From 3090c39efd011f4da22fb076cf9fde846619c688 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 4 Jul 2012 15:53:19 +0200 Subject: [PATCH] strongswan: Update to 5.0.0. This update removes pluto which is replaced by charon. --- config/rootfiles/common/stage2 | 4 +- config/rootfiles/common/strongswan | 90 +++--------------------------- lfs/strongswan | 27 +++++---- 3 files changed, 27 insertions(+), 94 deletions(-) diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2 index 796e0f3237..989614275f 100644 --- a/config/rootfiles/common/stage2 +++ b/config/rootfiles/common/stage2 @@ -13,8 +13,8 @@ etc/hddtemp.db etc/host.conf etc/inittab etc/inputrc -#etc/ipsec.user.conf -#etc/ipsec.user.secrets +etc/ipsec.user.conf +etc/ipsec.user.secrets etc/issue etc/ld.so.conf etc/localtime diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/strongswan index 4c7d558b1a..ac368d682a 100644 --- a/config/rootfiles/common/strongswan +++ b/config/rootfiles/common/strongswan @@ -13,133 +13,62 @@ etc/strongswan.conf #usr/lib/ipsec #usr/lib/ipsec/libcharon.a #usr/lib/ipsec/libcharon.la -usr/lib/ipsec/libcharon.so +#usr/lib/ipsec/libcharon.so usr/lib/ipsec/libcharon.so.0 usr/lib/ipsec/libcharon.so.0.0.0 #usr/lib/ipsec/libhydra.a #usr/lib/ipsec/libhydra.la -usr/lib/ipsec/libhydra.so +#usr/lib/ipsec/libhydra.so usr/lib/ipsec/libhydra.so.0 usr/lib/ipsec/libhydra.so.0.0.0 #usr/lib/ipsec/libstrongswan.a #usr/lib/ipsec/libstrongswan.la -usr/lib/ipsec/libstrongswan.so +#usr/lib/ipsec/libstrongswan.so usr/lib/ipsec/libstrongswan.so.0 usr/lib/ipsec/libstrongswan.so.0.0.0 #usr/lib/ipsec/plugins -#usr/lib/ipsec/plugins/libstrongswan-aes.a -#usr/lib/ipsec/plugins/libstrongswan-aes.la usr/lib/ipsec/plugins/libstrongswan-aes.so -#usr/lib/ipsec/plugins/libstrongswan-attr.a -#usr/lib/ipsec/plugins/libstrongswan-attr.la usr/lib/ipsec/plugins/libstrongswan-attr.so -#usr/lib/ipsec/plugins/libstrongswan-cmac.a -#usr/lib/ipsec/plugins/libstrongswan-cmac.la usr/lib/ipsec/plugins/libstrongswan-cmac.so -#usr/lib/ipsec/plugins/libstrongswan-constraints.a -#usr/lib/ipsec/plugins/libstrongswan-constraints.la usr/lib/ipsec/plugins/libstrongswan-constraints.so -#usr/lib/ipsec/plugins/libstrongswan-curl.a -#usr/lib/ipsec/plugins/libstrongswan-curl.la usr/lib/ipsec/plugins/libstrongswan-curl.so -#usr/lib/ipsec/plugins/libstrongswan-des.a -#usr/lib/ipsec/plugins/libstrongswan-des.la usr/lib/ipsec/plugins/libstrongswan-des.so -#usr/lib/ipsec/plugins/libstrongswan-dnskey.a -#usr/lib/ipsec/plugins/libstrongswan-dnskey.la usr/lib/ipsec/plugins/libstrongswan-dnskey.so -#usr/lib/ipsec/plugins/libstrongswan-fips-prf.a -#usr/lib/ipsec/plugins/libstrongswan-fips-prf.la usr/lib/ipsec/plugins/libstrongswan-fips-prf.so -#usr/lib/ipsec/plugins/libstrongswan-gmp.a -#usr/lib/ipsec/plugins/libstrongswan-gmp.la usr/lib/ipsec/plugins/libstrongswan-gmp.so -#usr/lib/ipsec/plugins/libstrongswan-hmac.a -#usr/lib/ipsec/plugins/libstrongswan-hmac.la usr/lib/ipsec/plugins/libstrongswan-hmac.so -#usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.a -#usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.la usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so -#usr/lib/ipsec/plugins/libstrongswan-md5.a -#usr/lib/ipsec/plugins/libstrongswan-md5.la usr/lib/ipsec/plugins/libstrongswan-md5.so -#usr/lib/ipsec/plugins/libstrongswan-pem.a -#usr/lib/ipsec/plugins/libstrongswan-pem.la +usr/lib/ipsec/plugins/libstrongswan-nonce.so +usr/lib/ipsec/plugins/libstrongswan-openssl.so +usr/lib/ipsec/plugins/libstrongswan-padlock.so usr/lib/ipsec/plugins/libstrongswan-pem.so -#usr/lib/ipsec/plugins/libstrongswan-pgp.a -#usr/lib/ipsec/plugins/libstrongswan-pgp.la usr/lib/ipsec/plugins/libstrongswan-pgp.so -#usr/lib/ipsec/plugins/libstrongswan-pkcs1.a -#usr/lib/ipsec/plugins/libstrongswan-pkcs1.la usr/lib/ipsec/plugins/libstrongswan-pkcs1.so -#usr/lib/ipsec/plugins/libstrongswan-pkcs8.a -#usr/lib/ipsec/plugins/libstrongswan-pkcs8.la usr/lib/ipsec/plugins/libstrongswan-pkcs8.so -#usr/lib/ipsec/plugins/libstrongswan-pubkey.a -#usr/lib/ipsec/plugins/libstrongswan-pubkey.la usr/lib/ipsec/plugins/libstrongswan-pubkey.so -#usr/lib/ipsec/plugins/libstrongswan-random.a -#usr/lib/ipsec/plugins/libstrongswan-random.la usr/lib/ipsec/plugins/libstrongswan-random.so -#usr/lib/ipsec/plugins/libstrongswan-resolve.a -#usr/lib/ipsec/plugins/libstrongswan-resolve.la usr/lib/ipsec/plugins/libstrongswan-resolve.so -#usr/lib/ipsec/plugins/libstrongswan-revocation.a -#usr/lib/ipsec/plugins/libstrongswan-revocation.la usr/lib/ipsec/plugins/libstrongswan-revocation.so -#usr/lib/ipsec/plugins/libstrongswan-sha1.a -#usr/lib/ipsec/plugins/libstrongswan-sha1.la usr/lib/ipsec/plugins/libstrongswan-sha1.so -#usr/lib/ipsec/plugins/libstrongswan-sha2.a -#usr/lib/ipsec/plugins/libstrongswan-sha2.la usr/lib/ipsec/plugins/libstrongswan-sha2.so -#usr/lib/ipsec/plugins/libstrongswan-socket-raw.a -#usr/lib/ipsec/plugins/libstrongswan-socket-raw.la -usr/lib/ipsec/plugins/libstrongswan-socket-raw.so -#usr/lib/ipsec/plugins/libstrongswan-stroke.a -#usr/lib/ipsec/plugins/libstrongswan-stroke.la +usr/lib/ipsec/plugins/libstrongswan-socket-default.so usr/lib/ipsec/plugins/libstrongswan-stroke.so -#usr/lib/ipsec/plugins/libstrongswan-updown.a -#usr/lib/ipsec/plugins/libstrongswan-updown.la usr/lib/ipsec/plugins/libstrongswan-updown.so -#usr/lib/ipsec/plugins/libstrongswan-x509.a -#usr/lib/ipsec/plugins/libstrongswan-x509.la usr/lib/ipsec/plugins/libstrongswan-x509.so -#usr/lib/ipsec/plugins/libstrongswan-xauth.a -#usr/lib/ipsec/plugins/libstrongswan-xauth.la -usr/lib/ipsec/plugins/libstrongswan-xauth.so -#usr/lib/ipsec/plugins/libstrongswan-xcbc.a -#usr/lib/ipsec/plugins/libstrongswan-xcbc.la +usr/lib/ipsec/plugins/libstrongswan-xauth-generic.so usr/lib/ipsec/plugins/libstrongswan-xcbc.so #usr/libexec/ipsec usr/libexec/ipsec/_copyright -usr/libexec/ipsec/_pluto_adns usr/libexec/ipsec/_updown usr/libexec/ipsec/_updown_espmark usr/libexec/ipsec/charon usr/libexec/ipsec/openac usr/libexec/ipsec/pki -usr/libexec/ipsec/pluto usr/libexec/ipsec/scepclient usr/libexec/ipsec/starter usr/libexec/ipsec/stroke -usr/libexec/ipsec/whack usr/sbin/ipsec -#usr/share/man/man3/anyaddr.3 -#usr/share/man/man3/atoaddr.3 -#usr/share/man/man3/atoasr.3 -#usr/share/man/man3/atoul.3 -#usr/share/man/man3/goodmask.3 -#usr/share/man/man3/initaddr.3 -#usr/share/man/man3/initsubnet.3 -#usr/share/man/man3/portof.3 -#usr/share/man/man3/rangetosubnet.3 -#usr/share/man/man3/sameaddr.3 -#usr/share/man/man3/subnetof.3 -#usr/share/man/man3/ttoaddr.3 -#usr/share/man/man3/ttodata.3 -#usr/share/man/man3/ttosa.3 -#usr/share/man/man3/ttoul.3 #usr/share/man/man5/ipsec.conf.5 #usr/share/man/man5/ipsec.secrets.5 #usr/share/man/man5/strongswan.conf.5 @@ -147,7 +76,4 @@ usr/sbin/ipsec #usr/share/man/man8/_updown_espmark.8 #usr/share/man/man8/ipsec.8 #usr/share/man/man8/openac.8 -#usr/share/man/man8/pluto.8 #usr/share/man/man8/scepclient.8 -etc/ipsec.user.conf -etc/ipsec.user.secrets diff --git a/lfs/strongswan b/lfs/strongswan index d0d533d11d..3d220862d9 100644 --- a/lfs/strongswan +++ b/lfs/strongswan @@ -24,7 +24,7 @@ include Config -VER = 4.6.4 +VER = 5.0.0 THISAPP = strongswan-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -32,6 +32,12 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) +ifeq "$(MACHINE)" "i586" + PADLOCK = --enable-padlock +else + PADLOCK = --disable-padlock +endif + ############################################################################### # Top-level Rules ############################################################################### @@ -40,7 +46,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 4c0999c42faa0860ae0afc4f8efd9d04 +$(DL_FILE)_MD5 = c8b861305def7c0abae04f7bbefec212 install : $(TARGET) @@ -73,18 +79,19 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-4.5.3_ipfire.patch - # Customize the welcome banner. - sed -i $(DIR_APP)/src/pluto/modecfg.c \ - -e 's/^#define.*DEFAULT_UNITY_BANNER.*/#define DEFAULT_UNITY_BANNER "Welcome to IPFire - An Open Source Firewall Solution.\\n"/' - - cd $(DIR_APP) && ./configure --prefix="/usr" --sysconfdir="/etc" \ - --enable-cisco-quirks \ - --enable-curl \ - --enable-nat-transport + cd $(DIR_APP) && ./configure \ + --prefix="/usr" \ + --sysconfdir="/etc" \ + --enable-curl \ + --enable-openssl \ + $(PADLOCK) cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install + # Remove all library files we don't want or need. + rm -vf /usr/lib/ipsec/plugins/*.{,l}a + -rm -rfv /etc/rc*.d/*ipsec cd $(DIR_SRC) && cp src/initscripts/init.d/ipsec /etc/rc.d/init.d/ipsec rm -f /etc/ipsec.conf /etc/ipsec.secrets -- 2.39.2