ipsec-tools: enable DPD and XAUTH.
Also silent tons of compile warnings.
Change-Id: Ia670102b40d6a46a17de5c413a9e444bd26be136
diff --git a/Android.mk b/Android.mk
index f95284b..6425683 100644
--- a/Android.mk
+++ b/Android.mk
@@ -28,11 +28,14 @@
src/racoon/isakmp.c \
src/racoon/isakmp_agg.c \
src/racoon/isakmp_base.c \
+ src/racoon/isakmp_cfg.c \
src/racoon/isakmp_frag.c \
src/racoon/isakmp_ident.c \
src/racoon/isakmp_inf.c \
src/racoon/isakmp_newg.c \
src/racoon/isakmp_quick.c \
+ src/racoon/isakmp_unity.c \
+ src/racoon/isakmp_xauth.c \
src/racoon/ipsec_doi-0.7.3.c \
src/racoon/nattraversal.c \
src/racoon/oakley.c \
@@ -63,6 +66,8 @@
LOCAL_CFLAGS := -DANDROID_CHANGES -DHAVE_CONFIG_H
+LOCAL_CFLAGS += -Wno-sign-compare -Wno-missing-field-initializers
+
LOCAL_MODULE := racoon
include $(BUILD_EXECUTABLE)
@@ -77,6 +82,8 @@
LOCAL_CFLAGS := -DHAVE_CONFIG_H
+LOCAL_CFLAGS += -Wno-sign-compare -Wno-missing-field-initializers
+
LOCAL_C_INCLUDES += \
$(LOCAL_PATH) \
$(LOCAL_PATH)/src/include-glibc \
diff --git a/Makefile b/Makefile
index 06e2a39..1894ff3 100644
--- a/Makefile
+++ b/Makefile
@@ -10,11 +10,14 @@
src/racoon/isakmp.c \
src/racoon/isakmp_agg.c \
src/racoon/isakmp_base.c \
+ src/racoon/isakmp_cfg.c \
src/racoon/isakmp_frag.c \
src/racoon/isakmp_ident.c \
src/racoon/isakmp_inf.c \
src/racoon/isakmp_newg.c \
src/racoon/isakmp_quick.c \
+ src/racoon/isakmp_unity.c \
+ src/racoon/isakmp_xauth.c \
src/racoon/ipsec_doi-0.7.3.c \
src/racoon/nattraversal.c \
src/racoon/oakley.c \
diff --git a/config.h b/config.h
index 87099b5..191c5da 100644
--- a/config.h
+++ b/config.h
@@ -3,7 +3,8 @@
#define ENABLE_NATT_00
#define ENABLE_NATT_02
#define ENABLE_NATT_RFC
-#undef ENABLE_DPD
+#define ENABLE_DPD
+#define ENABLE_HYBRID
#define HAVE_OPENSSL_AES_H
#undef HAVE_OPENSSL_ENGINE_H
diff --git a/setup.c b/setup.c
index c2cb082..3d402fb 100644
--- a/setup.c
+++ b/setup.c
@@ -18,6 +18,7 @@
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <sys/param.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
@@ -49,6 +50,7 @@
#include "plog.h"
#include "admin.h"
#include "privsep.h"
+#include "throttle.h"
#include "misc.h"
static struct localconf localconf;
@@ -426,6 +428,39 @@
path[length - 1] = '\0';
}
+/* grabmyaddr.h */
+
+int myaddr_getsport(struct sockaddr *addr)
+{
+ return 0;
+}
+
+int myaddr_getfd(struct sockaddr *addr)
+{
+#ifdef ENABLE_NATT
+ if (myaddrs[1].fd != -1 &&
+ cmpsaddr(addr, myaddrs[1].addr) == CMPSADDR_MATCH) {
+ return myaddrs[1].fd;
+ }
+#endif
+ if (cmpsaddr(addr, myaddrs[0].addr) < CMPSADDR_MISMATCH) {
+ return myaddrs[0].fd;
+ }
+ return -1;
+}
+
+/* misc.h */
+
+int racoon_hexdump(void *data, size_t length)
+{
+ return 0;
+}
+
+void close_on_exec(int fd)
+{
+ fcntl(fd, F_SETFD, FD_CLOEXEC);
+}
+
/* sainfo.h */
struct sainfo *getsainfo(const vchar_t *src, const vchar_t *dst,
@@ -466,35 +501,20 @@
return 0;
}
-/* grabmyaddr.h */
-
-int myaddr_getsport(struct sockaddr *addr)
+int privsep_accounting_system(int port, struct sockaddr *addr,
+ char *user, int status)
{
return 0;
}
-int myaddr_getfd(struct sockaddr *addr)
+int privsep_xauth_login_system(char *user, char *password)
{
-#ifdef ENABLE_NATT
- if (myaddrs[1].fd != -1 &&
- cmpsaddr(addr, myaddrs[1].addr) == CMPSADDR_MATCH) {
- return myaddrs[1].fd;
- }
-#endif
- if (cmpsaddr(addr, myaddrs[0].addr) < CMPSADDR_MISMATCH) {
- return myaddrs[0].fd;
- }
return -1;
}
-/* misc.h */
+/* throttle.h */
-int racoon_hexdump(void *data, size_t length)
+int throttle_host(struct sockaddr *addr, int fail)
{
return 0;
}
-
-void close_on_exec(int fd)
-{
- fcntl(fd, F_SETFD, FD_CLOEXEC);
-}
diff --git a/src/racoon/isakmp_cfg.c b/src/racoon/isakmp_cfg.c
index 0ec30ee..65703bb 100644
--- a/src/racoon/isakmp_cfg.c
+++ b/src/racoon/isakmp_cfg.c
@@ -38,7 +38,9 @@
#include <sys/socket.h>
#include <sys/queue.h>
+#ifndef ANDROID_PATCHED
#include <utmpx.h>
+#endif
#if defined(__APPLE__) && defined(__MACH__)
#include <util.h>
#endif
@@ -1649,6 +1651,8 @@
}
#endif
+#ifndef ANDROID_PATCHED
+
/*
Logs the user into the utmp system files.
*/
@@ -1707,6 +1711,8 @@
return 0;
}
+#endif
+
int
isakmp_cfg_getconfig(iph1)
struct ph1handle *iph1;
diff --git a/src/racoon/isakmp_cfg.h b/src/racoon/isakmp_cfg.h
index 63fe459..253a17f 100644
--- a/src/racoon/isakmp_cfg.h
+++ b/src/racoon/isakmp_cfg.h
@@ -35,6 +35,13 @@
#include <security/pam_appl.h>
#endif
+#ifdef ANDROID_PATCHED
+#include <arpa/inet.h>
+#ifndef MAXNS
+#define MAXNS 2
+#endif
+#endif
+
/*
* XXX don't forget to update
* src/racoon/handler.c:exclude_cfg_addr()
diff --git a/src/racoon/isakmp_xauth.c b/src/racoon/isakmp_xauth.c
index 853caaa..f9da0e2 100644
--- a/src/racoon/isakmp_xauth.c
+++ b/src/racoon/isakmp_xauth.c
@@ -1256,6 +1256,8 @@
#endif
+#ifndef ANDROID_PATCHED
+
int
xauth_login_system(usr, pwd)
char *usr;
@@ -1293,6 +1295,8 @@
return -1;
}
+#endif
+
int
xauth_group_system(usr, grp)
char * usr;
diff --git a/src/racoon/plog.h b/src/racoon/plog.h
index 6c3ac12..a96b75c 100644
--- a/src/racoon/plog.h
+++ b/src/racoon/plog.h
@@ -55,7 +55,8 @@
#define plogdump(...)
extern void do_plog(int level, char *format, ...);
-extern char* binsanitize(char *binary, size_t size);
+extern char *binsanitize(char *binary, size_t size);
+extern char *pname;
#else