wallenstein/void-packages
1
0
Fork 0
mirror of https://github.com/void-linux/void-packages.git synced 2025-04-21 08:37:02 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions2

strongswan: update to 6.0.0.

Browse source
This commit is contained in:
icp 2024-12-04 00:18:27 +05:30 committed by Toyam Cox
parent 6b64d3bce0
commit 81b1544861
7 changed files with 694 additions and 127 deletions

1
srcpkgs/strongswan/INSTALL.msg Normal file
View file

@ -0,0 +1 @@
Configuration via ipsec.conf, ipsec.secrets, and ipsec.d using the stroke plugin, as well as using the ipsec command, has been invalidated. Refer to https://wiki.strongswan.org/projects/strongswan/wiki/IpsecConf for further details.

2
srcpkgs/strongswan/files/strongswan/run
View file

@ -1,3 +1,3 @@
#!/bin/sh
exec 2>&1
exec ipsec start --nofork
exec /usr/libexec/ipsec/charon

41
srcpkgs/strongswan/patches/0001-fix-musl.patch
View file

@ -1,41 +0,0 @@
From 540881627fe8083207f9a2cfd01b931164c7ef4e Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 22 Mar 2024 10:42:34 +0100
Subject: [PATCH] farp: Fix build with musl C library
Same issue as described in the previous commit.
Fixes: 187c72d1afdc ("dhcp: Port the plugin to FreeBSD/macOS")
---
src/libcharon/plugins/farp/farp_spoofer.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/libcharon/plugins/farp/farp_spoofer.c b/src/libcharon/plugins/farp/farp_spoofer.c
index 65451263f5f..7f2c9bef419 100644
--- a/src/libcharon/plugins/farp/farp_spoofer.c
+++ b/src/libcharon/plugins/farp/farp_spoofer.c
@@ -20,12 +20,14 @@
#include <errno.h>
#include <unistd.h>
+#include <net/ethernet.h>
#include <sys/ioctl.h>
#if !defined(__APPLE__) && !defined(__FreeBSD__)
#include <sys/socket.h>
-#include <linux/if_arp.h>
-#include <linux/if_ether.h>
+#include <net/if_arp.h>
+#include <netinet/if_ether.h>
+#include <netpacket/packet.h>
#include <linux/filter.h>
#else
#include <net/bpf.h>
@@ -33,7 +35,6 @@
#include <net/if_dl.h>
#endif /* !defined(__APPLE__) && !defined(__FreeBSD__) */
-#include <net/ethernet.h>
#include <daemon.h>
#include <threading/thread.h>
#include <processing/jobs/callback_job.h>

62
srcpkgs/strongswan/patches/0002-fix-musl.patch
View file

@ -1,62 +0,0 @@
From f5b1ca4ef60bc4fca91f0d1e852ef8447d23c99a Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 22 Mar 2024 09:57:07 +0100
Subject: [PATCH] pf-handler: Fix build with musl C library
musl's headers define a lot of networking structs. For some, the
definition in the Linux UAPI headers is then suppressed by e.g.
__UAPI_DEF_ETHHDR.
Since we included musl's net/ethernet.h, which includes netinet/if_ether.h
that defines `struct ethhdr` (and the above constant), **after** we
include linux/if_ether.h, there was a compilation error because the
struct was defined multiple times.
However, simply moving that include doesn't fix the problem because for
ARP-specific structs the Linux headers don't provide __UAPI_DEF* checks.
So instead of directly including the linux/ headers, we include those
provided by the C library. For glibc these usually just include the
Linux headers, but for musl this allows them to define the struct
directly. We also need to move if.h and add packet.h, which define
other structs (or include headers that do so) that we use.
Fixes: 187c72d1afdc ("dhcp: Port the plugin to FreeBSD/macOS")
---
src/libcharon/network/pf_handler.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/libcharon/network/pf_handler.c b/src/libcharon/network/pf_handler.c
index 91b0e7507f9..43ef432ba60 100644
--- a/src/libcharon/network/pf_handler.c
+++ b/src/libcharon/network/pf_handler.c
@@ -20,23 +20,23 @@
#include <library.h>
#include <unistd.h>
+#include <errno.h>
+#include <net/ethernet.h>
+#include <net/if.h>
+#include <sys/ioctl.h>
#if !defined(__APPLE__) && !defined(__FreeBSD__)
-#include <linux/if_arp.h>
-#include <linux/if_ether.h>
+#include <net/if_arp.h>
+#include <netinet/if_ether.h>
+#include <netpacket/packet.h>
#include <linux/filter.h>
#else
#include <fcntl.h>
#include <ifaddrs.h>
#include <net/bpf.h>
-#include <net/if.h>
#include <net/if_dl.h>
#endif /* !defined(__APPLE__) && !defined(__FreeBSD__) */
-#include <errno.h>
-#include <net/ethernet.h>
-#include <sys/ioctl.h>
-
#if !defined(__APPLE__) && !defined(__FreeBSD__)
/**

365
srcpkgs/strongswan/patches/rm-test_fetch_http.patch Normal file
View file

@ -0,0 +1,365 @@
--- a/src/libstrongswan/tests/Makefile.am
+++ b/src/libstrongswan/tests/Makefile.am
@@ -33,7 +33,6 @@ libstrongswan_tests_SOURCES = tests.h tests.c \
suites/test_process.c \
suites/test_watcher.c \
suites/test_stream.c \
- suites/test_fetch_http.c \
suites/test_utils.c \
suites/test_settings.c \
suites/test_vectors.c \
diff --git a/src/libstrongswan/tests/suites/test_fetch_http.c b/src/libstrongswan/tests/suites/test_fetch_http.c
deleted file mode 100644
index b087a1e79..000000000
--- a/src/libstrongswan/tests/suites/test_fetch_http.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/*
- * Copyright (C) 2014 Martin Willi
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "test_suite.h"
-
-#include <unistd.h>
-#include <time.h>
-
-#define HTTP_SUCCESS(status) ((status) >= 200 && (status) < 300)
-
-/**
- * HTTP test definition
- */
-typedef struct {
- /* HTTP Method */
- char *meth;
- /* HTTP 1.x minor version */
- int minor;
- /* host to connect to */
- char *host;
- /* HTTP service port */
- int port;
- /* path on host to fetch from */
- char *path;
- /* request Content-Type, if any */
- char *type;
- /* request data, if any */
- void *req;
- /* length of request data */
- int req_len;
- /* response data, if any */
- void *res;
- /* length of response data */
- int res_len;
- /* status code, defaults to 200 */
- u_int code;
-} test_service_t;
-
-static char large[] = {
- 0x88,0x3e,0xa3,0xe3,0x95,0x67,0x53,0x93,0xc8,0xce,0x5c,0xcd,0x8c,0x03,0x0c,0xa8,
- 0x94,0xaf,0x49,0xf6,0xc6,0x50,0xad,0xb8,0xea,0xb8,0x85,0x8a,0xde,0x92,0xe1,0xbc,
- 0xf3,0x15,0xbb,0x5b,0xb8,0x35,0xd8,0x17,0xad,0xcf,0x6b,0x07,0x63,0x61,0x2e,0x2f,
- 0xa5,0xc9,0x1d,0xa7,0xac,0xaa,0x4d,0xde,0x71,0x65,0x95,0x87,0x66,0x50,0xa2,0xa6,
- 0x28,0xef,0x49,0x5c,0x53,0xa3,0x87,0xad,0x42,0xc3,0x41,0xd8,0xfa,0x92,0xd8,0x32,
- 0xce,0x7c,0xf2,0x72,0x2f,0x51,0x27,0x71,0xe3,0x78,0x59,0xf9,0x46,0x23,0xf3,0xa7,
- 0x38,0x12,0x05,0xbb,0x1a,0xb0,0xe0,0x12,0xae,0x97,0xa1,0x0f,0xd4,0x34,0xe0,0x15,
- 0xb4,0xa3,0x15,0x08,0xbe,0xff,0x4d,0x31,0x81,0x39,0x62,0x29,0xf0,0x90,0x79,0x02,
- 0x4d,0x0c,0xf4,0x9e,0xe5,0xd4,0xdc,0xca,0xea,0xb8,0x85,0x8a,0xde,0x92,0xe1,0xbc,
- 0xf3,0x15,0xbb,0x5b,0xb8,0x35,0xd8,0x17,0xad,0xcf,0x6b,0x07,0x63,0x61,0x2e,0x2f,
- 0xa5,0xc9,0x1d,0xa7,0xac,0xaa,0x4d,0xde,0x71,0x65,0x95,0x87,0x66,0x50,0xa2,0xa6,
- 0x28,0xef,0x49,0x5c,0x53,0xa3,0x87,0xad,0x42,0xc3,0x41,0xd8,0xfa,0x92,0xd8,0x32,
- 0xce,0x7c,0xf2,0x72,0x2f,0x51,0x27,0x71,0xe3,0x78,0x59,0xf9,0x46,0x23,0xf3,0xa7,
- 0x38,0x12,0x05,0xbb,0x1a,0xb0,0xe0,0x12,0xae,0x97,0xa1,0x0f,0xd4,0x34,0xe0,0x15,
- 0xf3,0x15,0xbb,0x5b,0xb8,0x35,0xd8,0x17,0xad,0xcf,0x6b,0x07,0x63,0x61,0x2e,0x2f,
- 0xa5,0xc9,0x1d,0xa7,0xac,0xaa,0x4d,0xde,0x71,0x65,0x95,0x87,0x66,0x50,0xa2,0xa6,
- 0x28,0xef,0x49,0x5c,0x53,0xa3,0x87,0xad,0x42,0xc3,0x41,0xd8,0xfa,0x92,0xd8,0x32,
- 0xce,0x7c,0xf2,0x72,0x2f,0x51,0x27,0x71,0xe3,0x78,0x59,0xf9,0x46,0x23,0xf3,0xa7,
- 0x38,0x12,0x05,0xbb,0x1a,0xb0,0xe0,0x12,0xae,0x97,0xa1,0x0f,0xd4,0x34,0xe0,0x15,
- 0xb4,0xa3,0x15,0x08,0xbe,0xff,0x4d,0x31,0x81,0x39,0x62,0x29,0xf0,0x90,0x79,0x02,
- 0x4d,0x0c,0xf4,0x9e,0xe5,0xd4,0xdc,0xca,0xea,0xb8,0x85,0x8a,0xde,0x92,0xe1,0xbc,
- 0xf3,0x15,0xbb,0x5b,0xb8,0x35,0xd8,0x17,0xad,0xcf,0x6b,0x07,0x63,0x61,0x2e,0x2f,
- 0xa5,0xc9,0x1d,0xa7,0xac,0xaa,0x4d,0xde,0x71,0x65,0x95,0x87,0x66,0x50,0xa2,0xa6,
- 0x28,0xef,0x49,0x5c,0x53,0xa3,0x87,0xad,0x42,0xc3,0x41,0xd8,0xfa,0x92,0xd8,0x32,
- 0xce,0x7c,0xf2,0x72,0x2f,0x51,0x27,0x71,0xe3,0x78,0x59,0xf9,0x46,0x23,0xf3,0xa7,
- 0x38,0x12,0x05,0xbb,0x1a,0xb0,0xe0,0x12,0xae,0x97,0xa1,0x0f,0xd4,0x34,0xe0,0x15,
- 0xb4,0xa3,0x15,0x08,0xbe,0xff,0x4d,0x31,0x81,0x39,0x62,0x29,0xf0,0x90,0x79,0x02,
- 0x4d,0x0c,0xf4,0x9e,0xe5,0xd4,0xdc,0xca,0xea,0xb8,0x85,0x8a,0xde,0x92,0xe1,0xbc,
-};
-
-static bool servicing(void *data, stream_t *stream)
-{
- test_service_t *test = (test_service_t*)data;
- char buf[1024], hdr[256], *start, *end = NULL, *body = NULL, *type = NULL;
- struct tm tm;
- time_t t;
- ssize_t len, tot = 0;
- int nr = 0;
-
- start = buf;
-
- /* parse method and headers */
- while (end != start)
- {
- len = stream->read(stream, buf + tot, sizeof(buf) - tot, TRUE);
- ck_assert(len > 0);
- tot += len;
-
- while (TRUE)
- {
- end = memchr(start, '\n', tot);
- if (!end)
- {
- break;
- }
- *end = '\0';
- ck_assert(end > buf);
- ck_assert(*(--end) == '\r');
- *end = '\0';
- if (end == start)
- {
- body = end + strlen("\r\n");
- break;
- }
- switch (nr++)
- {
- case 0:
- snprintf(hdr, sizeof(hdr), "%s %s HTTP/1.%u",
- test->meth, test->path, test->minor);
- ck_assert_str_eq(hdr, start);
- break;
- default:
- if (strcasepfx(start, "Content-Length: "))
- {
- ck_assert_int_eq(
- atoi(start + strlen("Content-Length: ")),
- test->req_len);
- }
- if (strcasepfx(start, "Content-Type: "))
- {
- type = start + strlen("Content-Type: ");
- }
- break;
- }
- start = end + strlen("\r\n");
- }
- }
-
- if (test->type)
- {
- ck_assert(type);
- ck_assert_str_eq(type, test->type);
- }
-
- /* request body */
- if (test->req_len)
- {
- ck_assert(stream->read_all(stream, buf + tot,
- test->req_len - (tot - (body - buf))));
- ck_assert(memeq(body, test->req, test->req_len));
- }
-
- if (!test->code)
- {
- test->code = 200;
- }
-
- /* response headers */
- snprintf(buf, sizeof(buf), "HTTP/1.%u %u OK\r\n", test->minor, test->code);
- ck_assert(stream->write_all(stream, buf, strlen(buf)));
-
- /* if the response code indicates an error the following write operations
- * might fail because the client already terminated the TCP connection */
-#define may_fail(test, op) ck_assert(op || !HTTP_SUCCESS(test->code))
-
- t = time(NULL);
- gmtime_r(&t, &tm);
- strftime(buf, sizeof(buf), "%a, %d %b %Y %T %z", &tm);
- may_fail(test, stream->write_all(stream, buf, strlen(buf)));
- snprintf(buf, sizeof(buf), "Server: strongSwan unit test\r\n");
- may_fail(test, stream->write_all(stream, buf, strlen(buf)));
-
- /* rest of response headers */
- snprintf(buf, sizeof(buf), "Content-Type: text/plain\r\n");
- may_fail(test, stream->write_all(stream, buf, strlen(buf)));
- snprintf(buf, sizeof(buf), "Content-Length: %u\r\n", test->res_len);
- may_fail(test, stream->write_all(stream, buf, strlen(buf)));
- snprintf(buf, sizeof(buf), "Connection: close\r\n");
- may_fail(test, stream->write_all(stream, buf, strlen(buf)));
- snprintf(buf, sizeof(buf), "\r\n");
- may_fail(test, stream->write_all(stream, buf, strlen(buf)));
-
- /* response body */
- may_fail(test, stream->write_all(stream, test->res, test->res_len));
- return FALSE;
-}
-
-static test_service_t gtests[] = {
- { "GET", 1, "127.0.0.1", 6543, "/a/test/?b=c", NULL,
- NULL, 0, "\x12\x34", 2, 0 },
- { "GET", 0, "localhost", 6543, "/", NULL,
- NULL, 0, NULL, 0, 0 },
- { "GET", 0, "127.0.0.1", 6543, "/largefile", NULL,
- NULL, 0, large, sizeof(large), 0 },
- { "GET", 1, "[::1]", 6543, "/ipv6-url", NULL,
- NULL, 0, "\x00\r\n\r\x00testdatablabla", 20, 0 },
-};
-
-START_TEST(test_get)
-{
- stream_service_t *service;
- status_t status;
- chunk_t data, expected;
- char uri[256];
-
- lib->processor->set_threads(lib->processor, 8);
-
- snprintf(uri, sizeof(uri), "tcp://%s:%u", gtests[_i].host, gtests[_i].port);
- service = lib->streams->create_service(lib->streams, uri, 1);
- ck_assert(service != NULL);
- service->on_accept(service, servicing, &gtests[_i], JOB_PRIO_HIGH, 0);
-
- snprintf(uri, sizeof(uri), "http://%s:%u%s",
- gtests[_i].host, gtests[_i].port, gtests[_i].path);
- status = lib->fetcher->fetch(lib->fetcher, uri, &data,
- !gtests[_i].minor ? FETCH_HTTP_VERSION_1_0 : FETCH_END,
- FETCH_END);
- ck_assert_int_eq(status, SUCCESS);
- expected = chunk_create(gtests[_i].res, gtests[_i].res_len);
- ck_assert_msg(chunk_compare(expected, data) == 0,
- "exp %B\ngot %B\n", &expected, &data);
- free(data.ptr);
-
- service->destroy(service);
-}
-END_TEST
-
-
-static test_service_t ptests[] = {
- { "POST", 1, "127.0.0.1", 6543, "/a/test/?b=c", "application/binary",
- "\x23\x45", 2, "\x12\x34", 2, 0 },
- { "POST", 0, "localhost", 6543, "/largefile", "application/x-large",
- large, sizeof(large), large, sizeof(large), 0 },
- { "POST", 1, "[::1]", 6543, "/ipv6-url", "text/plain",
- "\x00\r\n\r\x00testdatablabla", 20, "\x00\r\n\r\x00testdatablabla", 20, 0 },
-};
-
-START_TEST(test_post)
-{
- stream_service_t *service;
- status_t status;
- chunk_t data, expected;
- char uri[256];
-
- lib->processor->set_threads(lib->processor, 8);
-
- snprintf(uri, sizeof(uri), "tcp://%s:%u", ptests[_i].host, ptests[_i].port);
- service = lib->streams->create_service(lib->streams, uri, 1);
- ck_assert(service != NULL);
- service->on_accept(service, servicing, &ptests[_i], JOB_PRIO_HIGH, 0);
-
- snprintf(uri, sizeof(uri), "http://%s:%u%s",
- ptests[_i].host, ptests[_i].port, ptests[_i].path);
- status = lib->fetcher->fetch(lib->fetcher, uri, &data,
- FETCH_REQUEST_TYPE, ptests[_i].type,
- FETCH_REQUEST_DATA,
- chunk_create(ptests[_i].req, ptests[_i].req_len),
- !ptests[_i].minor ? FETCH_HTTP_VERSION_1_0 : FETCH_END,
- FETCH_END);
- ck_assert_int_eq(status, SUCCESS);
- expected = chunk_create(ptests[_i].res, ptests[_i].res_len);
- ck_assert_msg(chunk_compare(expected, data) == 0,
- "exp %B\ngot %B\n", &expected, &data);
- free(data.ptr);
-
- service->destroy(service);
-}
-END_TEST
-
-
-static test_service_t rtests[] = {
- { "GET", 1, "localhost", 6544, "/", NULL, NULL, 0, NULL, 0, 200 },
- { "GET", 1, "localhost", 6544, "/", NULL, NULL, 0, NULL, 0, 204 },
- { "GET", 1, "localhost", 6544, "/", NULL, NULL, 0, NULL, 0, 400 },
- { "GET", 1, "localhost", 6544, "/", NULL, NULL, 0, NULL, 0, 404 },
- { "GET", 1, "localhost", 6544, "/", NULL, NULL, 0, NULL, 0, 500 },
-};
-
-START_TEST(test_response_code)
-{
- stream_service_t *service;
- status_t status;
- chunk_t data = chunk_empty;
- char uri[256];
- u_int code;
-
- lib->processor->set_threads(lib->processor, 8);
-
- snprintf(uri, sizeof(uri), "tcp://%s:%u", rtests[_i].host, rtests[_i].port);
- service = lib->streams->create_service(lib->streams, uri, 1);
- ck_assert(service != NULL);
- service->on_accept(service, servicing, &rtests[_i], JOB_PRIO_HIGH, 0);
-
- snprintf(uri, sizeof(uri), "http://%s:%u%s",
- rtests[_i].host, rtests[_i].port, rtests[_i].path);
- status = lib->fetcher->fetch(lib->fetcher, uri, &data,
- FETCH_RESPONSE_CODE, &code, FETCH_END);
- ck_assert_int_eq(status, HTTP_SUCCESS(rtests[_i].code) ? SUCCESS : FAILED);
- ck_assert_int_eq(code, rtests[_i].code);
- free(data.ptr);
-
- service->destroy(service);
-}
-END_TEST
-
-Suite *fetch_http_suite_create()
-{
- Suite *s;
- TCase *tc;
- int no_ipv6 = 0;
-
- s = suite_create("http fetcher");
-
- if (getenv("TESTS_NO_IPV6"))
- {
- no_ipv6 = 1;
- }
-
- tc = tcase_create("GET");
- tcase_add_loop_test(tc, test_get, 0, countof(gtests) - no_ipv6);
- test_case_set_timeout(tc, 10);
- suite_add_tcase(s, tc);
-
- tc = tcase_create("POST");
- tcase_add_loop_test(tc, test_post, 0, countof(ptests) - no_ipv6);
- test_case_set_timeout(tc, 10);
- suite_add_tcase(s, tc);
-
- tc = tcase_create("response code");
- tcase_add_loop_test(tc, test_response_code, 0, countof(rtests));
- test_case_set_timeout(tc, 10);
- suite_add_tcase(s, tc);
-
- return s;
-}
diff --git a/src/libstrongswan/tests/tests.h b/src/libstrongswan/tests/tests.h
index 9ad712d53..cbabcd113 100644
--- a/src/libstrongswan/tests/tests.h
+++ b/src/libstrongswan/tests/tests.h
@@ -60,7 +60,6 @@ TEST_SUITE(rng_tester_suite_create)
TEST_SUITE_DEPEND(mgf1_sha1_suite_create, XOF, XOF_MGF1_SHA1)
TEST_SUITE_DEPEND(mgf1_sha256_suite_create, XOF, XOF_MGF1_SHA256)
TEST_SUITE_DEPEND(prf_plus_suite_create, KDF, KDF_PRF_PLUS)
-TEST_SUITE_DEPEND(fetch_http_suite_create, FETCHER, "http://")
TEST_SUITE_DEPEND(ed25519_suite_create, PRIVKEY_GEN, KEY_ED25519)
TEST_SUITE_DEPEND(ed448_suite_create, PRIVKEY_GEN, KEY_ED448)
TEST_SUITE(signature_params_suite_create)

303
srcpkgs/strongswan/patches/rm-test_stream.patch Normal file
View file

@ -0,0 +1,303 @@
--- a/src/libstrongswan/tests/Makefile.am
+++ b/src/libstrongswan/tests/Makefile.am
@@ -32,7 +32,6 @@ libstrongswan_tests_SOURCES = tests.h tests.c \
suites/test_threading.c \
suites/test_process.c \
suites/test_watcher.c \
- suites/test_stream.c \
suites/test_utils.c \
suites/test_settings.c \
suites/test_vectors.c \
diff --git a/src/libstrongswan/tests/suites/test_stream.c b/src/libstrongswan/tests/suites/test_stream.c
deleted file mode 100644
index b3ee72ff3..000000000
--- a/src/libstrongswan/tests/suites/test_stream.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/*
- * Copyright (C) 2013 Martin Willi
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "test_suite.h"
-
-#include <unistd.h>
-
-static char* services[] = {
-#ifndef WIN32
- "unix:///tmp/strongswan-test-service.sck",
-#endif
- "tcp://127.0.0.1:7766",
- "tcp://[::1]:7766",
-};
-
-static char msg[] = "testmessage";
-static int msglen = 12;
-
-static bool servicing(void *data, stream_t *stream)
-{
- char buf[64];
- ssize_t len, total;
-
- ck_assert(streq((char*)data, "test"));
-
- for (total = 0; total < msglen;)
- {
- len = stream->read(stream, buf, sizeof(buf), TRUE);
- ck_assert(len > 0);
- total += len;
- }
- for (total = 0; total < msglen;)
- {
- len = stream->write(stream, buf, len, TRUE);
- ck_assert(len > 0);
- total += len;
- }
-
- return FALSE;
-}
-
-START_TEST(test_sync)
-{
- char buf[64];
- stream_service_t *service;
- stream_t *stream;
- ssize_t len, total;
-
- lib->processor->set_threads(lib->processor, 8);
-
- service = lib->streams->create_service(lib->streams, services[_i], 1);
- ck_assert(service != NULL);
- service->on_accept(service, servicing, "test", JOB_PRIO_HIGH, 1);
-
- stream = lib->streams->connect(lib->streams, services[_i]);
- ck_assert(stream != NULL);
- for (total = 0; total < msglen;)
- {
- len = stream->write(stream, msg, msglen, TRUE);
- ck_assert(len > 0);
- total += len;
- }
- for (total = 0; total < msglen;)
- {
- len = stream->read(stream, buf, sizeof(buf), TRUE);
- ck_assert(len > 0);
- total += len;
- }
- ck_assert(streq(buf, msg));
- stream->destroy(stream);
-
- service->destroy(service);
-}
-END_TEST
-
-static bool on_write(void *data, stream_t *stream)
-{
- ssize_t len, total;
-
- ck_assert(streq((char*)data, "test-write"));
- for (total = 0; total < msglen;)
- {
- len = stream->write(stream, msg, msglen, TRUE);
- ck_assert(len > 0);
- total += len;
- }
- return FALSE;
-}
-
-static bool read_done = FALSE;
-
-static bool on_read(void *data, stream_t *stream)
-{
- ssize_t len, total;
- char buf[64];
-
- ck_assert(streq((char*)data, "test-read"));
- for (total = 0; total < msglen;)
- {
- len = stream->read(stream, buf, sizeof(buf), TRUE);
- ck_assert(len > 0);
- total += len;
- }
- ck_assert(streq(buf, msg));
- read_done = TRUE;
- return FALSE;
-}
-
-START_TEST(test_async)
-{
- stream_service_t *service;
- stream_t *stream;
-
- lib->processor->set_threads(lib->processor, 8);
-
- service = lib->streams->create_service(lib->streams, services[_i], 1);
- ck_assert(service != NULL);
- service->on_accept(service, servicing, "test", JOB_PRIO_HIGH, 0);
-
- stream = lib->streams->connect(lib->streams, services[_i]);
- ck_assert(stream != NULL);
- read_done = FALSE;
- stream->on_write(stream, (stream_cb_t)on_write, "test-write");
- stream->on_read(stream, (stream_cb_t)on_read, "test-read");
-
- while (!read_done)
- {
- usleep(1000);
- }
- stream->destroy(stream);
-
- service->destroy(service);
-}
-END_TEST
-
-static bool all(void *data, stream_t *stream)
-{
- char buf[64], *pos;
- ssize_t len;
- int i;
-
- pos = buf;
- for (i = 0; i < msglen; i++)
- {
- len = stream->read(stream, pos, 1, TRUE);
- ck_assert_int_eq(len, 1);
- pos += len;
- }
- pos = buf;
- for (i = 0; i < msglen; i++)
- {
- len = stream->write(stream, pos, 1, TRUE);
- ck_assert_int_eq(len, 1);
- pos += len;
- }
-
- return FALSE;
-}
-
-START_TEST(test_all)
-{
- char buf[64];
- stream_service_t *service;
- stream_t *stream;
-
- lib->processor->set_threads(lib->processor, 8);
-
- service = lib->streams->create_service(lib->streams, services[_i], 1);
- ck_assert(service != NULL);
- service->on_accept(service, all, NULL, JOB_PRIO_HIGH, 1);
-
- stream = lib->streams->connect(lib->streams, services[_i]);
- ck_assert(stream != NULL);
- ck_assert(stream->write_all(stream, msg, msglen));
- ck_assert(stream->read_all(stream, buf, msglen));
- ck_assert(streq(buf, msg));
- stream->destroy(stream);
-
- service->destroy(service);
-}
-END_TEST
-
-static bool concurrency(void *data, stream_t *stream)
-{
- static refcount_t refs = 0;
- u_int current;
- ssize_t len;
-
- current = ref_get(&refs);
- ck_assert(current <= 3);
- len = stream->write(stream, "x", 1, TRUE);
- ck_assert_int_eq(len, 1);
- usleep(1000);
- ignore_result(ref_put(&refs));
-
- return FALSE;
-}
-
-START_TEST(test_concurrency)
-{
- stream_service_t *service;
- stream_t *streams[10];
- ssize_t len;
- char x;
- int i;
-
- lib->processor->set_threads(lib->processor, 8);
-
- service = lib->streams->create_service(lib->streams, services[_i], 10);
- ck_assert(service != NULL);
- service->on_accept(service, concurrency, NULL, JOB_PRIO_HIGH, 3);
-
- for (i = 0; i < countof(streams); i++)
- {
- streams[i] = lib->streams->connect(lib->streams, services[_i]);
- ck_assert(streams[i] != NULL);
- }
- for (i = 0; i < countof(streams); i++)
- {
- len = streams[i]->read(streams[i], &x, 1, TRUE);
- ck_assert_int_eq(len, 1);
- ck_assert_int_eq(x, 'x');
- }
- for (i = 0; i < countof(streams); i++)
- {
- streams[i]->destroy(streams[i]);
- }
- service->destroy(service);
-}
-END_TEST
-
-Suite *stream_suite_create()
-{
- Suite *s;
- TCase *tc;
- int count = countof(services);
-
- if (getenv("TESTS_NO_IPV6"))
- {
- count--;
- }
-
- s = suite_create("stream");
-
- tc = tcase_create("sync");
- tcase_add_loop_test(tc, test_sync, 0, count);
- suite_add_tcase(s, tc);
-
- tc = tcase_create("async");
- tcase_add_loop_test(tc, test_async, 0, count);
- suite_add_tcase(s, tc);
-
- tc = tcase_create("all");
- tcase_add_loop_test(tc, test_all, 0, count);
- suite_add_tcase(s, tc);
-
- tc = tcase_create("concurrency");
- tcase_add_loop_test(tc, test_concurrency, 0, count);
- suite_add_tcase(s, tc);
-
- return s;
-}
diff --git a/src/libstrongswan/tests/tests.h b/src/libstrongswan/tests/tests.h
index cbabcd113..0a0e49caf 100644
--- a/src/libstrongswan/tests/tests.h
+++ b/src/libstrongswan/tests/tests.h
@@ -29,7 +29,6 @@ TEST_SUITE(traffic_selector_suite_create)
TEST_SUITE(threading_suite_create)
TEST_SUITE(process_suite_create)
TEST_SUITE(watcher_suite_create)
-TEST_SUITE(stream_suite_create)
TEST_SUITE(utils_suite_create)
TEST_SUITE(settings_suite_create)
TEST_SUITE(vectors_suite_create)

47
srcpkgs/strongswan/template
View file

@ -1,40 +1,41 @@
# Template file for 'strongswan'
pkgname=strongswan
version=5.9.14
version=6.0.0
revision=1
build_style=gnu-configure
# tpm support waits on libtss2
configure_args="--disable-static --enable-blowfish --enable-curl --enable-md4
--enable-openssl --enable-eap-radius --enable-eap-mschapv2 --enable-eap-md5
--enable-eap-radius --enable-eap-mschapv2 --enable-eap-md5
--enable-eap-identity --enable-eap-dynamic --enable-led --enable-ha --enable-dhcp
--enable-mediation --disable-soup --disable-des --enable-chapoly --enable-nm
--enable-pkcs11"
hostmakedepends="pkg-config flex bison python3"
makedepends="gmp-devel libldns-devel unbound-devel libcurl-devel
NetworkManager-devel openssl-devel"
--enable-mediation --disable-soup --enable-chapoly --enable-nm
--enable-pkcs11 --with-capabilities=libcap"
hostmakedepends="pkg-config automake flex bison python3"
makedepends="libldns-devel unbound-devel libcurl-devel
NetworkManager-devel openssl-devel libcap-devel"
depends="iproute2 sqlite"
conf_files="/etc/*.conf /etc/strongswan.d/*.conf /etc/strongswan.d/charon/*.conf /etc/ipsec.secrets"
checkdepends="iana-etc"
conf_files="/etc/strongswan.conf /etc/strongswan.d/*.conf /etc/strongswan.d/charon/*.conf
/etc/swanctl/swanctl.conf"
short_desc="IPsec-based VPN solution, supporting IKEv1/IKEv2 and MOBIKE"
maintainer="Toyam Cox <Vaelatern@voidlinux.org>"
license="GPL-2.0-or-later"
homepage="https://www.strongswan.org/"
changelog="https://raw.githubusercontent.com/strongswan/strongswan/master/NEWS"
distfiles="https://download.strongswan.org/strongswan-${version}.tar.bz2"
checksum=728027ddda4cb34c67c4cec97d3ddb8c274edfbabdaeecf7e74693b54fc33678
make_dirs="/etc/ipsec.d/ 0755 root root
/etc/ipsec.d/aacerts 0755 root root
/etc/ipsec.d/acerts 0755 root root
/etc/ipsec.d/cacerts 0755 root root
/etc/ipsec.d/oscpcerts 0755 root root
/etc/ipsec.d/certs 0755 root root
/etc/ipsec.d/crls 0755 root root
/etc/ipsec.d/reqs 0755 root root
/etc/ipsec.d/private 0750 root root"
# CI checks are currently disabled due to a number of tests failing either as a
# result of GitHub Actions having a networking setup that is incompatible with
# them, or some other issue that is difficult to reproduce locally.
make_check=ci-skip
checksum=72fe58b7523155703b65b08c3cc559c2c9a5c96da54afebd8136f6623e7dda82
make_dirs="/etc/swanctl/conf.d 0755 root root
/etc/swanctl/x509 0755 root root
/etc/swanctl/x509ca 0755 root root
/etc/swanctl/x509aa 0755 root root
/etc/swanctl/x509ocsp 0755 root root
/etc/swanctl/x509crl 0755 root root
/etc/swanctl/x509ac 0755 root root
/etc/swanctl/rsa 0750 root root
/etc/swanctl/ecdsa 0750 root root
/etc/swanctl/pkcs8 0750 root root
/etc/swanctl/pkcs12 0750 root root
/etc/swanctl/private 0750 root root
/etc/swanctl/pubkey 0755 root root"
post_install() {
vsv strongswan