1
0
mirror of synced 2024-11-25 14:26:09 +03:00

New Libreswan version

- Upgrade Libreswan to 3.31
- "USE_DH2=true" is required for keeping Windows clients compatibility
  Ref: https://github.com/libreswan/libreswan/commit/8fcbbc7
- "USE_XFRM_INTERFACE_IFLA_HEADER=true" is required for compilation on
  older Linux distributions
  Ref: https://github.com/libreswan/libreswan/commit/c21909c
This commit is contained in:
hwdsl2 2020-04-11 17:07:43 -05:00
parent 03c4dd9b24
commit 2c660bb914
2 changed files with 10 additions and 2 deletions

View File

@ -172,7 +172,7 @@ apt-get -yq install fail2ban || exiterr2
bigecho "Compiling and installing Libreswan..."
SWAN_VER=3.29
SWAN_VER=3.31
swan_file="libreswan-$SWAN_VER.tar.gz"
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
swan_url2="https://download.libreswan.org/$swan_file"
@ -185,11 +185,15 @@ cd "libreswan-$SWAN_VER" || exit 1
cat > Makefile.inc.local <<'EOF'
WERROR_CFLAGS =
USE_DNSSEC = false
USE_DH2 = true
USE_DH31 = false
USE_NSS_AVA_COPY = true
USE_NSS_IPSEC_PROFILE = false
USE_GLIBC_KERN_FLIP_HEADERS = true
EOF
if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then
echo "USE_XFRM_INTERFACE_IFLA_HEADER = true" >> Makefile.inc.local
fi
if [ "$(packaging/utils/lswan_detect.sh init)" = "systemd" ]; then
apt-get -yq install libsystemd-dev || exiterr2
fi

View File

@ -170,7 +170,7 @@ yum "$REPO1" -y install fail2ban || exiterr2
bigecho "Compiling and installing Libreswan..."
SWAN_VER=3.29
SWAN_VER=3.31
swan_file="libreswan-$SWAN_VER.tar.gz"
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
swan_url2="https://download.libreswan.org/$swan_file"
@ -183,11 +183,15 @@ cd "libreswan-$SWAN_VER" || exit 1
cat > Makefile.inc.local <<'EOF'
WERROR_CFLAGS =
USE_DNSSEC = false
USE_DH2 = true
USE_DH31 = false
USE_NSS_AVA_COPY = true
USE_NSS_IPSEC_PROFILE = false
USE_GLIBC_KERN_FLIP_HEADERS = true
EOF
if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then
echo "USE_XFRM_INTERFACE_IFLA_HEADER = true" >> Makefile.inc.local
fi
NPROCS=$(grep -c ^processor /proc/cpuinfo)
[ -z "$NPROCS" ] && NPROCS=1
make "-j$((NPROCS+1))" -s base && make -s install-base