jeans/motioneyeos
jeans/motioneyeos
1
0
Fork 0
mirror of https://github.com/motioneye-project/motioneyeos.git synced 2025-07-28 05:36:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

ipsec-tools: Bump version to 0.7.2.

Browse Source 
Add support for configuring security context support to allow building for
non-SELinux targets.

Remove some obsolete patches.

Signed-off-by: Will Newton <will.newton@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
This commit is contained in:
Will Newton 2009-06-22 12:21:38 +01:00 committed by Peter Korsgaard
parent 93308ccba3
commit 7af9cd3ac5
6 changed files with 41 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
package/ipsec-tools/Config.in
View File

@ -11,29 +11,29 @@ config BR2_PACKAGE_IPSEC_TOOLS_ADMINPORT
depends on BR2_PACKAGE_IPSEC_TOOLS depends on BR2_PACKAGE_IPSEC_TOOLS
bool "Enable racoonctl(8)." bool "Enable racoonctl(8)."
help help
Lets racoon to listen to racoon admin port, which is to Lets racoon to listen to racoon admin port, which is to
be contacted by racoonctl(8). be contacted by racoonctl(8).
config BR2_PACKAGE_IPSEC_TOOLS_NATT config BR2_PACKAGE_IPSEC_TOOLS_NATT
depends on BR2_PACKAGE_IPSEC_TOOLS depends on BR2_PACKAGE_IPSEC_TOOLS
bool "Enable NAT-Traversal" bool "Enable NAT-Traversal"
help help
This needs kernel support, which is available on Linux. On This needs kernel support, which is available on Linux. On
NetBSD, NAT-Traversal kernel support has not been integrated NetBSD, NAT-Traversal kernel support has not been integrated
yet, you can get it from here: yet, you can get it from here:
http://ipsec-tools.sourceforge.net/netbsd_nat-t.diff If you http://ipsec-tools.sourceforge.net/netbsd_nat-t.diff If you
live in a country where software patents are legal, using live in a country where software patents are legal, using
NAT-Traversal might infringe a patent. NAT-Traversal might infringe a patent.
config BR2_PACKAGE_IPSEC_TOOLS_FRAG config BR2_PACKAGE_IPSEC_TOOLS_FRAG
depends on BR2_PACKAGE_IPSEC_TOOLS depends on BR2_PACKAGE_IPSEC_TOOLS
bool "Enable IKE fragmentation." bool "Enable IKE fragmentation."
help help
Enable IKE fragmentation, which is a workaround for Enable IKE fragmentation, which is a workaround for
broken routers that drop fragmented packets broken routers that drop fragmented packets
config BR2_PACKAGE_IPSEC_TOOLS_STATS config BR2_PACKAGE_IPSEC_TOOLS_STATS
default y default y
@ -45,8 +45,8 @@ config BR2_PACKAGE_IPSEC_TOOLS_IPV6
depends on BR2_PACKAGE_IPSEC_TOOLS && BR2_INET_IPV6 depends on BR2_PACKAGE_IPSEC_TOOLS && BR2_INET_IPV6
bool "Enable IPv6 support" bool "Enable IPv6 support"
help help
This option has no effect if uClibc has been compiled without This option has no effect if uClibc has been compiled without
IPv6 support. IPv6 support.
config BR2_PACKAGE_IPSEC_TOOLS_READLINE config BR2_PACKAGE_IPSEC_TOOLS_READLINE
depends on BR2_PACKAGE_IPSEC_TOOLS depends on BR2_PACKAGE_IPSEC_TOOLS
@ -60,3 +60,20 @@ config BR2_PACKAGE_IPSEC_TOOLS_LIBS
help help
Install libipsec.a and libracoon.a under staging_dir/lib for further Install libipsec.a and libracoon.a under staging_dir/lib for further
development on a host machine. development on a host machine.
choice
prompt "Security context"
default BR2_PACKAGE_IPSEC_SECCTX_DISABLE
help
Selects whether or not to enable security context support.
config BR2_PACKAGE_IPSEC_SECCTX_DISABLE
bool "Disable security context support"
config BR2_PACKAGE_IPSEC_SECCTX_ENABLE
bool "Enable SELinux security context support"
config BR2_PACKAGE_IPSEC_SECCTX_KERNEL
bool "Enable kernel security context"
endchoice

64
package/ipsec-tools/ipsec-tools-0.6.7-printf-format-string.patch
View File

@ -1,64 +0,0 @@
[patch]: ipsec-tools: fix printf format string for size_t
Use %zu instead of %d for printing out size_t variables. Fixes a build issue
on 64bit as ipsec-tools uses -Werror.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
---
src/racoon/algorithm.c | 6 +++---
src/racoon/oakley.c | 4 ++--
2 files changed, 5 insertions(+), 5 deletions(-)
Index: ipsec-tools-0.6.7/src/racoon/oakley.c
===================================================================
--- ipsec-tools-0.6.7.orig/src/racoon/oakley.c
+++ ipsec-tools-0.6.7/src/racoon/oakley.c
@@ -252,7 +252,7 @@
#ifdef ENABLE_STATS
gettimeofday(&end, NULL);
- syslog(LOG_NOTICE, "%s(%s%d): %8.6f", __func__,
+ syslog(LOG_NOTICE, "%s(%s%zu): %8.6f", __func__,
s_attr_isakmp_group(dh->type), dh->prime->l << 3,
timedelta(&start, &end));
#endif
@@ -299,7 +299,7 @@
#ifdef ENABLE_STATS
gettimeofday(&end, NULL);
- syslog(LOG_NOTICE, "%s(%s%d): %8.6f", __func__,
+ syslog(LOG_NOTICE, "%s(%s%zu): %8.6f", __func__,
s_attr_isakmp_group(dh->type), dh->prime->l << 3,
timedelta(&start, &end));
#endif
Index: ipsec-tools-0.6.7/src/racoon/algorithm.c
===================================================================
--- ipsec-tools-0.6.7.orig/src/racoon/algorithm.c
+++ ipsec-tools-0.6.7/src/racoon/algorithm.c
@@ -394,7 +394,7 @@
#ifdef ENABLE_STATS
gettimeofday(&end, NULL);
- syslog(LOG_NOTICE, "%s(%s size=%d): %8.6f", __func__,
+ syslog(LOG_NOTICE, "%s(%s size=%zu): %8.6f", __func__,
f->name, buf->l, timedelta(&start, &end));
#endif
@@ -506,7 +506,7 @@
#ifdef ENABLE_STATS
gettimeofday(&end, NULL);
- syslog(LOG_NOTICE, "%s(%s klen=%d size=%d): %8.6f", __func__,
+ syslog(LOG_NOTICE, "%s(%s klen=%zu size=%zu): %8.6f", __func__,
f->name, key->l << 3, buf->l, timedelta(&start, &end));
#endif
return res;
@@ -535,7 +535,7 @@
#ifdef ENABLE_STATS
gettimeofday(&end, NULL);
- syslog(LOG_NOTICE, "%s(%s klen=%d size=%d): %8.6f", __func__,
+ syslog(LOG_NOTICE, "%s(%s klen=%zu size=%zu): %8.6f", __func__,
f->name, key->l << 3, buf->l, timedelta(&start, &end));
#endif
return res;

45
package/ipsec-tools/ipsec-tools-0.6.7.100-do_not_use_addr_as_truthval.patch
View File

@ -1,45 +0,0 @@
diff -rup ipsec-tools-0.6.6.oorig/src/racoon/eaytest.c ipsec-tools-0.6.6/src/racoon/eaytest.c
--- ipsec-tools-0.6.6.oorig/src/racoon/eaytest.c 2005-06-29 00:38:02.000000000 +0200
+++ ipsec-tools-0.6.6/src/racoon/eaytest.c 2006-10-11 16:01:45.000000000 +0200
@@ -311,7 +311,7 @@ certtest(ac, av)
printf("exact match: succeed.\n");
- if (dnstr_w1) {
+ if (*dnstr_w1) {
asn1dn = eay_str2asn1dn(dnstr_w1, strlen(dnstr_w1));
if (asn1dn == NULL || asn1dn->l == asn1dn0.l)
errx(1, "asn1dn length wrong for wildcard 1\n");
@@ -321,7 +321,7 @@ certtest(ac, av)
printf("wildcard 1 match: succeed.\n");
}
- if (dnstr_w1) {
+ if (*dnstr_w1) {
asn1dn = eay_str2asn1dn(dnstr_w2, strlen(dnstr_w2));
if (asn1dn == NULL || asn1dn->l == asn1dn0.l)
errx(1, "asn1dn length wrong for wildcard 2\n");
diff -rup ipsec-tools-0.6.6.oorig/src/racoon/var.h ipsec-tools-0.6.6/src/racoon/var.h
--- ipsec-tools-0.6.6.oorig/src/racoon/var.h 2004-11-20 17:16:59.000000000 +0100
+++ ipsec-tools-0.6.6/src/racoon/var.h 2006-10-11 16:00:15.000000000 +0200
@@ -76,9 +76,9 @@
do { \
if (getnameinfo((x), sysdep_sa_len(x), (y), sizeof(y), (z), sizeof(z), \
NIFLAGS) != 0) { \
- if (y) \
+ if (*y) \
strncpy((y), "(invalid)", sizeof(y)); \
- if (z) \
+ if (*z) \
strncpy((z), "(invalid)", sizeof(z)); \
} \
} while (0);
@@ -87,7 +87,7 @@ do { \
do { \
if (getnameinfo((x), sysdep_sa_len(x), (y), sizeof(y), NULL, 0, \
NIFLAGS) != 0) { \
- if (y) \
+ if (*y) \
strncpy((y), "(invalid)", sizeof(y)); \
} \
} while (0);

32
package/ipsec-tools/ipsec-tools-0.6.7.101-string_legacy.patch
View File

@ -1,32 +0,0 @@
diff -rup ipsec-tools-0.6.6.oorig/src/racoon/missing/crypto/rijndael/rijndael-api-fst.c ipsec-tools-0.6.6/src/racoon/missing/crypto/rijndael/rijndael-api-fst.c
--- ipsec-tools-0.6.6.oorig/src/racoon/missing/crypto/rijndael/rijndael-api-fst.c 2004-01-12 23:31:45.000000000 +0100
+++ ipsec-tools-0.6.6/src/racoon/missing/crypto/rijndael/rijndael-api-fst.c 2006-10-11 16:29:42.000000000 +0200
@@ -30,8 +30,12 @@
#include <crypto/rijndael/rijndael_local.h>
#include <err.h>
+#ifndef bcopy
#define bcopy(a, b, c) memcpy(b, a, c)
+#endif
+#ifndef bzero
#define bzero(a, b) memset(a, 0, b)
+#endif
#define panic(a) err(1, (a))
int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, char *keyMaterial) {
diff -rup ipsec-tools-0.6.6.oorig/src/racoon/missing/crypto/sha2/sha2.c ipsec-tools-0.6.6/src/racoon/missing/crypto/sha2/sha2.c
--- ipsec-tools-0.6.6.oorig/src/racoon/missing/crypto/sha2/sha2.c 2004-09-21 16:35:25.000000000 +0200
+++ ipsec-tools-0.6.6/src/racoon/missing/crypto/sha2/sha2.c 2006-10-11 16:29:08.000000000 +0200
@@ -50,8 +50,12 @@
#include <err.h>
#include <string.h>
+#ifndef bcopy
#define bcopy(a, b, c) memcpy((b), (a), (c))
+#endif
+#ifndef bzero
#define bzero(a, b) memset((a), 0, (b))
+#endif
#define panic(a) err(1, (a))
#if OPENSSL_VERSION_NUMBER >= 0x00907000L

15
package/ipsec-tools/ipsec-tools-0.6.7.102-GLOB_TILDE.patch
View File

@ -1,15 +0,0 @@
--- ipsec-tools-0.6.6.oorig/src/racoon/cftoken.c 2006-06-13 10:49:01.000000000 +0200
+++ ipsec-tools-0.6.6/src/racoon/cftoken.c 2006-11-22 21:20:30.000000000 +0100
@@ -4076,8 +4076,11 @@
"Includes nested too deeply");
return -1;
}
-
+#ifdef GLOB_TILDE
if (glob(path, GLOB_TILDE, NULL, &incstack[incstackp].matches) != 0 ||
+#else
+ if (glob(path, 0, NULL, &incstack[incstackp].matches) != 0 ||
+#endif
incstack[incstackp].matches.gl_pathc == 0) {
plog(LLV_ERROR, LOCATION, NULL,
"glob found no matches for path");

14
package/ipsec-tools/ipsec-tools.mk
View File

@ -4,7 +4,7 @@
# #
############################################################# #############################################################
IPSEC_TOOLS_VERSION:=0.6.7 IPSEC_TOOLS_VERSION:=0.7.2
IPSEC_TOOLS_SOURCE:=ipsec-tools-$(IPSEC_TOOLS_VERSION).tar.bz2 IPSEC_TOOLS_SOURCE:=ipsec-tools-$(IPSEC_TOOLS_VERSION).tar.bz2
IPSEC_TOOLS_CAT:=$(BZCAT) IPSEC_TOOLS_CAT:=$(BZCAT)
IPSEC_TOOLS_DIR:=$(BUILD_DIR)/ipsec-tools-$(IPSEC_TOOLS_VERSION) IPSEC_TOOLS_DIR:=$(BUILD_DIR)/ipsec-tools-$(IPSEC_TOOLS_VERSION)
@ -16,7 +16,7 @@ IPSEC_TOOLS_BINARY_RACOONCTL:=src/racoon/racoonctl
IPSEC_TOOLS_TARGET_BINARY_SETKEY:=usr/sbin/setkey IPSEC_TOOLS_TARGET_BINARY_SETKEY:=usr/sbin/setkey
IPSEC_TOOLS_TARGET_BINARY_RACOON:=usr/sbin/racoon IPSEC_TOOLS_TARGET_BINARY_RACOON:=usr/sbin/racoon
IPSEC_TOOLS_TARGET_BINARY_RACOONCTL:=usr/sbin/racoonctl IPSEC_TOOLS_TARGET_BINARY_RACOONCTL:=usr/sbin/racoonctl
IPSEC_TOOLS_SITE=http://$(BR2_SOURCEFORGE_MIRROR).dl.sourceforge.net/sourceforge/ipsec-tools/ IPSEC_TOOLS_SITE=http://ftp.sunet.se/pub/NetBSD/misc/ipsec-tools/0.7/
ifeq ($(BR2_PACKAGE_IPSEC_TOOLS_ADMINPORT), y) ifeq ($(BR2_PACKAGE_IPSEC_TOOLS_ADMINPORT), y)
IPSEC_TOOLS_CONFIG_FLAGS+= --enable-adminport IPSEC_TOOLS_CONFIG_FLAGS+= --enable-adminport
@ -58,6 +58,16 @@ ifneq ($(BR2_PACKAGE_IPSEC_TOOLS_READLINE), y)
IPSEC_TOOLS_CONFIG_FLAGS+= --without-readline IPSEC_TOOLS_CONFIG_FLAGS+= --without-readline
endif endif
ifeq ($(BR2_PACKAGE_IPSEC_SECCTX_DISABLE),y)
IPSEC_TOOLS_CONFIG_FLAGS+= --enable-security-context=no
endif
ifeq ($(BR2_PACKAGE_IPSEC_SECCTX_ENABLE),y)
IPSEC_TOOLS_CONFIG_FLAGS+= --enable-security-context=yes
endif
ifeq ($(BR2_PACKAGE_IPSEC_SECCTX_KERNEL),y)
IPSEC_TOOLS_CONFIG_FLAGS+= --enable-security-context=kernel
endif
$(DL_DIR)/$(IPSEC_TOOLS_SOURCE): $(DL_DIR)/$(IPSEC_TOOLS_SOURCE):
$(call DOWNLOAD,$(IPSEC_TOOLS_SITE),$(IPSEC_TOOLS_SOURCE)) $(call DOWNLOAD,$(IPSEC_TOOLS_SITE),$(IPSEC_TOOLS_SOURCE))