mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-11-27 04:53:28 +00:00
Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including user space updates. Submitted by: bz Approved by: re
This commit is contained in:
parent
5f308feb93
commit
8409aedfa6
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=171135
@ -42,7 +42,7 @@
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/in_systm.h>
|
||||
#ifdef IPSEC
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#endif
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
|
@ -72,7 +72,7 @@ typedef unsigned char cc_t;
|
||||
#include <string.h>
|
||||
|
||||
#if defined(IPSEC)
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#if defined(IPSEC_POLICY_IPSEC)
|
||||
extern char *ipsec_policy_in;
|
||||
extern char *ipsec_policy_out;
|
||||
|
@ -228,7 +228,7 @@ static const char rcsid[] =
|
||||
|
||||
#ifdef IPSEC
|
||||
#include <net/route.h>
|
||||
#include <netinet6/ipsec.h> /* XXX */
|
||||
#include <netipsec/ipsec.h> /* XXX */
|
||||
#endif /* IPSEC */
|
||||
|
||||
#include <ctype.h>
|
||||
|
@ -231,8 +231,6 @@
|
||||
..
|
||||
netipx
|
||||
..
|
||||
netkey
|
||||
..
|
||||
netnatm
|
||||
api
|
||||
..
|
||||
|
@ -34,7 +34,7 @@ LHDRS= aio.h errno.h fcntl.h linker_set.h poll.h stdint.h syslog.h \
|
||||
termios.h ucontext.h
|
||||
|
||||
LDIRS= bsm cam geom net net80211 netatalk netatm netgraph netinet netinet6 \
|
||||
netipsec ${_netipx} netkey netnatm ${_netncp} netsmb \
|
||||
netipsec ${_netipx} netnatm ${_netncp} netsmb \
|
||||
nfs nfsclient nfsserver \
|
||||
pccard sys vm
|
||||
|
||||
|
@ -39,7 +39,7 @@ CFLAGS+=-DIPSEC_DEBUG -DIPSEC
|
||||
CFLAGS+=-DINET6
|
||||
.endif
|
||||
|
||||
#.PATH: ${.CURDIR}/../../sys/netkey
|
||||
#.PATH: ${.CURDIR}/../../sys/netipsec
|
||||
#SRCS= pfkey.c pfkey_dump.c
|
||||
SRCS+= ipsec_strerror.c policy_parse.y policy_token.l
|
||||
SRCS+= ipsec_dump_policy.c ipsec_get_policylen.c
|
||||
|
@ -36,9 +36,9 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/param.h>
|
||||
#include <sys/socket.h>
|
||||
|
||||
#include <netkey/key_var.h>
|
||||
#include <netipsec/key_var.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
|
||||
#include <arpa/inet.h>
|
||||
|
||||
|
@ -35,7 +35,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/types.h>
|
||||
#include <sys/param.h>
|
||||
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
|
||||
#include <net/pfkeyv2.h>
|
||||
|
||||
|
@ -41,7 +41,7 @@
|
||||
.Sh LIBRARY
|
||||
.Lb libipsec
|
||||
.Sh SYNOPSIS
|
||||
.In netinet6/ipsec.h
|
||||
.In netipsec/ipsec.h
|
||||
.Ft "char *"
|
||||
.Fn ipsec_set_policy "char *policy" "int len"
|
||||
.Ft int
|
||||
|
@ -38,12 +38,12 @@
|
||||
.Nd error messages for the IPsec policy manipulation library
|
||||
.\"
|
||||
.Sh SYNOPSIS
|
||||
.In netinet6/ipsec.h
|
||||
.In netipsec/ipsec.h
|
||||
.Ft "const char *"
|
||||
.Fn ipsec_strerror
|
||||
.\"
|
||||
.Sh DESCRIPTION
|
||||
.In netinet6/ipsec.h
|
||||
.In netipsec/ipsec.h
|
||||
declares
|
||||
.Pp
|
||||
.Dl extern int ipsec_errcode;
|
||||
|
@ -36,7 +36,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/param.h>
|
||||
|
||||
#include <string.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
|
||||
#include "ipsec_strerror.h"
|
||||
|
||||
|
@ -36,9 +36,9 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/param.h>
|
||||
#include <sys/socket.h>
|
||||
#include <net/pfkeyv2.h>
|
||||
#include <netkey/key_var.h>
|
||||
#include <netipsec/key_var.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
|
@ -35,13 +35,12 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/types.h>
|
||||
#include <sys/param.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#include <net/pfkeyv2.h>
|
||||
#include <netkey/key_var.h>
|
||||
#include <netkey/key_debug.h>
|
||||
#include <netipsec/key_var.h>
|
||||
#include <netipsec/key_debug.h>
|
||||
|
||||
#include <netinet/in.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
|
@ -57,7 +57,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/socket.h>
|
||||
|
||||
#include <netinet/in.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
|
@ -36,9 +36,9 @@
|
||||
#include <sys/socket.h>
|
||||
#include <net/route.h>
|
||||
#include <net/pfkeyv2.h>
|
||||
#include <netkey/keydb.h>
|
||||
#include <netipsec/keydb.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <limits.h>
|
||||
|
@ -38,8 +38,8 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
#include <netinet/in.h>
|
||||
#include <net/pfkeyv2.h>
|
||||
#include <netkey/key_debug.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/key_debug.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
@ -76,7 +76,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#ifdef IPSEC
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#endif /*IPSEC*/
|
||||
|
||||
#include <ctype.h>
|
||||
|
@ -3,7 +3,7 @@
|
||||
PROG= ping6
|
||||
MAN= ping6.8
|
||||
|
||||
CFLAGS+=-DIPSEC -DKAME_SCOPEID -DUSE_RFC2292BIS \
|
||||
CFLAGS+=-DIPSEC -DFAST_IPSEC -DKAME_SCOPEID -DUSE_RFC2292BIS \
|
||||
-DHAVE_POLL_H -DHAVE_ARC4RANDOM
|
||||
WARNS?= 2
|
||||
|
||||
|
@ -134,8 +134,8 @@ static const char rcsid[] =
|
||||
#endif
|
||||
|
||||
#ifdef IPSEC
|
||||
#include <netinet6/ah.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ah.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#endif
|
||||
|
||||
#include <md5.h>
|
||||
|
@ -44,9 +44,9 @@ CLEANFILES= y.tab.c y.tab.h key_test.o keytest
|
||||
|
||||
# libpfkey
|
||||
# ipsec_strerror.c is for avoiding shlib reference to non-exported function.
|
||||
.PATH: ${.CURDIR}/../../lib/libipsec ${.CURDIR}/../../sys/netkey
|
||||
.PATH: ${.CURDIR}/../../lib/libipsec ${.CURDIR}/../../sys/netipsec
|
||||
SRCS+= pfkey.c pfkey_dump.c key_debug.c ipsec_strerror.c
|
||||
CFLAGS+= -I${.CURDIR}/../../lib/libipsec -I${.CURDIR}/../../sys/netkey
|
||||
CFLAGS+= -I${.CURDIR}/../../lib/libipsec -I${.CURDIR}/../../sys/netipsec
|
||||
|
||||
SRCS+= y.tab.h
|
||||
y.tab.h: parse.y
|
||||
|
@ -38,8 +38,8 @@
|
||||
#include <net/route.h>
|
||||
#include <netinet/in.h>
|
||||
#include <net/pfkeyv2.h>
|
||||
#include <netkey/key_var.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/key_var.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#include <string.h>
|
||||
|
@ -38,9 +38,9 @@
|
||||
#include <net/route.h>
|
||||
#include <netinet/in.h>
|
||||
#include <net/pfkeyv2.h>
|
||||
#include <netkey/keydb.h>
|
||||
#include <netkey/key_debug.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/keydb.h>
|
||||
#include <netipsec/key_debug.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
@ -36,9 +36,9 @@
|
||||
#include <net/route.h>
|
||||
#include <net/pfkeyv2.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netkey/keydb.h>
|
||||
#include <netkey/key_var.h>
|
||||
#include <netkey/key_debug.h>
|
||||
#include <netipsec/keydb.h>
|
||||
#include <netipsec/key_var.h>
|
||||
#include <netipsec/key_debug.h>
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
@ -34,11 +34,10 @@
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet6/in6.h>
|
||||
#include <netkey/keyv2.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <netinet6/ipsec.h>
|
||||
|
||||
char *requests[] = {
|
||||
"must_error", /* must be error */
|
||||
|
@ -36,10 +36,10 @@
|
||||
#include <sys/socket.h>
|
||||
#include <net/route.h>
|
||||
#include <net/pfkeyv2.h>
|
||||
#include <netkey/keydb.h>
|
||||
#include <netkey/key_debug.h>
|
||||
#include <netipsec/keydb.h>
|
||||
#include <netipsec/key_debug.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <limits.h>
|
||||
|
@ -32,7 +32,7 @@
|
||||
.\" @(#)hier.7 8.1 (Berkeley) 6/5/93
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd June 10, 2007
|
||||
.Dd June 28, 2007
|
||||
.Dt HIER 7
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -318,10 +318,12 @@ see
|
||||
C include files for Internet protocol version 6;
|
||||
see
|
||||
.Xr inet6 4
|
||||
.It Pa netipsec/
|
||||
kernel key-management service;
|
||||
see
|
||||
.Xr ipsec 4
|
||||
.It Pa netipx/
|
||||
IPX/SPX protocol stacks
|
||||
.It Pa netkey/
|
||||
kernel key-management service
|
||||
.It Pa netnatm/
|
||||
NATM include files;
|
||||
see
|
||||
|
@ -10,7 +10,6 @@ SRCS= if.c inet.c main.c mbuf.c mcast.c mroute.c route.c \
|
||||
WARNS?= 3
|
||||
|
||||
CFLAGS+=-DIPSEC
|
||||
CFLAGS+=-DFAST_IPSEC
|
||||
CFLAGS+=-DSCTP
|
||||
|
||||
.if ${MK_INET6_SUPPORT} != "no"
|
||||
|
@ -104,11 +104,7 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
#include <netinet/in.h>
|
||||
|
||||
#if defined(IPSEC) && !defined(FAST_IPSEC)
|
||||
#include <netinet6/ipsec.h>
|
||||
#endif
|
||||
|
||||
#ifdef FAST_IPSEC
|
||||
#ifdef IPSEC
|
||||
#include <netipsec/ipsec.h>
|
||||
#include <netipsec/ah_var.h>
|
||||
#include <netipsec/esp_var.h>
|
||||
@ -250,9 +246,24 @@ print_ipsecstats(const struct ipsecstat *ipsecstat)
|
||||
hist(ipsecstat->out_comphist, ipsec_compnames, "IPComp output");
|
||||
p(spdcachelookup, "\t%ju SPD cache lookup%s\n");
|
||||
pes(spdcachemiss, "\t%ju SPD cache miss%s\n");
|
||||
#undef p
|
||||
#undef pes
|
||||
#undef hist
|
||||
p(ips_in_polvio, "\t%ju inbound packet%s violated process "
|
||||
"security policy\n");
|
||||
p(ips_out_polvio, "\t%ju outbound packet%s violated process "
|
||||
"security policy\n");
|
||||
p(ips_out_nosa, "\t%ju outbound packet%s with no SA available\n");
|
||||
p(ips_out_nomem, "\t%ju outbound packet%s failed due to "
|
||||
"insufficient memory\n");
|
||||
p(ips_out_noroute, "\t%ju outbound packet%s with no route "
|
||||
"available\n");
|
||||
p(ips_out_inval, "\t%ju invalid outbound packet%s\n");
|
||||
p(ips_out_bundlesa, "\t%ju outbound packet%s with bundled SAs\n");
|
||||
p(ips_mbcoalesced, "\t%ju mbuf%s coalesced during clone\n");
|
||||
p(ips_clcoalesced, "\t%ju cluster%s coalesced during clone\n");
|
||||
p(ips_clcopied, "\t%ju cluster%s copied during clone\n");
|
||||
p(ips_mbinserted, "\t%ju mbuf%s inserted during makespace\n");
|
||||
#undef p
|
||||
}
|
||||
|
||||
void
|
||||
@ -269,11 +280,8 @@ ipsec_stats(u_long off, const char *name, int af1 __unused)
|
||||
}
|
||||
|
||||
|
||||
#ifdef FAST_IPSEC
|
||||
|
||||
static void ipsec_hist_new(const u_int32_t *hist, size_t histmax,
|
||||
const struct val2str *name, const char *title);
|
||||
static void print_newipsecstats(const struct newipsecstat *newipsecstat);
|
||||
static void print_ahstats(const struct ahstat *ahstat);
|
||||
static void print_espstats(const struct espstat *espstat);
|
||||
static void print_ipcompstats(const struct ipcompstat *ipcompstat);
|
||||
@ -310,43 +318,6 @@ ipsec_hist_new(const u_int32_t *hist, size_t histmax,
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
print_newipsecstats(const struct newipsecstat *newipsecstat)
|
||||
{
|
||||
#define p(f, m) if (newipsecstat->f || sflag <= 1) \
|
||||
printf(m, newipsecstat->f, plural(newipsecstat->f))
|
||||
|
||||
p(ips_in_polvio, "\t%u inbound packet%s violated process "
|
||||
"security policy\n");
|
||||
p(ips_out_polvio, "\t%u outbound packet%s violated process "
|
||||
"security policy\n");
|
||||
p(ips_out_nosa, "\t%u outbound packet%s with no SA available\n");
|
||||
p(ips_out_nomem, "\t%u outbound packet%s failed due to "
|
||||
"insufficient memory\n");
|
||||
p(ips_out_noroute, "\t%u outbound packet%s with no route "
|
||||
"available\n");
|
||||
p(ips_out_inval, "\t%u invalid outbound packet%s\n");
|
||||
p(ips_out_bundlesa, "\t%u outbound packet%s with bundled SAs\n");
|
||||
p(ips_mbcoalesced, "\t%u mbuf%s coalesced during clone\n");
|
||||
p(ips_clcoalesced, "\t%u cluster%s coalesced during clone\n");
|
||||
p(ips_clcopied, "\t%u cluster%s copied during clone\n");
|
||||
p(ips_mbinserted, "\t%u mbuf%s inserted during makespace\n");
|
||||
#undef p
|
||||
}
|
||||
|
||||
void
|
||||
ipsec_stats_new(u_long off, const char *name, int family __unused)
|
||||
{
|
||||
struct newipsecstat newipsecstat;
|
||||
|
||||
if (off == 0)
|
||||
return;
|
||||
printf ("%s:\n", name);
|
||||
kread(off, (char *)&newipsecstat, sizeof(newipsecstat));
|
||||
|
||||
print_newipsecstats(&newipsecstat);
|
||||
}
|
||||
|
||||
static void
|
||||
print_ahstats(const struct ahstat *ahstat)
|
||||
{
|
||||
@ -491,5 +462,4 @@ ipcomp_stats(u_long off, const char *name, int family __unused)
|
||||
print_ipcompstats(&ipcompstat);
|
||||
}
|
||||
|
||||
#endif /* FAST_IPSEC */
|
||||
#endif /*IPSEC*/
|
||||
|
@ -100,7 +100,7 @@ static struct nlist nl[] = {
|
||||
#define N_ICMP6STAT 13
|
||||
{ .n_name = "_icmp6stat" },
|
||||
#define N_IPSECSTAT 14
|
||||
{ .n_name = "_ipsecstat" },
|
||||
{ .n_name = "_ipsec4stat" },
|
||||
#define N_IPSEC6STAT 15
|
||||
{ .n_name = "_ipsec6stat" },
|
||||
#define N_PIM6STAT 16
|
||||
@ -141,8 +141,6 @@ static struct nlist nl[] = {
|
||||
{ .n_name = "_carpstats" },
|
||||
#define N_PFSYNCSTAT 34
|
||||
{ .n_name = "_pfsyncstats" },
|
||||
#define N_FAST_IPSECSTAT 35
|
||||
{ .n_name = "_newipsecstat" },
|
||||
#define N_AHSTAT 36
|
||||
{ .n_name = "_ahstat" },
|
||||
#define N_ESPSTAT 37
|
||||
@ -181,18 +179,14 @@ struct protox {
|
||||
{ -1, -1, 1, protopr,
|
||||
igmp_stats, NULL, "igmp", IPPROTO_IGMP },
|
||||
#ifdef IPSEC
|
||||
{ -1, N_IPSECSTAT, 1, NULL,
|
||||
{ -1, N_IPSECSTAT, 1, NULL, /* keep as compat */
|
||||
ipsec_stats, NULL, "ipsec", 0},
|
||||
#ifdef FAST_IPSEC
|
||||
{ -1, N_FAST_IPSECSTAT, 1, 0,
|
||||
ipsec_stats_new, NULL, "fastipsec", 0},
|
||||
{ -1, N_AHSTAT, 1, 0,
|
||||
{ -1, N_AHSTAT, 1, NULL,
|
||||
ah_stats, NULL, "ah", 0},
|
||||
{ -1, N_ESPSTAT, 1, 0,
|
||||
{ -1, N_ESPSTAT, 1, NULL,
|
||||
esp_stats, NULL, "esp", 0},
|
||||
{ -1, N_IPCOMPSTAT, 1, 0,
|
||||
{ -1, N_IPCOMPSTAT, 1, NULL,
|
||||
ipcomp_stats, NULL, "ipcomp", 0},
|
||||
#endif
|
||||
#endif
|
||||
{ -1, -1, 1, protopr,
|
||||
pim_stats, NULL, "pim", IPPROTO_PIM },
|
||||
@ -526,17 +520,6 @@ main(int argc, char *argv[])
|
||||
|
||||
kread(0, 0, 0);
|
||||
if (tp) {
|
||||
#ifdef FAST_IPSEC
|
||||
/*
|
||||
* HACK: fallback to printing the new FAST IPSEC stats
|
||||
* if the kernel was built with FAST_IPSEC rather
|
||||
* than the KAME IPSEC stack (the two are mutually
|
||||
* exclusive).
|
||||
*/
|
||||
if (nl[tp->pr_sindex].n_value == 0 &&
|
||||
strcmp(tp->pr_name, "ipsec") == 0)
|
||||
tp = name2protox("fastipsec");
|
||||
#endif
|
||||
printproto(tp, tp->pr_name);
|
||||
exit(0);
|
||||
}
|
||||
|
@ -80,13 +80,10 @@ void carp_stats (u_long, const char *, int);
|
||||
void pfsync_stats (u_long, const char *, int);
|
||||
#ifdef IPSEC
|
||||
void ipsec_stats(u_long, const char *, int);
|
||||
#ifdef FAST_IPSEC
|
||||
void ipsec_stats_new (u_long, const char *, int);
|
||||
void esp_stats (u_long, const char *, int);
|
||||
void ah_stats (u_long, const char *, int);
|
||||
void ipcomp_stats (u_long, const char *, int);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef INET6
|
||||
void ip6_stats(u_long, const char *, int);
|
||||
|
@ -79,11 +79,7 @@ static const char rcsid[] =
|
||||
|
||||
#include <netinet/in.h>
|
||||
|
||||
#if defined(IPSEC) && !defined(FAST_IPSEC)
|
||||
#include <netkey/keysock.h>
|
||||
#endif
|
||||
|
||||
#ifdef FAST_IPSEC
|
||||
#ifdef IPSEC
|
||||
#include <netipsec/keysock.h>
|
||||
#endif
|
||||
|
||||
|
@ -23,7 +23,7 @@ DPADD= ${LIBTERMCAP} ${LIBTELNET}
|
||||
LDADD= -ltermcap ${LIBTELNET}
|
||||
|
||||
.if !defined(RELEASE_CRUNCH)
|
||||
CFLAGS+= -DIPSEC
|
||||
CFLAGS+= -DIPSEC -DFAST_IPSEC
|
||||
DPADD+= ${LIBIPSEC}
|
||||
LDADD+= -lipsec
|
||||
.else
|
||||
@ -35,7 +35,7 @@ CFLAGS+= -DHAS_CGETENT
|
||||
.if !defined(RELEASE_CRUNCH)
|
||||
.if ${MK_OPENSSL} != "no"
|
||||
SRCS+= authenc.c
|
||||
CFLAGS+= -DENCRYPTION -DAUTHENTICATION -DIPSEC
|
||||
CFLAGS+= -DENCRYPTION -DAUTHENTICATION -DIPSEC -DFAST_IPSEC
|
||||
DPADD+= ${LIBMP} ${LIBCRYPTO} ${LIBCRYPT} ${LIBIPSEC} ${LIBPAM}
|
||||
LDADD+= -lmp -lcrypto -lcrypt -lipsec ${MINUSLPAM}
|
||||
.endif
|
||||
|
@ -21,7 +21,7 @@ LDADD= -lutil -lwrap
|
||||
|
||||
# XXX for src/release/picobsd
|
||||
.if !defined(RELEASE_CRUNCH)
|
||||
CFLAGS+= -DIPSEC
|
||||
CFLAGS+= -DIPSEC -DFAST_IPSEC
|
||||
DPADD+= ${LIBIPSEC}
|
||||
LDADD+= -lipsec
|
||||
.endif
|
||||
|
@ -144,7 +144,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include "pathnames.h"
|
||||
|
||||
#ifdef IPSEC
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#ifndef IPSEC_POLICY_IPSEC /* no ipsec support on old ipsec */
|
||||
#undef IPSEC
|
||||
#endif
|
||||
|
@ -18,7 +18,7 @@ PROG= rrenumd
|
||||
MAN= rrenumd.conf.5 rrenumd.8
|
||||
SRCS= rrenumd.c parser.y lexer.l
|
||||
|
||||
CFLAGS+= -DIPSEC -I. -I${.CURDIR}
|
||||
CFLAGS+= -DIPSEC -DFAST_IPSEC -I. -I${.CURDIR}
|
||||
YFLAGS= -d
|
||||
|
||||
LDADD= -lipsec -ll -ly
|
||||
|
@ -49,7 +49,7 @@
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#ifdef IPSEC
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
|
@ -18,7 +18,7 @@ MAN= traceroute6.8
|
||||
BINOWN= root
|
||||
BINMODE= 4555
|
||||
|
||||
CFLAGS+= -DIPSEC -DUSE_RFC2292BIS -DHAVE_POLL
|
||||
CFLAGS+= -DIPSEC -DFAST_IPSEC -DUSE_RFC2292BIS -DHAVE_POLL
|
||||
|
||||
DPADD= ${LIBIPSEC}
|
||||
LDADD= -lipsec
|
||||
|
@ -279,7 +279,7 @@ static const char rcsid[] =
|
||||
|
||||
#ifdef IPSEC
|
||||
#include <net/route.h>
|
||||
#include <netinet6/ipsec.h>
|
||||
#include <netipsec/ipsec.h>
|
||||
#endif
|
||||
|
||||
#define DUMMY_PORT 10010
|
||||
|
Loading…
Reference in New Issue
Block a user