strongswan: update to version 5.9.3

Signed-off-by: Noel Kuntze <noel.kuntze@thermi.consulting>
2021-07-18 04:30:35 +02:00 · 2021-07-18 04:30:35 +02:00 · 6c3d30c0cb
parent ad61196780
commit 6c3d30c0cb
7 changed files with 114 additions and 51 deletions
--- a/net/strongswan/Makefile
+++ b/net/strongswan/Makefile
@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=strongswan
-PKG_VERSION:=5.9.2
-PKG_RELEASE:=12
+PKG_VERSION:=5.9.3
+PKG_RELEASE:=1

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
-PKG_HASH:=61c72f741edb2c1295a7b7ccce0317a104b3f9d39efd04c52cd05b01b55ab063
+PKG_HASH:=9325ab56a0a4e97e379401e1d942ce3e0d8b6372291350ab2caae0755862c6f7
 PKG_LICENSE:=GPL-2.0-or-later
 PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noel Kuntze <noel.kuntze@thermi.consulting>
 PKG_CPE_ID:=cpe:/a:strongswan:strongswan
--- a/net/strongswan/patches/0900-src-Patch-for-building-with-musl-on-openwrt-taken-ve.patch
+++ b/net/strongswan/patches/0900-src-Patch-for-building-with-musl-on-openwrt-taken-ve.patch
@ -1,3 +1,51 @@
+From 27a54379cf3c48ff63c02a4a9f023297bba60d45 Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:29:43 +0200
+Subject: [PATCH 900/904] src: Patch for building with musl on openwrt (taken
+ verbatim from openwrt package sources)
+
+---
+ .../kernel_netlink/kernel_netlink_ipsec.c     |  1 +
+ .../kernel_netlink/kernel_netlink_net.c       |  2 +
+ .../kernel_netlink/kernel_netlink_shared.c    |  2 +
+ src/libstrongswan/library.h                   |  1 +
+ src/libstrongswan/musl.h                      | 38 +++++++++++++++++++
+ .../plugins/bliss/bliss_huffman.c             |  2 +
+ 6 files changed, 46 insertions(+)
+ create mode 100644 src/libstrongswan/musl.h
+
+--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
+@@ -40,6 +40,7 @@
+  */
+ 
+ #define _GNU_SOURCE
+#include <musl.h>
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <sys/ioctl.h>
+--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
+@@ -37,6 +37,8 @@
+  * THE SOFTWARE.
+  */
+ 
+#include "musl.h"
+
+ #include <sys/socket.h>
+ #include <sys/utsname.h>
+ #include <linux/netlink.h>
+--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
+@@ -39,6 +39,8 @@
+  * THE SOFTWARE.
+  */
+ 
+#include "musl.h"
+
+ #include <sys/socket.h>
+ #include <linux/netlink.h>
+ #include <linux/rtnetlink.h>
 --- a/src/libstrongswan/library.h
 +++ b/src/libstrongswan/library.h
@@ -118,6 +118,7 @@
@ -49,38 +97,6 @@
 +#undef blkcnt_t
 +#undef crypt
 +#undef encrypt
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
-+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
-@@ -40,6 +40,7 @@
-  */
- 
- #define _GNU_SOURCE
-+#include <musl.h>
- #include <sys/types.h>
- #include <sys/socket.h>
- #include <sys/ioctl.h>
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
-+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
-@@ -37,6 +37,8 @@
-  * THE SOFTWARE.
-  */
- 
-+#include "musl.h"
-+
- #include <sys/socket.h>
- #include <sys/utsname.h>
- #include <linux/netlink.h>
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
-+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
-@@ -39,6 +39,8 @@
-  * THE SOFTWARE.
-  */
- 
-+#include "musl.h"
-+
- #include <sys/socket.h>
- #include <linux/netlink.h>
- #include <linux/rtnetlink.h>
 --- a/src/libstrongswan/plugins/bliss/bliss_huffman.c
 +++ b/src/libstrongswan/plugins/bliss/bliss_huffman.c
@@ -17,6 +17,8 @@
--- a/net/strongswan/patches/0901-uci-verbatim-patch-from-openwrt-package-sources.patch
+++ b/net/strongswan/patches/0901-uci-verbatim-patch-from-openwrt-package-sources.patch
@ -1,3 +1,12 @@
+From 81be4fa54760aa4fed53c6d93da443f57a66f262 Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:30:32 +0200
+Subject: [PATCH 901/904] uci: verbatim patch from openwrt package sources
+
+---
+ src/libcharon/plugins/uci/uci_parser.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
 --- a/src/libcharon/plugins/uci/uci_parser.c
 +++ b/src/libcharon/plugins/uci/uci_parser.c
@@ -75,7 +75,7 @@ METHOD(enumerator_t, section_enumerator_
--- a/net/strongswan/patches/0902-ipsec-Patch-ipsec-script-to-work-with-musl-sleep-.-P.patch
+++ b/net/strongswan/patches/0902-ipsec-Patch-ipsec-script-to-work-with-musl-sleep-.-P.patch
@ -0,0 +1,21 @@
+From d71ec4f26a1334e78a38fa44a1271c52a029e3b4 Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:31:36 +0200
+Subject: [PATCH 902/904] ipsec: Patch `ipsec` script to work with musl
+ `sleep`. Patch taken verbatim from openwrt package sources.
+
+---
+ src/ipsec/_ipsec.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/ipsec/_ipsec.in
+++ b/src/ipsec/_ipsec.in
+@@ -257,7 +257,7 @@ stop)
+ 			loop=110
+ 			while [ $loop -gt 0 ] ; do
+ 				kill -0 $spid 2>/dev/null || break
+-				sleep 0.1 2>/dev/null
+				sleep 1 2>/dev/null
+ 				if [ $? -ne 0 ]
+ 				then
+ 					sleep 1
--- a/net/strongswan/patches/0903-updown-Call-sbin-hotplug-call-ipsec-1-in-updown-scri.patch
+++ b/net/strongswan/patches/0903-updown-Call-sbin-hotplug-call-ipsec-1-in-updown-scri.patch
@ -1,3 +1,13 @@
+From c779da992bdd440e336383da0eb75ef3a2ea6cde Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:32:20 +0200
+Subject: [PATCH 903/904] updown: Call /sbin/hotplug-call ipsec "$1" in updown
+ script. Patch taken verbatim from openwrt package sources.
+
+---
+ src/_updown/_updown.in | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
 --- a/src/_updown/_updown.in
 +++ b/src/_updown/_updown.in
@@ -22,6 +22,13 @@
--- a/net/strongswan/patches/0904-gmpdh-Plugin-that-implements-gmp-DH-functions-in-an-.patch
+++ b/net/strongswan/patches/0904-gmpdh-Plugin-that-implements-gmp-DH-functions-in-an-.patch
@ -1,3 +1,21 @@
+From 9f60c2ea6394facac55b90ef66466e1b9edef2a9 Mon Sep 17 00:00:00 2001
+From: Noel Kuntze <noel.kuntze@thermi.consulting>
+Date: Mon, 12 Jul 2021 01:34:23 +0200
+Subject: [PATCH 904/904] gmpdh: Plugin that implements gmp DH functions in an
+ extra plugin. Links and uses gmp plugin source and header files. Patch taken
+ verbatim from openwrt package sources.
+
+---
+ configure.ac                                  |   4 +
+ src/libstrongswan/Makefile.am                 |   7 ++
+ src/libstrongswan/plugins/gmpdh/Makefile.am   |  19 ++++
+ .../plugins/gmpdh/gmpdh_plugin.c              | 101 ++++++++++++++++++
+ .../plugins/gmpdh/gmpdh_plugin.h              |  42 ++++++++
+ 5 files changed, 173 insertions(+)
+ create mode 100644 src/libstrongswan/plugins/gmpdh/Makefile.am
+ create mode 100644 src/libstrongswan/plugins/gmpdh/gmpdh_plugin.c
+ create mode 100644 src/libstrongswan/plugins/gmpdh/gmpdh_plugin.h
+
 --- a/configure.ac
 +++ b/configure.ac
@@ -146,6 +146,7 @@ ARG_DISBL_SET([fips-prf],       [disable
@ -8,7 +26,7 @@
 ARG_DISBL_SET([curve25519],     [disable Curve25519 Diffie-Hellman plugin.])
 ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
 ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
-@@ -1478,6 +1479,7 @@ ADD_PLUGIN([botan],                [s ch
+@@ -1483,6 +1484,7 @@ ADD_PLUGIN([botan],                [s ch
 ADD_PLUGIN([af-alg],               [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
 ADD_PLUGIN([fips-prf],             [s charon nm cmd])
 ADD_PLUGIN([gmp],                  [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz])
@ -16,7 +34,7 @@
 ADD_PLUGIN([curve25519],           [s charon pki scripts nm cmd])
 ADD_PLUGIN([agent],                [s charon nm cmd])
 ADD_PLUGIN([keychain],             [s charon cmd])
-@@ -1619,6 +1621,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x
+@@ -1624,6 +1626,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x
 AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue)
 AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
 AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
@ -24,7 +42,7 @@
 AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue)
 AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue)
 AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue)
-@@ -1896,6 +1899,7 @@ AC_CONFIG_FILES([
+@@ -1901,6 +1904,7 @@ AC_CONFIG_FILES([
 	src/libstrongswan/plugins/mgf1/Makefile
 	src/libstrongswan/plugins/fips_prf/Makefile
 	src/libstrongswan/plugins/gmp/Makefile
@ -65,9 +83,9 @@
 +
 +libstrongswan_gmpdh_la_SOURCES = \
 +	gmpdh_plugin.h gmpdh_plugin.c \
-+	../gmp/gmp_diffie_hellman.c ../gmp/gmp_diffie_hellman.h 
+	../gmp/gmp_diffie_hellman.c ../gmp/gmp_diffie_hellman.h
+
 +
-+	
 +libstrongswan_gmpdh_la_LDFLAGS = -module -avoid-version -Wl,-Bstatic -Wl,-lgmp -Wl,-Bdynamic -Wl,--as-needed $(FPIC)
 +libstrongswan_gmpdh_la_LIBADD  =
 --- /dev/null
--- a/net/strongswan/patches/210-sleep.patch
+++ b/net/strongswan/patches/210-sleep.patch
@ -1,11 +0,0 @@
--- a/src/ipsec/_ipsec.in
-+++ b/src/ipsec/_ipsec.in
-@@ -257,7 +257,7 @@ stop)
- 			loop=110
- 			while [ $loop -gt 0 ] ; do
- 				kill -0 $spid 2>/dev/null || break
-				sleep 0.1 2>/dev/null
-+				sleep 1 2>/dev/null
- 				if [ $? -ne 0 ]
- 				then
- 					sleep 1