include $(TOPDIR)/rules.mk
PKG_NAME:=strongswan
-PKG_VERSION:=5.9.2
-PKG_RELEASE:=12
+PKG_VERSION:=5.9.3
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
-PKG_HASH:=61c72f741edb2c1295a7b7ccce0317a104b3f9d39efd04c52cd05b01b55ab063
+PKG_HASH:=9325ab56a0a4e97e379401e1d942ce3e0d8b6372291350ab2caae0755862c6f7
PKG_LICENSE:=GPL-2.0-or-later
PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
PKG_CPE_ID:=cpe:/a:strongswan:strongswan
+From 27a54379cf3c48ff63c02a4a9f023297bba60d45 Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:29:43 +0200
+Subject: [PATCH 900/904] src: Patch for building with musl on openwrt (taken
+ verbatim from openwrt package sources)
+
+---
+ .../kernel_netlink/kernel_netlink_ipsec.c | 1 +
+ .../kernel_netlink/kernel_netlink_net.c | 2 +
+ .../kernel_netlink/kernel_netlink_shared.c | 2 +
+ src/libstrongswan/library.h | 1 +
+ src/libstrongswan/musl.h | 38 +++++++++++++++++++
+ .../plugins/bliss/bliss_huffman.c | 2 +
+ 6 files changed, 46 insertions(+)
+ create mode 100644 src/libstrongswan/musl.h
+
+--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
++++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
+@@ -40,6 +40,7 @@
+ */
+
+ #define _GNU_SOURCE
++#include <musl.h>
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <sys/ioctl.h>
+--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
++++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
+@@ -37,6 +37,8 @@
+ * THE SOFTWARE.
+ */
+
++#include "musl.h"
++
+ #include <sys/socket.h>
+ #include <sys/utsname.h>
+ #include <linux/netlink.h>
+--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
++++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
+@@ -39,6 +39,8 @@
+ * THE SOFTWARE.
+ */
+
++#include "musl.h"
++
+ #include <sys/socket.h>
+ #include <linux/netlink.h>
+ #include <linux/rtnetlink.h>
--- a/src/libstrongswan/library.h
+++ b/src/libstrongswan/library.h
@@ -118,6 +118,7 @@
+#undef blkcnt_t
+#undef crypt
+#undef encrypt
---- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
-+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
-@@ -40,6 +40,7 @@
- */
-
- #define _GNU_SOURCE
-+#include <musl.h>
- #include <sys/types.h>
- #include <sys/socket.h>
- #include <sys/ioctl.h>
---- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
-+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
-@@ -37,6 +37,8 @@
- * THE SOFTWARE.
- */
-
-+#include "musl.h"
-+
- #include <sys/socket.h>
- #include <sys/utsname.h>
- #include <linux/netlink.h>
---- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
-+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
-@@ -39,6 +39,8 @@
- * THE SOFTWARE.
- */
-
-+#include "musl.h"
-+
- #include <sys/socket.h>
- #include <linux/netlink.h>
- #include <linux/rtnetlink.h>
--- a/src/libstrongswan/plugins/bliss/bliss_huffman.c
+++ b/src/libstrongswan/plugins/bliss/bliss_huffman.c
@@ -17,6 +17,8 @@
+From 81be4fa54760aa4fed53c6d93da443f57a66f262 Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:30:32 +0200
+Subject: [PATCH 901/904] uci: verbatim patch from openwrt package sources
+
+---
+ src/libcharon/plugins/uci/uci_parser.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
--- a/src/libcharon/plugins/uci/uci_parser.c
+++ b/src/libcharon/plugins/uci/uci_parser.c
@@ -75,7 +75,7 @@ METHOD(enumerator_t, section_enumerator_
--- /dev/null
+From d71ec4f26a1334e78a38fa44a1271c52a029e3b4 Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:31:36 +0200
+Subject: [PATCH 902/904] ipsec: Patch `ipsec` script to work with musl
+ `sleep`. Patch taken verbatim from openwrt package sources.
+
+---
+ src/ipsec/_ipsec.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/ipsec/_ipsec.in
++++ b/src/ipsec/_ipsec.in
+@@ -257,7 +257,7 @@ stop)
+ loop=110
+ while [ $loop -gt 0 ] ; do
+ kill -0 $spid 2>/dev/null || break
+- sleep 0.1 2>/dev/null
++ sleep 1 2>/dev/null
+ if [ $? -ne 0 ]
+ then
+ sleep 1
+From c779da992bdd440e336383da0eb75ef3a2ea6cde Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:32:20 +0200
+Subject: [PATCH 903/904] updown: Call /sbin/hotplug-call ipsec "$1" in updown
+ script. Patch taken verbatim from openwrt package sources.
+
+---
+ src/_updown/_updown.in | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
--- a/src/_updown/_updown.in
+++ b/src/_updown/_updown.in
@@ -22,6 +22,13 @@
+From 9f60c2ea6394facac55b90ef66466e1b9edef2a9 Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:34:23 +0200
+Subject: [PATCH 904/904] gmpdh: Plugin that implements gmp DH functions in an
+ extra plugin. Links and uses gmp plugin source and header files. Patch taken
+ verbatim from openwrt package sources.
+
+---
+ configure.ac | 4 +
+ src/libstrongswan/Makefile.am | 7 ++
+ src/libstrongswan/plugins/gmpdh/Makefile.am | 19 ++++
+ .../plugins/gmpdh/gmpdh_plugin.c | 101 ++++++++++++++++++
+ .../plugins/gmpdh/gmpdh_plugin.h | 42 ++++++++
+ 5 files changed, 173 insertions(+)
+ create mode 100644 src/libstrongswan/plugins/gmpdh/Makefile.am
+ create mode 100644 src/libstrongswan/plugins/gmpdh/gmpdh_plugin.c
+ create mode 100644 src/libstrongswan/plugins/gmpdh/gmpdh_plugin.h
+
--- a/configure.ac
+++ b/configure.ac
@@ -146,6 +146,7 @@ ARG_DISBL_SET([fips-prf], [disable
ARG_DISBL_SET([curve25519], [disable Curve25519 Diffie-Hellman plugin.])
ARG_DISBL_SET([hmac], [disable HMAC crypto implementation plugin.])
ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.])
-@@ -1478,6 +1479,7 @@ ADD_PLUGIN([botan], [s ch
+@@ -1483,6 +1484,7 @@ ADD_PLUGIN([botan], [s ch
ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
ADD_PLUGIN([fips-prf], [s charon nm cmd])
ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz])
ADD_PLUGIN([curve25519], [s charon pki scripts nm cmd])
ADD_PLUGIN([agent], [s charon nm cmd])
ADD_PLUGIN([keychain], [s charon cmd])
-@@ -1619,6 +1621,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x
+@@ -1624,6 +1626,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x
AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue)
AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue)
AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue)
AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue)
-@@ -1896,6 +1899,7 @@ AC_CONFIG_FILES([
+@@ -1901,6 +1904,7 @@ AC_CONFIG_FILES([
src/libstrongswan/plugins/mgf1/Makefile
src/libstrongswan/plugins/fips_prf/Makefile
src/libstrongswan/plugins/gmp/Makefile
+
+libstrongswan_gmpdh_la_SOURCES = \
+ gmpdh_plugin.h gmpdh_plugin.c \
-+ ../gmp/gmp_diffie_hellman.c ../gmp/gmp_diffie_hellman.h
++ ../gmp/gmp_diffie_hellman.c ../gmp/gmp_diffie_hellman.h
++
+
-+
+libstrongswan_gmpdh_la_LDFLAGS = -module -avoid-version -Wl,-Bstatic -Wl,-lgmp -Wl,-Bdynamic -Wl,--as-needed $(FPIC)
+libstrongswan_gmpdh_la_LIBADD =
--- /dev/null
+++ /dev/null
---- a/src/ipsec/_ipsec.in
-+++ b/src/ipsec/_ipsec.in
-@@ -257,7 +257,7 @@ stop)
- loop=110
- while [ $loop -gt 0 ] ; do
- kill -0 $spid 2>/dev/null || break
-- sleep 0.1 2>/dev/null
-+ sleep 1 2>/dev/null
- if [ $? -ne 0 ]
- then
- sleep 1
git.99rst.org / openwrt-packages.git / commitdiff