LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24945 Commits
1 Branch
46 MiB
Tree: 7fe327a31a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7fe327a31a'
${ noResults }
openwrt-packages-dist/net/frr/patches/053-nhrpd_replace_socket.patch

82 lines
2.9 KiB
Raw Normal View History

frr: update to 7.5.1 and backports Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
3 years ago
 
  1. From 354196c027e81affb05163a6c3676eef1ba06dd9 Mon Sep 17 00:00:00 2001
  2. From: Zoran Pericic <zpericic@netst.org>
  3. Date: Sat, 25 Jan 2020 19:38:39 +0100
  4. Subject: [PATCH] nhrp: Make vici socket path configurable
  5. MIME-Version: 1.0
  6. Content-Type: text/plain; charset=UTF-8
  7. Content-Transfer-Encoding: 8bit
  8. 

  9. nhrp: Configure vici socket path using
  10. 

  11. configure --with-vici-socket=/var/run/charon.vici
  12. 

  13. If not specified default to /var/run/charon.vici
  14. 

  15. Signed-off-by: Zoran Peričić <zpericic@netst.org>
  16. ---

  17.  configure.ac              | 8 ++++++++
  18.  doc/user/installation.rst | 4 ++++
  19.  nhrpd/README.nhrpd        | 3 ++-
  20.  nhrpd/vici.c              | 2 +-
  21.  4 files changed, 15 insertions(+), 2 deletions(-)
  22. 

  23. --- a/configure.ac

  24. +++ b/configure.ac

  25. @@ -139,6 +139,13 @@ AC_ARG_WITH([yangmodelsdir], [AS_HELP_ST

  26.  ])
  27.  AC_SUBST([yangmodelsdir])
  28.  
  29. +AC_ARG_WITH([vici-socket], [AS_HELP_STRING([--with-vici-socket=PATH], [vici-socket (/var/run/charon.vici)])], [

  30. +	vici_socket="$withval"

  31. +], [

  32. +	vici_socket="/var/run/charon.vici"

  33. +])

  34. +AC_DEFINE_UNQUOTED([VICI_SOCKET], ["$vici_socket"], [StrongSWAN vici socket path])

  35. +

  36.  AC_ARG_ENABLE(tcmalloc,
  37.  	AS_HELP_STRING([--enable-tcmalloc], [Turn on tcmalloc]),
  38.  [case "${enableval}" in
  39. @@ -2480,6 +2487,7 @@ group for vty sockets   : ${enable_vty_g

  40.  config file mask        : ${enable_configfile_mask}
  41.  log file mask           : ${enable_logfile_mask}
  42.  zebra protobuf enabled  : ${enable_protobuf:-no}
  43. +vici socket path        : ${vici_socket}

  44.  
  45.  The above user and group must have read/write access to the state file
  46.  directory and to the config files in the config file directory."
  47. --- a/doc/user/installation.rst

  48. +++ b/doc/user/installation.rst

  49. @@ -383,6 +383,10 @@ options to the configuration script.

  50.     Look for YANG modules in `dir` [`prefix`/share/yang]. Note that the FRR
  51.     YANG modules will be installed here.
  52.  
  53. +.. option:: --with-vici-socket <path>

  54. +

  55. +   Set StrongSWAN vici interface socket path [/var/run/charon.vici].

  56. +

  57.  Python dependency, documentation and tests
  58.  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  59.  
  60. --- a/nhrpd/README.nhrpd

  61. +++ b/nhrpd/README.nhrpd

  62. @@ -126,7 +126,8 @@ Integration with strongSwan

  63.  
  64.  Contrary to opennhrp, Quagga/NHRP has tight integration with IKE daemon.
  65.  Currently strongSwan is supported using the VICI protocol. strongSwan
  66. -is connected using UNIX socket (hardcoded now as /var/run/charon.vici).

  67. +is connected using UNIX socket (default /var/run/charon.vici use configure

  68. +argument --with-vici-socket= to change).

  69.  Thus nhrpd needs to be run as user that can open that file.
  70.  
  71.  Currently, you will need patched strongSwan. The working tree is at:
  72. --- a/nhrpd/vici.c

  73. +++ b/nhrpd/vici.c

  74. @@ -478,7 +478,7 @@ static int vici_reconnect(struct thread

  75.  	if (vici->fd >= 0)
  76.  		return 0;
  77.  
  78. -	fd = sock_open_unix("/var/run/charon.vici");

  79. +	fd = sock_open_unix(VICI_SOCKET);

  80.  	if (fd < 0) {
  81.  		debugf(NHRP_DEBUG_VICI,
  82.  		       "%s: failure connecting VICI socket: %s", __func__,