From 1b8fff1f57e80538623d46bba5ea2577b9c0f406 Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Tue, 27 Jul 2010 23:26:20 +0200 Subject: test and fix openswan package. enable needed kernel modules, disable removing of any kernel modules on restart. --- package/openswan/Makefile | 14 +++++++++--- .../patch-programs__realsetup__realsetup_in | 26 ++++++++++++++++++++++ 2 files changed, 37 insertions(+), 3 deletions(-) create mode 100644 package/openswan/patches/patch-programs__realsetup__realsetup_in (limited to 'package/openswan') diff --git a/package/openswan/Makefile b/package/openswan/Makefile index 4406fe3e2..3e261e521 100644 --- a/package/openswan/Makefile +++ b/package/openswan/Makefile @@ -5,11 +5,16 @@ include ${TOPDIR}/rules.mk PKG_NAME:= openswan PKG_VERSION:= 2.6.27 -PKG_RELEASE:= 1 +PKG_RELEASE:= 2 PKG_MD5SUM:= 5177b7401bb89e84ca1c89029143441e -PKG_DESCR:= IPSec software +PKG_DESCR:= IPsec software PKG_SECTION:= net/security -PKG_DEPENDS:= ip libgmp +PKG_DEPENDS:= ip libgmp libpthread kmod-net-key kmod-xfrm-user +PKG_DEPENDS+= kmod-inet-ah kmod-inet-esp +PKG_DEPENDS+= kmod-inet-xfrm-mode-tunnel kmod-inet-xfrm-mode-transport +PKG_DEPENDS+= kmod-crypto-sha1 kmod-crypto-md5 +PKG_DEPENDS+= kmod-crypto-null kmod-crypto-des kmod-crypto-aes +PKG_DEPENDS+= kmod-crypto-hmac kmod-crypto-cbc kmod-crypto-authenc PKG_BUILDDEP+= gmp PKG_URL:= http://www.openswan.org/ PKG_SITES:= http://www.openswan.org/download/ @@ -39,6 +44,9 @@ post-install: ${CP} ${WRKINST}/etc/ipsec.d/* ${IDIR_OPENSWAN}/etc/ipsec.d ${CP} ${WRKINST}/usr/lib/ipsec/* ${IDIR_OPENSWAN}/usr/lib/ipsec ${CP} ${WRKINST}/usr/libexec/ipsec/* ${IDIR_OPENSWAN}/usr/libexec/ipsec + rm ${IDIR_OPENSWAN}/usr/libexec/ipsec/setup + ${INSTALL_BIN} ${WRKINST}/etc/rc.d/init.d/ipsec \ + ${IDIR_OPENSWAN}/usr/libexec/ipsec/setup ${INSTALL_BIN} ${WRKINST}/usr/sbin/ipsec ${IDIR_OPENSWAN}/usr/sbin include ${TOPDIR}/mk/pkg-bottom.mk diff --git a/package/openswan/patches/patch-programs__realsetup__realsetup_in b/package/openswan/patches/patch-programs__realsetup__realsetup_in new file mode 100644 index 000000000..7d4db9881 --- /dev/null +++ b/package/openswan/patches/patch-programs__realsetup__realsetup_in @@ -0,0 +1,26 @@ +--- openswan-2.6.27.orig/programs/_realsetup/_realsetup.in 2010-06-21 17:43:35.000000000 +0200 ++++ openswan-2.6.27/programs/_realsetup/_realsetup.in 2010-07-27 19:27:30.327023350 +0200 +@@ -374,14 +374,15 @@ case "$1" in + rm -f /var/run/pluto.pid + + # When we exit we clean up (remove) the modules we are using, even the kame'ish ones +- if test -e ${kamepfkey}; then +- for mod in ipcomp ipcomp6 xfrm6_tunnel xfrm6_mode_tunnel xfrm6_mode_beet xfrm6_mode_ro \ +- xfrm6_mode_transport xfrm4_mode_transport xfrm4_mode_tunnel xfrm_user \ +- xfrm4_tunnel xfrm4_mode_beet esp4 esp6 ah4 ah6 af_key +- do +- lsmod 2>&1 | grep "^$mod" > /dev/null && rmmod $mod +- done +- fi ++ # do not touch kernel modules, no reason to unload on embedded systems ++ #if test -e ${kamepfkey}; then ++ # for mod in ipcomp ipcomp6 xfrm6_tunnel xfrm6_mode_tunnel xfrm6_mode_beet xfrm6_mode_ro \ ++ # xfrm6_mode_transport xfrm4_mode_transport xfrm4_mode_tunnel xfrm_user \ ++ # xfrm4_tunnel xfrm4_mode_beet esp4 esp6 ah4 ah6 af_key ++ # do ++ # lsmod 2>&1 | grep "^$mod" > /dev/null && rmmod $mod ++ # done ++ #fi + + perform test -d $subsysdir "&&" rm -f $subsyslock + -- cgit v1.2.3