Bug#163904: porting isakmpd to linux-2.5

To: 163904@bugs.debian.org
Subject: Bug#163904: porting isakmpd to linux-2.5
From: Martin Waitz <tali@admingilde.org>
Date: Sun, 10 Nov 2002 23:00:32 +0100
Message-id: <[🔎] 20021110220032.GD1114@admingilde.org>
Reply-to: Martin Waitz <tali@admingilde.org>, 163904@bugs.debian.org

hi :)

with the attached patch, isakmpd happily compiles for me :)

it changes sysdep/linux to use pf_key_v2.c instead of klips.
with the attached include files (copied from the linux-2.5
and freebsd source tree), this seems to work pretty well.

however, i haven't tested it yet.
will boot linux-2.5 in a minute... ;)

-- 
CU,		  / Friedrich-Alexander University Erlangen, Germany
Martin Waitz	//  [Tali on IRCnet]  [tali.home.pages.de] _________
______________/// - - - - - - - - - - - - - - - - - - - - ///
dies ist eine manuell generierte mail, sie beinhaltet    //
tippfehler und ist auch ohne grossbuchstaben gueltig.   /
			    -
Wer bereit ist, grundlegende Freiheiten aufzugeben, um sich 
kurzfristige Sicherheit zu verschaffen, der hat weder Freiheit 
noch Sicherheit verdient.
			Benjamin Franklin  (1706 - 1790)

? autoscan.log
? exchange_num.c
? exchange_num.h
? ipsec_fld.c
? ipsec_fld.h
? ipsec_num.c
? ipsec_num.h
? isakmp_fld.c
? isakmp_fld.h
? isakmp_num.c
? isakmp_num.h
? isakmpd
? linux-2.5-port.diff
? sysdep/linux/include
Index: GNUmakefile
===================================================================
RCS file: /cvs/src/sbin/isakmpd/GNUmakefile,v
retrieving revision 1.4
diff -u -p -r1.4 GNUmakefile
--- GNUmakefile	23 Aug 2002 18:17:17 -0000	1.4
+++ GNUmakefile	10 Nov 2002 21:54:17 -0000
@@ -44,11 +44,12 @@
 # openbsd means 2.5 or newer, linux is the name for Linux with FreeS/WAN
 # integrated, freebsd/netbsd means FreeBSD/NetBSD with KAME IPsec.
 # darwin means MacOS X 10.2 and later with KAME IPsec.
-OS=		openbsd
+#OS=		openbsd
 #OS=		netbsd
 #OS=		freebsd
 #OS=		linux
 #OS=		darwin
+OS=		linux
 
 .CURDIR:=	$(shell pwd)
 VPATH=		${.CURDIR}/sysdep/${OS}
Index: Makefile
===================================================================
RCS file: /cvs/src/sbin/isakmpd/Makefile,v
retrieving revision 1.46
diff -u -p -r1.46 Makefile
--- Makefile	10 Jun 2002 18:08:58 -0000	1.46
+++ Makefile	10 Nov 2002 21:54:17 -0000
@@ -43,10 +43,10 @@
 
 # openbsd means OpenBSD 2.5 or newer. linux is the name for Linux with
 # FreeS/WAN integrated, freebsd/netbsd means FreeBSD/NetBSD with KAME IPsec.
-OS=		openbsd
+#OS=		openbsd
 #OS=		netbsd
 #OS=		freebsd
-#OS=		linux
+OS=		linux
 #OS=		bsdi
 
 # Compile-time configuration of otherwise optional features
Index: init.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/init.c,v
retrieving revision 1.20
diff -u -p -r1.20 init.c
--- init.c	7 Aug 2002 13:19:20 -0000	1.20
+++ init.c	10 Nov 2002 21:54:17 -0000
@@ -37,6 +37,8 @@
 
 /* XXX This file could easily be built dynamically instead.  */
 
+#include <stdlib.h>
+
 #include "sysdep.h"
 
 #include "app.h"
Index: key.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/key.c,v
retrieving revision 1.12
diff -u -p -r1.12 key.c
--- key.c	11 Sep 2002 09:50:44 -0000	1.12
+++ key.c	10 Nov 2002 21:54:17 -0000
@@ -21,6 +21,7 @@
  */
 
 #include <string.h>
+#include <stdlib.h>
 
 #include "sysdep.h"
 
Index: libcrypto.h
===================================================================
RCS file: /cvs/src/sbin/isakmpd/libcrypto.h,v
retrieving revision 1.14
diff -u -p -r1.14 libcrypto.h
--- libcrypto.h	10 Jun 2002 18:08:58 -0000	1.14
+++ libcrypto.h	10 Nov 2002 21:54:17 -0000
@@ -47,6 +47,7 @@
 #include <openssl/bio.h>
 #include <openssl/md5.h>
 #include <openssl/pem.h>
+#include <openssl/rsa.h>
 #include <openssl/x509_vfy.h>
 #include <openssl/x509.h>
 
Index: log.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/log.c,v
retrieving revision 1.30
diff -u -p -r1.30 log.c
--- log.c	8 Aug 2002 13:25:28 -0000	1.30
+++ log.c	10 Nov 2002 21:54:18 -0000
@@ -36,7 +36,7 @@
  */
 
 #include <sys/types.h>
-#include <sys/time.h>
+#include <time.h>
 
 #ifdef USE_DEBUG
 #include <sys/socket.h>
Index: pf_key_v2.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/pf_key_v2.c,v
retrieving revision 1.117
diff -u -p -r1.117 pf_key_v2.c
--- pf_key_v2.c	11 Sep 2002 09:50:44 -0000	1.117
+++ pf_key_v2.c	10 Nov 2002 21:54:19 -0000
@@ -823,7 +823,9 @@ pf_key_v2_setup_sockaddr (void *res, str
     case AF_INET:
       ip4_sa = (struct sockaddr_in *)res;
       ip4_sa->sin_family = AF_INET;
+#ifndef USE_OLD_SOCKADDR
       ip4_sa->sin_len = sizeof *ip4_sa;
+#endif
       ip4_sa->sin_port = port;
       if (dst)
 	p = (u_int8_t *)(ingress
@@ -837,7 +839,9 @@ pf_key_v2_setup_sockaddr (void *res, str
     case AF_INET6:
       ip6_sa = (struct sockaddr_in6 *)res;
       ip6_sa->sin6_family = AF_INET6;
+#ifndef USE_OLD_SOCKADDR
       ip6_sa->sin6_len = sizeof *ip6_sa;
+#endif
       ip6_sa->sin6_port = port;
       if (dst)
 	p = (u_int8_t *)(ingress
@@ -2312,13 +2316,17 @@ pf_key_v2_enable_sa (struct sa *sa, stru
     {
     case AF_INET:
       ((struct sockaddr_in *)hostmask)->sin_family = AF_INET;
+#ifndef USE_OLD_SOCKADDR
       ((struct sockaddr_in *)hostmask)->sin_len = sizeof (struct in_addr);
+#endif
       memset (&((struct sockaddr_in *)hostmask)->sin_addr.s_addr, 0xff,
 	      sizeof (struct in_addr));
       break;
     case AF_INET6:
       ((struct sockaddr_in6 *)hostmask)->sin6_family = AF_INET6;
+#ifndef USE_OLD_SOCKADDR
       ((struct sockaddr_in6 *)hostmask)->sin6_len = sizeof (struct in6_addr);
+#endif
       memset (&((struct sockaddr_in6 *)hostmask)->sin6_addr.s6_addr, 0xff,
 	      sizeof (struct in6_addr));
       break;
@@ -2497,14 +2505,18 @@ pf_key_v2_disable_sa (struct sa *sa, int
 	{
 	case AF_INET:
 	  ((struct sockaddr_in *)hostmask)->sin_family = AF_INET;
+#ifndef USE_OLD_SOCKADDR
 	  ((struct sockaddr_in *)hostmask)->sin_len = sizeof (struct in_addr);
+#endif
 	  memset (&((struct sockaddr_in *)hostmask)->sin_addr.s_addr, 0xff,
 		  sizeof (struct in_addr));
 	  break;
 	case AF_INET6:
 	  ((struct sockaddr_in6 *)hostmask)->sin6_family = AF_INET6;
+#ifndef USE_OLD_SOCKADDR
 	  ((struct sockaddr_in6 *)hostmask)->sin6_len =
 	    sizeof (struct in6_addr);
+#endif
 	  memset (&((struct sockaddr_in6 *)hostmask)->sin6_addr.s6_addr, 0xff,
 		  sizeof (struct in6_addr));
 	  break;
Index: udp.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/udp.c,v
retrieving revision 1.56
diff -u -p -r1.56 udp.c
--- udp.c	11 Sep 2002 09:50:44 -0000	1.56
+++ udp.c	10 Nov 2002 21:54:20 -0000
@@ -648,7 +648,9 @@ udp_init (void)
    */
   memset (&dflt_stor, 0, sizeof dflt_stor);
   dflt->sin_family = AF_INET;
+#ifndef USE_OLD_SOCKADDR
   ((struct sockaddr_in *)dflt)->sin_len = sizeof (struct sockaddr_in);
+#endif
   ((struct sockaddr_in *)dflt)->sin_port = htons (lport);
 
   default_transport = udp_bind ((struct sockaddr *)&dflt_stor);
@@ -662,7 +664,9 @@ udp_init (void)
 
   memset (&dflt_stor, 0, sizeof dflt_stor);
   dflt->sin_family = AF_INET6;
+#ifndef USE_OLD_SOCKADDR
   ((struct sockaddr_in6 *)dflt)->sin6_len = sizeof (struct sockaddr_in6);
+#endif
   ((struct sockaddr_in6 *)dflt)->sin6_port = htons (lport);
 
   default_transport6 = udp_bind ((struct sockaddr *)&dflt_stor);
Index: x509.h
===================================================================
RCS file: /cvs/src/sbin/isakmpd/x509.h,v
retrieving revision 1.17
diff -u -p -r1.17 x509.h
--- x509.h	7 Aug 2002 13:19:20 -0000	1.17
+++ x509.h	10 Nov 2002 21:54:20 -0000
@@ -60,8 +60,6 @@ struct x509_aca {
   struct x509_attribval name2;
 };
 
-struct X509;
-struct X509_STORE;
 
 /* Functions provided by cert handler.  */
 
Index: sysdep/linux/GNUmakefile.sysdep
===================================================================
RCS file: /cvs/src/sbin/isakmpd/sysdep/linux/GNUmakefile.sysdep,v
retrieving revision 1.4
diff -u -p -r1.4 GNUmakefile.sysdep
--- sysdep/linux/GNUmakefile.sysdep	10 Jun 2002 18:08:59 -0000	1.4
+++ sysdep/linux/GNUmakefile.sysdep	10 Nov 2002 21:54:20 -0000
@@ -33,13 +33,6 @@
 # This code was written under funding by Ericsson Radio Systems.
 #
 
-# In order for this to work, invocations need to set FREESWAN to the
-# directory where FreeS/WAN is installed.
-
-ifndef FREESWAN
-FREESWAN=	/usr/src/freeswan
-endif
-
 BINDIR=		/usr/local/sbin
 # Partly good for RedHat 5.2, but man(1) does not find them so I have it
 # disabled for now.
@@ -48,23 +41,23 @@ BINDIR=		/usr/local/sbin
 #MAN8=		isakmpd.0
 NOMAN=
 
-LIBGMP= -lgmp
-LIBDES=		${FREESWAN}/libdes/libdes.a
 LIBSYSDEPDIR=	${.CURDIR}/sysdep/common/libsysdep
 LIBSYSDEP=	${LIBSYSDEPDIR}/libsysdep.a
+LIBGMP= -lgmp
+LIBCRYPTO= -lcrypto
 
-FEATURES=	tripledes blowfish cast ec aggressive debug
+IPSEC_SRCS=	pf_key_v2.c
+IPSEC_CFLAGS	=-DUSE_PF_KEY_V2
 
-SRCS+=		klips.c
+FEATURES=	tripledes blowfish old_sockaddr ec libcrypto x509 aggressive debug
 
-LDADD+=		${LIBSYSDEP} ${LIBGMP} ${LIBDES} -ldl
-DPADD+=		${LIBSYSDEP} ${LIBGMP} ${LIBDES}
+LDADD+=		${LIBSYSDEP} ${LIBGMP} ${LIBCRYPTO} -ldl
+DPADD+=		${LIBSYSDEP} ${LIBGMP} ${LIBCRYPTO}
 
-CFLAGS+=	-I${FREESWAN}/gmp -I${FREESWAN}/libdes \
-		-I${FREESWAN}/klips -I${FREESWAN}/lib -DUSE_OLD_SOCKADDR \
-		-I${.CURDIR}/sysdep/common -DSYMBOL_PREFIX='"_"'
-CFLAGS+=        -DMP_FLAVOUR=MP_FLAVOUR_GMP
-CFLAGS+=	-D'SALEN(x)=8'
+CFLAGS+=	-I${.CURDIR}/sysdep/common
+CFLAGS+=	-I${.CURDIR}/sysdep/linux/include
+CFLAGS+=	-I/usr/include/openssl
+CFLAGS+=	-D_BSD_SOURCE
 
 ${LIBSYSDEP}:
 	cd ${LIBSYSDEPDIR}; \
Index: sysdep/linux/sysdep-os.h
===================================================================
RCS file: /cvs/src/sbin/isakmpd/sysdep/linux/sysdep-os.h,v
retrieving revision 1.5
diff -u -p -r1.5 sysdep-os.h
--- sysdep/linux/sysdep-os.h	16 Feb 2002 21:27:35 -0000	1.5
+++ sysdep/linux/sysdep-os.h	10 Nov 2002 21:54:20 -0000
@@ -36,16 +36,23 @@
 #ifndef _SYSDEP_OS_H_
 #define _SYSDEP_OS_H_
 
-typedef u_int16_t in_port_t;
-typedef u_int32_t in_addr_t;
 
-#if 0
-/*
- * Why -D__USE_GNU does not work in order to get this from stdio.h beats me.
- */
-extern int asprintf(char **, const char *, ...);
-#endif
+#define IPSEC_SPI_SIZE 4
+
+#define IPV6_VERSION 6
+
+#define HAVE_GETNAMEINFO
+#define MP_FLAVOUR MP_FLAVOUR_GMP
+
+
+int strlcat(char*, char*, int);
+int strlcpy(char*, char*, int);
+
+/* linux does not yet support these... simply use pseudo values */
+#define CPI_RESERVED_MAX 0
+#define CPI_PRIVATE_MIN 0
+
+#define SADB_X_AALG_RIPEMD160HMAC96 0
 
-#define DL_LAZY RTLD_LAZY
 
 #endif /* _SYSDEP_OS_H_ */
Index: sysdep/linux/sysdep.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/sysdep/linux/sysdep.c,v
retrieving revision 1.11
diff -u -p -r1.11 sysdep.c
--- sysdep/linux/sysdep.c	9 Jun 2002 08:13:07 -0000	1.11
+++ sysdep/linux/sysdep.c	10 Nov 2002 21:54:20 -0000
@@ -49,10 +49,14 @@
 #include "app.h"
 #include "conf.h"
 #include "ipsec.h"
-#include "klips.h"
+
+#ifdef USE_PF_KEY_V2
+#include "pf_key_v2.h"
+#define KEY_API(x) pf_key_v2_##x
+#endif
+
 #endif /* NEED_SYSDEP_APP */
 #include "log.h"
-#include "sysdep.h"
 
 extern char *__progname;
 
@@ -114,19 +118,20 @@ sysdep_sa_len (struct sockaddr *sa)
 int
 sysdep_app_open ()
 {
-  return klips_open ();
+  return KEY_API (open) ();
 }
 
 void
 sysdep_app_handler (int fd)
 {
+  KEY_API (handler) (fd);
 }
 
 /* Check that the connection named NAME is active, or else make it active.  */
 void
 sysdep_connection_check (char *name)
 {
-  klips_connection_check (name);
+  KEY_API (connection_check) (name);
 }
 
 /*
@@ -144,7 +149,7 @@ sysdep_ipsec_get_spi (size_t *sz, u_int8
       return strdup ("\x12\x34\x56\x78");
     }
 
-  return klips_get_spi (sz, proto, src, dst, seq);
+  return KEY_API (get_spi) (sz, proto, src, dst, seq);
 }
 
 int
@@ -156,26 +161,34 @@ sysdep_cleartext (int fd, int af)
 int
 sysdep_ipsec_delete_spi (struct sa *sa, struct proto *proto, int incoming)
 {
-  return klips_delete_spi (sa, proto, incoming);
+  if (app_none)
+    return 0;
+  return KEY_API (delete_spi) (sa, proto, incoming);
 }
 
 int
 sysdep_ipsec_enable_sa (struct sa *sa, struct sa *isakmp_sa)
 {
-  return klips_enable_sa (sa, isakmp_sa);
+  if (app_none)
+    return 0;
+  return KEY_API (enable_sa) (sa, isakmp_sa);
 }
 
 int
 sysdep_ipsec_group_spis (struct sa *sa, struct proto *proto1,
 			 struct proto *proto2, int incoming)
 {
-  return klips_group_spis (sa, proto1, proto2, incoming);
+  if (app_none)
+    return 0;
+  return KEY_API (group_spis) (sa, proto1, proto2, incoming);
 }
 
 int
 sysdep_ipsec_set_spi (struct sa *sa, struct proto *proto, int incoming,
 		      struct sa *isakmp_sa)
 {
-  return klips_set_spi (sa, proto, incoming, isakmp_sa);
+  if (app_none)
+    return 0;
+  return KEY_API (set_spi) (sa, proto, incoming, isakmp_sa);
 }
 #endif

Attachment: linux-2.5-port.tar.gz
Description: Binary data

Attachment: pgphh7lo3w4xi.pgp
Description: PGP signature

Reply to:

Prev by Date: Bug#168205: jabber up for adoption
Next by Date: Bug#168547: ITP: aspell-sv -- The Swedish dictionary for aspell.
Previous by thread: Bug#168590: ITP: lib765 - an emulation of the uPD765a floppy drive controller
Next by thread: Bug#168698: ITP: openoffice.org-help -- OpenOffice.org office suite help
Index(es):
- Date
- Thread