From 6c3d30c0cbe237b04982b2a83a3a585e9482ed17 Mon Sep 17 00:00:00 2001 From: Noel Kuntze Date: Sun, 18 Jul 2021 04:30:35 +0200 Subject: [PATCH] strongswan: update to version 5.9.3 Signed-off-by: Noel Kuntze --- net/strongswan/Makefile | 6 +- ...lding-with-musl-on-openwrt-taken-ve.patch} | 80 +++++++++++-------- ...-patch-from-openwrt-package-sources.patch} | 9 +++ ...c-script-to-work-with-musl-sleep-.-P.patch | 21 +++++ ...hotplug-call-ipsec-1-in-updown-scri.patch} | 10 +++ ...-implements-gmp-DH-functions-in-an-.patch} | 28 +++++-- net/strongswan/patches/210-sleep.patch | 11 --- 7 files changed, 114 insertions(+), 51 deletions(-) rename net/strongswan/patches/{101-musl-fixes.patch => 0900-src-Patch-for-building-with-musl-on-openwrt-taken-ve.patch} (74%) rename net/strongswan/patches/{203-uci.patch => 0901-uci-verbatim-patch-from-openwrt-package-sources.patch} (69%) create mode 100644 net/strongswan/patches/0902-ipsec-Patch-ipsec-script-to-work-with-musl-sleep-.-P.patch rename net/strongswan/patches/{300-include-ipsec-hotplug.patch => 0903-updown-Call-sbin-hotplug-call-ipsec-1-in-updown-scri.patch} (63%) rename net/strongswan/patches/{305-minimal_dh_plugin.patch => 0904-gmpdh-Plugin-that-implements-gmp-DH-functions-in-an-.patch} (85%) delete mode 100644 net/strongswan/patches/210-sleep.patch diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index cba7e073d..0ac0dd1fd 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan -PKG_VERSION:=5.9.2 -PKG_RELEASE:=12 +PKG_VERSION:=5.9.3 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/ -PKG_HASH:=61c72f741edb2c1295a7b7ccce0317a104b3f9d39efd04c52cd05b01b55ab063 +PKG_HASH:=9325ab56a0a4e97e379401e1d942ce3e0d8b6372291350ab2caae0755862c6f7 PKG_LICENSE:=GPL-2.0-or-later PKG_MAINTAINER:=Philip Prindeville , Noel Kuntze PKG_CPE_ID:=cpe:/a:strongswan:strongswan diff --git a/net/strongswan/patches/101-musl-fixes.patch b/net/strongswan/patches/0900-src-Patch-for-building-with-musl-on-openwrt-taken-ve.patch similarity index 74% rename from net/strongswan/patches/101-musl-fixes.patch rename to net/strongswan/patches/0900-src-Patch-for-building-with-musl-on-openwrt-taken-ve.patch index d17a3c6ce..e60206773 100644 --- a/net/strongswan/patches/101-musl-fixes.patch +++ b/net/strongswan/patches/0900-src-Patch-for-building-with-musl-on-openwrt-taken-ve.patch @@ -1,3 +1,51 @@ +From 27a54379cf3c48ff63c02a4a9f023297bba60d45 Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:29:43 +0200 +Subject: [PATCH 900/904] src: Patch for building with musl on openwrt (taken + verbatim from openwrt package sources) + +--- + .../kernel_netlink/kernel_netlink_ipsec.c | 1 + + .../kernel_netlink/kernel_netlink_net.c | 2 + + .../kernel_netlink/kernel_netlink_shared.c | 2 + + src/libstrongswan/library.h | 1 + + src/libstrongswan/musl.h | 38 +++++++++++++++++++ + .../plugins/bliss/bliss_huffman.c | 2 + + 6 files changed, 46 insertions(+) + create mode 100644 src/libstrongswan/musl.h + +--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c ++++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c +@@ -40,6 +40,7 @@ + */ + + #define _GNU_SOURCE ++#include + #include + #include + #include +--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c ++++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c +@@ -37,6 +37,8 @@ + * THE SOFTWARE. + */ + ++#include "musl.h" ++ + #include + #include + #include +--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c ++++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c +@@ -39,6 +39,8 @@ + * THE SOFTWARE. + */ + ++#include "musl.h" ++ + #include + #include + #include --- a/src/libstrongswan/library.h +++ b/src/libstrongswan/library.h @@ -118,6 +118,7 @@ @@ -49,38 +97,6 @@ +#undef blkcnt_t +#undef crypt +#undef encrypt ---- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c -+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c -@@ -40,6 +40,7 @@ - */ - - #define _GNU_SOURCE -+#include - #include - #include - #include ---- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c -+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c -@@ -37,6 +37,8 @@ - * THE SOFTWARE. - */ - -+#include "musl.h" -+ - #include - #include - #include ---- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c -+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c -@@ -39,6 +39,8 @@ - * THE SOFTWARE. - */ - -+#include "musl.h" -+ - #include - #include - #include --- a/src/libstrongswan/plugins/bliss/bliss_huffman.c +++ b/src/libstrongswan/plugins/bliss/bliss_huffman.c @@ -17,6 +17,8 @@ diff --git a/net/strongswan/patches/203-uci.patch b/net/strongswan/patches/0901-uci-verbatim-patch-from-openwrt-package-sources.patch similarity index 69% rename from net/strongswan/patches/203-uci.patch rename to net/strongswan/patches/0901-uci-verbatim-patch-from-openwrt-package-sources.patch index 21ae848bf..4056fe345 100644 --- a/net/strongswan/patches/203-uci.patch +++ b/net/strongswan/patches/0901-uci-verbatim-patch-from-openwrt-package-sources.patch @@ -1,3 +1,12 @@ +From 81be4fa54760aa4fed53c6d93da443f57a66f262 Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:30:32 +0200 +Subject: [PATCH 901/904] uci: verbatim patch from openwrt package sources + +--- + src/libcharon/plugins/uci/uci_parser.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + --- a/src/libcharon/plugins/uci/uci_parser.c +++ b/src/libcharon/plugins/uci/uci_parser.c @@ -75,7 +75,7 @@ METHOD(enumerator_t, section_enumerator_ diff --git a/net/strongswan/patches/0902-ipsec-Patch-ipsec-script-to-work-with-musl-sleep-.-P.patch b/net/strongswan/patches/0902-ipsec-Patch-ipsec-script-to-work-with-musl-sleep-.-P.patch new file mode 100644 index 000000000..830ff939f --- /dev/null +++ b/net/strongswan/patches/0902-ipsec-Patch-ipsec-script-to-work-with-musl-sleep-.-P.patch @@ -0,0 +1,21 @@ +From d71ec4f26a1334e78a38fa44a1271c52a029e3b4 Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:31:36 +0200 +Subject: [PATCH 902/904] ipsec: Patch `ipsec` script to work with musl + `sleep`. Patch taken verbatim from openwrt package sources. + +--- + src/ipsec/_ipsec.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/ipsec/_ipsec.in ++++ b/src/ipsec/_ipsec.in +@@ -257,7 +257,7 @@ stop) + loop=110 + while [ $loop -gt 0 ] ; do + kill -0 $spid 2>/dev/null || break +- sleep 0.1 2>/dev/null ++ sleep 1 2>/dev/null + if [ $? -ne 0 ] + then + sleep 1 diff --git a/net/strongswan/patches/300-include-ipsec-hotplug.patch b/net/strongswan/patches/0903-updown-Call-sbin-hotplug-call-ipsec-1-in-updown-scri.patch similarity index 63% rename from net/strongswan/patches/300-include-ipsec-hotplug.patch rename to net/strongswan/patches/0903-updown-Call-sbin-hotplug-call-ipsec-1-in-updown-scri.patch index a61da3a48..e6721fc98 100644 --- a/net/strongswan/patches/300-include-ipsec-hotplug.patch +++ b/net/strongswan/patches/0903-updown-Call-sbin-hotplug-call-ipsec-1-in-updown-scri.patch @@ -1,3 +1,13 @@ +From c779da992bdd440e336383da0eb75ef3a2ea6cde Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:32:20 +0200 +Subject: [PATCH 903/904] updown: Call /sbin/hotplug-call ipsec "$1" in updown + script. Patch taken verbatim from openwrt package sources. + +--- + src/_updown/_updown.in | 7 +++++++ + 1 file changed, 7 insertions(+) + --- a/src/_updown/_updown.in +++ b/src/_updown/_updown.in @@ -22,6 +22,13 @@ diff --git a/net/strongswan/patches/305-minimal_dh_plugin.patch b/net/strongswan/patches/0904-gmpdh-Plugin-that-implements-gmp-DH-functions-in-an-.patch similarity index 85% rename from net/strongswan/patches/305-minimal_dh_plugin.patch rename to net/strongswan/patches/0904-gmpdh-Plugin-that-implements-gmp-DH-functions-in-an-.patch index 2302f17ee..eb3c38c3d 100644 --- a/net/strongswan/patches/305-minimal_dh_plugin.patch +++ b/net/strongswan/patches/0904-gmpdh-Plugin-that-implements-gmp-DH-functions-in-an-.patch @@ -1,3 +1,21 @@ +From 9f60c2ea6394facac55b90ef66466e1b9edef2a9 Mon Sep 17 00:00:00 2001 +From: Noel Kuntze +Date: Mon, 12 Jul 2021 01:34:23 +0200 +Subject: [PATCH 904/904] gmpdh: Plugin that implements gmp DH functions in an + extra plugin. Links and uses gmp plugin source and header files. Patch taken + verbatim from openwrt package sources. + +--- + configure.ac | 4 + + src/libstrongswan/Makefile.am | 7 ++ + src/libstrongswan/plugins/gmpdh/Makefile.am | 19 ++++ + .../plugins/gmpdh/gmpdh_plugin.c | 101 ++++++++++++++++++ + .../plugins/gmpdh/gmpdh_plugin.h | 42 ++++++++ + 5 files changed, 173 insertions(+) + create mode 100644 src/libstrongswan/plugins/gmpdh/Makefile.am + create mode 100644 src/libstrongswan/plugins/gmpdh/gmpdh_plugin.c + create mode 100644 src/libstrongswan/plugins/gmpdh/gmpdh_plugin.h + --- a/configure.ac +++ b/configure.ac @@ -146,6 +146,7 @@ ARG_DISBL_SET([fips-prf], [disable @@ -8,7 +26,7 @@ ARG_DISBL_SET([curve25519], [disable Curve25519 Diffie-Hellman plugin.]) ARG_DISBL_SET([hmac], [disable HMAC crypto implementation plugin.]) ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.]) -@@ -1478,6 +1479,7 @@ ADD_PLUGIN([botan], [s ch +@@ -1483,6 +1484,7 @@ ADD_PLUGIN([botan], [s ch ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen]) ADD_PLUGIN([fips-prf], [s charon nm cmd]) ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz]) @@ -16,7 +34,7 @@ ADD_PLUGIN([curve25519], [s charon pki scripts nm cmd]) ADD_PLUGIN([agent], [s charon nm cmd]) ADD_PLUGIN([keychain], [s charon cmd]) -@@ -1619,6 +1621,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x +@@ -1624,6 +1626,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue) AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue) AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue) @@ -24,7 +42,7 @@ AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue) AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue) AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue) -@@ -1896,6 +1899,7 @@ AC_CONFIG_FILES([ +@@ -1901,6 +1904,7 @@ AC_CONFIG_FILES([ src/libstrongswan/plugins/mgf1/Makefile src/libstrongswan/plugins/fips_prf/Makefile src/libstrongswan/plugins/gmp/Makefile @@ -65,9 +83,9 @@ + +libstrongswan_gmpdh_la_SOURCES = \ + gmpdh_plugin.h gmpdh_plugin.c \ -+ ../gmp/gmp_diffie_hellman.c ../gmp/gmp_diffie_hellman.h ++ ../gmp/gmp_diffie_hellman.c ../gmp/gmp_diffie_hellman.h ++ + -+ +libstrongswan_gmpdh_la_LDFLAGS = -module -avoid-version -Wl,-Bstatic -Wl,-lgmp -Wl,-Bdynamic -Wl,--as-needed $(FPIC) +libstrongswan_gmpdh_la_LIBADD = --- /dev/null diff --git a/net/strongswan/patches/210-sleep.patch b/net/strongswan/patches/210-sleep.patch deleted file mode 100644 index d8f2f3be2..000000000 --- a/net/strongswan/patches/210-sleep.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/ipsec/_ipsec.in -+++ b/src/ipsec/_ipsec.in -@@ -257,7 +257,7 @@ stop) - loop=110 - while [ $loop -gt 0 ] ; do - kill -0 $spid 2>/dev/null || break -- sleep 0.1 2>/dev/null -+ sleep 1 2>/dev/null - if [ $? -ne 0 ] - then - sleep 1