- Fix build with newer openssl (>= 0.9.8b)

- Fix build after FAST_IPSEC removal on 7.x and 8.x PR: ports/111430 Submitted by: Dan Lukes <dan at obluda.cz>
svn path=/head/; revision=211168
2008-04-13 13:09:32 +00:00 · 2008-04-13 13:09:32 +00:00 · 07b3671f73 · 2021-03-31 03:12:20 +00:00
commit 07b3671f73
parent d29680803f
3 changed files with 57 additions and 6 deletions
--- a/security/isakmpd/Makefile
+++ b/security/isakmpd/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	isakmpd
 PORTVERSION=	20041207
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	security net
 MASTER_SITES=	${MASTER_SITE_LOCAL}
 MASTER_SITE_SUBDIR=	simon
@ -16,7 +16,7 @@ MAINTAINER=	ports@FreeBSD.org
 COMMENT=	OpenBSD IKE daemon

 # this is not compatible with cross build - there's no other way
-.if !exists(/usr/include/netinet6/ipsec.h)
+.if !exists(/usr/include/netipsec/ipsec.h) && !exists(/usr/include/netinet6/ipsec.h)
 BROKEN=		requires IPsec support
 .endif

@ -35,17 +35,17 @@ MANCOMPRESSED=	yes

 .include <bsd.port.pre.mk>

-.if ${OSVERSION} >= 700019
-BROKEN=		is not buildable with OpenSSL 0.9.8b
-.else
 OPENSSLINC?=	/usr/include
 OPENSSLLIB?=	/usr/lib
 MAKE_ENV+=	OPENSSLINC="${OPENSSLINC}" OPENSSLLIB="${OPENSSLLIB}"
-.endif

 post-patch:
 .for f in conf.h ike_auth.c isakmpd.8 isakmpd.conf.5 isakmpd.policy.5 policy.h
 	${REINPLACE_CMD} -e "s!/etc/!${PREFIX}/etc/!" ${WRKSRC}/${f}
 .endfor
+.if ${OSVERSION} > 700050
+	@${REINPLACE_CMD} -e "s!netinet6/ipsec.h!netipsec/ipsec.h!" \
+		${WRKSRC}/sysdep/freebsd/sysdep-os.h
+.endif

 .include <bsd.port.post.mk>
--- a/security/isakmpd/files/patch-pf_key_v2.c
+++ b/security/isakmpd/files/patch-pf_key_v2.c
@ -0,0 +1,34 @@
+--- pf_key_v2.c.orig	2004-12-08 04:07:00.000000000 +0800
+++ pf_key_v2.c	2008-04-13 21:00:05.000000000 +0800
+@@ -2204,13 +2204,13 @@
+ 		goto cleanup;
+ 	addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
+ 	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
+-#ifdef LINUX_IPSEC
+#if defined(LINUX_IPSEC) || defined (__FreeBSD__) 
+ 	addr->sadb_address_proto = tproto;
+ #else
+ 	addr->sadb_address_proto = IPSEC_ULPROTO_ANY;
+ #endif
+ 	addr->sadb_address_reserved = 0;
+-#ifdef LINUX_IPSEC
+#if defined(LINUX_IPSEC) || defined (__FreeBSD__) 
+ 	pf_key_v2_setup_sockaddr(addr + 1, laddr, 0, sport, 0);
+ #else
+ 	pf_key_v2_setup_sockaddr(addr + 1, laddr, 0, IPSEC_PORT_ANY, 0);
+@@ -2238,13 +2238,13 @@
+ 		goto cleanup;
+ 	addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
+ 	addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
+-#ifdef LINUX_IPSEC
+#if defined(LINUX_IPSEC) || defined (__FreeBSD__) 
+ 	addr->sadb_address_proto = tproto;
+ #else
+ 	addr->sadb_address_proto = IPSEC_ULPROTO_ANY;
+ #endif
+ 	addr->sadb_address_reserved = 0;
+-#ifdef LINUX_IPSEC
+#if defined(LINUX_IPSEC) || defined (__FreeBSD__) 
+ 	pf_key_v2_setup_sockaddr(addr + 1, raddr, 0, dport, 0);
+ #else
+ 	pf_key_v2_setup_sockaddr(addr + 1, raddr, 0, IPSEC_PORT_ANY, 0);
--- a/security/isakmpd/files/patch-x509.c
+++ b/security/isakmpd/files/patch-x509.c
@ -0,0 +1,17 @@
+--- x509.c.orig	2004-08-11 03:21:01.000000000 +0800
+++ x509.c	2008-04-13 21:00:05.000000000 +0800
+@@ -910,7 +910,13 @@
+ 	X509_STORE_CTX_init(&csc, x509_cas, cert, NULL);
+ #if OPENSSL_VERSION_NUMBER >= 0x00907000L
+ 	/* XXX See comment in x509_read_crls_from_dir.  */
+-	if (x509_cas->flags & X509_V_FLAG_CRL_CHECK) {
+	if (
+#if OPENSSL_VERSION_NUMBER >= 0x00908020L
+	    x509_cas->param->flags
+#else
+	    x509_cas->flags
+#endif
+	                    & X509_V_FLAG_CRL_CHECK) {
+ 		X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK);
+ 		X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK_ALL);
+ 	}