Skip to content

Xcllnt/master #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wangjuanjuan177 wants to merge 43 commits into
base: old-portable
Choose a base branch
from
Open

Xcllnt/master #5

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
43 commits
Select commit Hold shift + click to select a range
a3c6d0a
Remove portable code; it has been suspended until we find a new
reyk Oct 8, 2015
9e9acd7
Add regress tests from CVS
reyk Oct 8, 2015
e22720d
automake 1.15 is up to 1.15
Feb 12, 2016
066f64e
automake is up to 1.15
Feb 12, 2016
4a20022
WIP: Sync the portable openiked to OpenBSD 5.8's version
May 4, 2016
14f4651
Merge branch 'portable' of https://github.com/xcllnt/openiked into po…
Jun 7, 2016
607581e
Merge branch 'portable-obsd-5.8' into portable
Jun 7, 2016
4fb6f9a
Sync up with Bracket Computing's internal version.
Jun 7, 2016
00f316b
Invoke AM_INIT_AUTOMAKE with [subdir-objects]
Jun 7, 2016
91bd356
Fix build errors on FreeBSD-current.
Jun 7, 2016
79508e5
Revert adding subdir-objects until I understand
Jun 7, 2016
ee6b58b
Fix more build warnings.
Jun 7, 2016
6caf20b
Indent using tabs. Whitespace change only
Jun 7, 2016
d77efb3
Revert "Remove portable code; it has been suspended until we find a new"
Jun 8, 2016
7a9a34b
Merge branch 'portable'
Jun 8, 2016
ab23472
Remove CVS directories under regress
Jun 8, 2016
b3f49af
Support transport mode
Jun 9, 2016
d716269
Make sure to only set transport mode when our policy indicates
Jun 9, 2016
8996fb3
- Marcel Moolenaar <marcel@brkt.com> made the work to update
reyk Jun 10, 2016
5dd6e6d
Add line breaks to macports example
reyk Jun 14, 2016
07a2a8b
Include sys-queue.h and sys-tree.h locally again
reyk Jun 14, 2016
d95baae
Add more openbsd-compat to compile on macOS
reyk Jun 14, 2016
3249a48
sync iked with -current (needs more work in -portable)
reyk Jun 14, 2016
56a4422
Add updated ikeca.cnf
reyk Jun 14, 2016
bc38c27
More updates to compile -current iked on portable
reyk Jun 14, 2016
09c9da6
pfkey_block for blocking IPv6 traffic is broken on KAME, turn it off …
reyk Jun 14, 2016
02a8dba
Show dscl example for macOS
reyk Jun 14, 2016
fd07d7e
log_info("LOG_SESSION .. are local additions from the xcllnt branch.
reyk Jun 14, 2016
83ad30d
Fix warnings in the pledge stub
reyk Jun 14, 2016
517745f
Sync imsg from OpenBSD's libutil in -current
reyk Jun 14, 2016
6e01363
Sync, remove unused variable
reyk Jun 14, 2016
2f43aca
- Handle llvm in configure.ac (and set -Wno-pointer-sign)
reyk Jun 14, 2016
27c156b
Fix compilation on Linux (Ubuntu Server 14.04 LTS)
reyk Jun 14, 2016
1139f17
Don't limit PATH_MAX to 1024 - this causes problems with functions
reyk Jun 14, 2016
be6eaec
We have to call RAND_seed() when using OpenSSL; this is not needed by
reyk Jun 14, 2016
c40acb8
Linux IP_RECVORIGDSTADDR returns a struct sockaddr_in,
reyk Jun 14, 2016
8a457cd
"compile" on FreeBSD 10 (not yet tested because PFKEYv2 is not enabled
reyk Jun 15, 2016
819acac
Fix initialization of the sa_len and ss_len fields in struct
Jun 19, 2016
c1481fe
Revert _INSTALL_IPSEC_POLICY hack
Jun 19, 2016
6ab3f35
Fix PREFIX
Jun 19, 2016
7966b19
Missed one SET_STORAGE_LEN to SET_SS_LEN substitution
Jun 20, 2016
ebfbdfa
Fix previous commit now that I have OpenBSD running
Jun 23, 2016
a331a28
Merge pull request #4 from xcllnt/master
reyk Jun 23, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 0 additions & 34 deletions .gitignore
View file
Open in desktop

This file was deleted.

25 changes: 21 additions & 4 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,11 +53,11 @@ also need GNU automake, autoconf (version 2.69 or newer) and libtool.
`sh bootstrap` to generate the required build files.
4. Run `./configure` in this directory to generate the Makefiles.
- `./configure --help` will show you some available build options.
- For example, you can run the following when building on Apple OSX
- For example, you can run the following when building on Apple OS X
with MacPorts:
```
./configure --with-ssl-dir=/opt/local/
--with-libevent-dir=/opt/local/lib/libevent1/
./configure --with-ssl-dir=/opt/local/ \
--with-libevent-dir=/opt/local/lib/libevent1/ \
--prefix=/opt/local/
```
5. Type `make` to build all parts of OpenIKED including iked and ikectl.
Expand All @@ -76,6 +76,23 @@ on Linux.
# useradd -g _iked -c 'iked privsep' -d /var/empty -s /sbin/nologin _iked
```

For creating system users on newer versions of Apple OS X, refer to
the `dscl` command line utility, eg.
```
# dscl . -list /Groups gid | sort -n -k 2
# dscl . -create /Groups/_iked gid 300
# dscl . -create /Groups/_iked RealName "OpenIKED"
# dscl . -create /Groups/_iked passwd "*"
# dscl . -list /Users UniqueID | sort -n -k 2
# dscl . -create /Users/_iked
# dscl . -create /Users/_iked NFSHomeDirectory /var/empty
# dscl . -create /Users/_iked uid 300
# dscl . -create /Users/_iked gid 300
# dscl . -create /Users/_iked UserShell /usr/bin/false
# dscl . -create /Users/_iked RealName "OpenIKED"
# dscl . -create /Users/_iked passwd "*"
```

8. On FreeBSD, NetBSD and maybe other BSD-variants IPsec is not
enabled in the default GENERIC kernel. You have to compile a custom
kernel and enable options like `IPSEC`. Please refer to the
Expand All @@ -89,7 +106,7 @@ Supported Platforms

Original version:

* OpenBSD 4.8 or newer
* OpenBSD 6.0 or newer

Portable version:

Expand Down
2 changes: 1 addition & 1 deletion bootstrap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ aclocalflags="`sed -ne 's/^[ \t]*ACLOCAL_AMFLAGS[ \t]*=//p' Makefile.am 2>/dev/n

# Check for automake
amvers="no"
for v in 12 11 10 9 8 7 6 5; do
for v in 15 14 13 12 11 10 9 8 7 6 5; do
if automake-1.${v} --version >/dev/null 2>&1; then
amvers="-1.${v}"
break
Expand Down
82 changes: 58 additions & 24 deletions configure.ac
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ AC_CONFIG_HEADER([config.h])
AC_CANONICAL_HOST
AC_C_BIGENDIAN

AM_INIT_AUTOMAKE
AM_INIT_AUTOMAKE()

# Checks for programs.
AC_PROG_CC
Expand Down Expand Up @@ -73,16 +73,18 @@ AC_CHECK_DECL([LLONG_MAX], [have_llong_max=1], , [#include <limits.h>])

if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
GCC_VER=`$CC -v 2>&1 | grep ' version '`
case $GCC_VER in
1.*) no_attrib_nonnull=1 ;;
2.8* | 2.9*)
CFLAGS="$CFLAGS -Wsign-compare"
no_attrib_nonnull=1
;;
2.*) no_attrib_nonnull=1 ;;
3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
gcc*2.*) no_attrib_nonnull=1 ;;
gcc*3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
gcc*4.8*)
CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign"
CFLAGS="$CFLAGS -Wno-unused-result"
;;
gcc*4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
*LLVM*|*clang*)
CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign"
;;
*) ;;
esac

Expand Down Expand Up @@ -139,6 +141,18 @@ AC_CHECK_HEADERS([\
getopt.h \
libkern/OSByteOrder.h \
ndir.h \
sys/types.h \
sys/cdefs.h \
sys/endian.h \
sys/ndir.h \
sys/param.h \
sys/pstat.h \
sys/socket.h \
sys/stat.h \
sys/sysctl.h \
sys/uio.h \
sys/un.h \
sys/wait.h \
net/pfkeyv2.h \
linux/pfkeyv2.h \
linux/in.h \
Expand All @@ -158,22 +172,17 @@ AC_CHECK_HEADERS([\
stdio.h \
stdlib.h \
string.h \
sys/cdefs.h \
sys/endian.h \
sys/ndir.h \
sys/param.h \
sys/pstat.h \
sys/socket.h \
sys/stat.h \
sys/sysctl.h \
sys/types.h \
sys/uio.h \
sys/un.h \
sys/wait.h \
syslog.h \
ucred.h \
unistd.h \
vis.h \
], , , [
#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif
])

# login_cap.h requires sys/types.h on NetBSD
Expand Down Expand Up @@ -428,6 +437,7 @@ else
fi

AC_CHECK_FUNCS([ \
accept4 \
arc4random \
arc4random_buf \
arc4random_uniform \
Expand All @@ -437,13 +447,17 @@ AC_CHECK_FUNCS([ \
closefrom \
dirfd \
dirname \
errc \
explicit_bzero \
fgetln \
freeaddrinfo \
getaddrinfo \
getnameinfo \
getopt \
getpeereid \
memmove \
pledge \
realloc_array \
setproctitle \
setregid \
setreuid \
Expand All @@ -454,6 +468,7 @@ AC_CHECK_FUNCS([ \
strmode \
sysconf \
waitpid \
warnc \
])

# IRIX has a const char return value for gai_strerror()
Expand Down Expand Up @@ -492,6 +507,19 @@ AC_CHECK_DECLS([O_NONBLOCK], , ,
#endif
])

AC_CHECK_DECLS([SOCK_NONBLOCK], , , [#include <sys/socket.h>])
AC_CHECK_DECLS([SOCK_CLOEXEC], , , [#include <sys/socket.h>])
AC_CHECK_DECLS([IP_RECVDSTADDR], , , [
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
])
AC_CHECK_DECLS([IP_RECVORIGDSTADDR], , , [
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
])

AC_CHECK_DECLS([writev], , , [
#include <sys/types.h>
#include <sys/uio.h>
Expand Down Expand Up @@ -1699,10 +1727,15 @@ AC_DEFINE_UNQUOTED([IKED_USER], ["$IKED_USER"],
[non-privileged user for privilege separation])
AC_SUBST([IKED_USER])

_prefix=`eval echo ${prefix}`
if test x$_prefix = xNONE; then
_prefix=$ac_default_prefix
fi

_sysconfdir=`eval echo ${sysconfdir}`
case $_sysconfdir in
NONE/*)
_sysconfdir=`echo $_sysconfdir | sed "s~NONE~$ac_default_prefix~"` ;;
_sysconfdir=`echo $_sysconfdir | sed "s~NONE~$_prefix~"` ;;
esac

ikedconf=`eval echo ${_sysconfdir}/iked.conf`
Expand Down Expand Up @@ -2458,7 +2491,8 @@ if test "x$ZIP" != "x"; then
AC_DEFINE_UNQUOTED([PATH_ZIP], ["$ZIP"], [Path to ZIP binary])
fi

AC_DEFINE_UNQUOTED([PREFIX], ["$prefix"], [Root directory prefix])

AC_DEFINE_UNQUOTED([PREFIX], ["$_prefix"], [Root directory prefix])

AC_DEFINE([_GNU_SOURCE], [1], [Enable GNU Extensions])

Expand Down
5 changes: 0 additions & 5 deletions ikectl/.cvsignore
View file
Open in desktop

This file was deleted.

8 changes: 0 additions & 8 deletions ikectl/CVS/Entries
View file
Open in desktop

This file was deleted.

1 change: 0 additions & 1 deletion ikectl/CVS/Repository
View file
Open in desktop

This file was deleted.

1 change: 0 additions & 1 deletion ikectl/CVS/Root
View file
Open in desktop

This file was deleted.

4 changes: 3 additions & 1 deletion ikectl/Makefile.am
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
sbin_PROGRAMS= ikectl

ikectl_SOURCES= ikeca.c ikectl.c parser.c $(top_srcdir)/iked/log.c
ikectl_SOURCES= ikeca.c ikectl.c parser.c \
$(top_srcdir)/iked/log.c \
$(top_srcdir)/iked/util.c
ikectl_CFLAGS=

LIBCOMPAT= $(top_builddir)/openbsd-compat/libopenbsd-compat.a
Expand Down
Loading