- Fix build with newer openssl (>= 0.9.8b)

- Fix build after FAST_IPSEC removal on 7.x and 8.x

PR:		ports/111430
Submitted by:	Dan Lukes <dan at obluda.cz>
This commit is contained in:
Rong-En Fan 2008-04-13 13:09:32 +00:00
parent d29680803f
commit 07b3671f73
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=211168
3 changed files with 57 additions and 6 deletions

View file

@ -7,7 +7,7 @@
PORTNAME= isakmpd
PORTVERSION= 20041207
PORTREVISION= 2
PORTREVISION= 3
CATEGORIES= security net
MASTER_SITES= ${MASTER_SITE_LOCAL}
MASTER_SITE_SUBDIR= simon
@ -16,7 +16,7 @@ MAINTAINER= ports@FreeBSD.org
COMMENT= OpenBSD IKE daemon
# this is not compatible with cross build - there's no other way
.if !exists(/usr/include/netinet6/ipsec.h)
.if !exists(/usr/include/netipsec/ipsec.h) && !exists(/usr/include/netinet6/ipsec.h)
BROKEN= requires IPsec support
.endif
@ -35,17 +35,17 @@ MANCOMPRESSED= yes
.include <bsd.port.pre.mk>
.if ${OSVERSION} >= 700019
BROKEN= is not buildable with OpenSSL 0.9.8b
.else
OPENSSLINC?= /usr/include
OPENSSLLIB?= /usr/lib
MAKE_ENV+= OPENSSLINC="${OPENSSLINC}" OPENSSLLIB="${OPENSSLLIB}"
.endif
post-patch:
.for f in conf.h ike_auth.c isakmpd.8 isakmpd.conf.5 isakmpd.policy.5 policy.h
${REINPLACE_CMD} -e "s!/etc/!${PREFIX}/etc/!" ${WRKSRC}/${f}
.endfor
.if ${OSVERSION} > 700050
@${REINPLACE_CMD} -e "s!netinet6/ipsec.h!netipsec/ipsec.h!" \
${WRKSRC}/sysdep/freebsd/sysdep-os.h
.endif
.include <bsd.port.post.mk>

View file

@ -0,0 +1,34 @@
--- pf_key_v2.c.orig 2004-12-08 04:07:00.000000000 +0800
+++ pf_key_v2.c 2008-04-13 21:00:05.000000000 +0800
@@ -2204,13 +2204,13 @@
goto cleanup;
addr->sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
-#ifdef LINUX_IPSEC
+#if defined(LINUX_IPSEC) || defined (__FreeBSD__)
addr->sadb_address_proto = tproto;
#else
addr->sadb_address_proto = IPSEC_ULPROTO_ANY;
#endif
addr->sadb_address_reserved = 0;
-#ifdef LINUX_IPSEC
+#if defined(LINUX_IPSEC) || defined (__FreeBSD__)
pf_key_v2_setup_sockaddr(addr + 1, laddr, 0, sport, 0);
#else
pf_key_v2_setup_sockaddr(addr + 1, laddr, 0, IPSEC_PORT_ANY, 0);
@@ -2238,13 +2238,13 @@
goto cleanup;
addr->sadb_address_exttype = SADB_EXT_ADDRESS_DST;
addr->sadb_address_len = len / PF_KEY_V2_CHUNK;
-#ifdef LINUX_IPSEC
+#if defined(LINUX_IPSEC) || defined (__FreeBSD__)
addr->sadb_address_proto = tproto;
#else
addr->sadb_address_proto = IPSEC_ULPROTO_ANY;
#endif
addr->sadb_address_reserved = 0;
-#ifdef LINUX_IPSEC
+#if defined(LINUX_IPSEC) || defined (__FreeBSD__)
pf_key_v2_setup_sockaddr(addr + 1, raddr, 0, dport, 0);
#else
pf_key_v2_setup_sockaddr(addr + 1, raddr, 0, IPSEC_PORT_ANY, 0);

View file

@ -0,0 +1,17 @@
--- x509.c.orig 2004-08-11 03:21:01.000000000 +0800
+++ x509.c 2008-04-13 21:00:05.000000000 +0800
@@ -910,7 +910,13 @@
X509_STORE_CTX_init(&csc, x509_cas, cert, NULL);
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
/* XXX See comment in x509_read_crls_from_dir. */
- if (x509_cas->flags & X509_V_FLAG_CRL_CHECK) {
+ if (
+#if OPENSSL_VERSION_NUMBER >= 0x00908020L
+ x509_cas->param->flags
+#else
+ x509_cas->flags
+#endif
+ & X509_V_FLAG_CRL_CHECK) {
X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK);
X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK_ALL);
}