From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 17 Jul 2013 15:45:40 +0000 (+0200)
Subject: Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=commitdiff_plain;h=15fbfae62747088414e48ad0bc380a488265af1f;hp=b5c00b8654ccbe438d6d38d29859c67fbf0a6cc7

Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next
---

diff --git a/config/rootfiles/common/gperf b/config/rootfiles/common/gperf
new file mode 100644
index 000000000..7c3a1cb61
--- /dev/null
+++ b/config/rootfiles/common/gperf
@@ -0,0 +1,4 @@
+#usr/bin/gperf
+#usr/share/doc/gperf.html
+#usr/share/info/gperf.info
+#usr/share/man/man1/gperf.1
diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/strongswan
index c94ce6f3b..1f5c6a0bc 100644
--- a/config/rootfiles/common/strongswan
+++ b/config/rootfiles/common/strongswan
@@ -61,15 +61,18 @@ usr/lib/ipsec/plugins/libstrongswan-openssl.so
 usr/lib/ipsec/plugins/libstrongswan-pem.so
 usr/lib/ipsec/plugins/libstrongswan-pgp.so
 usr/lib/ipsec/plugins/libstrongswan-pkcs1.so
+usr/lib/ipsec/plugins/libstrongswan-pkcs12.so
 usr/lib/ipsec/plugins/libstrongswan-pkcs7.so
 usr/lib/ipsec/plugins/libstrongswan-pkcs8.so
 usr/lib/ipsec/plugins/libstrongswan-pubkey.so
 usr/lib/ipsec/plugins/libstrongswan-random.so
+usr/lib/ipsec/plugins/libstrongswan-rc2.so
 usr/lib/ipsec/plugins/libstrongswan-resolve.so
 usr/lib/ipsec/plugins/libstrongswan-revocation.so
 usr/lib/ipsec/plugins/libstrongswan-sha1.so
 usr/lib/ipsec/plugins/libstrongswan-sha2.so
 usr/lib/ipsec/plugins/libstrongswan-socket-default.so
+usr/lib/ipsec/plugins/libstrongswan-sshkey.so
 usr/lib/ipsec/plugins/libstrongswan-stroke.so
 usr/lib/ipsec/plugins/libstrongswan-updown.so
 usr/lib/ipsec/plugins/libstrongswan-x509.so
diff --git a/lfs/gperf b/lfs/gperf
new file mode 100644
index 000000000..ac33857f1
--- /dev/null
+++ b/lfs/gperf
@@ -0,0 +1,76 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2013 IPFire Development Team                                  #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 3.0.4
+
+THISAPP    = gperf-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = c1f1db32fb6598d6a93e6e88796a8632
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+	@$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+	@$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+	@$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+	@$(PREBUILD)
+	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+	cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls
+	cd $(DIR_APP) && make $(MAKETUNING)
+	cd $(DIR_APP) && make install
+	@rm -rf $(DIR_APP)
+	@$(POSTBUILD)
diff --git a/lfs/strongswan b/lfs/strongswan
index a6075a289..df71a3d29 100644
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -24,12 +24,12 @@
 
 include Config
 
-VER        = 5.0.4
+VER        = 5.1.0dr2
 
 THISAPP    = strongswan-$(VER)
-DL_FILE    = $(THISAPP).tar.gz
+DL_FILE    = $(THISAPP).tar.bz2
 DL_FROM    = $(URL_IPFIRE)
-DIR_APP    = $(DIR_SRC)/$(THISAPP)
+DIR_APP    = $(DIR_SRC)/strongswan-$(VER)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 
 ifeq "$(MACHINE)" "i586"
@@ -46,7 +46,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 7085ac1d28dcc250096553fa51c3a4ea
+$(DL_FILE)_MD5 = fce82d733d6aaaafdea652eb157ba45a
 
 install : $(TARGET)
 
@@ -79,6 +79,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 
 	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-4.5.3_ipfire.patch
 
+	cd $(DIR_APP) && [ -x "configure" ] || ./autogen.sh
 	cd $(DIR_APP) && ./configure \
 		--prefix="/usr" \
 		--sysconfdir="/etc" \
@@ -93,7 +94,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 		--enable-eap-identity \
 		$(PADLOCK)
 
-	cd $(DIR_APP) && make $(MAKETUNING)
+	cd $(DIR_APP) && make $(MAKETUNING) LDFLAGS="-lrt"
 	cd $(DIR_APP) && make install
 
 	# Remove all library files we don't want or need.
diff --git a/make.sh b/make.sh
index 88af89876..35912b71c 100755
--- a/make.sh
+++ b/make.sh
@@ -333,6 +333,7 @@ buildbase() {
     lfsmake2 gettext
     lfsmake2 grep
     lfsmake2 groff
+    lfsmake2 gperf
     lfsmake2 gzip
     lfsmake2 inetutils
     lfsmake2 iproute2
diff --git a/src/misc-progs/ipsecctrl.c b/src/misc-progs/ipsecctrl.c
index 633004e23..365807c9e 100644
--- a/src/misc-progs/ipsecctrl.c
+++ b/src/misc-progs/ipsecctrl.c
@@ -144,8 +144,8 @@ void turn_connection_on(char *name, char *type) {
                 "/usr/sbin/ipsec down %s >/dev/null", name);
         safe_system(command);
 
-	// Reload the configuration into the daemon.
-	safe_system("/usr/sbin/ipsec reload >/dev/null 2>&1");
+	// Reload the configuration into the daemon (#10339).
+	ipsec_reload();
 
 	// Bring the connection up again.
 	snprintf(command, STRING_SIZE - 1,
@@ -169,7 +169,15 @@ void turn_connection_off (char *name) {
         safe_system(command);
 
 	// Reload, so the connection is dropped.
-        safe_system("/usr/sbin/ipsec reload >/dev/null 2>&1");
+	ipsec_reload();
+}
+
+void ipsec_reload() {
+	/* Re-read all configuration files and secrets and
+	 * reload the daemon (#10339).
+	 */
+	safe_system("/usr/sbin/ipsec rereadall >/dev/null 2>&1");
+	safe_system("/usr/sbin/ipsec reload >/dev/null 2>&1");
 }
 
 int main(int argc, char *argv[]) {
@@ -193,7 +201,7 @@ int main(int argc, char *argv[]) {
         }
 
         if (strcmp(argv[1], "R") == 0) {
-                safe_system("/usr/sbin/ipsec reload >/dev/null 2>&1");
+		ipsec_reload();
                 exit(0);
         }