Menu
▾
▴
ipsec-tools-devel — Development discussion of IPsec Tools
This list is closed, nobody may subscribe to it.
| 2003 |
Jan
|
Feb
|
Mar
(3) |
Apr
(6) |
May
|
Jun
(14) |
Jul
(4) |
Aug
(19) |
Sep
(27) |
Oct
(7) |
Nov
(4) |
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
(58) |
Feb
(20) |
Mar
(70) |
Apr
(93) |
May
(102) |
Jun
(130) |
Jul
(47) |
Aug
(61) |
Sep
(149) |
Oct
(160) |
Nov
(243) |
Dec
(94) |
| 2005 |
Jan
(199) |
Feb
(166) |
Mar
(276) |
Apr
(422) |
May
(289) |
Jun
(222) |
Jul
(306) |
Aug
(154) |
Sep
(72) |
Oct
(163) |
Nov
(113) |
Dec
(195) |
| 2006 |
Jan
(174) |
Feb
(94) |
Mar
(130) |
Apr
(45) |
May
(85) |
Jun
(115) |
Jul
(120) |
Aug
(111) |
Sep
(210) |
Oct
(56) |
Nov
(72) |
Dec
(30) |
| 2007 |
Jan
(56) |
Feb
(49) |
Mar
(35) |
Apr
(58) |
May
(83) |
Jun
(101) |
Jul
(46) |
Aug
(58) |
Sep
(47) |
Oct
(58) |
Nov
(55) |
Dec
(54) |
| 2008 |
Jan
(52) |
Feb
(21) |
Mar
(20) |
Apr
(49) |
May
(20) |
Jun
(37) |
Jul
(101) |
Aug
(49) |
Sep
(75) |
Oct
(152) |
Nov
(34) |
Dec
(63) |
| 2009 |
Jan
(90) |
Feb
(12) |
Mar
(88) |
Apr
(49) |
May
(36) |
Jun
(36) |
Jul
(52) |
Aug
(54) |
Sep
(19) |
Oct
(45) |
Nov
(18) |
Dec
(34) |
| 2010 |
Jan
(12) |
Feb
(28) |
Mar
(18) |
Apr
(19) |
May
(14) |
Jun
(15) |
Jul
(24) |
Aug
(45) |
Sep
(6) |
Oct
(4) |
Nov
(21) |
Dec
(23) |
| 2011 |
Jan
(24) |
Feb
(45) |
Mar
(56) |
Apr
(18) |
May
(4) |
Jun
(10) |
Jul
(15) |
Aug
(38) |
Sep
(11) |
Oct
(48) |
Nov
(55) |
Dec
(29) |
| 2012 |
Jan
(41) |
Feb
(15) |
Mar
(24) |
Apr
(17) |
May
(12) |
Jun
(17) |
Jul
(18) |
Aug
(17) |
Sep
(17) |
Oct
(4) |
Nov
(8) |
Dec
(13) |
| 2013 |
Jan
(9) |
Feb
(1) |
Mar
(10) |
Apr
(18) |
May
(18) |
Jun
(14) |
Jul
(34) |
Aug
(6) |
Sep
(7) |
Oct
|
Nov
(8) |
Dec
(4) |
| 2014 |
Jan
(12) |
Feb
(6) |
Mar
(1) |
Apr
(12) |
May
|
Jun
(2) |
Jul
(20) |
Aug
(1) |
Sep
|
Oct
(3) |
Nov
(2) |
Dec
|
| 2015 |
Jan
(16) |
Feb
(2) |
Mar
(9) |
Apr
|
May
(56) |
Jun
(6) |
Jul
(7) |
Aug
(1) |
Sep
(17) |
Oct
(13) |
Nov
(23) |
Dec
(3) |
| 2016 |
Jan
(10) |
Feb
(8) |
Mar
(34) |
Apr
(19) |
May
(26) |
Jun
(3) |
Jul
|
Aug
(1) |
Sep
(2) |
Oct
(6) |
Nov
(5) |
Dec
(2) |
| 2017 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
(1) |
Aug
(1) |
Sep
(1) |
Oct
(2) |
Nov
|
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
(1) |
| 2019 |
Jan
|
Feb
(1) |
Mar
(2) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(2) |
Dec
|
|
From: Jörg K. <joe...@em...> - 2016-05-09 08:47:45
|
On Mo, 2016-05-09 at 02:32 -0600, Reinoud Koornstra wrote: > On Mon, May 9, 2016 at 2:28 AM, Reinoud Koornstra > <rei...@gm...> wrote: > > On Mon, May 9, 2016 at 1:19 AM, Jörg Krause <joerg.krause@embedded. > > rocks> wrote: > > > On So, 2016-05-08 at 23:34 -0600, Reinoud Koornstra wrote: > > > > On Sun, May 8, 2016 at 4:43 AM, Jörg Krause <joerg.krause@embed > > > > ded.ro > > > > cks> wrote: > > > > > This series of patches fix build issues with the musl C > > > > > library > > > > > [1]. > > > > > > > > > > musl is used as the default C library in OpenWRT and Alpine > > > > > and is > > > > > supported by other Linux distros (Gentoo, Arch, Debian) and > > > > > projects > > > > > (Buildroot, Rust, ...). > > > > > > > > > > Short summary about the patches: > > > > > 1) Fix missing definition of __P() macro > > > > > 2) Remove unneeded <sys/sysctl.h> > > > > > 3) Check for GLOB_TILDE > > > > > 4) Check for strtouq > > > > > 5) Fix redirection of <sys/signal.h> > > > > > > > > > > As the projects CVS repository on sourceforge is outdated, I > > > > > created > > > > > the patches from the sources with the version 0.8.2. > > > > > > > > > > [1] http://www.musl-libc.org > > > > > > > > > > Changes v2 -> v3: > > > > > * do not get rid of __P, but include the compatibility > > > > > header > > > > > gnuc.h > > > > > whenever needed (suggested by Rainer Weikusat) > > > > > > > > Why keep the __P macro? it's ancient now and if musl can't deal > > > > with > > > > it, but compiles without it, then we should remove it if > > > > uclibc-ng, > > > > glibc and musl can compile all. You are suggesting to include > > > > gnuc.h > > > > in ipsec-tools? > > > > Also good with me, however, then we must maintain that file as > > > > well > > > > and keep it in check with newer versions. > > > > As of now I do not understand why we should keep __P, what does > > > > it > > > > bring us that we otherwise wouldn't have? > > > > > > The only feedback I got for the patch was from Rainer Weikusat, > > > who > > > proposed to stay with __P and use the gnuc.h instead [1]. > > > > > > Note, that gnuc.h is already part of ipsec-tools. It's in the > > > racoon > > > subdirectory. I moved it, so it is available for the sources of > > > the > > > other subdirectories. > > > > > > I do not have a strong opinion if __P should be removed or not. > > > > Well, .... I don't really think it's necessary to keep. > > However, NetBSD also has racoon and likely keeps __P. > > Maybe for that sake we should keep it, not sure. > > > > > > > I really like your patches though and I think they should be included > in 0.8.3. > If Rainer is Ok with your patches I think I can safely include them > in > the proposal for 0.8.3. You're welcome! There might be an issue with simply replacing strtouq with strtoul or strtoull if strtouq is not available [1]. I guess autoconf should check for the size of unsigned long long and unsigned long, too. [1] http://lists.busybox.net/pipermail/buildroot/2016-May/160719.html |
|
From: Reinoud K. <rei...@gm...> - 2016-05-09 08:32:06
|
On Mon, May 9, 2016 at 2:28 AM, Reinoud Koornstra <rei...@gm...> wrote: > On Mon, May 9, 2016 at 1:19 AM, Jörg Krause <joe...@em...cks> wrote: >> On So, 2016-05-08 at 23:34 -0600, Reinoud Koornstra wrote: >>> On Sun, May 8, 2016 at 4:43 AM, Jörg Krause <joe...@em... >>> cks> wrote: >>> > This series of patches fix build issues with the musl C library >>> > [1]. >>> > >>> > musl is used as the default C library in OpenWRT and Alpine and is >>> > supported by other Linux distros (Gentoo, Arch, Debian) and >>> > projects >>> > (Buildroot, Rust, ...). >>> > >>> > Short summary about the patches: >>> > 1) Fix missing definition of __P() macro >>> > 2) Remove unneeded <sys/sysctl.h> >>> > 3) Check for GLOB_TILDE >>> > 4) Check for strtouq >>> > 5) Fix redirection of <sys/signal.h> >>> > >>> > As the projects CVS repository on sourceforge is outdated, I >>> > created >>> > the patches from the sources with the version 0.8.2. >>> > >>> > [1] http://www.musl-libc.org >>> > >>> > Changes v2 -> v3: >>> > * do not get rid of __P, but include the compatibility header >>> > gnuc.h >>> > whenever needed (suggested by Rainer Weikusat) >>> >>> Why keep the __P macro? it's ancient now and if musl can't deal with >>> it, but compiles without it, then we should remove it if uclibc-ng, >>> glibc and musl can compile all. You are suggesting to include gnuc.h >>> in ipsec-tools? >>> Also good with me, however, then we must maintain that file as well >>> and keep it in check with newer versions. >>> As of now I do not understand why we should keep __P, what does it >>> bring us that we otherwise wouldn't have? >> >> The only feedback I got for the patch was from Rainer Weikusat, who >> proposed to stay with __P and use the gnuc.h instead [1]. >> >> Note, that gnuc.h is already part of ipsec-tools. It's in the racoon >> subdirectory. I moved it, so it is available for the sources of the >> other subdirectories. >> >> I do not have a strong opinion if __P should be removed or not. > > Well, .... I don't really think it's necessary to keep. > However, NetBSD also has racoon and likely keeps __P. > Maybe for that sake we should keep it, not sure. > >> I really like your patches though and I think they should be included in 0.8.3. If Rainer is Ok with your patches I think I can safely include them in the proposal for 0.8.3. >> Btw, who is maintaining this project? >> > > We all do in a way. > I Proposed a patch for 0.8.3 > I need to spilt that patch up in different ones. > Secondly, Rainer said there is still a leak present, but had no time > yet to patch it up and logically didn't want 0.8.3 with that leak > present. > When he will publish the patch, I'll make a list of patches and submit it. > Timo Terras offered to review it and create 0.8.3 as he's the lead. > Despite what lots of people may think, there is still a fairly large > community using ipsec-tools. > By all means, if anybody will see something missing from the list that > i'll propose, feel free to comment. > Thanks, > > Reinoud. > >> [1] https://sourceforge.net/p/ipsec-tools/mailman/message/35036132/ |
|
From: Reinoud K. <rei...@gm...> - 2016-05-09 08:29:03
|
On Mon, May 9, 2016 at 1:19 AM, Jörg Krause <joe...@em...cks> wrote: > On So, 2016-05-08 at 23:34 -0600, Reinoud Koornstra wrote: >> On Sun, May 8, 2016 at 4:43 AM, Jörg Krause <joe...@em... >> cks> wrote: >> > This series of patches fix build issues with the musl C library >> > [1]. >> > >> > musl is used as the default C library in OpenWRT and Alpine and is >> > supported by other Linux distros (Gentoo, Arch, Debian) and >> > projects >> > (Buildroot, Rust, ...). >> > >> > Short summary about the patches: >> > 1) Fix missing definition of __P() macro >> > 2) Remove unneeded <sys/sysctl.h> >> > 3) Check for GLOB_TILDE >> > 4) Check for strtouq >> > 5) Fix redirection of <sys/signal.h> >> > >> > As the projects CVS repository on sourceforge is outdated, I >> > created >> > the patches from the sources with the version 0.8.2. >> > >> > [1] http://www.musl-libc.org >> > >> > Changes v2 -> v3: >> > * do not get rid of __P, but include the compatibility header >> > gnuc.h >> > whenever needed (suggested by Rainer Weikusat) >> >> Why keep the __P macro? it's ancient now and if musl can't deal with >> it, but compiles without it, then we should remove it if uclibc-ng, >> glibc and musl can compile all. You are suggesting to include gnuc.h >> in ipsec-tools? >> Also good with me, however, then we must maintain that file as well >> and keep it in check with newer versions. >> As of now I do not understand why we should keep __P, what does it >> bring us that we otherwise wouldn't have? > > The only feedback I got for the patch was from Rainer Weikusat, who > proposed to stay with __P and use the gnuc.h instead [1]. > > Note, that gnuc.h is already part of ipsec-tools. It's in the racoon > subdirectory. I moved it, so it is available for the sources of the > other subdirectories. > > I do not have a strong opinion if __P should be removed or not. Well, .... I don't really think it's necessary to keep. However, NetBSD also has racoon and likely keeps __P. Maybe for that sake we should keep it, not sure. > > Btw, who is maintaining this project? > We all do in a way. I Proposed a patch for 0.8.3 I need to spilt that patch up in different ones. Secondly, Rainer said there is still a leak present, but had no time yet to patch it up and logically didn't want 0.8.3 with that leak present. When he will publish the patch, I'll make a list of patches and submit it. Timo Terras offered to review it and create 0.8.3 as he's the lead. Despite what lots of people may think, there is still a fairly large community using ipsec-tools. By all means, if anybody will see something missing from the list that i'll propose, feel free to comment. Thanks, Reinoud. > [1] https://sourceforge.net/p/ipsec-tools/mailman/message/35036132/ |
|
From: Jörg K. <joe...@em...> - 2016-05-09 07:19:07
|
On So, 2016-05-08 at 23:34 -0600, Reinoud Koornstra wrote: > On Sun, May 8, 2016 at 4:43 AM, Jörg Krause <joe...@em... > cks> wrote: > > This series of patches fix build issues with the musl C library > > [1]. > > > > musl is used as the default C library in OpenWRT and Alpine and is > > supported by other Linux distros (Gentoo, Arch, Debian) and > > projects > > (Buildroot, Rust, ...). > > > > Short summary about the patches: > > 1) Fix missing definition of __P() macro > > 2) Remove unneeded <sys/sysctl.h> > > 3) Check for GLOB_TILDE > > 4) Check for strtouq > > 5) Fix redirection of <sys/signal.h> > > > > As the projects CVS repository on sourceforge is outdated, I > > created > > the patches from the sources with the version 0.8.2. > > > > [1] http://www.musl-libc.org > > > > Changes v2 -> v3: > > * do not get rid of __P, but include the compatibility header > > gnuc.h > > whenever needed (suggested by Rainer Weikusat) > > Why keep the __P macro? it's ancient now and if musl can't deal with > it, but compiles without it, then we should remove it if uclibc-ng, > glibc and musl can compile all. You are suggesting to include gnuc.h > in ipsec-tools? > Also good with me, however, then we must maintain that file as well > and keep it in check with newer versions. > As of now I do not understand why we should keep __P, what does it > bring us that we otherwise wouldn't have? The only feedback I got for the patch was from Rainer Weikusat, who proposed to stay with __P and use the gnuc.h instead [1]. Note, that gnuc.h is already part of ipsec-tools. It's in the racoon subdirectory. I moved it, so it is available for the sources of the other subdirectories. I do not have a strong opinion if __P should be removed or not. Btw, who is maintaining this project? [1] https://sourceforge.net/p/ipsec-tools/mailman/message/35036132/ |
|
From: Reinoud K. <rei...@gm...> - 2016-05-09 05:34:25
|
On Sun, May 8, 2016 at 4:43 AM, Jörg Krause <joe...@em...cks> wrote: > This series of patches fix build issues with the musl C library [1]. > > musl is used as the default C library in OpenWRT and Alpine and is > supported by other Linux distros (Gentoo, Arch, Debian) and projects > (Buildroot, Rust, ...). > > Short summary about the patches: > 1) Fix missing definition of __P() macro > 2) Remove unneeded <sys/sysctl.h> > 3) Check for GLOB_TILDE > 4) Check for strtouq > 5) Fix redirection of <sys/signal.h> > > As the projects CVS repository on sourceforge is outdated, I created > the patches from the sources with the version 0.8.2. > > [1] http://www.musl-libc.org > > Changes v2 -> v3: > * do not get rid of __P, but include the compatibility header gnuc.h > whenever needed (suggested by Rainer Weikusat) Why keep the __P macro? it's ancient now and if musl can't deal with it, but compiles without it, then we should remove it if uclibc-ng, glibc and musl can compile all. You are suggesting to include gnuc.h in ipsec-tools? Also good with me, however, then we must maintain that file as well and keep it in check with newer versions. As of now I do not understand why we should keep __P, what does it bring us that we otherwise wouldn't have? > > > Changes v1 -> v2: > * Seperate non-SUSv3 fix from this patch set > * Define GLOB_TILDE with 0 if not defined (suggested by Rainer > Weikusat) > * Use autoconf to check for strtouq (suggested by Rainer Weikusat) > > Best regards > Jörg Krause > > ------------------------------------------------------------------------------ > Find and fix application performance issues faster with Applications Manager > Applications Manager provides deep performance insights into multiple tiers of > your business applications. It resolves application problems quickly and > reduces your MTTR. Get your free trial! > https://ad.doubleclick.net/ddm/clk/302982198;130105516;z > _______________________________________________ > Ipsec-tools-devel mailing list > Ips...@li... > https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel |
|
From: Jörg K. <joe...@em...> - 2016-05-08 10:47:24
|
Fix redirection of <sys/signal.h> The correct including path is <signal.h> instead of <sys/signal.h> [1]. glibc redirects silently to the correct path, whereas the musl C library prints a warning. [1] http://pubs.opengroup.org/onlinepubs/009695399/basedefs/signal.h.ht ml Signed-off-by: Jörg Krause <joe...@em...cks> diff -purN ipsec-tools-0.8.2-4/src/racoon/admin.c ipsec-tools-0.8.2- 5/src/racoon/admin.c --- ipsec-tools-0.8.2-4/src/racoon/admin.c 2016-05-08 12:11:01.031777214 +0200 +++ ipsec-tools-0.8.2-5/src/racoon/admin.c 2016-05-08 12:13:14.810995484 +0200 @@ -36,7 +36,7 @@ #include <sys/types.h> #include <sys/param.h> #include <sys/socket.h> -#include <sys/signal.h> +#include <signal.h> #include <sys/stat.h> #include <sys/un.h> |
|
From: Jörg K. <joe...@em...> - 2016-05-08 10:46:47
|
Check for strtouq
strtouq() is a BSD function and might not be available on some C
libraries, so
add an autoconf check and if not available, replace it with its
equivalent
strtoull or strtoul.
This fixes build errors with the musl C library.
Signed-off-by: Jörg Krause <joe...@em...cks>
diff -purN ipsec-tools-0.8.2-3/configure.ac ipsec-tools-0.8.2-
4/configure.ac
--- ipsec-tools-0.8.2-3/configure.ac 2016-05-08
12:09:07.692445249 +0200
+++ ipsec-tools-0.8.2-4/configure.ac 2016-05-08
12:11:17.661679674 +0200
@@ -124,7 +124,7 @@ AC_STRUCT_TM
AC_FUNC_MEMCMP
AC_TYPE_SIGNAL
AC_FUNC_VPRINTF
-AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul
strlcpy strlcat)
+AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul
strtoull strtouq strlcpy strlcat)
AC_REPLACE_FUNCS(strdup)
RACOON_CHECK_VA_COPY
diff -purN ipsec-tools-0.8.2-3/src/racoon/misc.h ipsec-tools-0.8.2-
4/src/racoon/misc.h
--- ipsec-tools-0.8.2-3/src/racoon/misc.h 2016-05-08
12:09:28.132324323 +0200
+++ ipsec-tools-0.8.2-4/src/racoon/misc.h 2016-05-08
12:11:17.661679674 +0200
@@ -75,6 +75,14 @@ extern void close_on_exec __P((int fd));
#define strlcat(d,s,l) strncat(d,s,(l)-strlen(d)-1)
#endif
+#ifndef HAVE_STRTOUQ
+# ifdef HAVE_STRTOULL
+# define strtouq strtoull
+# elif HAVE_STRTOUL
+# define strtouq strtoul
+# endif
+#endif
+
#define STRDUP_FATAL(x) if (x == NULL) { \
plog(LLV_ERROR, LOCATION, NULL, "strdup failed\n"); \
exit(1); \
|
|
From: Jörg K. <joe...@em...> - 2016-05-08 10:46:15
|
Check for GLOB_TILDE GLOB_TILDE is a GNU extension and might not be available on some C libraries. This fixes build errors with the musl C library. Signed-off-by: Jörg Krause <joe...@em...cks> diff -purN ipsec-tools-0.8.2-2/src/racoon/misc.h ipsec-tools-0.8.2- 3/src/racoon/misc.h --- ipsec-tools-0.8.2-2/src/racoon/misc.h 2016-05-08 12:07:38.622974834 +0200 +++ ipsec-tools-0.8.2-3/src/racoon/misc.h 2016-05-08 12:09:28.132324323 +0200 @@ -62,6 +62,11 @@ extern void close_on_exec __P((int fd)); TAILQ_FOREACH_REVERSE(var, head, headname, field) #endif +/* GLOB_TILDE is a GNU extension and might not be available on some C libs. */ +#ifndef GLOB_TILDE +#define GLOB_TILDE 0 +#endif + #ifndef HAVE_STRLCPY #define strlcpy(d,s,l) (strncpy(d,s,l), (d)[(l)-1] = '\0') #endif |
|
From: Jörg K. <joe...@em...> - 2016-05-08 10:45:46
|
Remove <sys/sysctl.h> Including this header file is not necessary as ipsec-tools does not use the sysctl() function (declared in <sys/sysctl.h>), but does the call syscall() directly. This fixes build errors with the musl C library. Signed-off-by: Jörg Krause <joe...@em...cks> diff -purN ipsec-tools-0.8.2-1/src/racoon/grabmyaddr.c ipsec-tools- 0.8.2-2/src/racoon/grabmyaddr.c --- ipsec-tools-0.8.2-1/src/racoon/grabmyaddr.c 2016-05-08 12:02:23.574894033 +0200 +++ ipsec-tools-0.8.2-2/src/racoon/grabmyaddr.c 2016-05-08 12:07:55.112876449 +0200 @@ -47,7 +47,6 @@ #include <net/route.h> #include <net/if.h> #include <net/if_dl.h> -#include <sys/sysctl.h> #define USE_ROUTE #endif diff -purN ipsec-tools-0.8.2-1/src/racoon/pfkey.c ipsec-tools-0.8.2- 2/src/racoon/pfkey.c --- ipsec-tools-0.8.2-1/src/racoon/pfkey.c 2016-05-08 12:02:23.574894033 +0200 +++ ipsec-tools-0.8.2-2/src/racoon/pfkey.c 2016-05-08 12:07:55.112876449 +0200 @@ -59,7 +59,6 @@ #include <sys/param.h> #include <sys/socket.h> #include <sys/queue.h> -#include <sys/sysctl.h> #include <net/route.h> #include <net/pfkeyv2.h> diff -purN ipsec-tools-0.8.2-1/src/setkey/setkey.c ipsec-tools-0.8.2- 2/src/setkey/setkey.c --- ipsec-tools-0.8.2-1/src/setkey/setkey.c 2016-05-08 12:02:23.574894033 +0200 +++ ipsec-tools-0.8.2-2/src/setkey/setkey.c 2016-05-08 12:07:55.112876449 +0200 @@ -40,7 +40,6 @@ #include <sys/socket.h> #include <sys/time.h> #include <sys/stat.h> -#include <sys/sysctl.h> #include <err.h> #include <netinet/in.h> #include <net/pfkeyv2.h> |
|
From: Jörg K. <joe...@em...> - 2016-05-08 10:45:10
|
Fix missing macro __P on musl
__P was used for compatibility with some old K&R C compilers, when
there were
no prototypes (which were introduced to C with C89).
This macro definition is not available when building with the musl C
library.
There is already a compatibility header gnuc.h present for racoon,
which defines
__P. However, this file is not included in all case whenever needed and
furthermore this header file is not available for the other subdirs. So
this
header file is moved into subdir include-glibc, so it is also available
for
libipsec and setkey.
Signed-off-by: Jörg Krause <joe...@em...cks>
diff -purN ipsec-tools-0.8.2.orig/src/include-glibc/gnuc.h ipsec-tools-
0.8.2-1/src/include-glibc/gnuc.h
--- ipsec-tools-0.8.2.orig/src/include-glibc/gnuc.h 1970-01-01
01:00:00.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/include-glibc/gnuc.h 2016-05-08
12:03:00.874662084 +0200
@@ -0,0 +1,46 @@
+/* $NetBSD: gnuc.h,v 1.4 2006/09/09 16:22:09 manu Exp $
*/
+
+/* Id: gnuc.h,v 1.4 2004/11/18 15:14:44 ludvigm Exp */
+
+/* Define __P() macro, if necessary */
+#undef __P
+#ifndef __P
+#if __STDC__
+#define __P(protos) protos
+#else
+#define __P(protos) ()
+#endif
+#endif
+
+/* inline foo */
+#ifdef __GNUC__
+#define inline __inline
+#else
+#define inline
+#endif
+
+/*
+ * Handle new and old "dead" routine prototypes
+ *
+ * For example:
+ *
+ * __dead void foo(void) __attribute__((volatile));
+ *
+ */
+#ifdef __GNUC__
+#ifndef __dead
+#define __dead volatile
+#endif
+#if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 5)
+#ifndef __attribute__
+#define __attribute__(args)
+#endif
+#endif
+#else
+#ifndef __dead
+#define __dead
+#endif
+#ifndef __attribute__
+#define __attribute__(args)
+#endif
+#endif
diff -purN ipsec-tools-0.8.2.orig/src/libipsec/ipsec_strerror.h ipsec-
tools-0.8.2-1/src/libipsec/ipsec_strerror.h
--- ipsec-tools-0.8.2.orig/src/libipsec/ipsec_strerror.h 2006-
09-09 18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/libipsec/ipsec_strerror.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _IPSEC_STRERROR_H
#define _IPSEC_STRERROR_H
+#include "gnuc.h"
+
extern int __ipsec_errcode;
extern void __ipsec_set_strerror __P((const char *));
diff -purN ipsec-tools-0.8.2.orig/src/libipsec/libpfkey.h ipsec-tools-
0.8.2-1/src/libipsec/libpfkey.h
--- ipsec-tools-0.8.2.orig/src/libipsec/libpfkey.h 2012-08-23
13:10:45.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/libipsec/libpfkey.h 2016-05-08
12:03:00.874662084 +0200
@@ -37,6 +37,8 @@
#ifndef KAME_LIBPFKEY_H
#define KAME_LIBPFKEY_H
+#include "gnuc.h"
+
#define PRIORITY_LOW 0xC0000000
#define PRIORITY_DEFAULT 0x80000000
#define PRIORITY_HIGH 0x40000000
diff -purN ipsec-tools-0.8.2.orig/src/racoon/admin.h ipsec-tools-0.8.2-
1/src/racoon/admin.h
--- ipsec-tools-0.8.2.orig/src/racoon/admin.h 2010-11-12
10:08:26.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/admin.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _ADMIN_H
#define _ADMIN_H
+#include "gnuc.h"
+
#define ADMINSOCK_PATH ADMINPORTDIR "/racoon.sock"
extern char *adminsock_path;
diff -purN ipsec-tools-0.8.2.orig/src/racoon/backupsa.h ipsec-tools-
0.8.2-1/src/racoon/backupsa.h
--- ipsec-tools-0.8.2.orig/src/racoon/backupsa.h 2006-12-09
06:52:57.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/backupsa.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _BACKUPSA_H
#define _BACKUPSA_H
+#include "gnuc.h"
+
extern int backupsa_to_file __P((struct pfkey_send_sa_args *));
extern int backupsa_from_file __P((void));
extern int backupsa_clean __P((void));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/cfparse_proto.h ipsec-
tools-0.8.2-1/src/racoon/cfparse_proto.h
--- ipsec-tools-0.8.2.orig/src/racoon/cfparse_proto.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/cfparse_proto.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _CFPARSE_PROTO_H
#define _CFPARSE_PROTO_H
+#include "gnuc.h"
+
/* cfparse.y */
extern int yyparse __P((void));
extern int cfparse __P((void));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/cftoken_proto.h ipsec-
tools-0.8.2-1/src/racoon/cftoken_proto.h
--- ipsec-tools-0.8.2.orig/src/racoon/cftoken_proto.h 2012-08-23
13:10:45.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/cftoken_proto.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _CFTOKEN_PROTO_H
#define _CFTOKEN_PROTO_H
+#include "gnuc.h"
+
extern int yyerrorcount;
extern int yylex __P((void));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/crypto_openssl.h ipsec-
tools-0.8.2-1/src/racoon/crypto_openssl.h
--- ipsec-tools-0.8.2.orig/src/racoon/crypto_openssl.h 2009-08-
17 13:59:10.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/crypto_openssl.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _CRYPTO_OPENSSL_H
#define _CRYPTO_OPENSSL_H
+#include "gnuc.h"
+
#include <openssl/x509v3.h>
#include <openssl/rsa.h>
diff -purN ipsec-tools-0.8.2.orig/src/racoon/debugrm.h ipsec-tools-
0.8.2-1/src/racoon/debugrm.h
--- ipsec-tools-0.8.2.orig/src/racoon/debugrm.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/debugrm.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _DEBUGRM_H
#define _DEBUGRM_H
+#include "gnuc.h"
+
#define DRMDUMPFILE "/var/tmp/debugrm.dump"
#ifdef NONEED_DRM
diff -purN ipsec-tools-0.8.2.orig/src/racoon/dnssec.h ipsec-tools-
0.8.2-1/src/racoon/dnssec.h
--- ipsec-tools-0.8.2.orig/src/racoon/dnssec.h 2009-03-12
11:57:26.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/dnssec.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _DNSSEC_H
#define _DNSSEC_H
+#include "gnuc.h"
+
extern vchar_t *dnssec_getcert __P((vchar_t *));
#endif /* _DNSSEC_H */
diff -purN ipsec-tools-0.8.2.orig/src/racoon/dump.h ipsec-tools-0.8.2-
1/src/racoon/dump.h
--- ipsec-tools-0.8.2.orig/src/racoon/dump.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/dump.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _DUMP_H
#define _DUMP_H
+#include "gnuc.h"
+
extern int isakmp_dump_open __P((char *));
extern int isakmp_dump_close __P((void));
extern int isakmp_dump __P((vchar_t *, struct sockaddr *, struct
sockaddr *));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/evt.h ipsec-tools-0.8.2-
1/src/racoon/evt.h
--- ipsec-tools-0.8.2.orig/src/racoon/evt.h 2008-12-23
15:03:12.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/evt.h 2016-05-08
12:03:00.874662084 +0200
@@ -35,6 +35,8 @@
#ifndef _EVT_H
#define _EVT_H
+#include "gnuc.h"
+
/*
* Old style (deprecated) events which are polled.
*/
diff -purN ipsec-tools-0.8.2.orig/src/racoon/gcmalloc.h ipsec-tools-
0.8.2-1/src/racoon/gcmalloc.h
--- ipsec-tools-0.8.2.orig/src/racoon/gcmalloc.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/gcmalloc.h 2016-05-08
12:03:00.874662084 +0200
@@ -38,6 +38,8 @@
#ifndef _GCMALLOC_H_DEFINED
#define _GCMALLOC_H_DEFINED
+#include "gnuc.h"
+
/* ElectricFence needs no special handling. */
/*
diff -purN ipsec-tools-0.8.2.orig/src/racoon/gnuc.h ipsec-tools-0.8.2-
1/src/racoon/gnuc.h
--- ipsec-tools-0.8.2.orig/src/racoon/gnuc.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/gnuc.h 1970-01-01
01:00:00.000000000 +0100
@@ -1,46 +0,0 @@
-/* $NetBSD: gnuc.h,v 1.4 2006/09/09 16:22:09 manu Exp $
*/
-
-/* Id: gnuc.h,v 1.4 2004/11/18 15:14:44 ludvigm Exp */
-
-/* Define __P() macro, if necessary */
-#undef __P
-#ifndef __P
-#if __STDC__
-#define __P(protos) protos
-#else
-#define __P(protos) ()
-#endif
-#endif
-
-/* inline foo */
-#ifdef __GNUC__
-#define inline __inline
-#else
-#define inline
-#endif
-
-/*
- * Handle new and old "dead" routine prototypes
- *
- * For example:
- *
- * __dead void foo(void) __attribute__((volatile));
- *
- */
-#ifdef __GNUC__
-#ifndef __dead
-#define __dead volatile
-#endif
-#if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 5)
-#ifndef __attribute__
-#define __attribute__(args)
-#endif
-#endif
-#else
-#ifndef __dead
-#define __dead
-#endif
-#ifndef __attribute__
-#define __attribute__(args)
-#endif
-#endif
diff -purN ipsec-tools-0.8.2.orig/src/racoon/grabmyaddr.h ipsec-tools-
0.8.2-1/src/racoon/grabmyaddr.h
--- ipsec-tools-0.8.2.orig/src/racoon/grabmyaddr.h 2009-04-21
20:38:32.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/grabmyaddr.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _GRABMYADDR_H
#define _GRABMYADDR_H
+#include "gnuc.h"
+
extern void myaddr_init_lists __P((void));
extern int myaddr_init __P((void));
extern void myaddr_close __P((void));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/gssapi.h ipsec-tools-
0.8.2-1/src/racoon/gssapi.h
--- ipsec-tools-0.8.2.orig/src/racoon/gssapi.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/gssapi.h 2016-05-08
12:03:00.874662084 +0200
@@ -40,6 +40,8 @@
#include <gssapi/gssapi.h>
#endif
+#include "gnuc.h"
+
#define GSSAPI_DEF_NAME "host"
struct ph1handle;
diff -purN ipsec-tools-0.8.2.orig/src/racoon/handler.h ipsec-tools-
0.8.2-1/src/racoon/handler.h
--- ipsec-tools-0.8.2.orig/src/racoon/handler.h 2010-11-17
11:40:41.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/handler.h 2016-05-08
12:03:00.874662084 +0200
@@ -39,6 +39,7 @@
#include <sys/time.h>
+#include "gnuc.h"
#include "isakmp_var.h"
#include "oakley.h"
#include "schedule.h"
diff -purN ipsec-tools-0.8.2.orig/src/racoon/ipsec_doi.h ipsec-tools-
0.8.2-1/src/racoon/ipsec_doi.h
--- ipsec-tools-0.8.2.orig/src/racoon/ipsec_doi.h 2012-08-23
13:10:45.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/ipsec_doi.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,7 @@
#ifndef _IPSEC_DOI_H
#define _IPSEC_DOI_H
+#include "gnuc.h"
#include "isakmp.h"
/* refered to RFC2407 */
diff -purN ipsec-tools-0.8.2.orig/src/racoon/isakmp_agg.h ipsec-tools-
0.8.2-1/src/racoon/isakmp_agg.h
--- ipsec-tools-0.8.2.orig/src/racoon/isakmp_agg.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/isakmp_agg.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _ISAKMP_AGG_H
#define _ISAKMP_AGG_H
+#include "gnuc.h"
+
extern int agg_i1send __P((struct ph1handle *, vchar_t *));
extern int agg_i2recv __P((struct ph1handle *, vchar_t *));
extern int agg_i2send __P((struct ph1handle *, vchar_t *));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/isakmp_base.h ipsec-tools-
0.8.2-1/src/racoon/isakmp_base.h
--- ipsec-tools-0.8.2.orig/src/racoon/isakmp_base.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/isakmp_base.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _ISAKMP_BASE_H
#define _ISAKMP_BASE_H
+#include "gnuc.h"
+
extern int base_i1send __P((struct ph1handle *, vchar_t *));
extern int base_i2recv __P((struct ph1handle *, vchar_t *));
extern int base_i2send __P((struct ph1handle *, vchar_t *));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/isakmp_ident.h ipsec-
tools-0.8.2-1/src/racoon/isakmp_ident.h
--- ipsec-tools-0.8.2.orig/src/racoon/isakmp_ident.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/isakmp_ident.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _ISAKMP_IDENT_H
#define _ISAKMP_IDENT_H
+#include "gnuc.h"
+
extern int ident_i1send __P((struct ph1handle *, vchar_t *));
extern int ident_i2recv __P((struct ph1handle *, vchar_t *));
extern int ident_i2send __P((struct ph1handle *, vchar_t *));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/isakmp_inf.h ipsec-tools-
0.8.2-1/src/racoon/isakmp_inf.h
--- ipsec-tools-0.8.2.orig/src/racoon/isakmp_inf.h 2008-07-14
07:40:13.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/isakmp_inf.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _ISAKMP_INF_H
#define _ISAKMP_INF_H
+#include "gnuc.h"
+
struct saproto;
extern int isakmp_info_recv __P((struct ph1handle *, vchar_t *));
extern int isakmp_info_send_d1 __P((struct ph1handle *));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/isakmp_newg.h ipsec-tools-
0.8.2-1/src/racoon/isakmp_newg.h
--- ipsec-tools-0.8.2.orig/src/racoon/isakmp_newg.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/isakmp_newg.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _ISAKMP_NEWG_H
#define _ISAKMP_NEWG_H
+#include "gnuc.h"
+
extern int isakmp_newgroup_r __P((struct ph1handle *, vchar_t *));
#endif /* _ISAKMP_NEWG_H */
diff -purN ipsec-tools-0.8.2.orig/src/racoon/isakmp_quick.h ipsec-
tools-0.8.2-1/src/racoon/isakmp_quick.h
--- ipsec-tools-0.8.2.orig/src/racoon/isakmp_quick.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/isakmp_quick.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _ISAKMP_QUICK_H
#define _ISAKMP_QUICK_H
+#include "gnuc.h"
+
extern int quick_i1prep __P((struct ph2handle *, vchar_t *));
extern int quick_i1send __P((struct ph2handle *, vchar_t *));
extern int quick_i2recv __P((struct ph2handle *, vchar_t *));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/isakmp_var.h ipsec-tools-
0.8.2-1/src/racoon/isakmp_var.h
--- ipsec-tools-0.8.2.orig/src/racoon/isakmp_var.h 2010-11-12
11:36:37.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/isakmp_var.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,7 @@
#ifndef _ISAKMP_VAR_H
#define _ISAKMP_VAR_H
+#include "gnuc.h"
#include "vmbuf.h"
#include "policy.h"
diff -purN ipsec-tools-0.8.2.orig/src/racoon/localconf.h ipsec-tools-
0.8.2-1/src/racoon/localconf.h
--- ipsec-tools-0.8.2.orig/src/racoon/localconf.h 2012-08-23
13:10:45.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/localconf.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _LOCALCONF_H
#define _LOCALCONF_H
+#include "gnuc.h"
+
/* local configuration */
#define LC_DEFAULT_CF SYSCONFDIR "/racoon.conf"
diff -purN ipsec-tools-0.8.2.orig/src/racoon/logger.h ipsec-tools-
0.8.2-1/src/racoon/logger.h
--- ipsec-tools-0.8.2.orig/src/racoon/logger.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/logger.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _LOGGER_H
#define _LOGGER_H
+#include "gnuc.h"
+
struct log {
int head;
int siz;
diff -purN ipsec-tools-0.8.2.orig/src/racoon/Makefile.am ipsec-tools-
0.8.2-1/src/racoon/Makefile.am
--- ipsec-tools-0.8.2.orig/src/racoon/Makefile.am 2009-12-11
10:04:04.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/Makefile.am 2016-05-08
12:03:00.874662084 +0200
@@ -67,7 +67,7 @@ noinst_HEADERS = \
admin.h dnssec.h isakmp_base.h oakley.h
session.h \
admin_var.h dump.h isakmp_ident.h pfkey.h
sockmisc.h \
algorithm.h gcmalloc.h isakmp_inf.h plog.h
str2val.h \
- backupsa.h gnuc.h isakmp_newg.h policy.h
strnames.h \
+ backupsa.h isakmp_newg.h policy.h strnames.h \
grabmyaddr.h isakmp_quick.h proposal.h var.h
evt.h \
gssapi.h isakmp_var.h vendorid.h nattrave
rsal.h\
crypto_openssl.h handler.h localconf.h remoteconf.h
vmbuf.h \
diff -purN ipsec-tools-0.8.2.orig/src/racoon/misc.h ipsec-tools-0.8.2-
1/src/racoon/misc.h
--- ipsec-tools-0.8.2.orig/src/racoon/misc.h 2008-07-15
02:47:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/misc.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _MISC_H
#define _MISC_H
+#include "gnuc.h"
+
#define BIT2STR(b) bit2str(b, sizeof(b)<<3)
#ifdef HAVE_FUNC_MACRO
diff -purN ipsec-tools-0.8.2.orig/src/racoon/missing/crypto/sha2/sha2.h
ipsec-tools-0.8.2-1/src/racoon/missing/crypto/sha2/sha2.h
--- ipsec-tools-0.8.2.orig/src/racoon/missing/crypto/sha2/sha2.h
2006-09-09 18:22:36.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/missing/crypto/sha2/sha2.h 20
16-05-08 12:03:00.874662084 +0200
@@ -40,6 +40,8 @@
#ifndef __SHA2_H__
#define __SHA2_H__
+#include "gnuc.h"
+
#ifdef __cplusplus
extern "C" {
#endif
diff -purN ipsec-tools-0.8.2.orig/src/racoon/netdb_dnssec.h ipsec-
tools-0.8.2-1/src/racoon/netdb_dnssec.h
--- ipsec-tools-0.8.2.orig/src/racoon/netdb_dnssec.h 2006-09-09
18:22:09.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/netdb_dnssec.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _NETDB_DNSSEC_H
#define _NETDB_DNSSEC_H
+#include "gnuc.h"
+
#ifndef T_CERT
#define T_CERT 37 /* defined by RFC2538 section
2 */
#endif
diff -purN ipsec-tools-0.8.2.orig/src/racoon/oakley.h ipsec-tools-
0.8.2-1/src/racoon/oakley.h
--- ipsec-tools-0.8.2.orig/src/racoon/oakley.h 2009-03-12
11:57:26.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/oakley.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,7 @@
#ifndef _OAKLEY_H
#define _OAKLEY_H
+#include "gnuc.h"
#include "vmbuf.h"
/* refer to RFC 2409 */
diff -purN ipsec-tools-0.8.2.orig/src/racoon/pfkey.h ipsec-tools-0.8.2-
1/src/racoon/pfkey.h
--- ipsec-tools-0.8.2.orig/src/racoon/pfkey.h 2009-07-03
08:40:10.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/pfkey.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _PFKEY_H
#define _PFKEY_H
+#include "gnuc.h"
+
struct pfkey_satype {
u_int8_t ps_satype;
const char *ps_name;
diff -purN ipsec-tools-0.8.2.orig/src/racoon/plog.h ipsec-tools-0.8.2-
1/src/racoon/plog.h
--- ipsec-tools-0.8.2.orig/src/racoon/plog.h 2007-10-02
11:47:40.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/plog.h 2016-05-08
12:03:00.874662084 +0200
@@ -41,6 +41,8 @@
#endif
#include <syslog.h>
+#include "gnuc.h"
+
/*
* INFO: begin negotiation, SA establishment/deletion/expiration.
* NOTIFY: just notifiable.
diff -purN ipsec-tools-0.8.2.orig/src/racoon/policy.h ipsec-tools-
0.8.2-1/src/racoon/policy.h
--- ipsec-tools-0.8.2.orig/src/racoon/policy.h 2008-12-05
07:02:20.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/policy.h 2016-05-08
12:03:00.874662084 +0200
@@ -35,7 +35,7 @@
#define _POLICY_H
#include <sys/queue.h>
-
+#include "gnuc.h"
#ifdef HAVE_SECCTX
#define MAX_CTXSTR_SIZE 50
diff -purN ipsec-tools-0.8.2.orig/src/racoon/privsep.h ipsec-tools-
0.8.2-1/src/racoon/privsep.h
--- ipsec-tools-0.8.2.orig/src/racoon/privsep.h 2008-12-08
07:00:54.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/privsep.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _PRIVSEP_H
#define _PRIVSEP_H
+#include "gnuc.h"
+
#define PRIVSEP_EAY_GET_PKCS1PRIVKEY 0x0801 /*
admin_com_bufs follows */
#define PRIVSEP_SCRIPT_EXEC 0x0803 /*
admin_com_bufs follows */
#define PRIVSEP_GETPSK 0x0804 /*
admin_com_bufs follows */
diff -purN ipsec-tools-0.8.2.orig/src/racoon/proposal.h ipsec-tools-
0.8.2-1/src/racoon/proposal.h
--- ipsec-tools-0.8.2.orig/src/racoon/proposal.h 2010-02-10
00:05:16.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/proposal.h 2016-05-08
12:03:00.874662084 +0200
@@ -35,6 +35,7 @@
#define _PROPOSAL_H
#include <sys/queue.h>
+#include "gnuc.h"
/*
* A. chained list of transform, only for single proto_id
diff -purN ipsec-tools-0.8.2.orig/src/racoon/remoteconf.h ipsec-tools-
0.8.2-1/src/racoon/remoteconf.h
--- ipsec-tools-0.8.2.orig/src/racoon/remoteconf.h 2011-03-14
16:50:36.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/remoteconf.h 2016-05-08
12:03:00.874662084 +0200
@@ -37,6 +37,7 @@
/* remote configuration */
#include <sys/queue.h>
+#include "gnuc.h"
#include "genlist.h"
#ifdef ENABLE_HYBRID
#include "isakmp_var.h"
diff -purN ipsec-tools-0.8.2.orig/src/racoon/safefile.h ipsec-tools-
0.8.2-1/src/racoon/safefile.h
--- ipsec-tools-0.8.2.orig/src/racoon/safefile.h 2006-09-09
18:22:10.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/safefile.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _SAFEFILE_H
#define _SAFEFILE_H
+#include "gnuc.h"
+
extern int safefile __P((const char *, int));
#endif /* _SAFEFILE_H */
diff -purN ipsec-tools-0.8.2.orig/src/racoon/sainfo.h ipsec-tools-
0.8.2-1/src/racoon/sainfo.h
--- ipsec-tools-0.8.2.orig/src/racoon/sainfo.h 2011-02-02
16:21:34.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/sainfo.h 2016-05-08
12:03:00.874662084 +0200
@@ -35,6 +35,7 @@
#define _SAINFO_H
#include <sys/queue.h>
+#include "gnuc.h"
#define SAINFO_ANONYMOUS ((void *)NULL)
#define SAINFO_CLIENTADDR ((void *)~0)
diff -purN ipsec-tools-0.8.2.orig/src/racoon/session.h ipsec-tools-
0.8.2-1/src/racoon/session.h
--- ipsec-tools-0.8.2.orig/src/racoon/session.h 2010-10-21
08:15:28.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/session.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _SESSION_H
#define _SESSION_H
+#include "gnuc.h"
+
extern int session __P((void));
extern RETSIGTYPE signal_handler __P((int));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/sockmisc.h ipsec-tools-
0.8.2-1/src/racoon/sockmisc.h
--- ipsec-tools-0.8.2.orig/src/racoon/sockmisc.h 2011-03-14
18:18:13.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/sockmisc.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _SOCKMISC_H
#define _SOCKMISC_H
+#include "gnuc.h"
+
#ifndef IP_IPSEC_POLICY
#define IP_IPSEC_POLICY 16 /* XXX: from linux/in.h */
#endif
diff -purN ipsec-tools-0.8.2.orig/src/racoon/str2val.h ipsec-tools-
0.8.2-1/src/racoon/str2val.h
--- ipsec-tools-0.8.2.orig/src/racoon/str2val.h 2006-09-09
18:22:10.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/str2val.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _STR2VAL_H
#define _STR2VAL_H
+#include "gnuc.h"
+
extern caddr_t val2str __P((const char *, size_t));
extern char *str2val __P((const char *, int, size_t *));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/strnames.h ipsec-tools-
0.8.2-1/src/racoon/strnames.h
--- ipsec-tools-0.8.2.orig/src/racoon/strnames.h 2006-09-09
18:22:10.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/strnames.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _STRNAMES_H
#define _STRNAMES_H
+#include "gnuc.h"
+
extern char *num2str __P((int n));
extern char *s_isakmp_state __P((int, int, int));
diff -purN ipsec-tools-0.8.2.orig/src/racoon/throttle.h ipsec-tools-
0.8.2-1/src/racoon/throttle.h
--- ipsec-tools-0.8.2.orig/src/racoon/throttle.h 2009-01-23
09:25:07.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/throttle.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,7 @@
#ifndef _THROTTLE_H
#define _THROTTLE_H
+#include "gnuc.h"
#include "schedule.h"
struct throttle_entry {
diff -purN ipsec-tools-0.8.2.orig/src/racoon/vendorid.h ipsec-tools-
0.8.2-1/src/racoon/vendorid.h
--- ipsec-tools-0.8.2.orig/src/racoon/vendorid.h 2009-01-23
09:06:56.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/racoon/vendorid.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _VENDORID_H
#define _VENDORID_H
+#include "gnuc.h"
+
#ifndef BIT
#define BIT(x) (1 << (x))
#endif
diff -purN ipsec-tools-0.8.2.orig/src/racoon/vmbuf.h ipsec-tools-0.8.2-
1/src/racoon/vmbuf.h
--- ipsec-tools-0.8.2.orig/src/racoon/vmbuf.h 2006-09-09
18:22:10.000000000 +0200
+++ ipsec-tools-0.8.2-1/src/racoon/vmbuf.h 2016-05-08
12:03:00.874662084 +0200
@@ -34,6 +34,8 @@
#ifndef _VMBUF_H
#define _VMBUF_H
+#include "gnuc.h"
+
/*
* bp v
* v v
diff -purN ipsec-tools-0.8.2.orig/src/setkey/extern.h ipsec-tools-
0.8.2-1/src/setkey/extern.h
--- ipsec-tools-0.8.2.orig/src/setkey/extern.h 2009-03-06
12:45:03.000000000 +0100
+++ ipsec-tools-0.8.2-1/src/setkey/extern.h 2016-05-08
12:03:00.874662084 +0200
@@ -1,6 +1,6 @@
/* $NetBSD: extern.h,v 1.5 2009/03/06 11:45:03 tteras Exp $
*/
-
+#include "gnuc.h"
void parse_init __P((void));
int parse __P((FILE **));
|
|
From: Jörg K. <joe...@em...> - 2016-05-08 10:43:38
|
This series of patches fix build issues with the musl C library [1]. musl is used as the default C library in OpenWRT and Alpine and is supported by other Linux distros (Gentoo, Arch, Debian) and projects (Buildroot, Rust, ...). Short summary about the patches: 1) Fix missing definition of __P() macro 2) Remove unneeded <sys/sysctl.h> 3) Check for GLOB_TILDE 4) Check for strtouq 5) Fix redirection of <sys/signal.h> As the projects CVS repository on sourceforge is outdated, I created the patches from the sources with the version 0.8.2. [1] http://www.musl-libc.org Changes v2 -> v3: * do not get rid of __P, but include the compatibility header gnuc.h whenever needed (suggested by Rainer Weikusat) Changes v1 -> v2: * Seperate non-SUSv3 fix from this patch set * Define GLOB_TILDE with 0 if not defined (suggested by Rainer Weikusat) * Use autoconf to check for strtouq (suggested by Rainer Weikusat) Best regards Jörg Krause |
|
From: Madhukrishna G <Mad...@mp...> - 2016-05-06 08:14:20
|
Hi,
Raw syn packets are un-encrypted with IPsec configuration. whereas the SYN packets that are sent with connect() are getting encrypted. This issue will be seen during interface failover.
The version of ipsec that I am using is
Package: ipsec-tools
Version: ipsec-tools (1:0.8.2+20140711-2+deb8u1)
I have created a raw socket socket (PF_INET, SOCK_RAW, IPPROTO_TCP); and modified the TCP header as below.
//TCP Header
tcph->source = htons (1234);
tcph->dest = htons (80);
tcph->seq = 0;
tcph->ack_seq = 0;
tcph->doff = 5; //tcp header size
tcph->fin = 0;
tcph->syn = 1;
tcph->rst = 0;
tcph->psh = 0;
tcph->ack = 0;
tcph->urg = 0;
tcph->window = htons (5840); /* maximum allowed window size */
tcph->check = 0; //leave checksum 0 now, filled later by pseudo header
tcph->urg_ptr = 0;
When I send RAW packets after adding necessary Encryption algorithms in racoon.conf, On the partner system I am not able to see encrypted packets!
Is it a known issue in ipsec ??? OR Do I need to configure any other kernel or raccoon related parameters.
Let me know if anybody needs my racoon.conf file and reproducers.
Thanks in advance,
Madhu
Information transmitted by this e-mail is proprietary to Mphasis, its associated companies and/ or its customers and is intended
for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or
exempt from disclosure under applicable law. If you are not the intended recipient or it appears that this mail has been forwarded
to you without proper authority, you are notified that any use or dissemination of this information in any manner is strictly
prohibited. In such cases, please notify us immediately at mai...@mp... and delete this mail from your records.
|
|
From: Joan D. <jd...@ci...> - 2016-04-29 21:52:58
|
Thank you Rainer, you are so right. I'm working in an embedde device and using bitbake as a crosscopile tool, and I assumed it always rebuild everything, which is wrong. After clean the project, I rebuilded it and now works. Thank you again, Joan ________________________________________ De: Rainer Weikusat [rwe...@mo...] Enviat el: divendres, 29 / abril / 2016 19:52 Per a: ips...@li... Tema: Re: [Ipsec-tools-devel] Improved DPD Joan Duran <jd...@ci...> writes: > Thank you Rainer for your advise! > > I'm trying to modify the ph1handle struct in order to add some > variables to check the traffic, but after adding any variable, the > racoon daemon always crash. > Do you have any clue? You could try a rebuild from scratch (make clean; make) to ensure that the header changes (you should have changed the struct ph1handle or struct ph2handle in handler.h) are actually known to all code. Apart from that, "it crashes" doesn't exactly communicate much about the problem. Running with 'log debug;' (in racoon.conf) might provide some inside. Or enable core dumps (usually disabled on Linux), eg ulimit -c 32768 and run the server in forgeground from this shell (racoon -F). After it crashed, there should be a file named core in the current directory. This can be loaded into a gdb session, gdb racoon core to enable post-mortem debugging of the issue. ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ Ipsec-tools-devel mailing list Ips...@li... https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel |
|
From: Rainer W. <rwe...@mo...> - 2016-04-29 17:52:45
|
Joan Duran <jd...@ci...> writes: > Thank you Rainer for your advise! > > I'm trying to modify the ph1handle struct in order to add some > variables to check the traffic, but after adding any variable, the > racoon daemon always crash. > Do you have any clue? You could try a rebuild from scratch (make clean; make) to ensure that the header changes (you should have changed the struct ph1handle or struct ph2handle in handler.h) are actually known to all code. Apart from that, "it crashes" doesn't exactly communicate much about the problem. Running with 'log debug;' (in racoon.conf) might provide some inside. Or enable core dumps (usually disabled on Linux), eg ulimit -c 32768 and run the server in forgeground from this shell (racoon -F). After it crashed, there should be a file named core in the current directory. This can be loaded into a gdb session, gdb racoon core to enable post-mortem debugging of the issue. |
|
From: Joan D. <jd...@ci...> - 2016-04-27 10:37:18
|
Thank you Rainer for your advise! I'm trying to modify the ph1handle struct in order to add some variables to check the traffic, but after adding any variable, the racoon daemon always crash. Do you have any clue? ________________________________________ De: Rainer Weikusat <rwe...@mo...> Enviat el: dilluns, 25 / abril / 2016 17:44 Per a: ips...@li... Tema: Re: [Ipsec-tools-devel] Improved DPD Joan Duran <jd...@ci...> writes: > I'm trying to improve the Dead Peer Detection in order to reduce the > traffic (it's a client request). The idea is to send the R_U_THERE > packet only if there isn't any incoming traffic the last DPD delay > time, instead of sending this packet every DPD delay time, regardless > of the incoming traffic. This is the same approach used in different > DPD implementations like Openswan. > > The code should be reschedule the R_U_THERE packet every time there is > any incoming traffic, like this: > > iph1->dpd_fails = 0; > sched_cancel(&iph1->dpd_r_u); > isakmp_sched_r_u(iph1, 0); That's not a good idea because you'll end up re-scheduling the timer in very quick succession (whenever an ESP datagram is received). A better idea is to use a simple, periodic timer and check if there was traffic during the last interval: If so, the timer's just re-scheduled, otherwise, an R_U_THERE is sent. > But the problem is I can't find where is managed all the incoming > traffic, especially the ESP packets. > > My question is, where is managed all the incoming traffic? The kernel does this. The racoon (fork) my employer uses utilizes such a scheme: It's based on an additional AF_KEY msg (I added to the [Linux] kernel) which can be used to read the octet counters associated with a kernel ph2 SA (aka XFRM state). In this way, the IKE daemon can work out if new data was received since the last check and then send or not send a DPD probe. |
|
From: Jörg K. <joe...@em...> - 2016-04-25 18:58:08
|
On Sa, 2016-04-23 at 16:49 +0100, Rainer Weikusat wrote: > Jörg Krause <joe...@em...cks> writes: > > On Fr, 2016-04-22 at 15:03 +0100, Rainer Weikusat wrote: > > > Jörg Krause <joe...@em...cks> writes: > > > > Make ipsec-tools autoreconfigurable. This is required for > > > > patching > > > > configure.ac. > > > > > > It's not. There's a script named bootstrap in the top-level > > > directory > > > which does this job. > > > > Yes, the bootstrap script does the job. However, simply using the > > autoreconf tool instead does not work. > > > > The reason for this patch is that Builroot (an embedded Linux build > > tool) prefers running the autoreconf tool instead of the > > bootstrap/autogen scripts. > > If buildroot can't build something, how about fixing it? Buildroot uses autoreconf by default, but has the possibility to use the packages boostrap/autogen script instead. However, if a package does not work with the autoreconf tool and the packages bootstrap script does not do any magic besides what autoreconf does, the Buildroot way is to try to add the missing parts to the packages autotools files (it's just about passing 'subdir-objects' and 'foreign' to automake and moving the m4 file into a subdirectory). As I've written before: if the maintainer(s) do(es) not accept the patch feel free to reject it. > Something similar applies to the __P change, BTW. Most of the racoon > code has been written such that it can be compiled with a K&R > compiler. Supporting this without an invasive code change with > absolutely > no benefit requires a single-line macro definition. The code even > already contains a header defining this macro (gnuc.h), it would just > need to be used. Alternatively, > > #define __P(x) x > > could be added to the C library in question. This would improve the C > library instead of degrading the racoon code. > > NB: I also believe this feature is nowadays unused. But it doesn't > hurt > anyone. > > grep -L 'gnuc\.h' *.c | while read x; do > ed $x <<'TT' > /#include > i > #include "gnuc.h" > . > wq > TT > done > > This will (at least the variant I executed I believe to be identical > to > this one did) insert an > > #include "gnuc.h" > > in front of the first #include in any .c file (in the current > directory) instead of changing ca 580 function declarations. I'm fine with your solution! Most projects tend to get rid of the macro. However, I've never seen such an extensive use of it. So probably it's better to keep it. Best regards Jörg Krause |
|
From: Rainer W. <rwe...@mo...> - 2016-04-25 15:45:01
|
Joan Duran <jd...@ci...> writes: > I'm trying to improve the Dead Peer Detection in order to reduce the > traffic (it's a client request). The idea is to send the R_U_THERE > packet only if there isn't any incoming traffic the last DPD delay > time, instead of sending this packet every DPD delay time, regardless > of the incoming traffic. This is the same approach used in different > DPD implementations like Openswan. > > The code should be reschedule the R_U_THERE packet every time there is > any incoming traffic, like this: > > iph1->dpd_fails = 0; > sched_cancel(&iph1->dpd_r_u); > isakmp_sched_r_u(iph1, 0); That's not a good idea because you'll end up re-scheduling the timer in very quick succession (whenever an ESP datagram is received). A better idea is to use a simple, periodic timer and check if there was traffic during the last interval: If so, the timer's just re-scheduled, otherwise, an R_U_THERE is sent. > But the problem is I can't find where is managed all the incoming > traffic, especially the ESP packets. > > My question is, where is managed all the incoming traffic? The kernel does this. The racoon (fork) my employer uses utilizes such a scheme: It's based on an additional AF_KEY msg (I added to the [Linux] kernel) which can be used to read the octet counters associated with a kernel ph2 SA (aka XFRM state). In this way, the IKE daemon can work out if new data was received since the last check and then send or not send a DPD probe. |
|
From: Joan D. <jd...@ci...> - 2016-04-25 15:21:28
|
Hello,
I'm trying to improve the Dead Peer Detection in order to reduce the traffic (it's a client request). The idea is to send the R_U_THERE packet only if there isn't any incoming traffic the last DPD delay time, instead of sending this packet every DPD delay time, regardless of the incoming traffic. This is the same approach used in different DPD implementations like Openswan.
The code should be reschedule the R_U_THERE packet every time there is any incoming traffic, like this:
iph1->dpd_fails = 0;
sched_cancel(&iph1->dpd_r_u);
isakmp_sched_r_u(iph1, 0);
But the problem is I can't find where is managed all the incoming traffic, especially the ESP packets.
My question is, where is managed all the incoming traffic?
Otherwise, another option it's just to know when was received the last packet, and use this information to reschedule the R_U_THERE packet. But I don't know if it's possible to get such information.
Could someone help me? Thanks!
Best regards,
Joan
|
|
From: Rainer W. <rwe...@mo...> - 2016-04-23 15:49:43
|
Jörg Krause <joe...@em...cks> writes: > On Fr, 2016-04-22 at 15:03 +0100, Rainer Weikusat wrote: >> Jörg Krause <joe...@em...cks> writes: >> > Make ipsec-tools autoreconfigurable. This is required for patching >> > configure.ac. >> >> It's not. There's a script named bootstrap in the top-level directory >> which does this job. > > Yes, the bootstrap script does the job. However, simply using the > autoreconf tool instead does not work. > > The reason for this patch is that Builroot (an embedded Linux build > tool) prefers running the autoreconf tool instead of the > bootstrap/autogen scripts. If buildroot can't build something, how about fixing it? Something similar applies to the __P change, BTW. Most of the racoon code has been written such that it can be compiled with a K&R compiler. Supporting this without an invasive code change with absolutely no benefit requires a single-line macro definition. The code even already contains a header defining this macro (gnuc.h), it would just need to be used. Alternatively, #define __P(x) x could be added to the C library in question. This would improve the C library instead of degrading the racoon code. NB: I also believe this feature is nowadays unused. But it doesn't hurt anyone. grep -L 'gnuc\.h' *.c | while read x; do ed $x <<'TT' /#include i #include "gnuc.h" . wq TT done This will (at least the variant I executed I believe to be identical to this one did) insert an #include "gnuc.h" in front of the first #include in any .c file (in the current directory) instead of changing ca 580 function declarations. |
|
From: Jörg K. <joe...@em...> - 2016-04-23 08:10:12
|
On Fr, 2016-04-22 at 15:03 +0100, Rainer Weikusat wrote: > Jörg Krause <joe...@em...cks> writes: > > Make ipsec-tools autoreconfigurable. This is required for patching > > configure.ac. > > It's not. There's a script named bootstrap in the top-level directory > which does this job. Yes, the bootstrap script does the job. However, simply using the autoreconf tool instead does not work. The reason for this patch is that Builroot (an embedded Linux build tool) prefers running the autoreconf tool instead of the bootstrap/autogen scripts. If you're not interested in allowing to run autoreconf, feel free to reject this patch. Best regards Jörg Krause |
|
From: Rainer W. <rwe...@mo...> - 2016-04-22 14:03:51
|
Jörg Krause <joe...@em...cks> writes: > Make ipsec-tools autoreconfigurable. This is required for patching > configure.ac. It's not. There's a script named bootstrap in the top-level directory which does this job. |
|
From: Jörg K. <joe...@em...> - 2016-04-22 09:22:34
|
Fix redirection of <sys/signal.h> The correct including path is <signal.h> instead of <sys/signal.h> [1]. glibc redirects silently to the correct path, whereas the musl libc prints a warning. [1] http://pubs.opengroup.org/onlinepubs/009695399/basedefs/signal.h.ht ml Signed-off-by: Jörg Krause <joe...@em...cks> diff -purN ipsec-tools-0.8.2.orig/src/racoon/admin.c ipsec-tools- 0.8.2/src/racoon/admin.c --- ipsec-tools-0.8.2.orig/src/racoon/admin.c 2013-06-03 07:49:59.000000000 +0200 +++ ipsec-tools-0.8.2/src/racoon/admin.c 2016-03-26 21:22:40.720926356 +0100 @@ -36,7 +36,7 @@ #include <sys/types.h> #include <sys/param.h> #include <sys/socket.h> -#include <sys/signal.h> +#include <signal.h> #include <sys/stat.h> #include <sys/un.h> |
|
From: Jörg K. <joe...@em...> - 2016-04-22 09:22:04
|
Check for strtouq
strtouq() is a BSD function and might not be available on some C
libraries.
Replace it by its equivalent function strtoull() [1]. This fixes build
errors
with the musl C library.
Signed-off-by: Jörg Krause <joe...@em...cks>
diff -purN ipsec-tools-0.8.2.orig.3/configure.ac ipsec-tools-
0.8.2.orig.4/configure.ac
--- ipsec-tools-0.8.2.orig.3/configure.ac 2016-04-22
11:00:08.132617909 +0200
+++ ipsec-tools-0.8.2.orig.4/configure.ac 2016-04-22
11:01:11.992250525 +0200
@@ -125,7 +125,7 @@ AC_STRUCT_TM
AC_FUNC_MEMCMP
AC_TYPE_SIGNAL
AC_FUNC_VPRINTF
-AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul
strlcpy strlcat)
+AC_CHECK_FUNCS(gettimeofday select socket strerror strtol strtoul
strtoull strtouq strlcpy strlcat)
AC_CHECK_FUNCS([bcopy memmove index strchr])
AC_REPLACE_FUNCS(strdup)
RACOON_CHECK_VA_COPY
diff -purN ipsec-tools-0.8.2.orig.3/src/racoon/misc.h ipsec-tools-
0.8.2.orig.4/src/racoon/misc.h
--- ipsec-tools-0.8.2.orig.3/src/racoon/misc.h 2016-04-22
11:00:22.382535991 +0200
+++ ipsec-tools-0.8.2.orig.4/src/racoon/misc.h 2016-04-22
11:00:48.752384310 +0200
@@ -85,6 +85,14 @@ extern void close_on_exec(int fd);
# endif
#endif
+#ifndef HAVE_STRTOUQ
+# ifdef HAVE_STRTOULL
+# define strtouq strtoull
+# elif HAVE_STRTOUL
+# define strtouq strtoul
+# endif
+#endif
+
#define STRDUP_FATAL(x) if (x == NULL) { \
plog(LLV_ERROR, LOCATION, NULL, "strdup failed\n"); \
exit(1); \
|
|
From: Jörg K. <joe...@em...> - 2016-04-22 09:20:37
|
Check for GLOB_TILDE GLOB_TILDE is a GNU extension and might not be available on some C libraries. This fixes build errors with the musl C library. Signed-off-by: Jörg Krause <joe...@em...cks> diff -purN ipsec-tools-0.8.2.orig/src/racoon/misc.h ipsec-tools- 0.8.2/src/racoon/misc.h --- ipsec-tools-0.8.2.orig/src/racoon/misc.h 2008-07-15 02:47:09.000000000 +0200 +++ ipsec-tools-0.8.2/src/racoon/misc.h 2016-04-22 09:32:15.040242720 +0200 @@ -60,6 +60,11 @@ extern void close_on_exec __P((int fd)); TAILQ_FOREACH_REVERSE(var, head, headname, field) #endif +/* GLOB_TILDE is a GNU extension and might not be available on some C libs. */ +#ifndef GLOB_TILDE +#define GLOB_TILDE 0 +#endif + #ifndef HAVE_STRLCPY #define strlcpy(d,s,l) (strncpy(d,s,l), (d)[(l)-1] = '\0') #endif |
|
From: Jörg K. <joe...@em...> - 2016-04-22 09:20:01
|
Remove <sys/sysctl.h> This fixes build errors with the musl C library. Including this header file is not necessary as ipsec-tools does not use the sysctl() function (declared in <sys/sysctl.h>), but does the call syscall() directly. Signed-off-by: Jörg Krause <joe...@em...cks> diff -purN ipsec-tools-0.8.2.orig/src/racoon/grabmyaddr.c ipsec-tools- 0.8.2/src/racoon/grabmyaddr.c --- ipsec-tools-0.8.2.orig/src/racoon/grabmyaddr.c 2016-03-21 20:55:47.567083946 +0100 +++ ipsec-tools-0.8.2/src/racoon/grabmyaddr.c 2016-03-26 19:34:52.322194695 +0100 @@ -47,7 +47,6 @@ #include <net/route.h> #include <net/if.h> #include <net/if_dl.h> -#include <sys/sysctl.h> #define USE_ROUTE #endif diff -purN ipsec-tools-0.8.2.orig/src/racoon/pfkey.c ipsec-tools- 0.8.2/src/racoon/pfkey.c --- ipsec-tools-0.8.2.orig/src/racoon/pfkey.c 2016-03-21 20:55:47.557084171 +0100 +++ ipsec-tools-0.8.2/src/racoon/pfkey.c 2016-03-26 19:34:57.232162557 +0100 @@ -59,7 +59,6 @@ #include <sys/param.h> #include <sys/socket.h> #include <sys/queue.h> -#include <sys/sysctl.h> #include <net/route.h> #include <net/pfkeyv2.h> diff -purN ipsec-tools-0.8.2.orig/src/setkey/setkey.c ipsec-tools- 0.8.2/src/setkey/setkey.c --- ipsec-tools-0.8.2.orig/src/setkey/setkey.c 2016-03-21 20:55:47.557084171 +0100 +++ ipsec-tools-0.8.2/src/setkey/setkey.c 2016-03-26 19:35:01.892132056 +0100 @@ -40,7 +40,6 @@ #include <sys/socket.h> #include <sys/time.h> #include <sys/stat.h> -#include <sys/sysctl.h> #include <err.h> #include <netinet/in.h> #include <net/pfkeyv2.h> |
35 messages has been excluded from this view by a project administrator.
