1
0
forked from pool/strongswan

- WORK-IN-PROGRESS snapshot: Update to strongSwan 5.0.1

OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=50
This commit is contained in:
Marius Tomaschewski 2012-10-30 17:16:52 +00:00 committed by Git OBS Bridge
parent 4a8b8bd95f
commit eb5621d87b
10 changed files with 146 additions and 182 deletions

View File

@ -1,30 +0,0 @@
From 901dbc1077f6c9bd29369cad848bc79a29c1a65b Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Sat, 30 Jun 2012 10:05:41 +0200
Subject: [PATCH] openssl: Ensure the thread ID is never zero
This might otherwise cause problems because OpenSSL tries to lock
mutexes recursively if it assumes the lock is held by a different
thread e.g. during FIPS initialization.
---
src/libstrongswan/plugins/openssl/openssl_plugin.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index 5a11412..7daa92b 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -129,7 +129,9 @@ static void destroy_function(struct CRYPTO_dynlock_value *lock,
*/
static unsigned long id_function(void)
{
- return (unsigned long)thread_current_id();
+ /* ensure the thread ID is never zero, otherwise OpenSSL might try to
+ * acquire locks recursively */
+ return 1 + (unsigned long)thread_current_id();
}
/**
--
1.7.7

View File

@ -1,31 +0,0 @@
--- src/checksum/checksum_builder.c
+++ src/checksum/checksum_builder.c 2012/02/15 13:08:35
@@ -64,9 +64,9 @@ static void build_checksum(char *path, c
fprintf(stderr, "dlopen failed: %s\n", dlerror());
}
}
- printf("\t{\"%-25s%7u, 0x%08x, %6u, 0x%08x},\n",
+ printf("\t{\"%-25s%7zu, 0x%08x, %6zu, 0x%08x},\n",
name, fsize, fsum, ssize, ssum);
- fprintf(stderr, "\"%-25s%7u / 0x%08x %6u / 0x%08x\n",
+ fprintf(stderr, "\"%-25s%7zu / 0x%08x %6zu / 0x%08x\n",
name, fsize, fsum, ssize, ssum);
}
@@ -106,14 +106,14 @@ static void build_binary_checksum(char *
pos = strrchr(binary, '.');
if (pos && streq(pos, ".so"))
{
- snprintf(name, sizeof(name), "%.*s\",", pos - binary, binary);
+ snprintf(name, sizeof(name), "%.*s\",", (int)(pos - binary), binary);
if (streq(name, "libstrongswan\","))
{
snprintf(sname, sizeof(sname), "%s", "library_init");
}
else
{
- snprintf(sname, sizeof(sname), "%.*s_init", pos - binary, binary);
+ snprintf(sname, sizeof(sname), "%.*s_init", (int)(pos - binary), binary);
}
build_checksum(path, name, sname);
}

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f372b4cc3d6c8a50a0b262e02e6a7fad43f91cc5a80cbd9432eb3c48ab2d4c69
size 3504672

View File

@ -1,14 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQGcBAABAgAGBQJPx4AbAAoJEN9CwXCzTbp3+GoL/Rs0El+oVlfUTT20/6IhwhI2
1DJ2kRB97EqDYe7qzBVHaRs1ceU61JhsOEF+DICDttDamAYOlPMkU0Lonmk4uSqe
Z1TVC7vcQdJEW5dPgx8UYRSxB4VdYkGq8FZSfK0Hdcn69EVnRneqb1oqGPXs3unI
Eut8dounWYXSXtUhfajKeKmCXyMJDfSRAIoCsF4D/BpiU+VtHPqwLGS6KEfWsYyJ
cqq5mc4rAL4Y6rLsi6YhqXvrV9klmVpMnlq7dftod7xWXOFX6d6mDSCIH0BrNyar
AuWJ8CqO06Olp6V8sKTdrtBfuJelM4cEUyehwJbssem7bRCBikkzj0/Yxl7Uu77v
QplLktKlsq/K8SkzNaqjTNxe7SvrIcrY1ErJTm6iMuinvlIjzoYPhpfnbNcyrrXQ
qqJ1RTnrXWxDAt41vHTV8I4afhQdt9WlBrp+xYT42PiPll1V6vLx5f/OLDQUVvSo
co+HFiKgg43090Pi4x5N0J1D1tuVuE7g9IGa1RAyYg==
=XivO
-----END PGP SIGNATURE-----

3
strongswan-5.0.1.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1a4dff19ef69d15e0b90b1ea80bd183235ac73b4ecd114aab58ed54de0f5c3b4
size 3146776

View File

@ -0,0 +1,14 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQGcBAABAgAGBQJQa9S/AAoJEN9CwXCzTbp30d0L/3Uj1RYm8+25k+RLIWvU1q/L
z5+mLjNAZpxoV7t1lUuMAA2STvZFisMtoNkw2EhsdanRsEV+WYpL101EPPMja077
BT86DVKk/IDtoGLKpQK41mV5h0bWzrUBXodw2ggoG1bOLhdfuV6z7hAn3GI+AgxM
Eus0TUWNT6VRZzYgTAcofmUyKM4Hruh5+82OSJtj8eeCqe333fdV/k6mumxYhoLB
b1Yp8NVuMmjbfp0T/kyMAlRMnOb1DGjun9sBNaPK+t6+wcToLDeijl+D83l67ZIl
Et0fehugK5dbkGtUbZHOJFWiSGyVP3eDVOjxMBp6ejBAwi0GwqNWXsE0GnHJr9TL
Q3TrM8Kt0vJ6mhlWU9KFGoRwpiyR+3pBc8smZkJvIs3kKIL5ItTVPsJcWJKu2iEd
L6+X15ZScalcrMJOGRYjgKh7cchIgVaudJOnPLtXjfyMuq+07Zz1ZhybUIu+i5Zo
q8AVLAoM6MkUXWKkJR51CH08+w32DaDp5p7yRyxCRA==
=100T
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Tue Oct 30 17:09:36 UTC 2012 - mt@suse.de
- WORK-IN-PROGRESS snapshot: Update to strongSwan 5.0.1
-------------------------------------------------------------------
Fri Sep 7 08:36:57 UTC 2012 - mt@suse.de

View File

@ -17,7 +17,7 @@
Name: strongswan
Version: 4.6.4
Version: 5.0.1
Release: 0
%define upstream_version %{version}
%define strongswan_docdir %{_docdir}/%{name}
@ -32,8 +32,6 @@ Summary: OpenSource IPsec-based VPN Solution
License: GPL-2.0+
Group: Productivity/Networking/Security
Url: http://www.strongswan.org/
Requires: strongswan-ikev1 = %{version}
Requires: strongswan-ikev2 = %{version}
Requires: strongswan-ipsec = %{version}
Source0: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2
Source1: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2.sig
@ -41,8 +39,6 @@ Source2: %{name}.init.in
Source3: %{name}-%{version}-rpmlintrc
Source4: README.SUSE
Patch1: %{name}_modprobe_syslog.patch
Patch2: %{name}-%{version}-fmt-warnings.patch
Patch3: 0001-openssl-Ensure-the-thread-ID-is-never-zero.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison
BuildRequires: curl-devel
@ -51,8 +47,10 @@ BuildRequires: gmp-devel
BuildRequires: gperf
BuildRequires: libcap-devel
BuildRequires: libopenssl-devel
BuildRequires: libsoup-devel
BuildRequires: openldap2-devel
BuildRequires: pam-devel
BuildRequires: pcsc-lite-devel
BuildRequires: pkg-config
%if %with_mysql
BuildRequires: libmysqlclient-devel
@ -133,36 +131,19 @@ StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
This package provides the strongswan library and plugins.
%package ikev1
Summary: OpenSource IPsec-based VPN Solution
Group: Productivity/Networking/Security
Requires: iproute2
Requires: strongswan-ipsec = %{version}
Requires: strongswan-libs0 = %{version}
Provides: ikev1
Provides: pluto
Provides: strongswan-daemon = %{version}
Conflicts: freeswan openswan strongswan < %{version}
%description ikev1
StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
This package provides the pluto IKEv1 daemon.
%package ikev2
%package charon
Summary: OpenSource IPsec-based VPN Solution
Group: Productivity/Networking/Security
Requires: iproute2
Requires: strongswan-daemon-starter = %{version}
Requires: strongswan-libs0 = %{version}
Provides: ikev2
Provides: strongswan-daemon = %{version}
Conflicts: openswan strongswan < %{version}
%description ikev2
%description charon
StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
This package provides the charon IKEv2 daemon.
This package provides the charon daemon supporting IKEv1 & IKEv2.
%package ipsec
Summary: OpenSource IPsec-based VPN Solution
@ -249,8 +230,6 @@ and the load testing plugin for IKEv2 daemon.
%prep
%setup -q -n %{name}-%{upstream_version}
%patch1 -p0
%patch2 -p0
%patch3 -p1
sed -e 's|@libexecdir@|%_libexecdir|g' \
< $RPM_SOURCE_DIR/strongswan.init.in \
> strongswan.init
@ -261,35 +240,55 @@ export RPM_OPT_FLAGS CFLAGS
#libtoolize --force
#autoreconf
%configure \
--enable-conftest \
--enable-integrity-test \
--with-capabilities=libcap \
--with-plugindir=%{strongswan_plugins} \
--with-resolv-conf=%{_localstatedir}/run/strongswan/resolv.conf \
--enable-smartcard \
--with-default-pkcs11=%{_libdir}/opensc-pkcs11.so \
--enable-cisco-quirks \
--enable-pkcs11 \
--enable-openssl \
--enable-agent \
--enable-md4 \
--enable-gcrypt \
--enable-blowfish \
--enable-ctr \
--enable-ccm \
--enable-gcm \
--enable-unity \
--enable-md4 \
--enable-af-alg \
--enable-eap-sim \
--enable-eap-sim-file \
--enable-eap-sim-pcsc \
--enable-eap-aka \
--enable-eap-aka-3gpp2 \
--enable-eap-simaka-sql \
--enable-eap-simaka-pseudonym \
--enable-eap-simaka-reauth \
--enable-eap-identity \
--enable-eap-md5 \
--enable-eap-gtc \
--enable-eap-aka \
--enable-eap-radius \
--enable-eap-identity \
--enable-eap-mschapv2 \
--enable-eap-aka-3gpp2 \
--enable-eap-tls \
--enable-eap-ttls \
--enable-eap-peap \
--enable-eap-tnc \
--enable-eap-dynamic \
--enable-eap-radius \
--enable-xauth-eap \
--enable-xauth-pam \
--enable-ha \
--enable-dhcp \
--enable-farp \
--enable-smp \
--enable-sql \
--enable-attr-sql \
--enable-addrblock \
--enable-radattr \
--enable-mediation \
--enable-led \
--enable-certexpire \
--enable-duplicheck \
--enable-coupling \
%if %with_mysql
--enable-mysql \
%endif
@ -307,14 +306,15 @@ export RPM_OPT_FLAGS CFLAGS
--enable-test-vectors \
%endif
--enable-ldap \
--enable-soup \
--enable-curl
make %{?_smp_mflags:%_smp_mflags}
%install
export RPM_BUILD_ROOT
install -m755 -d ${RPM_BUILD_ROOT}%{_sbindir}/
install -m755 -d ${RPM_BUILD_ROOT}%{_sysconfdir}/ipsec.d/
install -m755 -d ${RPM_BUILD_ROOT}%{_sysconfdir}/init.d/
install -d -m755 ${RPM_BUILD_ROOT}%{_sbindir}/
install -d -m755 ${RPM_BUILD_ROOT}%{_sysconfdir}/ipsec.d/
install -d -m755 ${RPM_BUILD_ROOT}%{_sysconfdir}/init.d/
install -m755 strongswan.init ${RPM_BUILD_ROOT}%{_sysconfdir}/init.d/ipsec
ln -s %{_sysconfdir}/init.d/ipsec ${RPM_BUILD_ROOT}%{_sbindir}/rcipsec
#
@ -330,15 +330,18 @@ cat << EOT > ${RPM_BUILD_ROOT}%{_sysconfdir}/ipsec.secrets
#
EOT
#
rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,radius,strongswan,simaka}.so
rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,strongswan}.so
rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{radius,simaka,tls,tnccs}.so
find $RPM_BUILD_ROOT%{strongswan_libdir} \
-name "*.a" -o -name "*.la" | xargs -r rm -f
#
install -m755 -d ${RPM_BUILD_ROOT}%{strongswan_docdir}/
install -m644 TODO NEWS README COPYING CREDITS \
${RPM_SOURCE_DIR}/README.SUSE \
${RPM_BUILD_ROOT}%{strongswan_docdir}/
install -m755 -d $RPM_BUILD_ROOT%{_localstatedir}/run/strongswan
install -d -m755 ${RPM_BUILD_ROOT}%{strongswan_docdir}/
#install -m644 TODO NEWS README COPYING CREDITS \
# ${RPM_SOURCE_DIR}/README.SUSE \
# ${RPM_BUILD_ROOT}%{strongswan_docdir}/
install -c -m644 ${RPM_SOURCE_DIR}/README.SUSE \
${RPM_BUILD_ROOT}%{strongswan_docdir}/
install -d -m755 $RPM_BUILD_ROOT%{_localstatedir}/run/strongswan
%post libs0
%{run_ldconfig}
@ -353,11 +356,13 @@ test -d %{_localstatedir}/run/strongswan || \
%preun ipsec
%{stop_on_removal ipsec}
if test -s %{_sysconfdir}/ipsec.secrets.rpmsave; then
cp -p --backup=numbered %{_sysconfdir}/ipsec.secrets.rpmsave %{_sysconfdir}/ipsec.secrets.rpmsave.old
if test -s %{_sysconfdir}/ipsec.secrets.rpmsave ; then
cp -p --backup=numbered %{_sysconfdir}/ipsec.secrets.rpmsave \
%{_sysconfdir}/ipsec.secrets.rpmsave.old
fi
if test -s %{_sysconfdir}/ipsec.conf.rpmsave; then
cp -p --backup=numbered %{_sysconfdir}/ipsec.conf.rpmsave %{_sysconfdir}/ipsec.conf.rpmsave.old
if test -s %{_sysconfdir}/ipsec.conf.rpmsave ; then
cp -p --backup=numbered %{_sysconfdir}/ipsec.conf.rpmsave \
%{_sysconfdir}/ipsec.conf.rpmsave.old
fi
%postun ipsec
@ -389,11 +394,14 @@ fi
%{_mandir}/man5/ipsec.secrets.5*
%{_mandir}/man5/strongswan.conf.5*
%dir %{_libexecdir}/ipsec
%{_libexecdir}/ipsec/_copyright
%{_libexecdir}/ipsec/_updown
%{_libexecdir}/ipsec/_updown_espmark
%{_libexecdir}/ipsec/_copyright
%{_libexecdir}/ipsec/pki
%{_libexecdir}/ipsec/conftest
%{_libexecdir}/ipsec/duplicheck
%{_libexecdir}/ipsec/openac
%{_libexecdir}/ipsec/pki
%{_libexecdir}/ipsec/pool
%{_libexecdir}/ipsec/scepclient
%{_libexecdir}/ipsec/starter
%{_libexecdir}/ipsec/stroke
@ -401,14 +409,7 @@ fi
%{strongswan_plugins}/libstrongswan-stroke.so
%{strongswan_plugins}/libstrongswan-updown.so
%files ikev1
%defattr(-,root,root)
%dir %{_libexecdir}/ipsec
%{_libexecdir}/ipsec/whack
%{_libexecdir}/ipsec/pluto
%{_libexecdir}/ipsec/_pluto_adns
%files ikev2
%files charon
%defattr(-,root,root)
%dir %{_libexecdir}/ipsec
%{_libexecdir}/ipsec/charon
@ -416,76 +417,85 @@ fi
%files doc
%defattr(-,root,root)
%dir %{strongswan_docdir}
%{strongswan_docdir}/TODO
%{strongswan_docdir}/NEWS
%{strongswan_docdir}/README
%{strongswan_docdir}/COPYING
%{strongswan_docdir}/CREDITS
%{_mandir}/man3/anyaddr.3*
%{_mandir}/man3/atoaddr.3*
%{_mandir}/man3/atoasr.3*
%{_mandir}/man3/atoul.3*
%{_mandir}/man3/goodmask.3*
%{_mandir}/man3/initaddr.3*
%{_mandir}/man3/initsubnet.3*
%{_mandir}/man3/portof.3*
%{_mandir}/man3/rangetosubnet.3*
%{_mandir}/man3/sameaddr.3*
%{_mandir}/man3/subnetof.3*
%{_mandir}/man3/ttoaddr.3*
%{_mandir}/man3/ttodata.3*
%{_mandir}/man3/ttosa.3*
%{_mandir}/man3/ttoul.3*
#%{strongswan_docdir}/TODO
#%{strongswan_docdir}/NEWS
#%{strongswan_docdir}/README
#%{strongswan_docdir}/COPYING
#%{strongswan_docdir}/CREDITS
#%{_mandir}/man3/anyaddr.3*
#%{_mandir}/man3/atoaddr.3*
#%{_mandir}/man3/atoasr.3*
#%{_mandir}/man3/atoul.3*
#%{_mandir}/man3/goodmask.3*
#%{_mandir}/man3/initaddr.3*
#%{_mandir}/man3/initsubnet.3*
#%{_mandir}/man3/portof.3*
#%{_mandir}/man3/rangetosubnet.3*
#%{_mandir}/man3/sameaddr.3*
#%{_mandir}/man3/subnetof.3*
#%{_mandir}/man3/ttoaddr.3*
#%{_mandir}/man3/ttodata.3*
#%{_mandir}/man3/ttosa.3*
#%{_mandir}/man3/ttoul.3*
%{_mandir}/man8/_updown.8*
%{_mandir}/man8/_updown_espmark.8*
%{_mandir}/man8/openac.8*
%{_mandir}/man8/pluto.8*
%{_mandir}/man8/scepclient.8*
%files libs0
%defattr(-,root,root)
%config(noreplace) %attr(600,root,root) %{_sysconfdir}/strongswan.conf
%dir %{_libexecdir}/ipsec
%dir %{_libexecdir}/ipsec/pool
#%dir %{_libexecdir}/ipsec/pool
%dir %{strongswan_libdir}
%{strongswan_libdir}/libchecksum.so
%{strongswan_libdir}/libhydra.so.0
%{strongswan_libdir}/libhydra.so.0.0.0
%{strongswan_libdir}/libcharon.so.0
%{strongswan_libdir}/libcharon.so.0.0.0
%{strongswan_libdir}/libradius.so.0
%{strongswan_libdir}/libradius.so.0.0.0
%{strongswan_libdir}/libsimaka.so.0
%{strongswan_libdir}/libsimaka.so.0.0.0
%{strongswan_libdir}/libstrongswan.so.0
%{strongswan_libdir}/libstrongswan.so.0.0.0
%{strongswan_libdir}/libcharon.so.*
%{strongswan_libdir}/libhydra.so.*
%{strongswan_libdir}/libradius.so.*
%{strongswan_libdir}/libsimaka.so.*
%{strongswan_libdir}/libstrongswan.so.*
%{strongswan_libdir}/libtls.so.*
%{strongswan_libdir}/libtnccs.so.*
%dir %{strongswan_plugins}
%{strongswan_plugins}/libstrongswan-addrblock.so
%{strongswan_plugins}/libstrongswan-aes.so
%{strongswan_plugins}/libstrongswan-af-alg.so
%{strongswan_plugins}/libstrongswan-agent.so
%{strongswan_plugins}/libstrongswan-attr.so
%{strongswan_plugins}/libstrongswan-attr-sql.so
%{strongswan_plugins}/libstrongswan-blowfish.so
%{strongswan_plugins}/libstrongswan-ccm.so
%{strongswan_plugins}/libstrongswan-certexpire.so
%{strongswan_plugins}/libstrongswan-cmac.so
%{strongswan_plugins}/libstrongswan-constraints.so
%{strongswan_plugins}/libstrongswan-coupling.so
%{strongswan_plugins}/libstrongswan-ctr.so
%{strongswan_plugins}/libstrongswan-curl.so
%{strongswan_plugins}/libstrongswan-des.so
%{strongswan_plugins}/libstrongswan-dhcp.so
%{strongswan_plugins}/libstrongswan-dnskey.so
%{strongswan_plugins}/libstrongswan-duplicheck.so
%{strongswan_plugins}/libstrongswan-eap-aka-3gpp2.so
%{strongswan_plugins}/libstrongswan-eap-aka.so
%{strongswan_plugins}/libstrongswan-eap-dynamic.so
%{strongswan_plugins}/libstrongswan-eap-gtc.so
%{strongswan_plugins}/libstrongswan-eap-identity.so
%{strongswan_plugins}/libstrongswan-eap-md5.so
%{strongswan_plugins}/libstrongswan-eap-mschapv2.so
%{strongswan_plugins}/libstrongswan-eap-peap.so
%{strongswan_plugins}/libstrongswan-eap-radius.so
%{strongswan_plugins}/libstrongswan-eap-sim-file.so
%{strongswan_plugins}/libstrongswan-eap-sim-pcsc.so
%{strongswan_plugins}/libstrongswan-eap-sim.so
%{strongswan_plugins}/libstrongswan-eap-simaka-pseudonym.so
%{strongswan_plugins}/libstrongswan-eap-simaka-reauth.so
%{strongswan_plugins}/libstrongswan-eap-simaka-sql.so
%{strongswan_plugins}/libstrongswan-eap-sim-file.so
%{strongswan_plugins}/libstrongswan-eap-sim.so
%{strongswan_plugins}/libstrongswan-eap-tls.so
%{strongswan_plugins}/libstrongswan-eap-tnc.so
%{strongswan_plugins}/libstrongswan-eap-ttls.so
%{strongswan_plugins}/libstrongswan-farp.so
%{strongswan_plugins}/libstrongswan-fips-prf.so
%{strongswan_plugins}/libstrongswan-gcm.so
%if %with_gcrypt
%{strongswan_plugins}/libstrongswan-gcrypt.so
%endif
@ -494,23 +504,33 @@ fi
%{strongswan_plugins}/libstrongswan-hmac.so
%{strongswan_plugins}/libstrongswan-kernel-netlink.so
%{strongswan_plugins}/libstrongswan-ldap.so
%{strongswan_plugins}/libstrongswan-led.so
%{strongswan_plugins}/libstrongswan-md4.so
%{strongswan_plugins}/libstrongswan-md5.so
%{strongswan_plugins}/libstrongswan-nonce.so
%{strongswan_plugins}/libstrongswan-openssl.so
%{strongswan_plugins}/libstrongswan-pem.so
%{strongswan_plugins}/libstrongswan-pgp.so
%{strongswan_plugins}/libstrongswan-pkcs1.so
%{strongswan_plugins}/libstrongswan-pkcs11.so
%{strongswan_plugins}/libstrongswan-pkcs8.so
%{strongswan_plugins}/libstrongswan-pubkey.so
%{strongswan_plugins}/libstrongswan-radattr.so
%{strongswan_plugins}/libstrongswan-random.so
%{strongswan_plugins}/libstrongswan-resolve.so
%{strongswan_plugins}/libstrongswan-revocation.so
%{strongswan_plugins}/libstrongswan-sha1.so
%{strongswan_plugins}/libstrongswan-sha2.so
%{strongswan_plugins}/libstrongswan-socket*.so
%{strongswan_plugins}/libstrongswan-smp.so
%{strongswan_plugins}/libstrongswan-socket-default.so
%{strongswan_plugins}/libstrongswan-soup.so
%{strongswan_plugins}/libstrongswan-sql.so
%{strongswan_plugins}/libstrongswan-tnc-tnccs.so
%{strongswan_plugins}/libstrongswan-unity.so
%{strongswan_plugins}/libstrongswan-x509.so
%{strongswan_plugins}/libstrongswan-xauth.so
%{strongswan_plugins}/libstrongswan-xauth-eap.so
%{strongswan_plugins}/libstrongswan-xauth-generic.so
%{strongswan_plugins}/libstrongswan-xauth-pam.so
%{strongswan_plugins}/libstrongswan-xcbc.so
%dir %ghost %{_localstatedir}/run/strongswan
@ -520,7 +540,7 @@ fi
%defattr(-,root,root)
%dir %{_libexecdir}/ipsec
%dir %{strongswan_plugins}
%{strongswan_plugins}/libstrongswan-nm.so
%{_libexecdir}/ipsec/charon-nm
%endif
%if %with_mysql

View File

@ -1,6 +1,6 @@
--- src/starter/klips.c
+++ src/starter/klips.c 2010/03/02 16:43:05
@@ -34,7 +34,7 @@ starter_klips_init(void)
+++ src/starter/klips.c 2012/10/30 17:07:23
@@ -30,7 +30,7 @@ bool starter_klips_init(void)
/* ipsec module makes the pf_key proc interface visible */
if (stat(PROC_MODULES, &stb) == 0)
{
@ -9,7 +9,7 @@
}
/* now test again */
@@ -48,9 +48,9 @@ starter_klips_init(void)
@@ -42,9 +42,9 @@ bool starter_klips_init(void)
}
/* load crypto algorithm modules */
@ -20,11 +20,11 @@
+ ignore_result(system("modprobe -s ipsec_blowfish"));
+ ignore_result(system("modprobe -s ipsec_sha2"));
DBG(DBG_CONTROL,
DBG_log("Found KLIPS IPsec stack")
DBG2(DBG_APP, "found KLIPS IPsec stack");
return TRUE;
--- src/starter/netkey.c
+++ src/starter/netkey.c 2010/03/02 16:43:05
@@ -34,7 +34,7 @@ starter_netkey_init(void)
+++ src/starter/netkey.c 2012/10/30 17:07:02
@@ -31,7 +31,7 @@ bool starter_netkey_init(void)
/* af_key module makes the netkey proc interface visible */
if (stat(PROC_MODULES, &stb) == 0)
{
@ -33,7 +33,7 @@
}
/* now test again */
@@ -50,11 +50,11 @@ starter_netkey_init(void)
@@ -45,11 +45,11 @@ bool starter_netkey_init(void)
/* make sure that all required IPsec modules are loaded */
if (stat(PROC_MODULES, &stb) == 0)
{
@ -49,4 +49,4 @@
+ ignore_result(system("modprobe -s xfrm_user"));
}
DBG(DBG_CONTROL,
DBG2(DBG_APP, "found netkey IPsec stack");