From 1b8fff1f57e80538623d46bba5ea2577b9c0f406 Mon Sep 17 00:00:00 2001
From: Waldemar Brodkorb <wbx@openadk.org>
Date: Tue, 27 Jul 2010 23:26:20 +0200
Subject: test and fix openswan package.

enable needed kernel modules, disable removing of
any kernel modules on restart.
---
 package/openswan/Makefile                          | 14 +++++++++---
 .../patch-programs__realsetup__realsetup_in        | 26 ++++++++++++++++++++++
 2 files changed, 37 insertions(+), 3 deletions(-)
 create mode 100644 package/openswan/patches/patch-programs__realsetup__realsetup_in

(limited to 'package/openswan')

diff --git a/package/openswan/Makefile b/package/openswan/Makefile
index 4406fe3e2..3e261e521 100644
--- a/package/openswan/Makefile
+++ b/package/openswan/Makefile
@@ -5,11 +5,16 @@ include ${TOPDIR}/rules.mk
 
 PKG_NAME:=		openswan
 PKG_VERSION:=		2.6.27
-PKG_RELEASE:=		1
+PKG_RELEASE:=		2
 PKG_MD5SUM:=		5177b7401bb89e84ca1c89029143441e
-PKG_DESCR:=		IPSec software
+PKG_DESCR:=		IPsec software
 PKG_SECTION:=		net/security
-PKG_DEPENDS:=		ip libgmp
+PKG_DEPENDS:=		ip libgmp libpthread kmod-net-key kmod-xfrm-user
+PKG_DEPENDS+=		kmod-inet-ah kmod-inet-esp
+PKG_DEPENDS+=		kmod-inet-xfrm-mode-tunnel kmod-inet-xfrm-mode-transport
+PKG_DEPENDS+=		kmod-crypto-sha1 kmod-crypto-md5
+PKG_DEPENDS+=		kmod-crypto-null kmod-crypto-des kmod-crypto-aes
+PKG_DEPENDS+=		kmod-crypto-hmac kmod-crypto-cbc kmod-crypto-authenc
 PKG_BUILDDEP+=		gmp
 PKG_URL:=		http://www.openswan.org/
 PKG_SITES:=		http://www.openswan.org/download/
@@ -39,6 +44,9 @@ post-install:
 	${CP} ${WRKINST}/etc/ipsec.d/* ${IDIR_OPENSWAN}/etc/ipsec.d
 	${CP} ${WRKINST}/usr/lib/ipsec/* ${IDIR_OPENSWAN}/usr/lib/ipsec
 	${CP} ${WRKINST}/usr/libexec/ipsec/* ${IDIR_OPENSWAN}/usr/libexec/ipsec
+	rm ${IDIR_OPENSWAN}/usr/libexec/ipsec/setup
+	${INSTALL_BIN} ${WRKINST}/etc/rc.d/init.d/ipsec \
+		${IDIR_OPENSWAN}/usr/libexec/ipsec/setup
 	${INSTALL_BIN} ${WRKINST}/usr/sbin/ipsec ${IDIR_OPENSWAN}/usr/sbin
 
 include ${TOPDIR}/mk/pkg-bottom.mk
diff --git a/package/openswan/patches/patch-programs__realsetup__realsetup_in b/package/openswan/patches/patch-programs__realsetup__realsetup_in
new file mode 100644
index 000000000..7d4db9881
--- /dev/null
+++ b/package/openswan/patches/patch-programs__realsetup__realsetup_in
@@ -0,0 +1,26 @@
+--- openswan-2.6.27.orig/programs/_realsetup/_realsetup.in	2010-06-21 17:43:35.000000000 +0200
++++ openswan-2.6.27/programs/_realsetup/_realsetup.in	2010-07-27 19:27:30.327023350 +0200
+@@ -374,14 +374,15 @@ case "$1" in
+ 	rm -f /var/run/pluto.pid
+ 
+ 	# When we exit we clean up (remove) the modules we are using, even the kame'ish ones
+-	if test -e ${kamepfkey}; then
+-		for mod in ipcomp ipcomp6 xfrm6_tunnel xfrm6_mode_tunnel xfrm6_mode_beet xfrm6_mode_ro \
+-			xfrm6_mode_transport xfrm4_mode_transport xfrm4_mode_tunnel  xfrm_user \
+-			xfrm4_tunnel xfrm4_mode_beet esp4 esp6 ah4 ah6 af_key
+-		    do
+-			lsmod 2>&1 | grep "^$mod" > /dev/null && rmmod  $mod
+-		    done
+-	fi 
++	# do not touch kernel modules, no reason to unload on embedded systems
++	#if test -e ${kamepfkey}; then
++	#	for mod in ipcomp ipcomp6 xfrm6_tunnel xfrm6_mode_tunnel xfrm6_mode_beet xfrm6_mode_ro \
++	#		xfrm6_mode_transport xfrm4_mode_transport xfrm4_mode_tunnel  xfrm_user \
++	#		xfrm4_tunnel xfrm4_mode_beet esp4 esp6 ah4 ah6 af_key
++	#	    do
++	#		lsmod 2>&1 | grep "^$mod" > /dev/null && rmmod  $mod
++	#	    done
++	#fi 
+ 
+ 	perform test -d $subsysdir "&&" rm -f $subsyslock
+ 
-- 
cgit v1.2.3