diff --git a/net/ipsec-tools/Makefile b/net/ipsec-tools/Makefile deleted file mode 100644 index fdbf06d48..000000000 --- a/net/ipsec-tools/Makefile +++ /dev/null @@ -1,95 +0,0 @@ -# -# Copyright (C) 2006-2011 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk -include $(INCLUDE_DIR)/kernel.mk - -PKG_NAME:=ipsec-tools -PKG_VERSION:=0.8.1 -PKG_RELEASE:=1 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 -PKG_SOURCE_URL:=@SF/ipsec-tools -PKG_MD5SUM:=d38b39f291ba2962387c3232e7335dd8 - -PKG_BUILD_PARALLEL:=1 -PKG_INSTALL:=1 - -PKG_FIXUP:=autoreconf - -include $(INCLUDE_DIR)/package.mk - -define Package/ipsec-tools - SECTION:=net - CATEGORY:=Network - SUBMENU:=VPN - DEPENDS:=+libopenssl +kmod-ipsec - TITLE:=IPsec management tools - URL:=http://ipsec-tools.sourceforge.net/ -endef - -CONFIGURE_ARGS += \ - --enable-shared \ - --enable-static \ - --with-kernel-headers="$(LINUX_DIR)/include" \ - --without-readline \ - --with-openssl="$(STAGING_DIR)/usr" \ - --without-libradius \ - --without-libpam \ - --enable-dpd \ - --enable-hybrid \ - --enable-security-context=no \ - --enable-natt \ - --enable-adminport \ - --enable-frag \ - $(call autoconf_bool,CONFIG_IPV6,ipv6) - -# override CFLAGS holding "-Werror" that break builds on compile warnings -MAKE_FLAGS+=\ - CFLAGS="$(TARGET_CFLAGS) $(EXTRA_CFLAGS) $(TARGET_CPPFLAGS) $(EXTRA_CPPFLAGS)" - -define Build/Prepare - $(call Build/Prepare/Default) - chmod -R u+w $(PKG_BUILD_DIR) -endef - -define Build/Configure - (cd $(PKG_BUILD_DIR); touch \ - configure.ac \ - aclocal.m4 \ - Makefile.in \ - config.h.in \ - configure \ - ); - $(call Build/Configure/Default) - echo "#undef HAVE_SHADOW_H" >> $(PKG_BUILD_DIR)/config.h -endef - -define Package/ipsec-tools/install - $(INSTALL_DIR) $(1)/etc - $(INSTALL_CONF) $(PKG_BUILD_DIR)/src/racoon/samples/racoon.conf $(1)/etc/ - $(SED) 's|@sysconfdir_x@|/etc|g' $(1)/etc/racoon.conf - $(INSTALL_DIR) $(1)/etc/racoon - $(INSTALL_CONF) $(PKG_BUILD_DIR)/src/racoon/samples/psk.txt $(1)/etc/racoon/ - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) ./files/racoon.init $(1)/etc/init.d/racoon - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libipsec.so.* $(1)/usr/lib/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libracoon.so.* $(1)/usr/lib/ - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/plainrsa-gen $(1)/usr/sbin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/racoon $(1)/usr/sbin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/racoonctl $(1)/usr/sbin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/setkey $(1)/usr/sbin/ -endef - -define Package/ipsec-tools/conffiles -/etc/racoon.conf -/etc/racoon/psk.txt -endef - -$(eval $(call BuildPackage,ipsec-tools)) diff --git a/net/ipsec-tools/files/racoon.init b/net/ipsec-tools/files/racoon.init deleted file mode 100644 index d539b363f..000000000 --- a/net/ipsec-tools/files/racoon.init +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh /etc/rc.common -# Copyright (C) 2009-2011 OpenWrt.org -# Copyright (C) 2011 Artem Makhutov - -START=49 - -SERVICE_USE_PID=1 - -start() { - mkdir -m 0700 -p /var/racoon - [ -f /etc/ipsec.conf ] && /usr/sbin/setkey -f /etc/ipsec.conf - service_start /usr/sbin/racoon -f /etc/racoon.conf -} - -stop() { - service_stop /usr/sbin/racoon -} diff --git a/net/ipsec-tools/patches/001-ipsec-tools-def-psk.patch b/net/ipsec-tools/patches/001-ipsec-tools-def-psk.patch deleted file mode 100644 index db5b3064d..000000000 --- a/net/ipsec-tools/patches/001-ipsec-tools-def-psk.patch +++ /dev/null @@ -1,24 +0,0 @@ ---- a/src/racoon/oakley.c -+++ b/src/racoon/oakley.c -@@ -2424,8 +2424,21 @@ oakley_skeyid(iph1) - plog(LLV_ERROR, LOCATION, iph1->remote, - "couldn't find the pskey for %s.\n", - saddrwop2str(iph1->remote)); -+ } -+ } -+ if (iph1->authstr == NULL) { -+ /* -+ * If we could not locate a psk above try and locate -+ * the default psk, ie, "*". -+ */ -+ iph1->authstr = privsep_getpsk("*", 1); -+ if (iph1->authstr == NULL) { -+ plog(LLV_ERROR, LOCATION, iph1->remote, -+ "couldn't find the the default pskey either.\n"); - goto end; - } -+ plog(LLV_NOTIFY, LOCATION, iph1->remote, -+ "Using default PSK.\n"); - } - plog(LLV_DEBUG, LOCATION, NULL, "the psk found.\n"); - /* should be secret PSK */ diff --git a/net/ipsec-tools/patches/001-no_libfl.patch b/net/ipsec-tools/patches/001-no_libfl.patch deleted file mode 100644 index b56b596ba..000000000 --- a/net/ipsec-tools/patches/001-no_libfl.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- a/src/racoon/cftoken.l -+++ b/src/racoon/cftoken.l -@@ -104,6 +104,8 @@ static struct include_stack { - static int incstackp = 0; - - static int yy_first_time = 1; -+ -+int yywrap(void) { return 1; } - %} - - /* common seciton */ ---- a/src/setkey/token.l -+++ b/src/setkey/token.l -@@ -86,6 +86,8 @@ - #if defined(SADB_X_EALG_AES) && ! defined(SADB_X_EALG_AESCBC) - #define SADB_X_EALG_AESCBC SADB_X_EALG_AES - #endif -+ -+int yywrap(void) { return 1; } - %} - - /* common section */ diff --git a/net/ipsec-tools/patches/002-patch8-utmp.patch b/net/ipsec-tools/patches/002-patch8-utmp.patch deleted file mode 100644 index 16dc9237c..000000000 --- a/net/ipsec-tools/patches/002-patch8-utmp.patch +++ /dev/null @@ -1,72 +0,0 @@ ---- a/src/racoon/isakmp_cfg.c -+++ b/src/racoon/isakmp_cfg.c -@@ -38,7 +38,7 @@ - #include - #include - --#include -+#include - #if defined(__APPLE__) && defined(__MACH__) - #include - #endif -@@ -1661,7 +1661,8 @@ isakmp_cfg_accounting_system(port, raddr - int inout; - { - int error = 0; -- struct utmpx ut; -+ struct utmp ut; -+ char term[UT_LINESIZE]; - char addr[NI_MAXHOST]; - - if (usr == NULL || usr[0]=='\0') { -@@ -1670,34 +1671,37 @@ isakmp_cfg_accounting_system(port, raddr - return -1; - } - -- memset(&ut, 0, sizeof ut); -- gettimeofday((struct timeval *)&ut.ut_tv, NULL); -- snprintf(ut.ut_id, sizeof ut.ut_id, TERMSPEC, port); -+ sprintf(term, TERMSPEC, port); - - switch (inout) { - case ISAKMP_CFG_LOGIN: -- ut.ut_type = USER_PROCESS; -- strncpy(ut.ut_user, usr, sizeof ut.ut_user); -+ strncpy(ut.ut_name, usr, UT_NAMESIZE); -+ ut.ut_name[UT_NAMESIZE - 1] = '\0'; -+ -+ strncpy(ut.ut_line, term, UT_LINESIZE); -+ ut.ut_line[UT_LINESIZE - 1] = '\0'; - - GETNAMEINFO_NULL(raddr, addr); -- strncpy(ut.ut_host, addr, sizeof ut.ut_host); -+ strncpy(ut.ut_host, addr, UT_HOSTSIZE); -+ ut.ut_host[UT_HOSTSIZE - 1] = '\0'; -+ -+ ut.ut_time = time(NULL); - - plog(LLV_INFO, LOCATION, NULL, - "Accounting : '%s' logging on '%s' from %s.\n", -- ut.ut_user, ut.ut_id, addr); -- -- pututxline(&ut); -+ ut.ut_name, ut.ut_line, ut.ut_host); - -+ login(&ut); -+ - break; - case ISAKMP_CFG_LOGOUT: -- ut.ut_type = DEAD_PROCESS; - - plog(LLV_INFO, LOCATION, NULL, - "Accounting : '%s' unlogging from '%s'.\n", -- usr, ut.ut_id); -- -- pututxline(&ut); -+ usr, term); - -+ logout(term); -+ - break; - default: - plog(LLV_ERROR, LOCATION, NULL, "Unepected inout\n"); diff --git a/net/ipsec-tools/patches/003-microsoft-fqdn-in-main.patch b/net/ipsec-tools/patches/003-microsoft-fqdn-in-main.patch deleted file mode 100644 index 443d38d5e..000000000 --- a/net/ipsec-tools/patches/003-microsoft-fqdn-in-main.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/src/racoon/ipsec_doi.c -+++ b/src/racoon/ipsec_doi.c -@@ -3582,8 +3582,8 @@ ipsecdoi_checkid1(iph1) - iph1->approval->authmethod == OAKLEY_ATTR_AUTH_METHOD_PSKEY) { - if (id_b->type != IPSECDOI_ID_IPV4_ADDR - && id_b->type != IPSECDOI_ID_IPV6_ADDR) { -- plog(LLV_ERROR, LOCATION, NULL, -- "Expecting IP address type in main mode, " -+ plog(LLV_WARNING, LOCATION, NULL, -+ "Expecting IP address type in main mode (RFC2409) , " - "but %s.\n", s_ipsecdoi_ident(id_b->type)); - return ISAKMP_NTYPE_INVALID_ID_INFORMATION; - } diff --git a/net/ipsec-tools/patches/005-isakmp-fix.patch b/net/ipsec-tools/patches/005-isakmp-fix.patch deleted file mode 100644 index f7aa3c26c..000000000 --- a/net/ipsec-tools/patches/005-isakmp-fix.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/racoon/isakmp.c -+++ b/src/racoon/isakmp.c -@@ -31,6 +31,8 @@ - * SUCH DAMAGE. - */ - -+#define __packed __attribute__((__packed__)) -+ - #include "config.h" - - #include diff --git a/net/ipsec-tools/patches/006-linux-3.7-compat.patch b/net/ipsec-tools/patches/006-linux-3.7-compat.patch deleted file mode 100644 index 46b11ee51..000000000 --- a/net/ipsec-tools/patches/006-linux-3.7-compat.patch +++ /dev/null @@ -1,50 +0,0 @@ ---- a/configure.ac -+++ b/configure.ac -@@ -74,9 +74,10 @@ case "$host_os" in - [ KERNEL_INCLUDE="/lib/modules/`uname -r`/build/include" ]) - - AC_CHECK_HEADER($KERNEL_INCLUDE/linux/pfkeyv2.h, , -- [ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h, -- KERNEL_INCLUDE=/usr/src/linux/include , -- [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] ) -+ [ AC_CHECK_HEADER($KERNEL_INCLUDE/uapi/linux/pfkeyv2.h, , -+ [ AC_CHECK_HEADER(/usr/src/linux/include/linux/pfkeyv2.h, -+ KERNEL_INCLUDE=/usr/src/linux/include , -+ [ AC_MSG_ERROR([Unable to find linux-2.6 kernel headers. Aborting.]) ] ) ] ) ] ) - AC_SUBST(KERNEL_INCLUDE) - # We need the configure script to run with correct kernel headers. - # However we don't want to point to kernel source tree in compile time, -@@ -643,7 +644,14 @@ AC_EGREP_CPP(yes, - #ifdef SADB_X_EXT_NAT_T_TYPE - yes - #endif --], [kernel_natt="yes"]) -+], [kernel_natt="yes"], [ -+ AC_EGREP_CPP(yes, -+ [#include -+ #ifdef SADB_X_EXT_NAT_T_TYPE -+ yes -+ #endif -+ ], [kernel_natt="yes"]) -+]) - ;; - freebsd*|netbsd*) - # NetBSD case ---- a/src/include-glibc/Makefile.am -+++ b/src/include-glibc/Makefile.am -@@ -1,14 +1,7 @@ -- --.includes: ${top_builddir}/config.status -- ln -snf $(KERNEL_INCLUDE)/linux -- touch .includes -- --all: .includes -- - EXTRA_DIST = \ - glibc-bugs.h \ - net/pfkeyv2.h \ - netinet/ipsec.h \ - sys/queue.h - --DISTCLEANFILES = .includes linux -+DISTCLEANFILES = linux