Package: src:ipsec-tools Version: 1:0.7.3-14 Severity: normal Tags: patch User: [email protected] Usertags: kfreebsd
The appended patch is a first outline of the changes necessary to get the source in ipsec-tools building for GNU/kFreeBSD. The premature dependency on libssl-dev_1.0.0 effectively prevents the possibility to build the binary packages ipsec-utils and racoon at the moment. Instead I have used $ fakeroot ./debian/rules build in order to generate all binaries. A quick test of inserting an IPv4 point-to-point ESP tunnel using setkey and a custom kernel is successfully detected using $ sudo ./src/setkey/setkey -DP This policy prevents the OpenBSD system at the other end from IPv4-pinging the GNU/kFreeBSD system. Flushing the policies at the GNU/kFreeBSD end then lets the ping come through. A more extensive test using Racoon remains to be conducted, but the FTBFS is now circumvented. The patch unfortunately needs to touch the autotools configuration, since the macro INET6_ADVAPI is not properly detected for GNU/kFreeBSD: the presence of "struct in6_pktinfo" depends on the macro __USE_GNU. Apart from that the changes are mostly self-evident, but more people in the Glibc-BSD Team ought to evaluate the patch as a document, correcting what I might have implemented sub-optimally. Best regards, Mats Erik Andersson, DM
diff -Naur ipsec-tools-0.7.3.debian/configure ipsec-tools-0.7.3/configure
--- ipsec-tools-0.7.3.debian/configure 2009-08-13 11:21:50.000000000 +0200
+++ ipsec-tools-0.7.3/configure 2011-02-09 22:08:28.000000000 +0100
@@ -27583,6 +27583,7 @@
#define INET6
#endif
#include <sys/types.h>
+#define __USE_GNU /* GNU/kFreeBSD */
#include <netinet/in.h>
int
main ()
diff -Naur ipsec-tools-0.7.3.debian/configure.ac ipsec-tools-0.7.3/configure.ac
--- ipsec-tools-0.7.3.debian/configure.ac 2009-08-13 11:19:22.000000000 +0200
+++ ipsec-tools-0.7.3/configure.ac 2011-02-09 22:07:57.000000000 +0100
@@ -630,6 +630,7 @@
#define INET6
#endif
#include <sys/types.h>
+#define __USE_GNU 1 /* GNU/kFreeBSD */
#include <netinet/in.h>],
[struct in6_pktinfo a;],
[AC_MSG_RESULT(yes)
diff -Naur ipsec-tools-0.7.3.debian/src/libipsec/key_debug.c ipsec-tools-0.7.3/src/libipsec/key_debug.c
--- ipsec-tools-0.7.3.debian/src/libipsec/key_debug.c 2007-08-01 13:52:18.000000000 +0200
+++ ipsec-tools-0.7.3/src/libipsec/key_debug.c 2011-02-09 20:00:59.000000000 +0100
@@ -739,7 +739,7 @@
m->m_pkthdr.len, m->m_pkthdr.rcvif);
}
-#ifdef __FreeBSD__
+#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
if (m->m_flags & M_EXT) {
printf(" m_ext{ ext_buf:%p ext_free:%p "
"ext_size:%u ext_ref:%p }\n",
diff -Naur ipsec-tools-0.7.3.debian/src/libipsec/policy_token.c ipsec-tools-0.7.3/src/libipsec/policy_token.c
--- ipsec-tools-0.7.3.debian/src/libipsec/policy_token.c 2009-08-13 11:22:46.000000000 +0200
+++ ipsec-tools-0.7.3/src/libipsec/policy_token.c 2011-02-09 20:02:36.000000000 +0100
@@ -625,7 +625,7 @@
#include "libpfkey.h"
#if !defined(__NetBSD__) && !defined(__FreeBSD__) && !defined(__linux__) && \
-!defined(__APPLE__) && !defined(__MACH__)
+!defined(__APPLE__) && !defined(__MACH__) && !defined(__FreeBSD_kernel__)
#include "y.tab.h"
#else
#include "policy_parse.h"
diff -Naur ipsec-tools-0.7.3.debian/src/libipsec/policy_token.l ipsec-tools-0.7.3/src/libipsec/policy_token.l
--- ipsec-tools-0.7.3.debian/src/libipsec/policy_token.l 2007-08-01 13:52:19.000000000 +0200
+++ ipsec-tools-0.7.3/src/libipsec/policy_token.l 2011-02-09 20:01:57.000000000 +0100
@@ -52,7 +52,7 @@
#include "libpfkey.h"
#if !defined(__NetBSD__) && !defined(__FreeBSD__) && !defined(__linux__) && \
-!defined(__APPLE__) && !defined(__MACH__)
+!defined(__APPLE__) && !defined(__MACH__) && !defined(__FreeBSD_kernel__)
#include "y.tab.h"
#else
#include "policy_parse.h"
diff -Naur ipsec-tools-0.7.3.debian/src/racoon/grabmyaddr.c ipsec-tools-0.7.3/src/racoon/grabmyaddr.c
--- ipsec-tools-0.7.3.debian/src/racoon/grabmyaddr.c 2008-06-18 09:30:18.000000000 +0200
+++ ipsec-tools-0.7.3/src/racoon/grabmyaddr.c 2011-02-09 20:42:04.000000000 +0100
@@ -43,7 +43,7 @@
#include <net/if_var.h>
#endif
#if defined(__NetBSD__) || defined(__FreeBSD__) || \
- (defined(__APPLE__) && defined(__MACH__))
+ (defined(__APPLE__) && defined(__MACH__)) || defined(__FreeBSD_kernel__)
#include <netinet/in.h>
#include <netinet6/in6_var.h>
#endif
diff -Naur ipsec-tools-0.7.3.debian/src/racoon/isakmp.c ipsec-tools-0.7.3/src/racoon/isakmp.c
--- ipsec-tools-0.7.3.debian/src/racoon/isakmp.c 2011-02-09 19:58:04.000000000 +0100
+++ ipsec-tools-0.7.3/src/racoon/isakmp.c 2011-02-09 20:36:10.000000000 +0100
@@ -118,12 +118,15 @@
# endif
# endif /* __linux__ */
# if defined(__NetBSD__) || defined(__FreeBSD__) || \
- (defined(__APPLE__) && defined(__MACH__))
+ (defined(__APPLE__) && defined(__MACH__)) || defined(__FreeBSD_kernel__)
+# define __FAVOR_BSD /* GNU/kFreeBSD */
# include <netinet/in.h>
# include <netinet/udp.h>
# include <netinet/in_systm.h>
# include <netinet/ip.h>
-# define SOL_UDP IPPROTO_UDP
+# ifndef SOL_UDP
+# define SOL_UDP IPPROTO_UDP
+# endif
# endif /* __NetBSD__ / __FreeBSD__ */
static int nostate1 __P((struct ph1handle *, vchar_t *));
diff -Naur ipsec-tools-0.7.3.debian/src/racoon/nattraversal.c ipsec-tools-0.7.3/src/racoon/nattraversal.c
--- ipsec-tools-0.7.3.debian/src/racoon/nattraversal.c 2009-05-18 19:01:07.000000000 +0200
+++ ipsec-tools-0.7.3/src/racoon/nattraversal.c 2011-02-09 20:11:03.000000000 +0100
@@ -38,7 +38,7 @@
#ifdef __linux__
#include <linux/udp.h>
#endif
-#if defined(__NetBSD__) || defined (__FreeBSD__)
+#if defined(__NetBSD__) || defined (__FreeBSD__) || defined(__FreeBSD_kernel__)
#include <netinet/udp.h>
#endif
diff -Naur ipsec-tools-0.7.3.debian/src/racoon/pfkey.c ipsec-tools-0.7.3/src/racoon/pfkey.c
--- ipsec-tools-0.7.3.debian/src/racoon/pfkey.c 2008-03-05 23:14:24.000000000 +0100
+++ ipsec-tools-0.7.3/src/racoon/pfkey.c 2011-02-09 20:12:08.000000000 +0100
@@ -50,7 +50,7 @@
# include <linux/udp.h>
# endif
# if defined(__NetBSD__) || defined(__FreeBSD__) || \
- (defined(__APPLE__) && defined(__MACH__))
+ (defined(__APPLE__) && defined(__MACH__)) || defined(__FreeBSD_kernel__)
# include <netinet/udp.h>
# endif
#endif
diff -Naur ipsec-tools-0.7.3.debian/src/setkey/token.c ipsec-tools-0.7.3/src/setkey/token.c
--- ipsec-tools-0.7.3.debian/src/setkey/token.c 2009-08-13 11:22:47.000000000 +0200
+++ ipsec-tools-0.7.3/src/setkey/token.c 2011-02-09 20:04:03.000000000 +0100
@@ -1038,7 +1038,7 @@
#include "vchar.h"
#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__linux__) || \
-(defined(__APPLE__) && defined(__MACH__))
+(defined(__APPLE__) && defined(__MACH__)) || defined(__FreeBSD_kernel__)
#include "parse.h"
#else
#include "y.tab.h"
diff -Naur ipsec-tools-0.7.3.debian/src/setkey/token.l ipsec-tools-0.7.3/src/setkey/token.l
--- ipsec-tools-0.7.3.debian/src/setkey/token.l 2007-08-01 13:52:23.000000000 +0200
+++ ipsec-tools-0.7.3/src/setkey/token.l 2011-02-09 20:03:38.000000000 +0100
@@ -53,7 +53,7 @@
#include "vchar.h"
#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__linux__) || \
-(defined(__APPLE__) && defined(__MACH__))
+(defined(__APPLE__) && defined(__MACH__)) || defined(__FreeBSD_kernel__)
#include "parse.h"
#else
#include "y.tab.h"
signature.asc
Description: Digital signature
