1 diff -urN openswan.old/programs/loggerfix openswan.dev/programs/loggerfix
2 --- openswan.old/programs/loggerfix 1970-01-01 01:00:00.000000000 +0100
3 +++ openswan.dev/programs/loggerfix 2006-10-08 20:41:08.000000000 +0200
6 +# use filename instead of /dev/null to log, but dont log to flash or ram
7 +# pref. log to nfs mount
8 +echo "$*" >> /dev/null
10 diff -urN openswan.old/programs/look/look.in openswan.dev/programs/look/look.in
11 --- openswan.old/programs/look/look.in 2006-10-08 20:43:21.000000000 +0200
12 +++ openswan.dev/programs/look/look.in 2006-10-08 20:41:08.000000000 +0200
15 pat="$pat|$defaultroutephys\$|$defaultroutevirt\$"
17 - for i in `echo "$IPSECinterfaces" | sed 's/=/ /'`
18 + for i in `echo "$IPSECinterfaces" | tr '=' ' '`
22 diff -urN openswan.old/programs/_plutorun/_plutorun.in openswan.dev/programs/_plutorun/_plutorun.in
23 --- openswan.old/programs/_plutorun/_plutorun.in 2006-10-08 20:43:21.000000000 +0200
24 +++ openswan.dev/programs/_plutorun/_plutorun.in 2006-10-08 20:41:08.000000000 +0200
29 - if test ! -w "`dirname $stderrlog`"
30 + if test ! -w "`echo $stderrlog | sed -r 's/(^.*\/)(.*$)/\1/'`"
32 echo Cannot write to directory to create \"$stderrlog\".
34 diff -urN openswan.old/programs/_realsetup/_realsetup.in openswan.dev/programs/_realsetup/_realsetup.in
35 --- openswan.old/programs/_realsetup/_realsetup.in 2006-10-08 20:43:21.000000000 +0200
36 +++ openswan.dev/programs/_realsetup/_realsetup.in 2006-10-08 20:41:08.000000000 +0200
39 # misc pre-Pluto setup
41 - perform test -d `dirname $subsyslock` "&&" touch $subsyslock
42 + perform test -d `echo $subsyslock | sed -r 's/(^.*\/)(.*$)/\1/'` "&&" touch $subsyslock "&&" rm -f $subsyslock
44 if test " $IPSECforwardcontrol" = " yes"
46 diff -urN openswan.old/programs/send-pr/send-pr.in openswan.dev/programs/send-pr/send-pr.in
47 --- openswan.old/programs/send-pr/send-pr.in 2006-10-08 20:43:21.000000000 +0200
48 +++ openswan.dev/programs/send-pr/send-pr.in 2006-10-08 20:41:08.000000000 +0200
51 if [ "$fieldname" != "Category" ]
53 - values=`${BINDIR}/query-pr --valid-values $fieldname | sed ':a;N;$!ba;s/\n/ /g' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
54 + values=`${BINDIR}/query-pr --valid-values $fieldname | tr '\n' ' ' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
55 valslen=`echo "$values" | wc -c`
57 values="choose from a category listed above"
60 desc="<${values} (one line)>";
62 - dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
63 + dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
64 echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
66 echo "${fmtname}${desc}" >> $file
70 desc=" <`${BINDIR}/query-pr --field-description $fieldname` (multiple lines)>";
71 - dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
72 + dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
73 echo "s/^${dpat}//" >> $FIXFIL
75 echo "${fmtname}" >> $file;
79 desc="<`${BINDIR}/query-pr --field-description $fieldname` (one line)>"
80 - dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
81 + dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
82 echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
84 echo "${fmtname}${desc}" >> $file
85 diff -urN openswan.old/programs/setup/setup.in openswan.dev/programs/setup/setup.in
86 --- openswan.old/programs/setup/setup.in 2006-10-08 20:43:21.000000000 +0200
87 +++ openswan.dev/programs/setup/setup.in 2006-10-08 20:41:08.000000000 +0200
91 start|--start|stop|--stop|_autostop|_autostart)
92 - if test " `id -u`" != " 0"
93 + if [ "x${USER}" != "xroot" ]
95 echo "permission denied (must be superuser)" |
96 logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
99 + # make sure all required directories exist
100 + if [ ! -d /var/run/pluto ]
102 + mkdir -p /var/run/pluto
104 + if [ ! -d /var/lock/subsys ]
106 + mkdir -p /var/lock/subsys
108 tmp=/var/run/pluto/ipsec_setup.st
109 outtmp=/var/run/pluto/ipsec_setup.out
111 diff -urN openswan.old/programs/showhostkey/showhostkey.in openswan.dev/programs/showhostkey/showhostkey.in
112 --- openswan.old/programs/showhostkey/showhostkey.in 2006-10-08 20:43:21.000000000 +0200
113 +++ openswan.dev/programs/showhostkey/showhostkey.in 2006-10-08 20:41:08.000000000 +0200
118 -host="`hostname --fqdn`"
119 +host="`cat /proc/sys/kernel/hostname`"
127 - suffix = ":" os "[rR][sS][aA]" os "{" os oc "$"
128 + suffix = ":" os "[rR][sS][aA]" os "[{]" os oc "$"
132 diff -urN openswan.old/programs/starter/klips.c openswan.dev/programs/starter/klips.c
133 --- openswan.old/programs/starter/klips.c 2006-10-08 20:43:21.000000000 +0200
134 +++ openswan.dev/programs/starter/klips.c 2006-10-08 20:41:08.000000000 +0200
136 if (stat(PROC_MODULES,&stb)==0) {
138 unsetenv("MODULECONF");
139 - system("depmod -a >/dev/null 2>&1 && modprobe ipsec");
140 + system("depmod -a >/dev/null 2>&1 && insmod ipsec");
142 if (stat(PROC_IPSECVERSION,&stb)==0) {
143 _klips_module_loaded = 1;
144 diff -urN openswan.old/programs/starter/netkey.c openswan.dev/programs/starter/netkey.c
145 --- openswan.old/programs/starter/netkey.c 2006-10-08 20:43:21.000000000 +0200
146 +++ openswan.dev/programs/starter/netkey.c 2006-10-08 20:41:08.000000000 +0200
148 if (stat(PROC_MODULES,&stb)==0) {
150 unsetenv("MODULECONF");
151 - system("depmod -a >/dev/null 2>&1 && modprobe xfrm4_tunnel esp4 ah4 af_key");
152 + system("depmod -a >/dev/null 2>&1 && insmod xfrm4_tunnel esp4 ah4 af_key");
154 if (stat(PROC_NETKEY,&stb)==0) {
155 _netkey_module_loaded = 1;
156 diff -ruN openswan-2.4.7-old/programs/_startklips/_startklips.in openswan-2.4.7-new/programs/_startklips/_startklips.in
157 --- openswan-2.4.7-old/programs/_startklips/_startklips.in 2006-12-15 16:29:48.000000000 +0100
158 +++ openswan-2.4.7-new/programs/_startklips/_startklips.in 2006-12-15 17:18:52.000000000 +0100
159 @@ -269,16 +269,16 @@
160 echo "FATAL ERROR: Both KLIPS and NETKEY IPsec code is present in kernel"
163 -if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn ipsec
164 +if test ! -f $ipsecversion && test ! -f $netkey
166 # statically compiled KLIPS/NETKEY not found; but there seems to be an ipsec module
167 - modprobe ipsec 2> /dev/null
168 + insmod -q ipsec 2> /dev/null
171 -if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn af_key
172 +if test ! -f $ipsecversion && test ! -f $netkey
174 # netkey should work then
175 - modprobe af_key 2> /dev/null
176 + insmod -q af_key 2> /dev/null
178 if test ! -f $ipsecversion && test ! -f $netkey
180 @@ -291,27 +291,27 @@
181 # modules shared between klips and netkey
184 - # we modprobe hw_random so ipsec verify can complain about not using it
185 - modprobe -q hw_random 2> /dev/null
186 + # we insmod hw_random so ipsec verify can complain about not using it
187 + insmod -q hw_random 2> /dev/null
188 # padlock must load before aes module
189 - modprobe -q padlock 2> /dev/null
190 + insmod -q padlock 2> /dev/null
191 # load the most common ciphers/algo's
192 - modprobe -q sha256 2> /dev/null
193 - modprobe -q sha1 2> /dev/null
194 - modprobe -q md5 2> /dev/null
195 - modprobe -q des 2> /dev/null
196 - modprobe -q aes 2> /dev/null
197 + insmod -q sha256 2> /dev/null
198 + insmod -q sha1 2> /dev/null
199 + insmod -q md5 2> /dev/null
200 + insmod -q des 2> /dev/null
201 + insmod -q aes 2> /dev/null
206 - modprobe -q ah4 2> /dev/null
207 - modprobe -q esp4 2> /dev/null
208 - modprobe -q ipcomp 2> /dev/null
209 + insmod -q ah4 2> /dev/null
210 + insmod -q esp4 2> /dev/null
211 + insmod -q ipcomp 2> /dev/null
212 # xfrm4_tunnel is needed by ipip and ipcomp
213 - modprobe -q xfrm4_tunnel 2> /dev/null
214 + insmod -q xfrm4_tunnel 2> /dev/null
215 # xfrm_user contains netlink support for IPsec
216 - modprobe -q xfrm_user 2> /dev/null
217 + insmod -q xfrm_user 2> /dev/null
220 if test ! -f $ipsecversion && $klips
223 unset MODPATH MODULECONF # no user overrides!
224 depmod -a >/dev/null 2>&1
227 if test ! -f $ipsecversion
229 echo "kernel appears to lack IPsec support (neither CONFIG_KLIPS or CONFIG_NET_KEY are set)"
230 diff -urN openswan-2.4.7/programs/_startklips/_startklips.in openswan-2.4.7.new/programs/_startklips/_startklips.in
231 --- openswan-2.4.7/programs/_startklips/_startklips.in 2006-11-13 21:27:18.000000000 +0100
232 +++ openswan-2.4.7.new/programs/_startklips/_startklips.in 2007-04-16 11:57:45.000000000 +0200
235 # attach the interface and bring it up
236 ipsec tncfg --attach --virtual $virt --physical $phys
237 - ifconfig $virt inet $addr $type $otheraddr netmask $mask $mtu
238 + ifconfig $virt $addr $type $otheraddr netmask $mask $mtu
241 # if %defaultroute, note the facts