From 839f09df7713fe0e1466b74045ad2d01c61bbe70 Mon Sep 17 00:00:00 2001
From: nico <nico@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Fri, 15 Dec 2006 16:56:08 +0000
Subject: update openswan to 2.4.7, fix 2.6.19 build
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@5801 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
package/openswan/Makefile | 4 +-
package/openswan/patches/110-scripts.patch | 130 +++++++++------------
.../patches/130-linux_2.6.19_api_changes.patch | 12 ++
3 files changed, 72 insertions(+), 74 deletions(-)
create mode 100644 package/openswan/patches/130-linux_2.6.19_api_changes.patch
(limited to 'package/openswan')
diff --git a/package/openswan/Makefile b/package/openswan/Makefile
index a644b20db..4bfda3063 100644
--- a/package/openswan/Makefile
+++ b/package/openswan/Makefile
@@ -10,12 +10,12 @@ include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=openswan
-PKG_VERSION:=2.4.6
+PKG_VERSION:=2.4.7
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.openswan.org/download
-PKG_MD5SUM:=b34d71ca49dedad017879b0e912d40dd
+PKG_MD5SUM:=70f22e8adc39e07a165f75eccb7cd079
PKG_CAT:=zcat
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
diff --git a/package/openswan/patches/110-scripts.patch b/package/openswan/patches/110-scripts.patch
index cf02d7e55..44381241a 100644
--- a/package/openswan/patches/110-scripts.patch
+++ b/package/openswan/patches/110-scripts.patch
@@ -153,91 +153,77 @@ diff -urN openswan.old/programs/starter/netkey.c openswan.dev/programs/starter/n
}
if (stat(PROC_NETKEY,&stb)==0) {
_netkey_module_loaded = 1;
-diff -urN openswan.old/programs/_startklips/_startklips.in openswan.dev/programs/_startklips/_startklips.in
---- openswan.old/programs/_startklips/_startklips.in 2006-10-08 20:43:21.000000000 +0200
-+++ openswan.dev/programs/_startklips/_startklips.in 2006-10-08 20:41:46.000000000 +0200
-@@ -242,7 +242,7 @@
- fi
- if test -f $moduleinstplace/$wantgoo
- then
-- echo "modprobe failed, but found matching template module $wantgoo."
-+ echo "insmod failed, but found matching template module $wantgoo."
- echo "Copying $moduleinstplace/$wantgoo to $module."
- rm -f $module
- mkdir -p $moduleplace
-@@ -262,15 +262,15 @@
+diff -ruN openswan-2.4.7-old/programs/_startklips/_startklips.in openswan-2.4.7-new/programs/_startklips/_startklips.in
+--- openswan-2.4.7-old/programs/_startklips/_startklips.in 2006-12-15 16:29:48.000000000 +0100
++++ openswan-2.4.7-new/programs/_startklips/_startklips.in 2006-12-15 17:18:52.000000000 +0100
+@@ -269,16 +269,16 @@
echo "FATAL ERROR: Both KLIPS and NETKEY IPsec code is present in kernel"
exit
fi
-if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn ipsec
-+if test ! -f $ipsecversion && test ! -f $netkey && insmod -q ipsec
++if test ! -f $ipsecversion && test ! -f $netkey
then
- # statically compiled KLIPS/NETKEY not found; try to load the module
-- modprobe ipsec
-+ insmod ipsec
+ # statically compiled KLIPS/NETKEY not found; but there seems to be an ipsec module
+- modprobe ipsec 2> /dev/null
++ insmod -q ipsec 2> /dev/null
fi
- if test ! -f $ipsecversion && test ! -f $netkey
+-if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn af_key
++if test ! -f $ipsecversion && test ! -f $netkey
then
-- modprobe -v af_key
-+ insmod -v af_key
+ # netkey should work then
+- modprobe af_key 2> /dev/null
++ insmod -q af_key 2> /dev/null
fi
+ if test ! -f $ipsecversion && test ! -f $netkey
+ then
+@@ -291,27 +291,27 @@
+ # modules shared between klips and netkey
+ if test -f $modules
+ then
+- # we modprobe hw_random so ipsec verify can complain about not using it
+- modprobe -q hw_random 2> /dev/null
++ # we insmod hw_random so ipsec verify can complain about not using it
++ insmod -q hw_random 2> /dev/null
+ # padlock must load before aes module
+- modprobe -q padlock 2> /dev/null
++ insmod -q padlock 2> /dev/null
+ # load the most common ciphers/algo's
+- modprobe -q sha256 2> /dev/null
+- modprobe -q sha1 2> /dev/null
+- modprobe -q md5 2> /dev/null
+- modprobe -q des 2> /dev/null
+- modprobe -q aes 2> /dev/null
++ insmod -q sha256 2> /dev/null
++ insmod -q sha1 2> /dev/null
++ insmod -q md5 2> /dev/null
++ insmod -q des 2> /dev/null
++ insmod -q aes 2> /dev/null
- if test -f $netkey
-@@ -278,25 +278,25 @@
- klips=false
- if test -f $modules
+ if test -f $netkey
then
-- modprobe -qv ah4
-- modprobe -qv esp4
-- modprobe -qv ipcomp
-+ insmod -qv ah4
-+ insmod -qv esp4
-+ insmod -qv ipcomp
+ klips=false
+- modprobe -q ah4 2> /dev/null
+- modprobe -q esp4 2> /dev/null
+- modprobe -q ipcomp 2> /dev/null
++ insmod -q ah4 2> /dev/null
++ insmod -q esp4 2> /dev/null
++ insmod -q ipcomp 2> /dev/null
# xfrm4_tunnel is needed by ipip and ipcomp
-- modprobe -qv xfrm4_tunnel
-+ insmod -qv xfrm4_tunnel
+- modprobe -q xfrm4_tunnel 2> /dev/null
++ insmod -q xfrm4_tunnel 2> /dev/null
# xfrm_user contains netlink support for IPsec
-- modprobe -qv xfrm_user
-+ insmod -qv xfrm_user
- if [ -n "`cat /proc/cpuinfo |grep Nehemiah`" ]
- then
- echo "VIA Nehemiah detected, probing for PadLock"
-- modprobe -qv hw_random
-+ insmod -qv hw_random
- # padlock must load before aes module
-- modprobe -qv padlock
-+ insmod -qv padlock
- fi
- # load the most common ciphers/algo's
-- modprobe -qv sha1
-- modprobe -qv md5
-- modprobe -qv des
-- modprobe -qv aes
-+ insmod -qv sha1
-+ insmod -qv md5
-+ insmod -qv des
-+ insmod -qv aes
+- modprobe -q xfrm_user 2> /dev/null
++ insmod -q xfrm_user 2> /dev/null
fi
- fi
-@@ -312,10 +312,16 @@
+ if test ! -f $ipsecversion && $klips
+@@ -324,7 +324,7 @@
fi
- unset MODPATH MODULECONF # no user overrides!
- depmod -a >/dev/null 2>&1
-- modprobe -qv hw_random
-+ insmod -qv hw_random
- # padlock must load before aes module
-- modprobe -qv padlock
-- modprobe -v ipsec
-+ insmod -qv padlock
-+ if [ -f insmod ]
-+ then
-+ insmod -v ipsec
-+ elif [ -f insmod ]
-+ then
-+ insmod ipsec
-+ fi
- fi
- if test ! -f $ipsecversion
- then
+ unset MODPATH MODULECONF # no user overrides!
+ depmod -a >/dev/null 2>&1
+- modprobe -v ipsec
++ insmod -v ipsec
+ if test ! -f $ipsecversion
+ then
+ echo "kernel appears to lack IPsec support (neither CONFIG_KLIPS or CONFIG_NET_KEY are set)"
diff --git a/package/openswan/patches/130-linux_2.6.19_api_changes.patch b/package/openswan/patches/130-linux_2.6.19_api_changes.patch
new file mode 100644
index 000000000..a9e680186
--- /dev/null
+++ b/package/openswan/patches/130-linux_2.6.19_api_changes.patch
@@ -0,0 +1,12 @@
+diff -bruN openswan-2.4.7-old/linux/net/ipsec/pfkey_v2.c openswan-2.4.7-new/linux/net/ipsec/pfkey_v2.c
+--- openswan-2.4.7-old/linux/net/ipsec/pfkey_v2.c 2006-10-10 22:43:28.000000000 +0200
++++ openswan-2.4.7-new/linux/net/ipsec/pfkey_v2.c 2006-12-15 17:29:02.000000000 +0100
+@@ -1503,7 +1503,7 @@
+
+ printk(KERN_INFO "klips_info:pfkey_cleanup: "
+ "shutting down PF_KEY domain sockets.\n");
+- error |= sock_unregister(PF_KEY);
++ sock_unregister(PF_KEY);
+
+ error |= supported_remove_all(SADB_SATYPE_AH);
+ error |= supported_remove_all(SADB_SATYPE_ESP);
--
cgit v1.2.3