libreswan: update to 4.1

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2020-10-25 15:05:58 +02:00 · 2020-10-25 15:05:58 +02:00 · 80ac8dac11
commit 80ac8dac11
parent e07a33a917
6 changed files with 27 additions and 48 deletions
--- a/net/libreswan/Makefile
+++ b/net/libreswan/Makefile
@ -7,12 +7,12 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=libreswan
-PKG_VERSION:=3.32
+PKG_VERSION:=4.1
-PKG_RELEASE:=3
+PKG_RELEASE:=1
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://download.libreswan.org/
-PKG_HASH:=236b57fee8f562302c54f2b16d8a839a9039fcb5893668e61b398ec6b179432e
+PKG_HASH:=216444c3a2ede7bed5820648856fa5d9cc8fc4b4122bd4a1129d1a5954d9227d
 PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
 PKG_LICENSE:=GPL-2.0-or-later
@ -74,15 +74,15 @@ MAKE_FLAGS+= \
    USE_LABELED_IPSEC=false \
    USE_NM=false \
    USE_NSS_KDF=true \
    USE_NSS_PRF=true \
    USE_LIBCURL=false \
    USE_GLIBC_KERN_FLIP_HEADERS=true \
    USE_XAUTHPAM=false \
    USE_LIBCAP_NG=true \
    USE_SYSTEMD_WATCHDOG=false \
    USE_SECCOMP=false\
-    INC_USRLOCAL="/usr" \
+    PREFIX="/usr" \
    FINALRUNDIR="/var/run/pluto" \
    FINALNSSDIR="/etc/ipsec.d" \
    MODPROBEARGS="-q" \
    ARCH="$(LINUX_KARCH)" \
--- a/net/libreswan/patches/010-nanosleep.patch
+++ b/net/libreswan/patches/010-nanosleep.patch
@ -9,7 +9,7 @@
 #include <errno.h>
 #include "defs.h"
-@@ -172,7 +172,8 @@
+@@ -180,7 +180,8 @@
 	/* Send a duplicate packet when this impair is enabled - used for testing */
 	if (IMPAIR(JACOB_TWO_TWO)) {
 		/* sleep for half a second, and second another packet */
--- a/net/libreswan/patches/030-fix_musl_build.patch
+++ b/net/libreswan/patches/030-fix_musl_build.patch
@ -0,0 +1,10 @@
 --- a/include/fd.h	2020-10-25 12:29:43.527467613 +0200
 +++ b/include/fd.h	2020-10-25 12:27:41.043595114 +0200
@@ -26,6 +26,7 @@
 #include <stdbool.h>
 #include <stdlib.h>		/* for ssize_t */
 +#include <sys/types.h>
 #include "where.h"
--- a/net/libreswan/patches/030-fix_nss_3.52.patch
+++ b/net/libreswan/patches/030-fix_nss_3.52.patch
@ -1,30 +0,0 @@
 From db7715407efa43cd2a66caed67c02d8f7bb90b35 Mon Sep 17 00:00:00 2001
 From: Paul Wouters <pwouters@redhat.com>
 Date: Tue, 12 May 2020 12:56:38 -0400
 Subject: [PATCH] nss: move NSS_PKCS11_2_0_COMPAT define to
 ike_alg_encrypt_nss_gcm_ops.c
 It needs to go before any nss includes are done, and those includes are
 all over the place. But CK_GCM_PARAMS is only used in one file, so
 just define it there instead before the nss includes.
 ---
 lib/libswan/ike_alg_encrypt_nss_gcm_ops.c | 6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)
 diff --git a/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c b/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c
 index 93a027089a..571913cc1e 100644
 --- a/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c
 +++ b/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c
@@ -16,6 +16,12 @@
 #include <stdio.h>
 #include <stdlib.h>
 +/*
 + * Special advise from Bob Relyea - needs to go before any nss include
 + *
 + */
 +#define NSS_PKCS11_2_0_COMPAT 1
 +
 #include "lswlog.h"
 #include "lswnss.h"
 #include "prmem.h"
--- a/net/libreswan/patches/040-disable_man.patch
+++ b/net/libreswan/patches/040-disable_man.patch
@ -0,0 +1,11 @@
 --- a/mk/targets.mk	2020-10-25 12:47:38.504784276 +0200
 +++ b/mk/targets.mk	2020-10-25 12:48:16.242123361 +0200
@@ -64,7 +64,7 @@
 #
 # For each define: TARGET clean-TARGET install-TARGET
 -TARGETS = base manpages
 +TARGETS = base
 $(foreach target,$(TARGETS),$(eval $(call recursive-target,$(target))))
--- a/net/libreswan/patches/099-continue_on_missing_ipv6.patch
+++ b/net/libreswan/patches/099-continue_on_missing_ipv6.patch
@ -1,12 +0,0 @@
 --- a/programs/pluto/kernel_xfrm.c	2020-05-16 19:12:30.107226478 +0300
 +++ b/programs/pluto/kernel_xfrm.c	2020-05-16 19:20:25.735522574 +0300
@@ -2759,7 +2759,8 @@
 			LOG_ERRNO(errno, "\"%s\"", proc_f);
 		}
 	} else {
 -		LOG_ERRNO(errno, "could not stat \"%s\"", proc_f);
 +		DBG(DBG_KERNEL, DBG_log("starting without ipv6 support!"));
 +		disable_ipv6 = 1;
 	}
 	if (disable_ipv6 == 1) {