vpnc: change upstream to fork
fixes #26798. * Changes upstream to https://github.com/streambinder/vpnc/. That's a fork that's a fork which is at least used in alpine. * Depends on vpnc-scripts. New upstream doesn't ship those files anymore * Add wrapper script to stay backwards compatible * Switch to build_style=gnu-makefile instead of manually calling make.
This commit is contained in:
Enno Boland
Enno Boland
parent
d0538bfd21
commit
d74e6e841d
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/sh
|
||||
|
||||
exec /usr/libexec/vpnc-scripts/vpnc-script "$@"
|
||||
|
|
@ -1,81 +0,0 @@
|
|||
Description: Fixes AVM's FritzBoxes not being able to connect
|
||||
Upstream: Yes
|
||||
Index: vpnc.c
|
||||
===================================================================
|
||||
--- vpnc.c (revision 466)
|
||||
+++ vpnc.c (revision 469)
|
||||
@@ -88,6 +88,10 @@
|
||||
0x90, 0xCB, 0x80, 0x91, 0x3E, 0xBB, 0x69, 0x6E,
|
||||
0x08, 0x63, 0x81, 0xB5, 0xEC, 0x42, 0x7B, 0x1F
|
||||
};
|
||||
+const unsigned char VID_NATT_03[] = { /* "draft-ietf-ipsec-nat-t-ike-03" */
|
||||
+ 0x7d, 0x94, 0x19, 0xa6, 0x53, 0x10, 0xca, 0x6f,
|
||||
+ 0x2c, 0x17, 0x9d, 0x92, 0x15, 0x52, 0x9d, 0x56
|
||||
+};
|
||||
const unsigned char VID_NATT_RFC[] = { /* "RFC 3947" */
|
||||
0x4A, 0x13, 0x1C, 0x81, 0x07, 0x03, 0x58, 0x45,
|
||||
0x5C, 0x57, 0x28, 0xF2, 0x0E, 0x95, 0x45, 0x2F
|
||||
@@ -141,6 +145,7 @@
|
||||
{ VID_NATT_01, sizeof(VID_NATT_01), "Nat-T 01" },
|
||||
{ VID_NATT_02, sizeof(VID_NATT_02), "Nat-T 02" },
|
||||
{ VID_NATT_02N, sizeof(VID_NATT_02N), "Nat-T 02N" },
|
||||
+ { VID_NATT_03, sizeof(VID_NATT_03), "Nat-T 03" },
|
||||
{ VID_NATT_RFC, sizeof(VID_NATT_RFC), "Nat-T RFC" },
|
||||
{ VID_DWR, sizeof(VID_DWR), "Delete With Reason" },
|
||||
{ VID_CISCO_FRAG, sizeof(VID_CISCO_FRAG), "Cisco Fragmentation" },
|
||||
@@ -1156,8 +1161,11 @@
|
||||
value = a->next->u.attr_16;
|
||||
else if (a->next->af == isakmp_attr_lots && a->next->u.lots.length == 4)
|
||||
value = ntohl(*((uint32_t *) a->next->u.lots.data));
|
||||
- else
|
||||
- assert(0);
|
||||
+ else {
|
||||
+ DEBUG(2, printf("got unknown ike lifetime attributes af %d len %d\n",
|
||||
+ a->next->af, a->next->u.lots.length));
|
||||
+ return;
|
||||
+ }
|
||||
|
||||
DEBUG(2, printf("got ike lifetime attributes: %d %s\n", value,
|
||||
(a->u.attr_16 == IKE_LIFE_TYPE_SECONDS) ? "seconds" : "kilobyte"));
|
||||
@@ -1267,6 +1275,8 @@
|
||||
l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
|
||||
VID_NATT_RFC, sizeof(VID_NATT_RFC));
|
||||
l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
|
||||
+ VID_NATT_03, sizeof(VID_NATT_03));
|
||||
+ l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
|
||||
VID_NATT_02N, sizeof(VID_NATT_02N));
|
||||
l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
|
||||
VID_NATT_02, sizeof(VID_NATT_02));
|
||||
@@ -1501,6 +1511,12 @@
|
||||
seen_natt_vid = 1;
|
||||
if (natt_draft < 1) natt_draft = 2;
|
||||
DEBUG(2, printf("peer is NAT-T capable (RFC 3947)\n"));
|
||||
+ } else if (rp->u.vid.length == sizeof(VID_NATT_03)
|
||||
+ && memcmp(rp->u.vid.data, VID_NATT_03,
|
||||
+ sizeof(VID_NATT_03)) == 0) {
|
||||
+ seen_natt_vid = 1;
|
||||
+ if (natt_draft < 1) natt_draft = 2;
|
||||
+ DEBUG(2, printf("peer is NAT-T capable (draft-03)\n"));
|
||||
} else if (rp->u.vid.length == sizeof(VID_NATT_02N)
|
||||
&& memcmp(rp->u.vid.data, VID_NATT_02N,
|
||||
sizeof(VID_NATT_02N)) == 0) {
|
||||
@@ -1582,6 +1598,19 @@
|
||||
seen_natd_them = 1;
|
||||
}
|
||||
break;
|
||||
+ case ISAKMP_PAYLOAD_N:
|
||||
+ if (rp->u.n.type == ISAKMP_N_IPSEC_RESPONDER_LIFETIME) {
|
||||
+ if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_ISAKMP)
|
||||
+ lifetime_ike_process(s, rp->u.n.attributes);
|
||||
+ else if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_IPSEC_ESP)
|
||||
+ lifetime_ipsec_process(s, rp->u.n.attributes);
|
||||
+ else
|
||||
+ DEBUG(2, printf("got unknown lifetime notice, ignoring..\n"));
|
||||
+ } else {
|
||||
+ DEBUG(1, printf("rejecting ISAKMP_PAYLOAD_N, type is not lifetime\n"));
|
||||
+ reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
|
||||
+ }
|
||||
+ break;
|
||||
default:
|
||||
DEBUG(1, printf("rejecting invalid payload type %d\n", rp->type));
|
||||
reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
|
||||
|
|
@ -1,33 +0,0 @@
|
|||
diff --git sysdep.c sysdep.c
|
||||
index ff07753..43fdb74 100644
|
||||
--- sysdep.c
|
||||
+++ sysdep.c
|
||||
@@ -59,7 +59,9 @@
|
||||
#if defined(__DragonFly__)
|
||||
#include <net/tun/if_tun.h>
|
||||
#elif defined(__linux__)
|
||||
+#ifdef __GLIBC__
|
||||
#include <linux/if_tun.h>
|
||||
+#endif
|
||||
#elif defined(__APPLE__)
|
||||
/* no header for tun */
|
||||
#elif defined(__CYGWIN__)
|
||||
diff --git sysdep.h sysdep.h
|
||||
index a5eafd6..af34e94 100644
|
||||
--- sysdep.h
|
||||
+++ sysdep.h
|
||||
@@ -38,11 +38,13 @@ int tun_get_hwaddr(int fd, char *dev, uint8_t *hwaddr);
|
||||
|
||||
/***************************************************************************/
|
||||
#if defined(__linux__) || defined(__GLIBC__)
|
||||
+#ifdef __GLIBC__
|
||||
#include <error.h>
|
||||
+#define HAVE_ERROR 1
|
||||
+#endif
|
||||
|
||||
#define HAVE_VASPRINTF 1
|
||||
#define HAVE_ASPRINTF 1
|
||||
-#define HAVE_ERROR 1
|
||||
#define HAVE_GETLINE 1
|
||||
#define HAVE_UNSETENV 1
|
||||
#define HAVE_SETENV 1
|
||||
|
|
@ -1,17 +1,22 @@
|
|||
# Template file for 'vpnc'
|
||||
pkgname=vpnc
|
||||
version=0.5.3
|
||||
revision=7
|
||||
revision=8
|
||||
_githash=43780cecd7a61668002f73b6f8b9f9ba61af74ad
|
||||
wrksrc="vpnc-$_githash"
|
||||
build_style=gnu-makefile
|
||||
make_use_env=yes
|
||||
make_build_args="SBINDIR=/usr/bin"
|
||||
make_check_target=test
|
||||
hostmakedepends="perl"
|
||||
makedepends="libgcrypt-devel"
|
||||
depends="net-tools"
|
||||
makedepends="libgcrypt-devel libressl-devel"
|
||||
depends="net-tools vpnc-scripts"
|
||||
short_desc="Client for cisco vpn concentrator"
|
||||
maintainer="Enno Boland <gottox@voidlinux.org>"
|
||||
license="GPL-2.0-or-later"
|
||||
homepage="https://www.unix-ag.uni-kl.de/~massar/vpnc/"
|
||||
distfiles="https://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-${version}.tar.gz"
|
||||
checksum=46cea3bd02f207c62c7c6f2f22133382602baeda1dc320747809e94881414884
|
||||
|
||||
distfiles="https://github.com/streambinder/vpnc/archive/$_githash.tar.gz"
|
||||
checksum=190493d792c8d5b2f7ba6a621fa14daf5602b2dcfcf31c202255fd08b1a943a4
|
||||
conf_files="
|
||||
/etc/vpnc/default.conf
|
||||
/etc/vpnc/vpnc-script"
|
||||
|
|
@ -20,14 +25,16 @@ if [ "$CROSS_BUILD" ]; then
|
|||
hostmakedepends+=" vpnc"
|
||||
fi
|
||||
|
||||
do_configure() {
|
||||
post_patch() {
|
||||
vsed -e 's/^#OPENSSL/OPENSSL/' -i Makefile
|
||||
vsed -e 's/^install:.*/install: install-common/' -i Makefile
|
||||
vsed -e 's#^SBINDIR=.*#SBINDIR=/$(PREFIX)/bin#' -i Makefile
|
||||
if [ "$CROSS_BUILD" ]; then
|
||||
sed -i 's%^my \$vpnc = .*;%my \$vpnc = "/usr/bin/vpnc";%' makeman.pl
|
||||
vsed -e 's%^my \$vpnc = .*;%my \$vpnc = "/usr/bin/vpnc";%' -i src/makeman.pl
|
||||
fi
|
||||
}
|
||||
do_build() {
|
||||
make CC=$CC ${makejobs}
|
||||
}
|
||||
do_install() {
|
||||
make PREFIX=/usr SBINDIR=/usr/bin DESTDIR=${DESTDIR} install
|
||||
|
||||
post_install() {
|
||||
rm -r $DESTDIR/usr/lib/systemd/system
|
||||
vinstall $FILESDIR/vpnc-script 755 etc/vpnc
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue