jengelh/strongswan
SHA256
1
0
Fork 1
forked from pool/strongswan
Code Pull Requests Activity

- WORK-IN-PROGRESS snapshot: Update to strongSwan 5.0.1

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=50
This commit is contained in:
Marius Tomaschewski 2012-10-30 17:16:52 +00:00 committed by Git OBS Bridge
parent 4a8b8bd95f
commit eb5621d87b
10 changed files with 146 additions and 182 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
0001-openssl-Ensure-the-thread-ID-is-never-zero.patch
View File

@ -1,30 +0,0 @@
From 901dbc1077f6c9bd29369cad848bc79a29c1a65b Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Sat, 30 Jun 2012 10:05:41 +0200
Subject: [PATCH] openssl: Ensure the thread ID is never zero
This might otherwise cause problems because OpenSSL tries to lock
mutexes recursively if it assumes the lock is held by a different
thread e.g. during FIPS initialization.
---
src/libstrongswan/plugins/openssl/openssl_plugin.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index 5a11412..7daa92b 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -129,7 +129,9 @@ static void destroy_function(struct CRYPTO_dynlock_value *lock,
*/
static unsigned long id_function(void)
{
- return (unsigned long)thread_current_id();
+ /* ensure the thread ID is never zero, otherwise OpenSSL might try to
+ * acquire locks recursively */
+ return 1 + (unsigned long)thread_current_id();
}
/**
--
1.7.7

31
strongswan-4.6.4-fmt-warnings.patch
View File

@ -1,31 +0,0 @@
--- src/checksum/checksum_builder.c
+++ src/checksum/checksum_builder.c 2012/02/15 13:08:35
@@ -64,9 +64,9 @@ static void build_checksum(char *path, c
fprintf(stderr, "dlopen failed: %s\n", dlerror());
}
}
- printf("\t{\"%-25s%7u, 0x%08x, %6u, 0x%08x},\n",
+ printf("\t{\"%-25s%7zu, 0x%08x, %6zu, 0x%08x},\n",
name, fsize, fsum, ssize, ssum);
- fprintf(stderr, "\"%-25s%7u / 0x%08x %6u / 0x%08x\n",
+ fprintf(stderr, "\"%-25s%7zu / 0x%08x %6zu / 0x%08x\n",
name, fsize, fsum, ssize, ssum);
}
@@ -106,14 +106,14 @@ static void build_binary_checksum(char *
pos = strrchr(binary, '.');
if (pos && streq(pos, ".so"))
{
- snprintf(name, sizeof(name), "%.*s\",", pos - binary, binary);
+ snprintf(name, sizeof(name), "%.*s\",", (int)(pos - binary), binary);
if (streq(name, "libstrongswan\","))
{
snprintf(sname, sizeof(sname), "%s", "library_init");
}
else
{
- snprintf(sname, sizeof(sname), "%.*s_init", pos - binary, binary);
+ snprintf(sname, sizeof(sname), "%.*s_init", (int)(pos - binary), binary);
}
build_checksum(path, name, sname);
}

3
strongswan-4.6.4.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f372b4cc3d6c8a50a0b262e02e6a7fad43f91cc5a80cbd9432eb3c48ab2d4c69
size 3504672

14
strongswan-4.6.4.tar.bz2.sig
View File

@ -1,14 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQGcBAABAgAGBQJPx4AbAAoJEN9CwXCzTbp3+GoL/Rs0El+oVlfUTT20/6IhwhI2
1DJ2kRB97EqDYe7qzBVHaRs1ceU61JhsOEF+DICDttDamAYOlPMkU0Lonmk4uSqe
Z1TVC7vcQdJEW5dPgx8UYRSxB4VdYkGq8FZSfK0Hdcn69EVnRneqb1oqGPXs3unI
Eut8dounWYXSXtUhfajKeKmCXyMJDfSRAIoCsF4D/BpiU+VtHPqwLGS6KEfWsYyJ
cqq5mc4rAL4Y6rLsi6YhqXvrV9klmVpMnlq7dftod7xWXOFX6d6mDSCIH0BrNyar
AuWJ8CqO06Olp6V8sKTdrtBfuJelM4cEUyehwJbssem7bRCBikkzj0/Yxl7Uu77v
QplLktKlsq/K8SkzNaqjTNxe7SvrIcrY1ErJTm6iMuinvlIjzoYPhpfnbNcyrrXQ
qqJ1RTnrXWxDAt41vHTV8I4afhQdt9WlBrp+xYT42PiPll1V6vLx5f/OLDQUVvSo
co+HFiKgg43090Pi4x5N0J1D1tuVuE7g9IGa1RAyYg==
=XivO
-----END PGP SIGNATURE-----

0
strongswan-4.6.4-rpmlintrc → strongswan-5.0.1-rpmlintrc
View File

3
strongswan-5.0.1.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1a4dff19ef69d15e0b90b1ea80bd183235ac73b4ecd114aab58ed54de0f5c3b4
size 3146776

14
strongswan-5.0.1.tar.bz2.sig Normal file
View File

@ -0,0 +1,14 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQGcBAABAgAGBQJQa9S/AAoJEN9CwXCzTbp30d0L/3Uj1RYm8+25k+RLIWvU1q/L
z5+mLjNAZpxoV7t1lUuMAA2STvZFisMtoNkw2EhsdanRsEV+WYpL101EPPMja077
BT86DVKk/IDtoGLKpQK41mV5h0bWzrUBXodw2ggoG1bOLhdfuV6z7hAn3GI+AgxM
Eus0TUWNT6VRZzYgTAcofmUyKM4Hruh5+82OSJtj8eeCqe333fdV/k6mumxYhoLB
b1Yp8NVuMmjbfp0T/kyMAlRMnOb1DGjun9sBNaPK+t6+wcToLDeijl+D83l67ZIl
Et0fehugK5dbkGtUbZHOJFWiSGyVP3eDVOjxMBp6ejBAwi0GwqNWXsE0GnHJr9TL
Q3TrM8Kt0vJ6mhlWU9KFGoRwpiyR+3pBc8smZkJvIs3kKIL5ItTVPsJcWJKu2iEd
L6+X15ZScalcrMJOGRYjgKh7cchIgVaudJOnPLtXjfyMuq+07Zz1ZhybUIu+i5Zo
q8AVLAoM6MkUXWKkJR51CH08+w32DaDp5p7yRyxCRA==
=100T
-----END PGP SIGNATURE-----

5
strongswan.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Tue Oct 30 17:09:36 UTC 2012 - mt@suse.de
- WORK-IN-PROGRESS snapshot: Update to strongSwan 5.0.1
-------------------------------------------------------------------
Fri Sep 7 08:36:57 UTC 2012 - mt@suse.de

204
strongswan.spec
View File

@ -17,7 +17,7 @@
Name: strongswan
Version: 4.6.4
Version: 5.0.1
Release: 0
%define upstream_version %{version}
%define strongswan_docdir %{_docdir}/%{name}
@ -32,8 +32,6 @@ Summary: OpenSource IPsec-based VPN Solution
License: GPL-2.0+
Group: Productivity/Networking/Security
Url: http://www.strongswan.org/
Requires: strongswan-ikev1 = %{version}
Requires: strongswan-ikev2 = %{version}
Requires: strongswan-ipsec = %{version}
Source0: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2
Source1: http://download.strongswan.org/strongswan-%{upstream_version}.tar.bz2.sig
@ -41,8 +39,6 @@ Source2: %{name}.init.in
Source3: %{name}-%{version}-rpmlintrc
Source4: README.SUSE
Patch1: %{name}_modprobe_syslog.patch
Patch2: %{name}-%{version}-fmt-warnings.patch
Patch3: 0001-openssl-Ensure-the-thread-ID-is-never-zero.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison
BuildRequires: curl-devel
@ -51,8 +47,10 @@ BuildRequires: gmp-devel
BuildRequires: gperf
BuildRequires: libcap-devel
BuildRequires: libopenssl-devel
BuildRequires: libsoup-devel
BuildRequires: openldap2-devel
BuildRequires: pam-devel
BuildRequires: pcsc-lite-devel
BuildRequires: pkg-config
%if %with_mysql
BuildRequires: libmysqlclient-devel
@ -133,36 +131,19 @@ StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
This package provides the strongswan library and plugins.
%package ikev1
Summary: OpenSource IPsec-based VPN Solution
Group: Productivity/Networking/Security
Requires: iproute2
Requires: strongswan-ipsec = %{version}
Requires: strongswan-libs0 = %{version}
Provides: ikev1
Provides: pluto
Provides: strongswan-daemon = %{version}
Conflicts: freeswan openswan strongswan < %{version}
%description ikev1
StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
This package provides the pluto IKEv1 daemon.
%package ikev2
%package charon
Summary: OpenSource IPsec-based VPN Solution
Group: Productivity/Networking/Security
Requires: iproute2
Requires: strongswan-daemon-starter = %{version}
Requires: strongswan-libs0 = %{version}
Provides: ikev2
Provides: strongswan-daemon = %{version}
Conflicts: openswan strongswan < %{version}
%description ikev2
%description charon
StrongSwan is an OpenSource IPsec-based VPN Solution for Linux
This package provides the charon IKEv2 daemon.
This package provides the charon daemon supporting IKEv1 & IKEv2.
%package ipsec
Summary: OpenSource IPsec-based VPN Solution
@ -249,8 +230,6 @@ and the load testing plugin for IKEv2 daemon.
%prep
%setup -q -n %{name}-%{upstream_version}
%patch1 -p0
%patch2 -p0
%patch3 -p1
sed -e 's|@libexecdir@|%_libexecdir|g' \
< $RPM_SOURCE_DIR/strongswan.init.in \
> strongswan.init
@ -261,35 +240,55 @@ export RPM_OPT_FLAGS CFLAGS
#libtoolize --force
#autoreconf
%configure \
--enable-conftest \
--enable-integrity-test \
--with-capabilities=libcap \
--with-plugindir=%{strongswan_plugins} \
--with-resolv-conf=%{_localstatedir}/run/strongswan/resolv.conf \
--enable-smartcard \
--with-default-pkcs11=%{_libdir}/opensc-pkcs11.so \
--enable-cisco-quirks \
--enable-pkcs11 \
--enable-openssl \
--enable-agent \
--enable-md4 \
--enable-gcrypt \
--enable-blowfish \
--enable-ctr \
--enable-ccm \
--enable-gcm \
--enable-unity \
--enable-md4 \
--enable-af-alg \
--enable-eap-sim \
--enable-eap-sim-file \
--enable-eap-sim-pcsc \
--enable-eap-aka \
--enable-eap-aka-3gpp2 \
--enable-eap-simaka-sql \
--enable-eap-simaka-pseudonym \
--enable-eap-simaka-reauth \
--enable-eap-identity \
--enable-eap-md5 \
--enable-eap-gtc \
--enable-eap-aka \
--enable-eap-radius \
--enable-eap-identity \
--enable-eap-mschapv2 \
--enable-eap-aka-3gpp2 \
--enable-eap-tls \
--enable-eap-ttls \
--enable-eap-peap \
--enable-eap-tnc \
--enable-eap-dynamic \
--enable-eap-radius \
--enable-xauth-eap \
--enable-xauth-pam \
--enable-ha \
--enable-dhcp \
--enable-farp \
--enable-smp \
--enable-sql \
--enable-attr-sql \
--enable-addrblock \
--enable-radattr \
--enable-mediation \
--enable-led \
--enable-certexpire \
--enable-duplicheck \
--enable-coupling \
%if %with_mysql
--enable-mysql \
%endif
@ -307,14 +306,15 @@ export RPM_OPT_FLAGS CFLAGS
--enable-test-vectors \
%endif
--enable-ldap \
--enable-soup \
--enable-curl
make %{?_smp_mflags:%_smp_mflags}
%install
export RPM_BUILD_ROOT
install -m755 -d ${RPM_BUILD_ROOT}%{_sbindir}/
install -m755 -d ${RPM_BUILD_ROOT}%{_sysconfdir}/ipsec.d/
install -m755 -d ${RPM_BUILD_ROOT}%{_sysconfdir}/init.d/
install -d -m755 ${RPM_BUILD_ROOT}%{_sbindir}/
install -d -m755 ${RPM_BUILD_ROOT}%{_sysconfdir}/ipsec.d/
install -d -m755 ${RPM_BUILD_ROOT}%{_sysconfdir}/init.d/
install -m755 strongswan.init ${RPM_BUILD_ROOT}%{_sysconfdir}/init.d/ipsec
ln -s %{_sysconfdir}/init.d/ipsec ${RPM_BUILD_ROOT}%{_sbindir}/rcipsec
#
@ -330,15 +330,18 @@ cat << EOT > ${RPM_BUILD_ROOT}%{_sysconfdir}/ipsec.secrets
#
EOT
#
rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,radius,strongswan,simaka}.so
rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{charon,hydra,strongswan}.so
rm -f $RPM_BUILD_ROOT%{strongswan_libdir}/lib{radius,simaka,tls,tnccs}.so
find $RPM_BUILD_ROOT%{strongswan_libdir} \
-name "*.a" -o -name "*.la" | xargs -r rm -f
#
install -m755 -d ${RPM_BUILD_ROOT}%{strongswan_docdir}/
install -m644 TODO NEWS README COPYING CREDITS \
${RPM_SOURCE_DIR}/README.SUSE \
install -d -m755 ${RPM_BUILD_ROOT}%{strongswan_docdir}/
#install -m644 TODO NEWS README COPYING CREDITS \
# ${RPM_SOURCE_DIR}/README.SUSE \
# ${RPM_BUILD_ROOT}%{strongswan_docdir}/
install -c -m644 ${RPM_SOURCE_DIR}/README.SUSE \
${RPM_BUILD_ROOT}%{strongswan_docdir}/
install -m755 -d $RPM_BUILD_ROOT%{_localstatedir}/run/strongswan
install -d -m755 $RPM_BUILD_ROOT%{_localstatedir}/run/strongswan
%post libs0
%{run_ldconfig}
@ -354,10 +357,12 @@ test -d %{_localstatedir}/run/strongswan || \
%preun ipsec
%{stop_on_removal ipsec}
if test -s %{_sysconfdir}/ipsec.secrets.rpmsave ; then
cp -p --backup=numbered %{_sysconfdir}/ipsec.secrets.rpmsave %{_sysconfdir}/ipsec.secrets.rpmsave.old
cp -p --backup=numbered %{_sysconfdir}/ipsec.secrets.rpmsave \
%{_sysconfdir}/ipsec.secrets.rpmsave.old
fi
if test -s %{_sysconfdir}/ipsec.conf.rpmsave ; then
cp -p --backup=numbered %{_sysconfdir}/ipsec.conf.rpmsave %{_sysconfdir}/ipsec.conf.rpmsave.old
cp -p --backup=numbered %{_sysconfdir}/ipsec.conf.rpmsave \
%{_sysconfdir}/ipsec.conf.rpmsave.old
fi
%postun ipsec
@ -389,11 +394,14 @@ fi
%{_mandir}/man5/ipsec.secrets.5*
%{_mandir}/man5/strongswan.conf.5*
%dir %{_libexecdir}/ipsec
%{_libexecdir}/ipsec/_copyright
%{_libexecdir}/ipsec/_updown
%{_libexecdir}/ipsec/_updown_espmark
%{_libexecdir}/ipsec/_copyright
%{_libexecdir}/ipsec/pki
%{_libexecdir}/ipsec/conftest
%{_libexecdir}/ipsec/duplicheck
%{_libexecdir}/ipsec/openac
%{_libexecdir}/ipsec/pki
%{_libexecdir}/ipsec/pool
%{_libexecdir}/ipsec/scepclient
%{_libexecdir}/ipsec/starter
%{_libexecdir}/ipsec/stroke
@ -401,14 +409,7 @@ fi
%{strongswan_plugins}/libstrongswan-stroke.so
%{strongswan_plugins}/libstrongswan-updown.so
%files ikev1
%defattr(-,root,root)
%dir %{_libexecdir}/ipsec
%{_libexecdir}/ipsec/whack
%{_libexecdir}/ipsec/pluto
%{_libexecdir}/ipsec/_pluto_adns
%files ikev2
%files charon
%defattr(-,root,root)
%dir %{_libexecdir}/ipsec
%{_libexecdir}/ipsec/charon
@ -416,76 +417,85 @@ fi
%files doc
%defattr(-,root,root)
%dir %{strongswan_docdir}
%{strongswan_docdir}/TODO
%{strongswan_docdir}/NEWS
%{strongswan_docdir}/README
%{strongswan_docdir}/COPYING
%{strongswan_docdir}/CREDITS
%{_mandir}/man3/anyaddr.3*
%{_mandir}/man3/atoaddr.3*
%{_mandir}/man3/atoasr.3*
%{_mandir}/man3/atoul.3*
%{_mandir}/man3/goodmask.3*
%{_mandir}/man3/initaddr.3*
%{_mandir}/man3/initsubnet.3*
%{_mandir}/man3/portof.3*
%{_mandir}/man3/rangetosubnet.3*
%{_mandir}/man3/sameaddr.3*
%{_mandir}/man3/subnetof.3*
%{_mandir}/man3/ttoaddr.3*
%{_mandir}/man3/ttodata.3*
%{_mandir}/man3/ttosa.3*
%{_mandir}/man3/ttoul.3*
#%{strongswan_docdir}/TODO
#%{strongswan_docdir}/NEWS
#%{strongswan_docdir}/README
#%{strongswan_docdir}/COPYING
#%{strongswan_docdir}/CREDITS
#%{_mandir}/man3/anyaddr.3*
#%{_mandir}/man3/atoaddr.3*
#%{_mandir}/man3/atoasr.3*
#%{_mandir}/man3/atoul.3*
#%{_mandir}/man3/goodmask.3*
#%{_mandir}/man3/initaddr.3*
#%{_mandir}/man3/initsubnet.3*
#%{_mandir}/man3/portof.3*
#%{_mandir}/man3/rangetosubnet.3*
#%{_mandir}/man3/sameaddr.3*
#%{_mandir}/man3/subnetof.3*
#%{_mandir}/man3/ttoaddr.3*
#%{_mandir}/man3/ttodata.3*
#%{_mandir}/man3/ttosa.3*
#%{_mandir}/man3/ttoul.3*
%{_mandir}/man8/_updown.8*
%{_mandir}/man8/_updown_espmark.8*
%{_mandir}/man8/openac.8*
%{_mandir}/man8/pluto.8*
%{_mandir}/man8/scepclient.8*
%files libs0
%defattr(-,root,root)
%config(noreplace) %attr(600,root,root) %{_sysconfdir}/strongswan.conf
%dir %{_libexecdir}/ipsec
%dir %{_libexecdir}/ipsec/pool
#%dir %{_libexecdir}/ipsec/pool
%dir %{strongswan_libdir}
%{strongswan_libdir}/libchecksum.so
%{strongswan_libdir}/libhydra.so.0
%{strongswan_libdir}/libhydra.so.0.0.0
%{strongswan_libdir}/libcharon.so.0
%{strongswan_libdir}/libcharon.so.0.0.0
%{strongswan_libdir}/libradius.so.0
%{strongswan_libdir}/libradius.so.0.0.0
%{strongswan_libdir}/libsimaka.so.0
%{strongswan_libdir}/libsimaka.so.0.0.0
%{strongswan_libdir}/libstrongswan.so.0
%{strongswan_libdir}/libstrongswan.so.0.0.0
%{strongswan_libdir}/libcharon.so.*
%{strongswan_libdir}/libhydra.so.*
%{strongswan_libdir}/libradius.so.*
%{strongswan_libdir}/libsimaka.so.*
%{strongswan_libdir}/libstrongswan.so.*
%{strongswan_libdir}/libtls.so.*
%{strongswan_libdir}/libtnccs.so.*
%dir %{strongswan_plugins}
%{strongswan_plugins}/libstrongswan-addrblock.so
%{strongswan_plugins}/libstrongswan-aes.so
%{strongswan_plugins}/libstrongswan-af-alg.so
%{strongswan_plugins}/libstrongswan-agent.so
%{strongswan_plugins}/libstrongswan-attr.so
%{strongswan_plugins}/libstrongswan-attr-sql.so
%{strongswan_plugins}/libstrongswan-blowfish.so
%{strongswan_plugins}/libstrongswan-ccm.so
%{strongswan_plugins}/libstrongswan-certexpire.so
%{strongswan_plugins}/libstrongswan-cmac.so
%{strongswan_plugins}/libstrongswan-constraints.so
%{strongswan_plugins}/libstrongswan-coupling.so
%{strongswan_plugins}/libstrongswan-ctr.so
%{strongswan_plugins}/libstrongswan-curl.so
%{strongswan_plugins}/libstrongswan-des.so
%{strongswan_plugins}/libstrongswan-dhcp.so
%{strongswan_plugins}/libstrongswan-dnskey.so
%{strongswan_plugins}/libstrongswan-duplicheck.so
%{strongswan_plugins}/libstrongswan-eap-aka-3gpp2.so
%{strongswan_plugins}/libstrongswan-eap-aka.so
%{strongswan_plugins}/libstrongswan-eap-dynamic.so
%{strongswan_plugins}/libstrongswan-eap-gtc.so
%{strongswan_plugins}/libstrongswan-eap-identity.so
%{strongswan_plugins}/libstrongswan-eap-md5.so
%{strongswan_plugins}/libstrongswan-eap-mschapv2.so
%{strongswan_plugins}/libstrongswan-eap-peap.so
%{strongswan_plugins}/libstrongswan-eap-radius.so
%{strongswan_plugins}/libstrongswan-eap-sim-file.so
%{strongswan_plugins}/libstrongswan-eap-sim-pcsc.so
%{strongswan_plugins}/libstrongswan-eap-sim.so
%{strongswan_plugins}/libstrongswan-eap-simaka-pseudonym.so
%{strongswan_plugins}/libstrongswan-eap-simaka-reauth.so
%{strongswan_plugins}/libstrongswan-eap-simaka-sql.so
%{strongswan_plugins}/libstrongswan-eap-sim-file.so
%{strongswan_plugins}/libstrongswan-eap-sim.so
%{strongswan_plugins}/libstrongswan-eap-tls.so
%{strongswan_plugins}/libstrongswan-eap-tnc.so
%{strongswan_plugins}/libstrongswan-eap-ttls.so
%{strongswan_plugins}/libstrongswan-farp.so
%{strongswan_plugins}/libstrongswan-fips-prf.so
%{strongswan_plugins}/libstrongswan-gcm.so
%if %with_gcrypt
%{strongswan_plugins}/libstrongswan-gcrypt.so
%endif
@ -494,23 +504,33 @@ fi
%{strongswan_plugins}/libstrongswan-hmac.so
%{strongswan_plugins}/libstrongswan-kernel-netlink.so
%{strongswan_plugins}/libstrongswan-ldap.so
%{strongswan_plugins}/libstrongswan-led.so
%{strongswan_plugins}/libstrongswan-md4.so
%{strongswan_plugins}/libstrongswan-md5.so
%{strongswan_plugins}/libstrongswan-nonce.so
%{strongswan_plugins}/libstrongswan-openssl.so
%{strongswan_plugins}/libstrongswan-pem.so
%{strongswan_plugins}/libstrongswan-pgp.so
%{strongswan_plugins}/libstrongswan-pkcs1.so
%{strongswan_plugins}/libstrongswan-pkcs11.so
%{strongswan_plugins}/libstrongswan-pkcs8.so
%{strongswan_plugins}/libstrongswan-pubkey.so
%{strongswan_plugins}/libstrongswan-radattr.so
%{strongswan_plugins}/libstrongswan-random.so
%{strongswan_plugins}/libstrongswan-resolve.so
%{strongswan_plugins}/libstrongswan-revocation.so
%{strongswan_plugins}/libstrongswan-sha1.so
%{strongswan_plugins}/libstrongswan-sha2.so
%{strongswan_plugins}/libstrongswan-socket*.so
%{strongswan_plugins}/libstrongswan-smp.so
%{strongswan_plugins}/libstrongswan-socket-default.so
%{strongswan_plugins}/libstrongswan-soup.so
%{strongswan_plugins}/libstrongswan-sql.so
%{strongswan_plugins}/libstrongswan-tnc-tnccs.so
%{strongswan_plugins}/libstrongswan-unity.so
%{strongswan_plugins}/libstrongswan-x509.so
%{strongswan_plugins}/libstrongswan-xauth.so
%{strongswan_plugins}/libstrongswan-xauth-eap.so
%{strongswan_plugins}/libstrongswan-xauth-generic.so
%{strongswan_plugins}/libstrongswan-xauth-pam.so
%{strongswan_plugins}/libstrongswan-xcbc.so
%dir %ghost %{_localstatedir}/run/strongswan
@ -520,7 +540,7 @@ fi
%defattr(-,root,root)
%dir %{_libexecdir}/ipsec
%dir %{strongswan_plugins}
%{strongswan_plugins}/libstrongswan-nm.so
%{_libexecdir}/ipsec/charon-nm
%endif
%if %with_mysql

18
strongswan_modprobe_syslog.patch
View File

@ -1,6 +1,6 @@
--- src/starter/klips.c
+++ src/starter/klips.c 2010/03/02 16:43:05
@@ -34,7 +34,7 @@ starter_klips_init(void)
+++ src/starter/klips.c 2012/10/30 17:07:23
@@ -30,7 +30,7 @@ bool starter_klips_init(void)
/* ipsec module makes the pf_key proc interface visible */
if (stat(PROC_MODULES, &stb) == 0)
{
@ -9,7 +9,7 @@
}
/* now test again */
@@ -48,9 +48,9 @@ starter_klips_init(void)
@@ -42,9 +42,9 @@ bool starter_klips_init(void)
}
/* load crypto algorithm modules */
@ -20,11 +20,11 @@
+ ignore_result(system("modprobe -s ipsec_blowfish"));
+ ignore_result(system("modprobe -s ipsec_sha2"));
DBG(DBG_CONTROL,
DBG_log("Found KLIPS IPsec stack")
DBG2(DBG_APP, "found KLIPS IPsec stack");
return TRUE;
--- src/starter/netkey.c
+++ src/starter/netkey.c 2010/03/02 16:43:05
@@ -34,7 +34,7 @@ starter_netkey_init(void)
+++ src/starter/netkey.c 2012/10/30 17:07:02
@@ -31,7 +31,7 @@ bool starter_netkey_init(void)
/* af_key module makes the netkey proc interface visible */
if (stat(PROC_MODULES, &stb) == 0)
{
@ -33,7 +33,7 @@
}
/* now test again */
@@ -50,11 +50,11 @@ starter_netkey_init(void)
@@ -45,11 +45,11 @@ bool starter_netkey_init(void)
/* make sure that all required IPsec modules are loaded */
if (stat(PROC_MODULES, &stb) == 0)
{
@ -49,4 +49,4 @@
+ ignore_result(system("modprobe -s xfrm_user"));
}
DBG(DBG_CONTROL,
DBG2(DBG_APP, "found netkey IPsec stack");