From 7b6d51bed2af151260f2a9a1d20446bb8f4b737d Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Mon, 21 Mar 2022 17:58:16 +0100 Subject: strongswan: update to 5.9.5 --- package/strongswan/Makefile | 4 ++-- ..._libstrongswan_plugins_openssl_openssl_plugin_c | 10 ++++----- ...trongswan_plugins_openssl_openssl_plugin_c.orig | 24 +++++++++++++++++++--- ...gswan_plugins_openssl_openssl_rsa_private_key_c | 11 ++++++++++ ...ngswan_plugins_openssl_openssl_rsa_public_key_c | 11 ++++++++++ ...swan_plugins_openssl_openssl_x_diffie_hellman_c | 6 +++--- .../strongswan/patches/patch-src_starter_netkey_c | 18 ---------------- 7 files changed, 53 insertions(+), 31 deletions(-) create mode 100644 package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_private_key_c create mode 100644 package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_public_key_c delete mode 100644 package/strongswan/patches/patch-src_starter_netkey_c (limited to 'package') diff --git a/package/strongswan/Makefile b/package/strongswan/Makefile index 0ae988fe6..790700436 100644 --- a/package/strongswan/Makefile +++ b/package/strongswan/Makefile @@ -4,9 +4,9 @@ include $(ADK_TOPDIR)/rules.mk PKG_NAME:= strongswan -PKG_VERSION:= 5.8.1 +PKG_VERSION:= 5.9.5 PKG_RELEASE:= 1 -PKG_HASH:= d86490a09160016d1c1a20020fef832559a22531eb9a1b1659256e3ca1c8c97d +PKG_HASH:= 6db028c9033dfd7cab578ca7e4b0075922cffec7af8bffc7d67cac67f348a5be PKG_DESCR:= ipsec based vpn software PKG_SECTION:= net/security PKG_KDEPENDS:= net-key inet-esp xfrm-user inet-xfrm-mode-transport diff --git a/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c index 2c88daa81..44915d63c 100644 --- a/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c +++ b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c @@ -1,6 +1,6 @@ ---- strongswan-5.8.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c 2019-08-27 15:26:53.000000000 +0200 -+++ strongswan-5.8.1/src/libstrongswan/plugins/openssl/openssl_plugin.c 2019-10-08 02:05:20.954742229 +0200 -@@ -310,7 +310,7 @@ static private_key_t *openssl_private_ke +--- strongswan-5.9.5.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c 2022-01-08 12:54:02.000000000 +0100 ++++ strongswan-5.9.5/src/libstrongswan/plugins/openssl/openssl_plugin.c 2022-03-21 16:41:08.736944525 +0100 +@@ -329,7 +329,7 @@ static private_key_t *openssl_private_ke case EVP_PKEY_EC: return openssl_ec_private_key_create(key, FALSE); #endif @@ -9,7 +9,7 @@ case EVP_PKEY_ED25519: case EVP_PKEY_ED448: return openssl_ed_private_key_create(key, FALSE); -@@ -462,7 +462,7 @@ static private_key_t *openssl_private_ke +@@ -481,7 +481,7 @@ static private_key_t *openssl_private_ke case EVP_PKEY_EC: return openssl_ec_private_key_create(key, TRUE); #endif @@ -18,7 +18,7 @@ case EVP_PKEY_ED25519: case EVP_PKEY_ED448: return openssl_ed_private_key_create(key, TRUE); -@@ -814,7 +814,7 @@ plugin_t *openssl_plugin_create() +@@ -980,7 +980,7 @@ plugin_t *openssl_plugin_create() }, ); diff --git a/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c.orig b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c.orig index 401bd7a64..2c88daa81 100644 --- a/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c.orig +++ b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_plugin_c.orig @@ -1,6 +1,24 @@ ---- strongswan-5.5.0.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c 2016-06-30 16:20:10.000000000 +0200 -+++ strongswan-5.5.0/src/libstrongswan/plugins/openssl/openssl_plugin.c 2016-09-30 05:36:45.015692462 +0200 -@@ -573,7 +573,7 @@ plugin_t *openssl_plugin_create() +--- strongswan-5.8.1.orig/src/libstrongswan/plugins/openssl/openssl_plugin.c 2019-08-27 15:26:53.000000000 +0200 ++++ strongswan-5.8.1/src/libstrongswan/plugins/openssl/openssl_plugin.c 2019-10-08 02:05:20.954742229 +0200 +@@ -310,7 +310,7 @@ static private_key_t *openssl_private_ke + case EVP_PKEY_EC: + return openssl_ec_private_key_create(key, FALSE); + #endif +-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_EC) ++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER) + case EVP_PKEY_ED25519: + case EVP_PKEY_ED448: + return openssl_ed_private_key_create(key, FALSE); +@@ -462,7 +462,7 @@ static private_key_t *openssl_private_ke + case EVP_PKEY_EC: + return openssl_ec_private_key_create(key, TRUE); + #endif +-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_EC) ++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER) + case EVP_PKEY_ED25519: + case EVP_PKEY_ED448: + return openssl_ed_private_key_create(key, TRUE); +@@ -814,7 +814,7 @@ plugin_t *openssl_plugin_create() }, ); diff --git a/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_private_key_c b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_private_key_c new file mode 100644 index 000000000..1e459f0ef --- /dev/null +++ b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_private_key_c @@ -0,0 +1,11 @@ +--- strongswan-5.9.5.orig/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c 2021-12-29 12:08:27.000000000 +0100 ++++ strongswan-5.9.5/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c 2022-03-21 16:48:57.605794714 +0100 +@@ -280,7 +280,7 @@ METHOD(private_key_t, sign, bool, + return build_emsa_pkcs1_signature(this, NID_sha384, data, signature); + case SIGN_RSA_EMSA_PKCS1_SHA2_512: + return build_emsa_pkcs1_signature(this, NID_sha512, data, signature); +-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SHA3) ++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SHA3) && !defined(LIBRESSL_VERSION_NUMBER) + case SIGN_RSA_EMSA_PKCS1_SHA3_224: + return build_emsa_pkcs1_signature(this, NID_sha3_224, data, signature); + case SIGN_RSA_EMSA_PKCS1_SHA3_256: diff --git a/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_public_key_c b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_public_key_c new file mode 100644 index 000000000..3571cad01 --- /dev/null +++ b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_rsa_public_key_c @@ -0,0 +1,11 @@ +--- strongswan-5.9.5.orig/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c 2021-12-29 12:08:27.000000000 +0100 ++++ strongswan-5.9.5/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c 2022-03-21 16:49:30.581005593 +0100 +@@ -281,7 +281,7 @@ METHOD(public_key_t, verify, bool, + return verify_emsa_pkcs1_signature(this, NID_sha384, data, signature); + case SIGN_RSA_EMSA_PKCS1_SHA2_512: + return verify_emsa_pkcs1_signature(this, NID_sha512, data, signature); +-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SHA3) ++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_SHA3) && !defined(LIBRESSL_VERSION_NUMBER) + case SIGN_RSA_EMSA_PKCS1_SHA3_224: + return verify_emsa_pkcs1_signature(this, NID_sha3_224, data, signature); + case SIGN_RSA_EMSA_PKCS1_SHA3_256: diff --git a/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_x_diffie_hellman_c b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_x_diffie_hellman_c index f4738c4ca..d5dc7efa0 100644 --- a/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_x_diffie_hellman_c +++ b/package/strongswan/patches/patch-src_libstrongswan_plugins_openssl_openssl_x_diffie_hellman_c @@ -1,5 +1,5 @@ ---- strongswan-5.8.1.orig/src/libstrongswan/plugins/openssl/openssl_x_diffie_hellman.c 2018-12-14 16:48:24.000000000 +0100 -+++ strongswan-5.8.1/src/libstrongswan/plugins/openssl/openssl_x_diffie_hellman.c 2019-10-08 02:05:54.116867134 +0200 +--- strongswan-5.9.5.orig/src/libstrongswan/plugins/openssl/openssl_x_diffie_hellman.c 2022-01-08 12:54:02.000000000 +0100 ++++ strongswan-5.9.5/src/libstrongswan/plugins/openssl/openssl_x_diffie_hellman.c 2022-03-21 16:41:08.744944336 +0100 @@ -17,7 +17,7 @@ /* basic support for X25519 was added with 1.1.0a, but we require features (e.g. @@ -8,4 +8,4 @@ +#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_ECDH) && !defined(LIBRESSL_VERSION_NUMBER) #include "openssl_x_diffie_hellman.h" - + #include "openssl_util.h" diff --git a/package/strongswan/patches/patch-src_starter_netkey_c b/package/strongswan/patches/patch-src_starter_netkey_c deleted file mode 100644 index adb7e09eb..000000000 --- a/package/strongswan/patches/patch-src_starter_netkey_c +++ /dev/null @@ -1,18 +0,0 @@ ---- strongswan-5.5.0.orig/src/starter/netkey.c 2016-04-22 22:01:35.000000000 +0200 -+++ strongswan-5.5.0/src/starter/netkey.c 2016-09-30 05:30:43.681874545 +0200 -@@ -42,6 +42,7 @@ bool starter_netkey_init(void) - } - - /* make sure that all required IPsec modules are loaded */ -+ /* - if (stat(PROC_MODULES, &stb) == 0) - { - ignore_result(system("modprobe -qv ah4")); -@@ -50,6 +51,7 @@ bool starter_netkey_init(void) - ignore_result(system("modprobe -qv xfrm4_tunnel")); - ignore_result(system("modprobe -qv xfrm_user")); - } -+ */ - - DBG2(DBG_APP, "found netkey IPsec stack"); - return TRUE; -- cgit v1.2.3