3 files changed, 143 insertions, 36 deletions
diff --git a/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch b/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch
new file mode 100644
index 000000000..da96983e6
--- /dev/null
+++ b/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch
@@ -0,0 +1,98 @@
+fix the function parameter
+Upstream-Status: pending
+Original openssl_diffie_hellman_create has three parameters, but
+it is reassigned a function pointer which has one parameter, and
+is called with one parameter, which will lead to segment fault
+on PPC, Now we simply correct the number of parameters.
+    #0  0x484d4aa0 in __GI_raise (sig=6)
+         at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
+    #1  0x484d9930 in __GI_abort () at abort.c:91
+    #2  0x10002064 in segv_handler (signal=11) at charon.c:224
+    #3  <signal handler called>
+    #4  0x48d89630 in openssl_diffie_hellman_create (group=MODP_1024_BIT, g=...,
+         p=<error reading variable: Cannot access memory at address 0x0>)
+         at openssl_diffie_hellman.c:143
+    #5  0x482c54f8 in create_dh (this=0x11ac6e68, group=MODP_1024_BIT)
+         at crypto/crypto_factory.c:358
+    #6  0x48375884 in create_dh (this=<optimized out>, group=<optimized out>)
+         at sa/keymat.c:132
+    #7  0x483843b8 in process_payloads (this=0x51400a78, message=<optimized
+    out>)
+         at sa/tasks/ike_init.c:200
+    #8  0x483844d0 in process_r (this=0x51400a78, message=0x51500778)
+         at sa/tasks/ike_init.c:319
+    #9  0x48374c9c in process_request (message=0x51500778, this=0x51400d20)
+         at sa/task_manager.c:870
+    #10 process_message (this=0x51400d20, msg=0x51500778) at
+    sa/task_manager.c:925
+    #11 0x4836c378 in process_message (this=0x514005f0, message=0x51500778)
+         at sa/ike_sa.c:1317
+    #12 0x48362270 in execute (this=0x515008d0)
+         at processing/jobs/process_message_job.c:74 
+Signed-off-by: Roy.Li <rongqing.li@windriver.com>
+---
+ src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c | 8 +++++++-
+ src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h | 4 +++-
+ src/libstrongswan/plugins/openssl/openssl_plugin.c         | 1 +
+ 3 files changed, 11 insertions(+), 2 deletions(-)
+diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
+index ff33824..bd21446 100644
+--- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
+@@ -142,7 +142,7 @@ METHOD(diffie_hellman_t, destroy, void,
+ /*
+  * Described in header.
+  */
+-openssl_diffie_hellman_t *openssl_diffie_hellman_create(
+openssl_diffie_hellman_t *openssl_diffie_hellman_create_custom(
+                                                        diffie_hellman_group_t group, chunk_t g, chunk_t p)
+ {
+        private_openssl_diffie_hellman_t *this;
+@@ -197,5 +197,11 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(
+ 
+        return &this->public;
+ }
+openssl_diffie_hellman_t *openssl_diffie_hellman_create( diffie_hellman_group_t group)
+{
+       chunk_t g;
+       chunk_t p;
+       openssl_diffie_hellman_create_custom(group, g, p);
+}
+ 
+ #endif /* OPENSSL_NO_DH */
+diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
+index 53dc59c..eb69eaa 100644
+--- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
+@@ -44,8 +44,10 @@ struct openssl_diffie_hellman_t {
+  * @param p                            custom prime, if MODP_CUSTOM
+  * @return                             openssl_diffie_hellman_t object, NULL if not supported
+  */
+-openssl_diffie_hellman_t *openssl_diffie_hellman_create(
+openssl_diffie_hellman_t *openssl_diffie_hellman_create_custom(
+                                                        diffie_hellman_group_t group, chunk_t g, chunk_t p);
+openssl_diffie_hellman_t *openssl_diffie_hellman_create(
+                                                       diffie_hellman_group_t group);
+ 
+ #endif /** OPENSSL_DIFFIE_HELLMAN_H_ @}*/
+ 
+diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
+index ff25086..c76873d 100644
+--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
+@@ -388,6 +388,7 @@ METHOD(plugin_t, get_features, int,
+                        PLUGIN_PROVIDE(DH, MODP_1024_BIT),
+                        PLUGIN_PROVIDE(DH, MODP_1024_160),
+                        PLUGIN_PROVIDE(DH, MODP_768_BIT),
+               PLUGIN_REGISTER(DH, openssl_diffie_hellman_create_custom),
+                        PLUGIN_PROVIDE(DH, MODP_CUSTOM),
+ #endif
+ #ifndef OPENSSL_NO_RSA
+-- 
+1.8.3
diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.0.0.bb b/meta-networking/recipes-support/strongswan/strongswan_5.0.0.bb
deleted file mode 100644
index eb49494ef..000000000
--- a/meta-networking/recipes-support/strongswan/strongswan_5.0.0.bb
+++ /dev/null
@@ -1,36 +0,0 @@
-DESCRIPTION = "strongSwan is an OpenSource IPsec implementation for the \
-Linux operating system."
-HOMEPAGE = "http://www.strongswan.org"
-SECTION = "console/network"
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-DEPENDS = "gmp openssl flex-native flex bison-native"
-PR = "r5"
-SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2"
-SRC_URI[md5sum] = "c8b861305def7c0abae04f7bbefec212"
-SRC_URI[sha256sum] = "efc13c86e715b5e596d9d8535640c830f83e977fe521afd2c70d68926c4b573e"
-EXTRA_OECONF = "--disable-curl --disable-soup --disable-ldap \
-        --enable-gmp --disable-mysql --disable-sqlite \
-        --enable-openssl"
-EXTRA_OECONF += "${@base_contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', d)}"
-inherit autotools systemd
-RRECOMMENDS_${PN} = "kernel-module-ipsec"
-PACKAGES += "${PN}-plugins"
-FILES_${PN} += "${libdir}/ipsec/lib*${SOLIBS}"
-FILES_${PN}-dev += "${libdir}/ipsec/lib*${SOLIBSDEV} ${libdir}/ipsec/*.la"
-FILES_${PN}-staticdev += "${libdir}/ipsec/*.a"
-FILES_${PN}-dbg += "${libdir}/ipsec/.debug ${libdir}/ipsec/plugins/.debug ${libexecdir}/ipsec/.debug"
-FILES_${PN}-plugins += "${libdir}/ipsec/plugins/*"
-INSANE_SKIP_${PN}-plugins = "staticdev"
-RPROVIDES_${PN} += "${PN}-systemd"
-RREPLACES_${PN} += "${PN}-systemd"
-RCONFLICTS_${PN} += "${PN}-systemd"
-SYSTEMD_SERVICE_${PN} = "${PN}.service"
diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.1.1.bb b/meta-networking/recipes-support/strongswan/strongswan_5.1.1.bb
new file mode 100644
index 000000000..a2a2333d6
--- /dev/null
+++ b/meta-networking/recipes-support/strongswan/strongswan_5.1.1.bb
@@ -0,0 +1,45 @@
+DESCRIPTION = "strongSwan is an OpenSource IPsec implementation for the \
+Linux operating system."
+SUMMARY = "strongSwan is an OpenSource IPsec implementation"
+HOMEPAGE = "http://www.strongswan.org"
+SECTION = "console/network"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+DEPENDS = "gmp openssl flex-native flex bison-native"
+SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \
+        file://fix-funtion-parameter.patch \
+"
+SRC_URI[md5sum] = "e3af3d493d22286be3cd794533a8966a"
+SRC_URI[sha256sum] = "fbf2a668221fc4a36a34bdeac2dfeda25b96f572d551df022585177953622406"
+EXTRA_OECONF = "--enable-gmp \
+        --enable-openssl \
+        --without-lib-prefix \
+"
+EXTRA_OECONF += "${@base_contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', d)}"
+PACKAGECONFIG ??= "sqlite3 curl \
+        ${@base_contains('DISTRO_FEATURES', 'ldap', 'ldap', '', d)} \
+"
+PACKAGECONFIG[sqlite3] = "--enable-sqlite,--disable-sqlite,sqlite3,"
+PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,openldap,"
+PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl,"
+PACKAGECONFIG[soup] = "--enable-soup,--disable-soup,libsoup-2.4,"
+PACKAGECONFIG[mysql] = "--enable-mysql,--disable-mysql,mysql5,"
+inherit autotools systemd
+RRECOMMENDS_${PN} = "kernel-module-ipsec"
+FILES_${PN} += "${libdir}/ipsec/lib*${SOLIBS} ${libdir}/ipsec/plugins/*.so"
+FILES_${PN}-dbg += "${libdir}/ipsec/.debug ${libdir}/ipsec/plugins/.debug ${libexecdir}/ipsec/.debug"
+FILES_${PN}-dev += "${libdir}/ipsec/lib*${SOLIBSDEV} ${libdir}/ipsec/*.la ${libdir}/ipsec/plugins/*.la"
+FILES_${PN}-staticdev += "${libdir}/ipsec/*.a ${libdir}/ipsec/plugins/*.a"
+RPROVIDES_${PN} += "${PN}-systemd"
+RREPLACES_${PN} += "${PN}-systemd"
+RCONFLICTS_${PN} += "${PN}-systemd"
+SYSTEMD_SERVICE_${PN} = "${BPN}.service"

diff --git a/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch b/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch new file mode 100644 index 000000000..da96983e6 --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch
@@ -0,0 +1,98 @@
		1	fix the function parameter
		2
		3	Upstream-Status: pending
		4
		5	Original openssl_diffie_hellman_create has three parameters, but
		6	it is reassigned a function pointer which has one parameter, and
		7	is called with one parameter, which will lead to segment fault
		8	on PPC, Now we simply correct the number of parameters.
		9
		10	#0 0x484d4aa0 in __GI_raise (sig=6)
		11	at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
		12	#1 0x484d9930 in __GI_abort () at abort.c:91
		13	#2 0x10002064 in segv_handler (signal=11) at charon.c:224
		14	#3 <signal handler called>
		15	#4 0x48d89630 in openssl_diffie_hellman_create (group=MODP_1024_BIT, g=...,
		16	p=<error reading variable: Cannot access memory at address 0x0>)
		17	at openssl_diffie_hellman.c:143
		18	#5 0x482c54f8 in create_dh (this=0x11ac6e68, group=MODP_1024_BIT)
		19	at crypto/crypto_factory.c:358
		20	#6 0x48375884 in create_dh (this=<optimized out>, group=<optimized out>)
		21	at sa/keymat.c:132
		22	#7 0x483843b8 in process_payloads (this=0x51400a78, message=<optimized
		23	out>)
		24	at sa/tasks/ike_init.c:200
		25	#8 0x483844d0 in process_r (this=0x51400a78, message=0x51500778)
		26	at sa/tasks/ike_init.c:319
		27	#9 0x48374c9c in process_request (message=0x51500778, this=0x51400d20)
		28	at sa/task_manager.c:870
		29	#10 process_message (this=0x51400d20, msg=0x51500778) at
		30	sa/task_manager.c:925
		31	#11 0x4836c378 in process_message (this=0x514005f0, message=0x51500778)
		32	at sa/ike_sa.c:1317
		33	#12 0x48362270 in execute (this=0x515008d0)
		34	at processing/jobs/process_message_job.c:74
		35
		36	Signed-off-by: Roy.Li <rongqing.li@windriver.com>
		37	---
		38	src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c \| 8 +++++++-
		39	src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h \| 4 +++-
		40	src/libstrongswan/plugins/openssl/openssl_plugin.c \| 1 +
		41	3 files changed, 11 insertions(+), 2 deletions(-)
		42
		43	diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
		44	index ff33824..bd21446 100644
		45	--- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
		46	+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
		47	@@ -142,7 +142,7 @@ METHOD(diffie_hellman_t, destroy, void,
		48	/*
		49	* Described in header.
		50	*/
		51	-openssl_diffie_hellman_t *openssl_diffie_hellman_create(
		52	+openssl_diffie_hellman_t *openssl_diffie_hellman_create_custom(
		53	diffie_hellman_group_t group, chunk_t g, chunk_t p)
		54	{
		55	private_openssl_diffie_hellman_t *this;
		56	@@ -197,5 +197,11 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(
		57
		58	return &this->public;
		59	}
		60	+openssl_diffie_hellman_t *openssl_diffie_hellman_create( diffie_hellman_group_t group)
		61	+{
		62	+ chunk_t g;
		63	+ chunk_t p;
		64	+ openssl_diffie_hellman_create_custom(group, g, p);
		65	+}
		66
		67	#endif /* OPENSSL_NO_DH */
		68	diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
		69	index 53dc59c..eb69eaa 100644
		70	--- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
		71	+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
		72	@@ -44,8 +44,10 @@ struct openssl_diffie_hellman_t {
		73	* @param p custom prime, if MODP_CUSTOM
		74	* @return openssl_diffie_hellman_t object, NULL if not supported
		75	*/
		76	-openssl_diffie_hellman_t *openssl_diffie_hellman_create(
		77	+openssl_diffie_hellman_t *openssl_diffie_hellman_create_custom(
		78	diffie_hellman_group_t group, chunk_t g, chunk_t p);
		79	+openssl_diffie_hellman_t *openssl_diffie_hellman_create(
		80	+ diffie_hellman_group_t group);
		81
		82	#endif /** OPENSSL_DIFFIE_HELLMAN_H_ @}*/
		83
		84	diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
		85	index ff25086..c76873d 100644
		86	--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
		87	+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
		88	@@ -388,6 +388,7 @@ METHOD(plugin_t, get_features, int,
		89	PLUGIN_PROVIDE(DH, MODP_1024_BIT),
		90	PLUGIN_PROVIDE(DH, MODP_1024_160),
		91	PLUGIN_PROVIDE(DH, MODP_768_BIT),
		92	+ PLUGIN_REGISTER(DH, openssl_diffie_hellman_create_custom),
		93	PLUGIN_PROVIDE(DH, MODP_CUSTOM),
		94	#endif
		95	#ifndef OPENSSL_NO_RSA
		96	--
		97	1.8.3
		98


diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.0.0.bb b/meta-networking/recipes-support/strongswan/strongswan_5.0.0.bb deleted file mode 100644 index eb49494ef..000000000 --- a/meta-networking/recipes-support/strongswan/strongswan_5.0.0.bb +++ /dev/null
@@ -1,36 +0,0 @@
1	DESCRIPTION = "strongSwan is an OpenSource IPsec implementation for the \
2	Linux operating system."
3	HOMEPAGE = "http://www.strongswan.org"
4	SECTION = "console/network"
5	LICENSE = "GPLv2"
6	LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
7	DEPENDS = "gmp openssl flex-native flex bison-native"
8	PR = "r5"
9
10	SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2"
11	SRC_URI[md5sum] = "c8b861305def7c0abae04f7bbefec212"
12	SRC_URI[sha256sum] = "efc13c86e715b5e596d9d8535640c830f83e977fe521afd2c70d68926c4b573e"
13
14	EXTRA_OECONF = "--disable-curl --disable-soup --disable-ldap \
15	--enable-gmp --disable-mysql --disable-sqlite \
16	--enable-openssl"
17
18	EXTRA_OECONF += "${@base_contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', d)}"
19
20	inherit autotools systemd
21
22	RRECOMMENDS_${PN} = "kernel-module-ipsec"
23
24	PACKAGES += "${PN}-plugins"
25	FILES_${PN} += "${libdir}/ipsec/lib*${SOLIBS}"
26	FILES_${PN}-dev += "${libdir}/ipsec/lib${SOLIBSDEV} ${libdir}/ipsec/.la"
27	FILES_${PN}-staticdev += "${libdir}/ipsec/*.a"
28	FILES_${PN}-dbg += "${libdir}/ipsec/.debug ${libdir}/ipsec/plugins/.debug ${libexecdir}/ipsec/.debug"
29	FILES_${PN}-plugins += "${libdir}/ipsec/plugins/*"
30
31	INSANE_SKIP_${PN}-plugins = "staticdev"
32
33	RPROVIDES_${PN} += "${PN}-systemd"
34	RREPLACES_${PN} += "${PN}-systemd"
35	RCONFLICTS_${PN} += "${PN}-systemd"
36	SYSTEMD_SERVICE_${PN} = "${PN}.service"


diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.1.1.bb b/meta-networking/recipes-support/strongswan/strongswan_5.1.1.bb new file mode 100644 index 000000000..a2a2333d6 --- /dev/null +++ b/meta-networking/recipes-support/strongswan/strongswan_5.1.1.bb
@@ -0,0 +1,45 @@
		1	DESCRIPTION = "strongSwan is an OpenSource IPsec implementation for the \
		2	Linux operating system."
		3	SUMMARY = "strongSwan is an OpenSource IPsec implementation"
		4	HOMEPAGE = "http://www.strongswan.org"
		5	SECTION = "console/network"
		6	LICENSE = "GPLv2"
		7	LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
		8	DEPENDS = "gmp openssl flex-native flex bison-native"
		9
		10	SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \
		11	file://fix-funtion-parameter.patch \
		12	"
		13
		14	SRC_URI[md5sum] = "e3af3d493d22286be3cd794533a8966a"
		15	SRC_URI[sha256sum] = "fbf2a668221fc4a36a34bdeac2dfeda25b96f572d551df022585177953622406"
		16
		17	EXTRA_OECONF = "--enable-gmp \
		18	--enable-openssl \
		19	--without-lib-prefix \
		20	"
		21
		22	EXTRA_OECONF += "${@base_contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', d)}"
		23
		24	PACKAGECONFIG ??= "sqlite3 curl \
		25	${@base_contains('DISTRO_FEATURES', 'ldap', 'ldap', '', d)} \
		26	"
		27	PACKAGECONFIG[sqlite3] = "--enable-sqlite,--disable-sqlite,sqlite3,"
		28	PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,openldap,"
		29	PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl,"
		30	PACKAGECONFIG[soup] = "--enable-soup,--disable-soup,libsoup-2.4,"
		31	PACKAGECONFIG[mysql] = "--enable-mysql,--disable-mysql,mysql5,"
		32
		33	inherit autotools systemd
		34
		35	RRECOMMENDS_${PN} = "kernel-module-ipsec"
		36
		37	FILES_${PN} += "${libdir}/ipsec/lib${SOLIBS} ${libdir}/ipsec/plugins/.so"
		38	FILES_${PN}-dbg += "${libdir}/ipsec/.debug ${libdir}/ipsec/plugins/.debug ${libexecdir}/ipsec/.debug"
		39	FILES_${PN}-dev += "${libdir}/ipsec/lib${SOLIBSDEV} ${libdir}/ipsec/.la ${libdir}/ipsec/plugins/*.la"
		40	FILES_${PN}-staticdev += "${libdir}/ipsec/.a ${libdir}/ipsec/plugins/.a"
		41
		42	RPROVIDES_${PN} += "${PN}-systemd"
		43	RREPLACES_${PN} += "${PN}-systemd"
		44	RCONFLICTS_${PN} += "${PN}-systemd"
		45	SYSTEMD_SERVICE_${PN} = "${BPN}.service"