From 7f0a66667a815bb8e28b4c8b93666b92a667b485 Mon Sep 17 00:00:00 2001
From: Waldemar Brodkorb <wbx@openadk.org>
Date: Thu, 26 Jul 2012 17:48:07 +0200
Subject: update to latest version, tested with transport mode on alix1c

---
 package/strongswan/Makefile                        | 30 +++++++++++-----------
 package/strongswan/patches/patch-configure         | 19 --------------
 package/strongswan/patches/patch-ltmain_sh         | 11 --------
 package/strongswan/patches/patch-src_pluto_adns_c  | 20 ---------------
 .../strongswan/patches/patch-src_starter_netkey_c  | 18 +++++++++++++
 5 files changed, 33 insertions(+), 65 deletions(-)
 delete mode 100644 package/strongswan/patches/patch-configure
 delete mode 100644 package/strongswan/patches/patch-ltmain_sh
 delete mode 100644 package/strongswan/patches/patch-src_pluto_adns_c
 create mode 100644 package/strongswan/patches/patch-src_starter_netkey_c

(limited to 'package/strongswan')

diff --git a/package/strongswan/Makefile b/package/strongswan/Makefile
index 948cebcd7..9f3f52e91 100644
--- a/package/strongswan/Makefile
+++ b/package/strongswan/Makefile
@@ -4,9 +4,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=		strongswan
-PKG_VERSION:=		4.5.0
+PKG_VERSION:=		5.0.0
 PKG_RELEASE:=		1
-PKG_MD5SUM:=		92b6419edb09935860b56fe0455ec037
+PKG_MD5SUM:=		1d7bccb50f01020bb04d06e9755e0eec
 PKG_DESCR:=		IPsec software
 PKG_SECTION:=		net/security
 PKG_DEPENDS:=		ip libpthread kmod-net-key kmod-xfrm-user
@@ -55,39 +55,39 @@ endif
 
 CONFIGURE_ARGS+=	--disable-tools \
 			--disable-fips-prf \
-			--with-group=wheel \
+			--with-group=root \
 			--enable-kernel-pfkey
 
+TARGET_LDFLAGS+=        -Wl,-rpath -Wl,/usr/lib/ipsec
+
 post-install:
 	$(INSTALL_DIR) $(IDIR_STRONGSWAN)/etc
 	$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/sbin
-	$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/lib
-	$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/libexec/ipsec/plugins
+	$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/libexec/ipsec
+	$(INSTALL_DIR) $(IDIR_STRONGSWAN)/usr/lib/ipsec/plugins
 	touch $(IDIR_STRONGSWAN)/etc/ipsec.secrets
-	$(CP) $(WRKINST)/usr/libexec/ipsec/plugins/*.so \
-		$(IDIR_STRONGSWAN)/usr/libexec/ipsec/plugins
+	$(CP) $(WRKINST)/usr/lib/ipsec/plugins/*.so \
+		$(IDIR_STRONGSWAN)/usr/lib/ipsec/plugins
 	$(CP) $(WRKINST)/etc/* $(IDIR_STRONGSWAN)/etc
 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/charon \
 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
-	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_pluto_adns \
-		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/starter \
 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_updown \
 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
-	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/whack \
-		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_copyright \
 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
-	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/pluto \
-		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/stroke \
 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
 	$(INSTALL_BIN) $(WRKINST)/usr/libexec/ipsec/_updown_espmark \
 		$(IDIR_STRONGSWAN)/usr/libexec/ipsec
 	$(INSTALL_BIN) $(WRKINST)/usr/sbin/ipsec \
 		$(IDIR_STRONGSWAN)/usr/sbin
-	$(CP) $(WRKINST)/usr/lib/lib*.so* \
-		$(IDIR_STRONGSWAN)/usr/lib
+	$(CP) $(WRKINST)/usr/lib/ipsec/libcharon*.so* \
+		$(IDIR_STRONGSWAN)/usr/lib/ipsec/
+	$(CP) $(WRKINST)/usr/lib/ipsec/libhydra*.so* \
+		$(IDIR_STRONGSWAN)/usr/lib/ipsec/
+	$(CP) $(WRKINST)/usr/lib/ipsec/libstrongswan*.so* \
+		$(IDIR_STRONGSWAN)/usr/lib/ipsec/
 
 include ${TOPDIR}/mk/pkg-bottom.mk
diff --git a/package/strongswan/patches/patch-configure b/package/strongswan/patches/patch-configure
deleted file mode 100644
index 86e29c72f..000000000
--- a/package/strongswan/patches/patch-configure
+++ /dev/null
@@ -1,19 +0,0 @@
---- strongswan-4.5.0.orig/configure	2010-10-29 07:13:56.000000000 +0200
-+++ strongswan-4.5.0/configure	2011-01-21 21:54:43.396152093 +0100
-@@ -13865,16 +13865,6 @@ $as_echo "$ipsecuid" >&6; }
- else
- 	as_fn_error $? "not found" "$LINENO" 5
- fi
--{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gid of group \"$ipsecgroup\"" >&5
--$as_echo_n "checking for gid of group \"$ipsecgroup\"... " >&6; }
--ipsecgid=`$EGREP "^$ipsecgroup:" /etc/group | $AWK -F: '{ print $3 }'`
--if test -n "$ipsecgid"; then
--	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ipsecgid" >&5
--$as_echo "$ipsecgid" >&6; }
--
--else
--	as_fn_error $? "not found" "$LINENO" 5
--fi
- 
- 
- if test x$eap_aka_3gpp2 = xtrue; then
diff --git a/package/strongswan/patches/patch-ltmain_sh b/package/strongswan/patches/patch-ltmain_sh
deleted file mode 100644
index 826fc7cbc..000000000
--- a/package/strongswan/patches/patch-ltmain_sh
+++ /dev/null
@@ -1,11 +0,0 @@
---- strongswan-4.5.0.orig/ltmain.sh	2010-01-06 11:19:45.000000000 +0100
-+++ strongswan-4.5.0/ltmain.sh	2011-01-17 15:14:37.000000000 +0100
-@@ -4765,7 +4765,7 @@ func_mode_link ()
-       # -p, -pg, --coverage, -fprofile-* pass through profiling flag for GCC
-       # @file GCC response files
-       -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \
--      -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*)
-+      -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-fstack-protector*|-flto)
-         func_quote_for_eval "$arg"
- 	arg="$func_quote_for_eval_result"
-         func_append compile_command " $arg"
diff --git a/package/strongswan/patches/patch-src_pluto_adns_c b/package/strongswan/patches/patch-src_pluto_adns_c
deleted file mode 100644
index 49043fb1b..000000000
--- a/package/strongswan/patches/patch-src_pluto_adns_c
+++ /dev/null
@@ -1,20 +0,0 @@
---- strongswan-4.5.0.orig/src/pluto/adns.c	2010-01-24 02:49:37.000000000 +0100
-+++ strongswan-4.5.0/src/pluto/adns.c	2010-12-30 20:25:54.000000000 +0100
-@@ -179,7 +179,8 @@ write_pipe(int fd, const unsigned char *
- 	res_query(dname, class, type, answer, anslen)
- # define res_nclose(statp) res_close()
- 
--static struct __res_state *statp = &_res;
-+static struct __res_state *statp;
-+//static struct __res_state *statp = &_res;
- 
- #else /* !OLD_RESOLVER */
- 
-@@ -590,6 +591,7 @@ int
- main(int argc UNUSED, char **argv)
- {
- 	int i = 1;
-+	statp = &_res;
- 
- 	name = argv[0];
- 
diff --git a/package/strongswan/patches/patch-src_starter_netkey_c b/package/strongswan/patches/patch-src_starter_netkey_c
new file mode 100644
index 000000000..b87895eeb
--- /dev/null
+++ b/package/strongswan/patches/patch-src_starter_netkey_c
@@ -0,0 +1,18 @@
+--- strongswan-5.0.0.orig/src/starter/netkey.c	2012-06-13 06:32:03.000000000 +0200
++++ strongswan-5.0.0/src/starter/netkey.c	2012-07-26 16:55:59.000000000 +0200
+@@ -43,6 +43,7 @@ bool starter_netkey_init(void)
+ 	}
+ 
+ 	/* make sure that all required IPsec modules are loaded */
++	/*
+ 	if (stat(PROC_MODULES, &stb) == 0)
+ 	{
+ 		ignore_result(system("modprobe -qv ah4"));
+@@ -51,6 +52,7 @@ bool starter_netkey_init(void)
+ 		ignore_result(system("modprobe -qv xfrm4_tunnel"));
+ 		ignore_result(system("modprobe -qv xfrm_user"));
+ 	}
++	*/
+ 
+ 	DBG2(DBG_APP, "found netkey IPsec stack");
+ 	return TRUE;
-- 
cgit v1.2.3