openswan: update openswan to version 2.6.41

This still does not fix the problems with kernel 3.10 and up. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> git-svn-id: svn://svn.openwrt.org/openwrt/packages@40620 3c298f89-4303-0410-b956-a3cf2f4a3e73
2014-05-01 13:33:42 +00:00 · 2014-05-01 13:33:42 +00:00 · 85992dc375
commit 85992dc375
parent cb6b225651
5 changed files with 6 additions and 411 deletions
--- a/net/openswan/Makefile
+++ b/net/openswan/Makefile
@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk

 PKG_NAME:=openswan
-PKG_VERSION:=2.6.38
-PKG_RELEASE:=2
+PKG_VERSION:=2.6.41
+PKG_RELEASE:=1

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.openswan.org/download
-PKG_MD5SUM:=13073eb5314b83a31be88e4117e8bbcd
+PKG_MD5SUM:=da2e8b02ecc30a408cc5766767fef84f

 PKG_BUILD_PARALLEL:=1
 PKG_INSTALL:=1
@ -58,6 +58,7 @@ $(call Package/openswan/Default/description)
 endef

 TARGET_CPPFLAGS += -I$(LINUX_DIR)/$(LINUX_UAPI_DIR)include -D__EXPORTED_HEADERS__
+TARGET_CFLAGS += $(FPIC)

 OPENSWAN_MAKEFLAGS:= \
 	-C $(PKG_BUILD_DIR) \
--- a/net/openswan/patches/100-cross_compile.patch
+++ b/net/openswan/patches/100-cross_compile.patch
@ -1,6 +1,6 @@
 --- a/programs/pluto/Makefile
 +++ b/programs/pluto/Makefile
-@@ -58,10 +58,6 @@ CFLAGS+=-DALLOW_MICROSOFT_BAD_PROPOSAL
+@@ -66,10 +66,6 @@ CFLAGS+=-DALLOW_MICROSOFT_BAD_PROPOSAL
 
 ALLFLAGS = $(CPPFLAGS) $(CFLAGS) ${CROSSFLAGS}
 
--- a/net/openswan/patches/120-no_manpages.patch
+++ b/net/openswan/patches/120-no_manpages.patch
@ -22,7 +22,7 @@
 -
 --- a/programs/pluto/Makefile
 +++ b/programs/pluto/Makefile
-@@ -192,35 +192,11 @@ doinstall: all
+@@ -200,35 +200,11 @@ doinstall: all
 	$(INSTALL) $(INSTBINFLAGS) $(BINNAMEPLUTO) $(BINNAMEWHACK) $(LIBEXECDIR)
 	#$(INSTALL) $(INSTSUIDFLAGS) $(BINNAMEWHACKINIT) $(LIBEXECDIR)
 	if $(USE_ADNS) ; then $(INSTALL) $(INSTBINFLAGS) $(BINNAMEADNS)  $(LIBEXECDIR) ; fi
--- a/net/openswan/patches/140-generated_autoconf.patch
+++ b/net/openswan/patches/140-generated_autoconf.patch
@ -1,365 +0,0 @@
--- a/linux/include/ocf-compat.h
-+++ b/linux/include/ocf-compat.h
-@@ -35,10 +35,11 @@
- /****************************************************************************/
- #ifdef __KERNEL__
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- /*
-  * fake some BSD driver interface stuff specifically for OCF use
-  */
--- a/linux/include/openswan/ipsec_kversion.h
-+++ b/linux/include/openswan/ipsec_kversion.h
-@@ -57,8 +57,10 @@
-  * We use a lot of config defines,  on older kernels that means we
-  * need to include config.h
-  */
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-# include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- 
- #if !defined(RHEL_RELEASE_CODE) 
--- a/linux/net/ipsec/aes/ipsec_alg_aes.c
-+++ b/linux/net/ipsec/aes/ipsec_alg_aes.c
-@@ -22,8 +22,10 @@
-  *
-  */
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/version.h>
- 
--- a/linux/net/ipsec/des/ipsec_alg_3des.c
-+++ b/linux/net/ipsec/des/ipsec_alg_3des.c
-@@ -19,8 +19,10 @@
-  *
-  */
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/version.h>
- 
--- a/linux/net/ipsec/ipcomp.c
-+++ b/linux/net/ipsec/ipcomp.c
-@@ -19,10 +19,11 @@
- /* SSS */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- #define __NO_VERSION__
- #include <linux/module.h>
- #include <linux/kernel.h> /* printk() */
--- a/linux/net/ipsec/ipsec_ah.c
-+++ b/linux/net/ipsec/ipsec_ah.c
-@@ -14,10 +14,11 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- #define __NO_VERSION__
- #include <linux/module.h>
- #include <linux/kernel.h> /* printk() */
--- a/linux/net/ipsec/ipsec_alg.c
-+++ b/linux/net/ipsec/ipsec_alg.c
-@@ -19,10 +19,11 @@
-  *
-  */
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- #define __NO_VERSION__
- #include <linux/module.h>
- #include <linux/kernel.h> /* printk() */
--- a/linux/net/ipsec/ipsec_alg_cryptoapi.c
-+++ b/linux/net/ipsec/ipsec_alg_cryptoapi.c
-@@ -26,10 +26,11 @@
-  *   modprobe ipsec_cryptoapi des_ede3=0                 (everything but 3DES)
-  */
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- /*	
-  *	special case: ipsec core modular with this static algo inside:
-  *	must avoid MODULE magic for this file
--- a/linux/net/ipsec/ipsec_esp.c
-+++ b/linux/net/ipsec/ipsec_esp.c
-@@ -14,10 +14,11 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- #define __NO_VERSION__
- #include <linux/module.h>
- #include <linux/kernel.h> /* printk() */
--- a/linux/net/ipsec/ipsec_init.c
-+++ b/linux/net/ipsec/ipsec_init.c
-@@ -19,8 +19,10 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/module.h>
- #include <linux/kernel.h> /* printk() */
--- a/linux/net/ipsec/ipsec_ipcomp.c
-+++ b/linux/net/ipsec/ipsec_ipcomp.c
-@@ -14,10 +14,11 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- #define __NO_VERSION__
- #include <linux/module.h>
- #include <linux/kernel.h> /* printk() */
--- a/linux/net/ipsec/ipsec_ipip.c
-+++ b/linux/net/ipsec/ipsec_ipip.c
-@@ -14,10 +14,11 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- #define __NO_VERSION__
- #include <linux/module.h>
- #include <linux/kernel.h> /* printk() */
--- a/linux/net/ipsec/ipsec_ocf.c
-+++ b/linux/net/ipsec/ipsec_ocf.c
-@@ -16,10 +16,11 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- #define __NO_VERSION__
- #include <linux/module.h>
- #include <linux/kernel.h> /* printk() */
--- a/linux/net/ipsec/ipsec_ocf.h
-+++ b/linux/net/ipsec/ipsec_ocf.h
-@@ -19,8 +19,10 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/kernel.h>
- 
--- a/linux/net/ipsec/ipsec_radij.c
-+++ b/linux/net/ipsec/ipsec_radij.c
-@@ -21,8 +21,10 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/kernel.h> /* printk() */
- 
--- a/linux/net/ipsec/ipsec_rcv.c
-+++ b/linux/net/ipsec/ipsec_rcv.c
-@@ -21,10 +21,11 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
-
- #define __NO_VERSION__
- #include <linux/module.h>
- #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) && LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,26)
--- a/linux/net/ipsec/ipsec_sa.c
-+++ b/linux/net/ipsec/ipsec_sa.c
-@@ -19,8 +19,10 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/kernel.h> /* printk() */
- 
--- a/linux/net/ipsec/ipsec_snprintf.c
-+++ b/linux/net/ipsec/ipsec_snprintf.c
-@@ -19,8 +19,10 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #define __NO_VERSION__
- #include <linux/module.h>
--- a/linux/net/ipsec/ipsec_tunnel.c
-+++ b/linux/net/ipsec/ipsec_tunnel.c
-@@ -24,8 +24,10 @@
- #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) && LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,26)
- # include <linux/moduleparam.h>
- #endif
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/kernel.h> /* printk() */
- 
--- a/linux/net/ipsec/ipsec_xform.c
-+++ b/linux/net/ipsec/ipsec_xform.c
-@@ -15,8 +15,10 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/kernel.h> /* printk() */
- 
--- a/linux/net/ipsec/pfkey_v2_ext_process.c
-+++ b/linux/net/ipsec/pfkey_v2_ext_process.c
-@@ -20,8 +20,10 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/kernel.h> /* printk() */
- 
--- a/linux/net/ipsec/pfkey_v2_parser.c
-+++ b/linux/net/ipsec/pfkey_v2_parser.c
-@@ -23,8 +23,10 @@
- 
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/kernel.h> /* printk() */
- 
--- a/linux/net/ipsec/radij.c
-+++ b/linux/net/ipsec/radij.c
-@@ -54,8 +54,10 @@
-  */
- 
- #include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,38) && !defined(AUTOCONF_INCLUDED)
-#include <linux/config.h>
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,33))
-+#include <generated/autoconf.h>
-+#else
-+#include <linux/autoconf.h>
- #endif
- #include <linux/kernel.h> /* printk() */
- 
--- a/net/openswan/patches/150-linux-3.7-kuid-compat.patch
+++ b/net/openswan/patches/150-linux-3.7-kuid-compat.patch
@ -1,41 +0,0 @@
--- a/linux/net/ipsec/pfkey_v2.c
-+++ b/linux/net/ipsec/pfkey_v2.c
-@@ -738,7 +738,7 @@ pfkey_create(struct socket *sock, int pr
- 	sk->sk_family = PF_KEY;
- /*	sk->num = protocol; */
- 	sk->sk_protocol = protocol;
-	key_pid(sk) = current_uid();
-+	key_pid(sk) = IPSEC_FROM_KUIDT(current_uid());
- 
- #ifdef HAVE_SOCKET_WQ
- 	KLIPS_PRINT(debug_pfkey,
--- a/linux/include/openswan/ipsec_kversion.h
-+++ b/linux/include/openswan/ipsec_kversion.h
-@@ -614,6 +614,16 @@
- # define DEFINE_RWLOCK(x) rwlock_t x = RW_LOCK_UNLOCKED
- #endif
- 
-+/*
-+ * kuid_t <=> uint32_t conversion
-+ */
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,7,0)
-+#  define IPSEC_FROM_KUIDT(x) from_kuid(current_user_ns(), x)
-+#else
-+#  define IPSEC_FROM_KUIDT(x) (x)
-+#endif
-+
- 
- #endif /* _OPENSWAN_KVERSIONS_H */
- 
--- a/linux/net/ipsec/pfkey_v2_parser.c
-+++ b/linux/net/ipsec/pfkey_v2_parser.c
-@@ -1481,7 +1481,7 @@ pfkey_register_reply(int satype, struct
- 							  satype,
- 							  0,
- 							  sadb_msg? sadb_msg->sadb_msg_seq : ++pfkey_msg_seq,
-							  sadb_msg? sadb_msg->sadb_msg_pid: current_uid()),
-+							  sadb_msg? sadb_msg->sadb_msg_pid: IPSEC_FROM_KUIDT(current_uid())),
- 			      extensions_reply) &&
- 	     (alg_num_a ? pfkey_safe_build(error = pfkey_supported_build(&extensions_reply[K_SADB_EXT_SUPPORTED_AUTH],
- 									K_SADB_EXT_SUPPORTED_AUTH,