summaryrefslogtreecommitdiffstats
path: root/package/openswan/linux-2.6.21.5-openswan-2.4.8.kernel-2.6-fixup.patch
blob: 729befe341fd44bb35962629cd006bf137f12583 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
diff -rduNp linux-2.6.21.5.openswan28/net/ipsec/ipsec_alg_cryptoapi.c linux-2.6.21.5/net/ipsec/ipsec_alg_cryptoapi.c
--- linux-2.6.21.5.openswan28/net/ipsec/ipsec_alg_cryptoapi.c	2007-06-21 10:44:07.000000000 +0200
+++ linux-2.6.21.5/net/ipsec/ipsec_alg_cryptoapi.c	2007-06-21 23:34:05.000000000 +0200
@@ -197,7 +197,7 @@ static struct ipsec_alg_capi_cipher alg_
  */
 int setup_cipher(const char *ciphername)
 {
-	return crypto_alg_available(ciphername, 0);
+	return crypto_has_alg(ciphername, 0, CRYPTO_ALG_ASYNC);
 }
 
 /*
@@ -272,7 +272,7 @@ static __u8 *
 _capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen)
 {
 	struct ipsec_alg_capi_cipher *cptr;
-	struct crypto_tfm *tfm=NULL;
+	struct crypto_cipher *tfm=NULL;
 
 	cptr = alg->ixt_common.ixt_data;
 	if (!cptr) {
@@ -289,7 +289,7 @@ _capi_new_key (struct ipsec_alg_enc *alg
 	/*	
 	 *	alloc tfm
 	 */
-	tfm = crypto_alloc_tfm(cptr->ciphername, CRYPTO_TFM_MODE_CBC);
+	tfm = crypto_alloc_cipher(cptr->ciphername, 0, CRYPTO_ALG_ASYNC);
 	if (!tfm) {
 		printk(KERN_ERR "_capi_new_key(): "
 				"NULL tfm for \"%s\" cryptoapi (\"%s\") algo\n" 
@@ -300,7 +300,7 @@ _capi_new_key (struct ipsec_alg_enc *alg
 		printk(KERN_ERR "_capi_new_key(): "
 				"failed new_key() for \"%s\" cryptoapi algo (keylen=%d)\n" 
 			, alg->ixt_common.ixt_name, keylen);
-		crypto_free_tfm(tfm);
+		crypto_free_cipher(tfm);
 		tfm=NULL;
 	}
 err:
@@ -317,23 +317,26 @@ err:
 static int 
 _capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) {
 	int error =0;
-	struct crypto_tfm *tfm=(struct crypto_tfm *)key_e;
+	struct crypto_blkcipher *tfm=(struct crypto_blkcipher *)key_e;
+	struct blkcipher_desc desc;
 	struct scatterlist sg = { 
 		.page = virt_to_page(in),
 		.offset = (unsigned long)(in) % PAGE_SIZE,
 		.length=ilen,
 	};
+	desc.tfm = tfm;
+	desc.flags = 0;
 	if (debug_crypto > 1)
 		printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
 				"key_e=%p "
 				"in=%p out=%p ilen=%d iv=%p encrypt=%d\n"
 				, key_e
 				, in, in, ilen, iv, encrypt);
-	crypto_cipher_set_iv(tfm, iv, crypto_tfm_alg_ivsize(tfm));
+	crypto_blkcipher_set_iv(tfm, iv, crypto_blkcipher_ivsize(tfm));
 	if (encrypt)
-		error = crypto_cipher_encrypt (tfm, &sg, &sg, ilen);
+		error = crypto_blkcipher_encrypt (&desc, &sg, &sg, ilen);
 	else
-		error = crypto_cipher_decrypt (tfm, &sg, &sg, ilen);
+		error = crypto_blkcipher_decrypt (&desc, &sg, &sg, ilen);
 	if (debug_crypto > 1)
 		printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
 				"error=%d\n"
@@ -370,8 +373,9 @@ setup_cipher_list (struct ipsec_alg_capi
 		 * 	use a local ci to avoid touching cptr->ci,
 		 * 	if register ipsec_alg success then bind cipher
 		 */
-		if(cptr->alg.ixt_common.ixt_support.ias_name == NULL) {
-		  cptr->alg.ixt_common.ixt_support.ias_name = cptr->ciphername;
+		if (cptr->alg.ixt_common.ixt_support.ias_name == NULL) {
+printk(KERN_DEBUG "klips_debug: ias_name was nil\n");
+//		  cptr->alg.ixt_common.ixt_support.ias_name = cptr->ciphername;
 		}
 
 		if( setup_cipher(cptr->ciphername) ) {
diff -rduNp linux-2.6.21.5.openswan28/net/ipsec/sysctl_net_ipsec.c linux-2.6.21.5/net/ipsec/sysctl_net_ipsec.c
--- linux-2.6.21.5.openswan28/net/ipsec/sysctl_net_ipsec.c	2007-06-21 10:44:07.000000000 +0200
+++ linux-2.6.21.5/net/ipsec/sysctl_net_ipsec.c	2007-06-21 22:33:51.000000000 +0200
@@ -74,45 +74,45 @@ enum {
 static ctl_table ipsec_table[] = {
 #ifdef CONFIG_KLIPS_DEBUG
 	{ NET_IPSEC_DEBUG_AH, "debug_ah", &debug_ah,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_ESP, "debug_esp", &debug_esp,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_TUNNEL, "debug_tunnel", &debug_tunnel,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_EROUTE, "debug_eroute", &debug_eroute,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_SPI, "debug_spi", &debug_spi,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_RADIJ, "debug_radij", &debug_radij,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_NETLINK, "debug_netlink", &debug_netlink,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_XFORM, "debug_xform", &debug_xform,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_RCV, "debug_rcv", &debug_rcv,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_PFKEY, "debug_pfkey", &debug_pfkey,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_DEBUG_VERBOSE, "debug_verbose",&sysctl_ipsec_debug_verbose,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 #ifdef CONFIG_KLIPS_IPCOMP
 	{ NET_IPSEC_DEBUG_IPCOMP, "debug_ipcomp", &sysctl_ipsec_debug_ipcomp,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 #endif /* CONFIG_KLIPS_IPCOMP */
 
 #ifdef CONFIG_KLIPS_REGRESS
 	{ NET_IPSEC_REGRESS_PFKEY_LOSSAGE, "pfkey_lossage",
 	  &sysctl_ipsec_regress_pfkey_lossage,
-	  sizeof(int), 0644, NULL, &proc_dointvec},
+	  sizeof(int), 0644,  &proc_dointvec},
 #endif /* CONFIG_KLIPS_REGRESS */
 
 #endif /* CONFIG_KLIPS_DEBUG */
 	{ NET_IPSEC_ICMP, "icmp", &sysctl_ipsec_icmp,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_INBOUND_POLICY_CHECK, "inbound_policy_check", &sysctl_ipsec_inbound_policy_check,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644,  &proc_dointvec},
 	{ NET_IPSEC_TOS, "tos", &sysctl_ipsec_tos,
-	  sizeof(int), 0644, NULL, &proc_dointvec},    
+	  sizeof(int), 0644, &proc_dointvec},
 	{0}
 };
 
@@ -130,7 +130,7 @@ static struct ctl_table_header *ipsec_ta
 
 int ipsec_sysctl_register(void)
 {
-        ipsec_table_header = register_sysctl_table(ipsec_root_table, 0);
+        ipsec_table_header = register_sysctl_table(ipsec_root_table);
         if (!ipsec_table_header) {
                 return -ENOMEM;
 	}