Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

libreswan: update to 3.30

Browse source 
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
This commit is contained in:
Lucian Cristian 2020-02-25 22:49:52 +02:00
parent bfc6828ef2
commit f37d1b698d
3 changed files with 7 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
net/libreswan/Makefile
View file

@ -7,12 +7,12 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=libreswan PKG_NAME:=libreswan
PKG_VERSION:=3.29 PKG_VERSION:=3.30
PKG_RELEASE:=3 PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://download.libreswan.org/ PKG_SOURCE_URL:=https://download.libreswan.org/
PKG_HASH:=d60e4160f43272b6307b697a13f79f56b5ec2bca61d83097ddadd8586a58ab3e PKG_HASH:=9c880ba2d8f3a430cda4b3064d51d1caffb3597573f7d693eba043930b279caf
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com> PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later PKG_LICENSE:=GPL-2.0-or-later

34
net/libreswan/patches/000-dh31-auto-detect.patch
View file

@ -1,34 +0,0 @@
From 9126ec99ca9e136666cbba5b48a8a02cb11350e0 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Mon, 15 Oct 2018 11:16:54 -0400
Subject: [PATCH] Automatically detect whether Curve25519 is available in NSS
for USE_DH31
currently, USE_DH31 defaults to true.
On some platforms, where older versions of NSS are in use, this should
default to false.
This patch automatically detects such systems and disables USE_DH31 on
those platforms.
It produces some amount of noise on stderr about CURVE_25519 during
the build on those older platforms, but that seems ok to me, since
those platforms should know that they're missing a modern feature.
If you prefer less noise, i'd be happy with any modification that does
a similar sort of autodetection.
diff --git a/mk/userland-cflags.mk b/mk/userland-cflags.mk
index d0a88b1aa1..7d88874b1c 100644
--- a/mk/userland-cflags.mk
+++ b/mk/userland-cflags.mk
@@ -240,7 +240,7 @@ ifeq ($(USE_DH24),true)
USERLAND_CFLAGS += -DUSE_DH24
endif
-USE_DH31 ?= true
+USE_DH31 ?= $(shell if printf '\#include <secoidt.h>\nint main() { return SEC_OID_CURVE25519; }\n'| $(CC) -x c $$(pkg-config --cflags nss) -o /dev/null -; then echo true; else echo false; fi )
ifeq ($(USE_DH31),true)
USERLAND_CFLAGS += -DUSE_DH31
endif

8
net/libreswan/patches/010-nanosleep.patch
View file

@ -9,13 +9,13 @@
#include <errno.h> #include <errno.h>
#include "defs.h" #include "defs.h"
@@ -173,7 +173,8 @@ bool send_chunks(const char *where, bool just_a_keepalive, @@ -172,7 +172,8 @@
/* Send a duplicate packet when this impair is enabled - used for testing */ /* Send a duplicate packet when this impair is enabled - used for testing */
if (IMPAIR(JACOB_TWO_TWO)) { if (IMPAIR(JACOB_TWO_TWO)) {
/* sleep for half a second, and second another packet */ /* sleep for half a second, and second another packet */
- usleep(500000); - usleep(500000);
+ const struct timespec req = {0, 500 * 1000 * 1000}; + const struct timespec req = {0, 500 * 1000 * 1000};
+ nanosleep(&req, NULL); + nanosleep(&req, NULL);
ip_endpoint_buf b; endpoint_buf b;
endpoint_buf ib;
DBG_log("JACOB 2-2: resending %zu bytes for %s through %s:%d to %s:", DBG_log("JACOB 2-2: resending %zu bytes for %s through %s from %s to %s:",