSSL_NO_AES192 ++# define OPENSSL_NO_AES192 ++#endif ++#ifndef OPENSSL_NO_CAMELLIA ++# define OPENSSL_NO_CAMELLIA ++#endif ++#ifndef OPENSSL_NO_CAST ++# define OPENSSL_NO_CAST ++#endif ++#ifndef OPENSSL_NO_EC ++# define OPENSSL_NO_EC ++#endif + #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 + # define OPENSSL_NO_EC_NISTP_64_GCC_128 + #endif ++#ifndef OPENSSL_NO_ECDH ++# define OPENSSL_NO_ECDH ++#endif ++#ifndef OPENSSL_NO_ECDSA ++# define OPENSSL_NO_ECDSA ++#endif ++#ifndef OPENSSL_NO_ENGINES ++# define OPENSSL_NO_ENGINES ++#endif + #ifndef OPENSSL_NO_GMP + # define OPENSSL_NO_GMP + #endif ++#ifndef OPENSSL_NO_GOST ++# define OPENSSL_NO_GOST ++#endif ++#ifndef OPENSSL_NO_IDEA ++# define OPENSSL_NO_IDEA ++#endif + #ifndef OPENSSL_NO_JPAKE + # define OPENSSL_NO_JPAKE + #endif +@@ -20,23 +47,38 @@ + #ifndef OPENSSL_NO_MD2 + # define OPENSSL_NO_MD2 + #endif ++#ifndef OPENSSL_NO_MDC2 ++# define OPENSSL_NO_MDC2 ++#endif + #ifndef OPENSSL_NO_RC5 + # define OPENSSL_NO_RC5 + #endif + #ifndef OPENSSL_NO_RFC3779 + # define OPENSSL_NO_RFC3779 + #endif ++#ifndef OPENSSL_NO_RIPEMD ++# define OPENSSL_NO_RIPEMD ++#endif + #ifndef OPENSSL_NO_SCTP + # define OPENSSL_NO_SCTP + #endif ++#ifndef OPENSSL_NO_SHA0 ++# define OPENSSL_NO_SHA0 ++#endif ++#ifndef OPENSSL_NO_SMIME ++# define OPENSSL_NO_SMIME ++#endif + #ifndef OPENSSL_NO_STORE + # define OPENSSL_NO_STORE + #endif + + #endif /* OPENSSL_DOING_MAKEDEPEND */ + +-#ifndef OPENSSL_NO_DYNAMIC_ENGINE +-# define OPENSSL_NO_DYNAMIC_ENGINE ++#ifndef OPENSSL_NO_ERR ++# define OPENSSL_NO_ERR ++#endif ++#ifndef OPENSSL_NO_STATIC_ENGINE ++# define OPENSSL_NO_STATIC_ENGINE + #endif + + /* The OPENSSL_NO_* macros are also defined as NO_* if the application +@@ -44,12 +86,39 @@ + who haven't had the time to do the appropriate changes in their + applications. */ + #ifdef OPENSSL_ALGORITHM_DEFINES ++# if defined(OPENSSL_NO_AES192) && !defined(NO_AES192) ++# define NO_AES192 ++# endif ++# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA) ++# define NO_CAMELLIA ++# endif ++# if defined(OPENSSL_NO_CAST) && !defined(NO_CAST) ++# define NO_CAST ++# endif ++# if defined(OPENSSL_NO_EC) && !defined(NO_EC) ++# define NO_EC ++# endif + # if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128) + # define NO_EC_NISTP_64_GCC_128 + # endif ++# if defined(OPENSSL_NO_ECDH) && !defined(NO_ECDH) ++# define NO_ECDH ++# endif ++# if defined(OPENSSL_NO_ECDSA) && !defined(NO_ECDSA) ++# define NO_ECDSA ++# endif ++# if defined(OPENSSL_NO_ENGINES) && !defined(NO_ENGINES) ++# define NO_ENGINES ++# endif + # if defined(OPENSSL_NO_GMP) && !defined(NO_GMP) + # define NO_GMP + # endif ++# if defined(OPENSSL_NO_GOST) && !defined(NO_GOST) ++# define NO_GOST ++# endif ++# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA) ++# define NO_IDEA ++# endif + # if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE) + # define NO_JPAKE + # endif +@@ -59,15 +128,27 @@ + # if defined(OPENSSL_NO_MD2) && !defined(NO_MD2) + # define NO_MD2 + # endif ++# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2) ++# define NO_MDC2 ++# endif + # if defined(OPENSSL_NO_RC5) && !defined(NO_RC5) + # define NO_RC5 + # endif + # if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779) + # define NO_RFC3779 + # endif ++# if defined(OPENSSL_NO_RIPEMD) && !defined(NO_RIPEMD) ++# define NO_RIPEMD ++# endif + # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) + # define NO_SCTP + # endif ++# if defined(OPENSSL_NO_SHA0) && !defined(NO_SHA0) ++# define NO_SHA0 ++# endif ++# if defined(OPENSSL_NO_SMIME) && !defined(NO_SMIME) ++# define NO_SMIME ++# endif + # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) + # define NO_STORE + # endif +@@ -80,8 +161,8 @@ + + #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ + #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +-#define ENGINESDIR "/usr/local/ssl/lib/engines" +-#define OPENSSLDIR "/usr/local/ssl" ++#define ENGINESDIR "/usr/lib/engines" ++#define OPENSSLDIR "/etc/ssl" + #endif + #endif + +@@ -112,14 +193,14 @@ + * - Intel P6 because partial register stalls are very expensive; + * - elder Alpha because it lacks byte load/store instructions; + */ +-#define RC4_INT unsigned int ++#define RC4_INT unsigned char + #endif + #if !defined(RC4_CHUNK) + /* + * This enables code handling data aligned at natural CPU word + * boundary. See crypto/rc4/rc4_enc.c for further details. + */ +-#undef RC4_CHUNK ++#define RC4_CHUNK unsigned long + #endif + #endif + +@@ -127,13 +208,13 @@ + /* If this is set to 'unsigned int' on a DEC Alpha, this gives about a + * %20 speed up (longs are 8 bytes, int's are 4). */ + #ifndef DES_LONG +-#define DES_LONG unsigned long ++#define DES_LONG unsigned int + #endif + #endif + + #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) + #define CONFIG_HEADER_BN_H +-#undef BN_LLONG ++#define BN_LLONG + + /* Should we define BN_DIV2W here? */ + +@@ -152,7 +233,7 @@ + + #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) + #define CONFIG_HEADER_BF_LOCL_H +-#undef BF_PTR ++#define BF_PTR + #endif /* HEADER_BF_LOCL_H */ + + #if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) +@@ -182,7 +263,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND D + /* Unroll the inner loop, this sometimes helps, sometimes hinders. + * Very mucy CPU dependant */ + #ifndef DES_UNROLL +-#undef DES_UNROLL ++#define DES_UNROLL + #endif + + /* These default values were supplied by diff --git a/package/openssl/patches/patch-crypto_ui_ui_openssl_c b/package/openssl/patches/patch-crypto_ui_ui_openssl_c new file mode 100644 index 000000000..ac6d2a91f --- /dev/null +++ b/package/openssl/patches/patch-crypto_ui_ui_openssl_c @@ -0,0 +1,15 @@ +--- openssl-1.0.1e.orig/crypto/ui/ui_openssl.c 2013-02-11 16:26:04.000000000 +0100 ++++ openssl-1.0.1e/crypto/ui/ui_openssl.c 2013-08-17 16:07:11.798623440 +0200 +@@ -190,12 +190,6 @@ + # undef SGTTY + #endif + +-#if defined(linux) && !defined(TERMIO) +-# undef TERMIOS +-# define TERMIO +-# undef SGTTY +-#endif +- + #ifdef _LIBC + # undef TERMIOS + # define TERMIO diff --git a/package/openssl/patches/patch-tools_c_rehash b/package/openssl/patches/patch-tools_c_rehash new file mode 100644 index 000000000..ae682d661 --- /dev/null +++ b/package/openssl/patches/patch-tools_c_rehash @@ -0,0 +1,13 @@ +--- openssl-1.0.1e.orig/tools/c_rehash 2013-02-11 16:26:11.000000000 +0100 ++++ openssl-1.0.1e/tools/c_rehash 2013-08-17 16:07:16.970558422 +0200 +@@ -6,8 +6,8 @@ + + my $openssl; + +-my $dir = "/usr/local/ssl"; +-my $prefix = "/usr/local/ssl"; ++my $dir = "/etc/ssl"; ++my $prefix = "/usr"; + + if(defined $ENV{OPENSSL}) { + $openssl = $ENV{OPENSSL}; diff --git a/package/openvpn/Makefile b/package/openvpn/Makefile index 39fd53b23..2deb20898 100644 --- a/package/openvpn/Makefile +++ b/package/openvpn/Makefile @@ -4,17 +4,16 @@ include $(TOPDIR)/rules.mk PKG_NAME:= openvpn -PKG_VERSION:= 2.2.2 +PKG_VERSION:= 2.3.2 PKG_RELEASE:= 1 -PKG_MD5SUM:= c5181e27b7945fa6276d21873329c5c7 +PKG_MD5SUM:= 06e5f93dbf13f2c19647ca15ffc23ac1 PKG_DESCR:= Open Source VPN solution using SSL PKG_SECTION:= net/security -PKG_DEPENDS:= kmod-tun libopenssl ip -PKG_BUILDDEP:= openssl +PKG_DEPENDS:= kmod-tun ip PKG_URL:= http://openvpn.net/ PKG_SITES:= http://swupdate.openvpn.org/community/releases/ -PKG_SUBPKGS:= OPENVPN OPENVPN_EASY_RSA +PKG_SUBPKGS:= OPENVPN PKG_FLAVOURS_OPENVPN:= WITH_LZO WITH_MANAGEMENT WITH_HTTPPROXY WITH_SOCKS SERVER CLIENT PKGSS_OPENVPN_EASY_RSA:=openssl-util PKGFD_SERVER:= deliver server example configuration @@ -26,10 +25,17 @@ PKGFD_WITH_MANAGEMENT:= enable management server support PKGFD_WITH_HTTPPROXY:= enable http proxy support PKGFD_WITH_SOCKS:= enable socks proxy support +PKG_CHOICES_OPENVPN:= WITH_OPENSSL WITH_POLARSSL +PKGCD_WITH_OPENSSL:= use OpenSSL for crypto +PKGCS_WITH_OPENSSL:= libopenssl +PKGCB_WITH_OPENSSL:= openssl +PKGCD_WITH_POLARSSL:= use PolarSSL for crypto +PKGCS_WITH_POLARSSL:= libpolarssl +PKGCB_WITH_POLARSSL:= polarssl + include $(TOPDIR)/mk/package.mk $(eval $(call PKG_template,OPENVPN,${PKG_NAME},$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION})) -$(eval $(call PKG_template,OPENVPN_EASY_RSA,openvpn-easy-rsa,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION})) ifneq ($(ADK_PACKAGE_OPENVPN_WITH_LZO),) CONFIGURE_ARGS+= --enable-lzo @@ -44,9 +50,9 @@ CONFIGURE_ARGS+= --disable-management endif ifneq ($(ADK_PACKAGE_OPENVPN_WITH_HTTPPROXY),) -CONFIGURE_ARGS+= --enable-http +CONFIGURE_ARGS+= --enable-http-proxy else -CONFIGURE_ARGS+= --disable-http +CONFIGURE_ARGS+= --disable-http-proxy endif ifneq ($(ADK_PACKAGE_OPENVPN_WITH_SOCKS),) @@ -55,13 +61,17 @@ else CONFIGURE_ARGS+= --disable-socks endif -CONFIGURE_ARGS+= --disable-pthread \ - --disable-plugins \ +ifeq (${ADK_PACKAGE_OPENVPN_WITH_OPENSSL},y) +CONFIGURE_ARGS+= --with-crypto-library=openssl +endif +ifeq (${ADK_PACKAGE_OPENVPN_WITH_POLARSSL},y) +CONFIGURE_ARGS+= --with-crypto-library=polarssl +endif + +CONFIGURE_ARGS+= --disable-plugins \ --enable-small \ - --enable-iproute2 \ - --with-iproute-path=/usr/sbin/ip \ - --without-ifconfig-path \ - --without-route-path + --disable-debug \ + --enable-iproute2 post-install: ${INSTALL_DIR} $(IDIR_OPENVPN)/usr/sbin $(IDIR_OPENVPN)/etc/openvpn @@ -75,16 +85,4 @@ ifeq ($(ADK_PACKAGE_OPENVPN_CLIENT),y) echo "/etc/openvpn/client.conf" > ./files/openvpn.conffiles endif -openvpn-easy-rsa-install: - ${INSTALL_DIR} $(IDIR_OPENVPN_EASY_RSA)/usr/sbin \ - $(IDIR_OPENVPN_EASY_RSA)/etc/easy-rsa/keys - touch $(IDIR_OPENVPN_EASY_RSA)/etc/easy-rsa/keys/index.txt - $(CP) ./files/serial $(IDIR_OPENVPN_EASY_RSA)/etc/easy-rsa/keys - $(CP) $(WRKBUILD)/easy-rsa/2.0/{build-*,clean-all,inherit-inter,list-crl,pkitool,revoke-full,sign-req,whichopensslcnf} \ - $(IDIR_OPENVPN_EASY_RSA)/usr/sbin - ${INSTALL_DATA} $(WRKBUILD)/easy-rsa/2.0/openssl-1.0.0.cnf \ - $(IDIR_OPENVPN_EASY_RSA)/etc/easy-rsa/openssl.cnf - ${INSTALL_DATA} $(WRKBUILD)/easy-rsa/2.0/vars \ - $(IDIR_OPENVPN_EASY_RSA)/etc/easy-rsa/vars - include ${TOPDIR}/mk/pkg-bottom.mk diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_vars b/package/openvpn/patches/patch-easy-rsa_2_0_vars deleted file mode 100644 index 972f76541..000000000 --- a/package/openvpn/patches/patch-easy-rsa_2_0_vars +++ /dev/null @@ -1,32 +0,0 @@ ---- openvpn-2.2.1.orig/easy-rsa/2.0/vars 2011-07-01 10:31:26.000000000 +0200 -+++ openvpn-2.2.1/easy-rsa/2.0/vars 2011-12-02 19:44:31.000000000 +0100 -@@ -12,7 +12,7 @@ - # This variable should point to - # the top level of the easy-rsa - # tree. --export EASY_RSA="`pwd`" -+export EASY_RSA="/etc/easy-rsa" - - # - # This variable should point to -@@ -26,7 +26,7 @@ export GREP="grep" - # This variable should point to - # the openssl.cnf file included - # with easy-rsa. --export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` -+export KEY_CONFIG=/etc/easy-rsa/openssl.cnf - - # Edit this variable to point to - # your soon-to-be-created key -@@ -66,9 +66,7 @@ export KEY_PROVINCE="CA" - export KEY_CITY="SanFrancisco" - export KEY_ORG="Fort-Funston" - export KEY_EMAIL="me@myhost.mydomain" --export KEY_EMAIL=mail@host.domain --export KEY_CN=changeme --export KEY_NAME=changeme --export KEY_OU=changeme -+export KEY_NAME=VPN -+export KEY_OU="IT Security" - export PKCS11_MODULE_PATH=changeme - export PKCS11_PIN=1234 diff --git a/package/openvpn/patches/patch-src_openvpn_syshead_h b/package/openvpn/patches/patch-src_openvpn_syshead_h new file mode 100644 index 000000000..31e0f2789 --- /dev/null +++ b/package/openvpn/patches/patch-src_openvpn_syshead_h @@ -0,0 +1,13 @@ +--- openvpn-2.3.2.orig/src/openvpn/syshead.h 2013-05-31 14:00:25.000000000 +0200 ++++ openvpn-2.3.2/src/openvpn/syshead.h 2013-08-17 16:29:58.353443521 +0200 +@@ -214,10 +214,6 @@ + + #ifdef TARGET_LINUX + +-#if defined(HAVE_NETINET_IF_ETHER_H) +-#include <netinet/if_ether.h> +-#endif +- + #ifdef HAVE_LINUX_IF_TUN_H + #include <linux/if_tun.h> + #endif diff --git a/package/openvpn/patches/patch-t_client_sh b/package/openvpn/patches/patch-t_client_sh deleted file mode 100644 index 43e346ee1..000000000 --- a/package/openvpn/patches/patch-t_client_sh +++ /dev/null @@ -1,61 +0,0 @@ ---- openvpn-2.2.1.orig/t_client.sh 2011-07-01 11:27:01.000000000 +0200 -+++ openvpn-2.2.1/t_client.sh 2011-12-02 19:33:52.000000000 +0100 -@@ -1,4 +1,4 @@ --#!/bin/sh -+#!/bin/bash - # - # run OpenVPN client against ``test reference'' server - # - check that ping, http, ... via tunnel works -@@ -80,12 +80,12 @@ fail() - get_ifconfig_route() - { - # linux / iproute2? (-> if configure got a path) -- if [ "/sbin/ip" != "ip" ] -+ if [ "/usr/sbin/ip" != "ip" ] - then - echo "-- linux iproute2 --" -- /sbin/ip addr show | grep -v valid_lft -- /sbin/ip route show -- /sbin/ip -6 route show | sed -e 's/expires [0-9]*sec //' -+ /usr/sbin/ip addr show | grep -v valid_lft -+ /usr/sbin/ip route show -+ /usr/sbin/ip -6 route show | sed -e 's/expires [0-9]*sec //' - return - fi - -@@ -93,27 +93,27 @@ get_ifconfig_route() - case `uname -s` in - Linux) - echo "-- linux / ifconfig --" -- LANG=C /sbin/ifconfig -a |egrep "( addr:|encap:)" -- LANG=C /bin/netstat -rn -4 -6 -+ LANG=C no -a |egrep "( addr:|encap:)" -+ LANG=C /usr/sbin/netstat -rn -4 -6 - return - ;; - FreeBSD|NetBSD|Darwin) - echo "-- FreeBSD/NetBSD/Darwin [MacOS X] --" -- /sbin/ifconfig -a | egrep "(flags=|inet)" -- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' -+ no -a | egrep "(flags=|inet)" -+ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' - return - ;; - OpenBSD) - echo "-- OpenBSD --" -- /sbin/ifconfig -a | egrep "(flags=|inet)" | \ -+ no -a | egrep "(flags=|inet)" | \ - sed -e 's/pltime [0-9]*//' -e 's/vltime [0-9]*//' -- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' -+ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' - return - ;; - SunOS) - echo "-- Solaris --" -- /sbin/ifconfig -a | egrep "(flags=|inet)" -- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }' -+ no -a | egrep "(flags=|inet)" -+ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }' - return - ;; - esac diff --git a/package/polarssl/Makefile b/package/polarssl/Makefile new file mode 100644 index 000000000..145ae67ef --- /dev/null +++ b/package/polarssl/Makefile @@ -0,0 +1,40 @@ +# This file is part of the OpenADK project. OpenADK is copyrighted +# material, please see the LICENCE file in the top-level directory. + +include $(TOPDIR)/rules.mk + +PKG_NAME:= polarssl +PKG_VERSION:= 1.2.8 +PKG_RELEASE:= 1 +PKG_MD5SUM:= 985151639b1ca037293f06da44fbc6bc +PKG_DESCR:= embedded SSL/TLS library +PKG_SECTION:= libs +PKG_URL:= https://polarssl.org/ +PKG_SITES:= https://polarssl.org/download/ + +DISTFILES:= ${PKG_NAME}-${PKG_VERSION}-gpl.tgz + +PKG_SUBPKGS:= LIBPOLARSSL LIBPOLARSSL_DEV + +include $(TOPDIR)/mk/package.mk + +PKGSD_LIBPOLARSSL_DEV:= development files for polarssl +PKGSC_LIBPOLARSSL_DEV:= devel + +$(eval $(call PKG_template,LIBPOLARSSL,libpolarssl,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION})) +$(eval $(call PKG_template,LIBPOLARSSL_DEV,libpolarssl-dev,$(PKG_VERSION)-${PKG_RELEASE},${PKG_DEPENDS},${PKGSD_LIBPOLARSSL_DEV},${PKGSC_LIBPOLARSSL_DEV})) + +CONFIG_STYLE:= manual +ALL_TARGET:= no_test + +libpolarssl-install: + $(INSTALL_DIR) $(IDIR_LIBPOLARSSL)/usr/lib + $(CP) $(WRKINST)/usr/lib/libpolarssl.so* \ + $(IDIR_LIBPOLARSSL)/usr/lib + +libpolarssl-dev-install: + $(INSTALL_DIR) $(IDIR_LIBPOLARSSL_DEV)/usr/include + $(CP) $(WRKINST)/usr/include/* \ + $(IDIR_LIBPOLARSSL_DEV)/usr/include + +include ${TOPDIR}/mk/pkg-bottom.mk diff --git a/package/polarssl/patches/patch-Makefile b/package/polarssl/patches/patch-Makefile new file mode 100644 index 000000000..b805fbf95 --- /dev/null +++ b/package/polarssl/patches/patch-Makefile @@ -0,0 +1,36 @@ +--- polarssl-1.2.8.orig/Makefile 2013-06-21 15:11:10.000000000 +0200 ++++ polarssl-1.2.8/Makefile 2013-08-15 16:10:58.555680994 +0200 +@@ -2,8 +2,6 @@ + DESTDIR=/usr/local + PREFIX=polarssl_ + +-.SILENT: +- + all: + cd library && $(MAKE) all && cd .. + cd programs && $(MAKE) all && cd .. +@@ -17,18 +15,18 @@ lib: + cd library && $(MAKE) all && cd .. + + install: +- mkdir -p $(DESTDIR)/include/polarssl +- cp -r include/polarssl $(DESTDIR)/include ++ mkdir -p $(DESTDIR)/usr/include/polarssl ++ cp -r include/polarssl $(DESTDIR)/usr/include + +- mkdir -p $(DESTDIR)/lib +- cp library/libpolarssl.* $(DESTDIR)/lib ++ mkdir -p $(DESTDIR)/usr/lib ++ cp library/libpolarssl.* $(DESTDIR)/usr/lib + +- mkdir -p $(DESTDIR)/bin ++ mkdir -p $(DESTDIR)/usr/bin + for p in programs/*/* ; do \ + if [ -x $$p ] && [ ! -d $$p ] ; \ + then \ + f=$(PREFIX)`basename $$p` ; \ +- cp $$p $(DESTDIR)/bin/$$f ; \ ++ cp $$p $(DESTDIR)/usr/bin/$$f ; \ + fi \ + done + diff --git a/package/polarssl/patches/patch-library_Makefile b/package/polarssl/patches/patch-library_Makefile new file mode 100644 index 000000000..edb0791b7 --- /dev/null +++ b/package/polarssl/patches/patch-library_Makefile @@ -0,0 +1,50 @@ +--- polarssl-1.2.8.orig/library/Makefile 2013-06-21 15:11:10.000000000 +0200 ++++ polarssl-1.2.8/library/Makefile 2013-08-20 18:32:08.885495858 +0200 +@@ -18,9 +18,7 @@ endif + # CFLAGS += -D_BSD_EXTENSION + + # To compile as a shared library: +-ifdef SHARED + CFLAGS += -fPIC +-endif + + SONAME=libpolarssl.so.0 + +@@ -51,27 +49,19 @@ OBJS= aes.o arc4.o asn1parse.o \ + ssl_tls.o timing.o version.o \ + x509parse.o x509write.o xtea.o + +-.SILENT: +- +-ifndef SHARED +-all: static +-else +-all: shared +-endif ++all: static shared + + static: libpolarssl.a + + shared: libpolarssl.$(DLEXT) + + libpolarssl.a: $(OBJS) +- echo " AR $@" + $(AR) r $@ $(OBJS) +- echo " RL $@" + $(AR) s $@ + + libpolarssl.so: libpolarssl.a +- echo " LD $@" + $(CC) ${LDFLAGS} -shared -Wl,-soname,$(SONAME) -o $@ $(OBJS) ++ ln -sf $@ $(SONAME) + + libpolarssl.dylib: libpolarssl.a + echo " LD $@" +@@ -82,7 +72,6 @@ libpolarssl.dll: libpolarssl.a + $(CC) -shared -Wl,-soname,$@ -o $@ $(OBJS) -lws2_32 -lwinmm -lgdi32 + + .c.o: +- echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) -c $< + + clean: diff --git a/package/polarssl/patches/patch-programs_Makefile b/package/polarssl/patches/patch-programs_Makefile new file mode 100644 index 000000000..e319dce1f --- /dev/null +++ b/package/polarssl/patches/patch-programs_Makefile @@ -0,0 +1,20 @@ +--- polarssl-1.2.8.orig/programs/Makefile 2013-06-21 15:11:10.000000000 +0200 ++++ polarssl-1.2.8/programs/Makefile 2013-08-15 16:18:39.387085302 +0200 +@@ -4,7 +4,7 @@ + # To compile with PKCS11: add "-lpkcs11-helper" to LDFLAGS + + CFLAGS += -I../include -D_FILE_OFFSET_BITS=64 -Wall -W -Wdeclaration-after-statement +-OFLAGS = -O2 ++#OFLAGS = -O2 + LDFLAGS += -L../library -lpolarssl $(SYS_LDFLAGS) + + ifdef DEBUG +@@ -46,8 +46,6 @@ ifdef OPENSSL + APPS += test/o_p_test + endif + +-.SILENT: +- + all: $(APPS) + + aes/aescrypt2: aes/aescrypt2.c ../library/libpolarssl.a diff --git a/package/wpa_supplicant/Makefile b/package/wpa_supplicant/Makefile index ab7e44355..8f6e0efee 100644 --- a/package/wpa_supplicant/Makefile +++ b/package/wpa_supplicant/Makefile @@ -4,9 +4,9 @@ include ${TOPDIR}/rules.mk PKG_NAME:= wpa_supplicant -PKG_VERSION:= 1.0 +PKG_VERSION:= 2.0 PKG_RELEASE:= 1 -PKG_MD5SUM:= 8650f6aa23646ef634402552d0669640 +PKG_MD5SUM:= 3be2ebfdcced52e00eda0afe2889839d PKG_DESCR:= WPA Supplicant with support for WPA and WPA2 PKG_SECTION:= wifi PKG_DEPENDS:= libnl @@ -18,13 +18,14 @@ PKG_DFLT_WPA_SUPPLICANT:= y if ADK_TARGET_SYSTEM_IBM_X40 WRKSRC= ${WRKDIST}/${PKG_NAME} -PKG_CHOICES_WPA_SUPPLICANT:= WITH_OPENSSL WITH_GNUTLS +PKG_CHOICES_WPA_SUPPLICANT:= WITH_OPENSSL WITH_GNUTLS WITH_INTERNAL PKGCD_WITH_OPENSSL:= use OpenSSL for crypto PKGCS_WITH_OPENSSL:= libopenssl PKGCB_WITH_OPENSSL:= openssl PKGCD_WITH_GNUTLS:= use GnuTLS for crypto PKGCS_WITH_GNUTLS:= libgnutls PKGCB_WITH_GNUTLS:= gnutls +PKGCD_WITH_INTERNAL:= use internal crypto library include ${TOPDIR}/mk/package.mk @@ -44,6 +45,9 @@ do-configure: ifneq (${ADK_PACKAGE_WPA_SUPPLICANT_WITH_GNUTLS},) ${SED} "s#openssl#gnutls#" ${WRKBUILD}/.config endif +ifneq (${ADK_PACKAGE_WPA_SUPPLICANT_WITH_INTERNAL},) + ${SED} "s#openssl#internal#" ${WRKBUILD}/.config +endif do-install: ${INSTALL_DIR} ${IDIR_WPA_SUPPLICANT}/usr/sbin diff --git a/package/wpa_supplicant/patches/patch-src_drivers_drivers_mak b/package/wpa_supplicant/patches/patch-src_drivers_drivers_mak new file mode 100644 index 000000000..3d32a84eb --- /dev/null +++ b/package/wpa_supplicant/patches/patch-src_drivers_drivers_mak @@ -0,0 +1,11 @@ +--- wpa_supplicant-2.0.orig/src/drivers/drivers.mak 2013-01-12 16:42:53.000000000 +0100 ++++ wpa_supplicant-2.0/src/drivers/drivers.mak 2013-08-20 17:17:08.430074246 +0200 +@@ -30,7 +30,7 @@ NEED_RFKILL=y + ifdef CONFIG_LIBNL32 + DRV_LIBS += -lnl-3 + DRV_LIBS += -lnl-genl-3 +- DRV_CFLAGS += -DCONFIG_LIBNL20 -I/usr/include/libnl3 ++ DRV_CFLAGS += -DCONFIG_LIBNL20 + else + ifdef CONFIG_LIBNL_TINY + DRV_LIBS += -lnl-tiny diff --git a/package/wpa_supplicant/patches/patch-src_drivers_drivers_mk b/package/wpa_supplicant/patches/patch-src_drivers_drivers_mk new file mode 100644 index 000000000..fc029e499 --- /dev/null +++ b/package/wpa_supplicant/patches/patch-src_drivers_drivers_mk @@ -0,0 +1,11 @@ +--- wpa_supplicant-2.0.orig/src/drivers/drivers.mk 2013-01-12 16:42:53.000000000 +0100 ++++ wpa_supplicant-2.0/src/drivers/drivers.mk 2013-08-20 17:16:43.386389087 +0200 +@@ -30,7 +30,7 @@ NEED_RFKILL=y + ifdef CONFIG_LIBNL32 + DRV_LIBS += -lnl-3 + DRV_LIBS += -lnl-genl-3 +- DRV_CFLAGS += -DCONFIG_LIBNL20 -I/usr/include/libnl3 ++ DRV_CFLAGS += -DCONFIG_LIBNL20 + else + ifdef CONFIG_LIBNL_TINY + DRV_LIBS += -lnl-tiny diff --git a/package/wpa_supplicant/patches/patch-src_drivers_linux_wext_h b/package/wpa_supplicant/patches/patch-src_drivers_linux_wext_h new file mode 100644 index 000000000..babe847dd --- /dev/null +++ b/package/wpa_supplicant/patches/patch-src_drivers_linux_wext_h @@ -0,0 +1,19 @@ +--- wpa_supplicant-2.0.orig/src/drivers/linux_wext.h 2013-01-12 16:42:53.000000000 +0100 ++++ wpa_supplicant-2.0/src/drivers/linux_wext.h 2013-08-20 17:10:28.179106082 +0200 +@@ -21,11 +21,11 @@ + + #include <sys/types.h> + #include <net/if.h> +-typedef __uint32_t __u32; +-typedef __int32_t __s32; +-typedef __uint16_t __u16; +-typedef __int16_t __s16; +-typedef __uint8_t __u8; ++typedef u_int32_t __u32; ++typedef int32_t __s32; ++typedef u_int16_t __u16; ++typedef int16_t __s16; ++typedef u_int8_t __u8; + #ifndef __user + #define __user + #endif /* __user */ diff --git a/package/wpa_supplicant/patches/patch-wpa_supplicant_Makefile b/package/wpa_supplicant/patches/patch-wpa_supplicant_Makefile new file mode 100644 index 000000000..23704a1ad --- /dev/null +++ b/package/wpa_supplicant/patches/patch-wpa_supplicant_Makefile @@ -0,0 +1,12 @@ +--- wpa_supplicant-2.0.orig/wpa_supplicant/Makefile 2013-01-12 16:42:53.000000000 +0100 ++++ wpa_supplicant-2.0/wpa_supplicant/Makefile 2013-08-20 17:31:22.311339505 +0200 +@@ -999,9 +999,6 @@ CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH + ifdef CONFIG_INTERNAL_LIBTOMMATH_FAST + CFLAGS += -DLTM_FAST + endif +-else +-LIBS += -ltommath +-LIBS_p += -ltommath + endif + CONFIG_INTERNAL_AES=y + CONFIG_INTERNAL_DES=y diff --git a/package/wpa_supplicant/patches/patch-wpa_supplicant_Makefile.orig b/package/wpa_supplicant/patches/patch-wpa_supplicant_Makefile.orig new file mode 100644 index 000000000..9bea219d6 --- /dev/null +++ b/package/wpa_supplicant/patches/patch-wpa_supplicant_Makefile.orig @@ -0,0 +1,25 @@ +--- wpa_supplicant-2.0.orig/wpa_supplicant/Makefile 2013-01-12 16:42:53.000000000 +0100 ++++ wpa_supplicant-2.0/wpa_supplicant/Makefile 2013-08-20 17:30:19.132133775 +0200 +@@ -999,9 +999,6 @@ CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH + ifdef CONFIG_INTERNAL_LIBTOMMATH_FAST + CFLAGS += -DLTM_FAST + endif +-else +-LIBS += -ltommath +-LIBS_p += -ltommath + endif + CONFIG_INTERNAL_AES=y + CONFIG_INTERNAL_DES=y +@@ -1519,10 +1516,12 @@ preauth_test: $(OBJS_t2) + @$(E) " LD " $@ + + wpa_passphrase: $(OBJS_p) ++ echo crypto: $(CONFIG_CRYPTO) + $(Q)$(LDO) $(LDFLAGS) -o wpa_passphrase $(OBJS_p) $(LIBS_p) + @$(E) " LD " $@ + + wpa_cli: $(OBJS_c) ++ echo crypto: $(CONFIG_CRYPTO) + $(Q)$(LDO) $(LDFLAGS) -o wpa_cli $(OBJS_c) $(LIBS_c) + @$(E) " LD " $@ + |