- bump version to 2.4.9

2007-09-18 13:02:25 +00:00 · 2007-09-18 13:02:25 +00:00 · acf1168bca
commit acf1168bca
parent be10c4a8c9
10 changed files with 59523 additions and 3 deletions
--- a/package/openswan/linux-2.6.22.6-openswan-2.4.9.kernel-2.6-klips.patch
+++ b/package/openswan/linux-2.6.22.6-openswan-2.4.9.kernel-2.6-klips.patch
--- a/package/openswan/linux-2.6.22.6-openswan-2.4.9.kernel-2.6-natt.patch
+++ b/package/openswan/linux-2.6.22.6-openswan-2.4.9.kernel-2.6-natt.patch
@ -0,0 +1,131 @@
+diff -rdupN linux-2.6.22.6.oorig/include/net/xfrmudp.h linux-2.6.22.6/include/net/xfrmudp.h
+--- linux-2.6.22.6.oorig/include/net/xfrmudp.h	1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.22.6/include/net/xfrmudp.h	2007-09-17 06:10:19.000000000 +0200
+@@ -0,0 +1,10 @@
+/*
+ * pointer to function for type that xfrm4_input wants, to permit
+ * decoupling of XFRM from udp.c
+ */
+#define HAVE_XFRM4_UDP_REGISTER
+
+typedef int (*xfrm4_rcv_encap_t)(struct sk_buff *skb, __u16 encap_type);
+extern int udp4_register_esp_rcvencap(xfrm4_rcv_encap_t func
+				      , xfrm4_rcv_encap_t *oldfunc);
+extern int udp4_unregister_esp_rcvencap(xfrm4_rcv_encap_t func);
+diff -rdupN linux-2.6.22.6.oorig/net/ipv4/Kconfig linux-2.6.22.6/net/ipv4/Kconfig
+--- linux-2.6.22.6.oorig/net/ipv4/Kconfig	2007-08-31 08:21:01.000000000 +0200
+++ linux-2.6.22.6/net/ipv4/Kconfig	2007-09-17 06:13:08.000000000 +0200
+@@ -362,6 +360,15 @@ config SYN_COOKIES
+ 
+ 	  If unsure, say N.
+ 
+config IPSEC_NAT_TRAVERSAL
+	bool "IPSEC NAT-Traversal (KLIPS compatible)"
+	depends on INET
+	---help---
+          Includes support for RFC3947/RFC3948 NAT-Traversal of ESP over UDP.
+
+	  server is really overloaded. If this happens frequently better turn
+	  them off.
+
+ config INET_AH
+ 	tristate "IP: AH transformation"
+ 	select XFRM
+diff -rdupN linux-2.6.22.6.oorig/net/ipv4/udp.c linux-2.6.22.6/net/ipv4/udp.c
+--- linux-2.6.22.6.oorig/net/ipv4/udp.c	2007-08-31 08:21:01.000000000 +0200
+++ linux-2.6.22.6/net/ipv4/udp.c	2007-09-17 06:10:19.000000000 +0200
+@@ -108,6 +108,7 @@
+  */
+ 
+ DEFINE_SNMP_STAT(struct udp_mib, udp_statistics) __read_mostly;
+#include <net/xfrmudp.h>
+ 
+ struct hlist_head udp_hash[UDP_HTABLE_SIZE];
+ DEFINE_RWLOCK(udp_hash_lock);
+@@ -919,6 +920,44 @@ int udp_disconnect(struct sock *sk, int 
+ 	return 0;
+ }
+ 
+#if defined(CONFIG_XFRM) || defined(CONFIG_IPSEC_NAT_TRAVERSAL)
+
+/* if XFRM isn't a module, then register it directly. */
+#if !defined(CONFIG_XFRM_MODULE) 
+static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = xfrm4_rcv_encap;
+#else
+static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = NULL;
+#endif
+
+static xfrm4_rcv_encap_t xfrm4_rcv_encap_func;
+
+int udp4_register_esp_rcvencap(xfrm4_rcv_encap_t func
+			       , xfrm4_rcv_encap_t *oldfunc)
+{
+  if(oldfunc != NULL) {
+    *oldfunc = xfrm4_rcv_encap_func;
+  }
+
+#if 0
+  if(xfrm4_rcv_encap_func != NULL)
+    return -1;
+#endif
+
+  xfrm4_rcv_encap_func = func;
+  return 0;
+}
+
+int udp4_unregister_esp_rcvencap(xfrm4_rcv_encap_t func)
+{
+  if(xfrm4_rcv_encap_func != func)
+    return -1;
+
+  xfrm4_rcv_encap_func = NULL;
+  return 0;
+}
+#endif /* CONFIG_XFRM || defined(CONFIG_IPSEC_NAT_TRAVERSAL)*/
+
+
+ /* return:
+  * 	1  if the UDP system should process it
+  *	0  if we should drop this packet
+@@ -926,9 +965,9 @@ int udp_disconnect(struct sock *sk, int 
+  */
+ static int udp_encap_rcv(struct sock * sk, struct sk_buff *skb)
+ {
+-#ifndef CONFIG_XFRM
+#if !defined(CONFIG_XFRM) && !defined(CONFIG_IPSEC_NAT_TRAVERSAL)
+ 	return 1;
+-#else
+#else /* either CONFIG_XFRM or CONFIG_IPSEC_NAT_TRAVERSAL */
+ 	struct udp_sock *up = udp_sk(sk);
+ 	struct udphdr *uh;
+ 	struct iphdr *iph;
+@@ -1056,10 +1095,14 @@ int udp_queue_rcv_skb(struct sock * sk, 
+ 			return 0;
+ 		}
+ 		if (ret < 0) {
+-			/* process the ESP packet */
+-			ret = xfrm4_rcv_encap(skb, up->encap_type);
+-			UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS, up->pcflag);
+-			return -ret;
+ 			if(xfrm4_rcv_encap_func != NULL) {
+ 			  ret = (*xfrm4_rcv_encap_func)(skb, up->encap_type);
+ 			  UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS);
+ 			} else {
+ 			  UDP_INC_STATS_BH(UDP_MIB_INERRORS);
+ 			  ret = 1;
+ 			}
+			return ret;
+ 		}
+ 		/* FALLTHROUGH -- it's a UDP Packet */
+ 	}
+@@ -1742,3 +1785,9 @@ EXPORT_SYMBOL(udp_poll);
+ EXPORT_SYMBOL(udp_proc_register);
+ EXPORT_SYMBOL(udp_proc_unregister);
+ #endif
+
+#if defined(CONFIG_IPSEC_NAT_TRAVERSAL)
+EXPORT_SYMBOL(udp4_register_esp_rcvencap);
+EXPORT_SYMBOL(udp4_unregister_esp_rcvencap);
+#endif
+
+
--- a/package/openswan/openswan-2.4.9-001-oswlog.patch
+++ b/package/openswan/openswan-2.4.9-001-oswlog.patch
--- a/package/openswan/openswan-2.4.9-002-oswlog.patch
+++ b/package/openswan/openswan-2.4.9-002-oswlog.patch
--- a/package/openswan/openswan-2.4.9-003-spi.patch
+++ b/package/openswan/openswan-2.4.9-003-spi.patch
--- a/package/openswan/openswan-2.4.9-004-alloc.patch
+++ b/package/openswan/openswan-2.4.9-004-alloc.patch
--- a/package/openswan/openswan-2.4.9-005-pluto.patch
+++ b/package/openswan/openswan-2.4.9-005-pluto.patch
--- a/package/openswan/openswan-2.4.9-006-linux-include.patch
+++ b/package/openswan/openswan-2.4.9-006-linux-include.patch
--- a/package/openswan/openswan-2.4.9-010-susv3-legacy.patch
+++ b/package/openswan/openswan-2.4.9-010-susv3-legacy.patch
--- a/package/openswan/openswan.mk
+++ b/package/openswan/openswan.mk
@ -6,7 +6,7 @@
 # to enable that within busybox
 #
 #############################################################
-OPENSWAN_VERSION:=2.4.8
+OPENSWAN_VERSION:=2.4.9
 OPENSWAN_SOURCE:=openswan-$(OPENSWAN_VERSION).tar.gz
 OPENSWAN_SITE:=http://www.openswan.org/download/
 OPENSWAN_DIR:=$(BUILD_DIR)/openswan-$(OPENSWAN_VERSION)
@ -32,9 +32,11 @@ $(OPENSWAN_DIR)/$(OPENSWAN_BINARY): $(OPENSWAN_DIR)/.unpacked
 	@echo "using kernel $(LINUX_KERNEL)"
 	$(TARGET_CONFIGURE_OPTS) \
 	$(MAKE) -C $(OPENSWAN_DIR) \
-		CC=$(TARGET_CC) LD=$(TARGET_LD) \
+		CC="$(TARGET_CC)" LD="$(TARGET_LD)" \
+		LDFLAGS="$(TARGET_LDFLAGS) $(BR2_SYSROOT)" \
+		LD_LIBRARY_PATH= \
 		KERNELSRC=$(LINUX_DIR) DESTDIR=$(TARGET_DIR) INC_USRLOCAL=/usr \
-		USERCOMPILE="$(OPENSWAN_CFLAGS) $(TARGET_CFLAGS) -I$(TARGET_DIR)/usr/include" programs
+		USERCOMPILE="$(OPENSWAN_CFLAGS) $(TARGET_CFLAGS) $(BR2_ISYSROOT) -I$(TARGET_DIR)/usr/include" programs

 $(TARGET_DIR)/$(OPENSWAN_TARGET_BINARY): $(OPENSWAN_DIR)/$(OPENSWAN_BINARY)
 	$(TARGET_CONFIGURE_OPTS) \