+++ /dev/null
---- freeswan-1.97/Makefile.inc Fri Apr 12 04:37:17 2002
-+++ freeswan-1.97/Makefile.inc.org Wed May 1 18:28:17 2002
-@@ -45,7 +45,7 @@
- DESTDIR=
-
- # "local" part of tree, used in building other pathnames
--INC_USRLOCAL=/usr/local
-+INC_USRLOCAL=/usr
-
- # PUBDIR is where the "ipsec" command goes; beware, many things define PATH
- # settings which are assumed to include it (or at least, to include *some*
-@@ -61,12 +61,12 @@
- # location within INC_USRLOCAL
- INC_MANDIR=man
- # the full pathname
--MANTREE=$(DESTDIR)$(INC_USRLOCAL)/$(INC_MANDIR)
-+MANTREE=$(DESTDIR)$(INC_USRLOCAL)/share/$(INC_MANDIR)
- # all relevant subdirectories of MANTREE
- MANPLACES=man3 man5 man8
-
- # where configuration files go
--FINALCONFDIR=/etc
-+FINALCONFDIR=/etc/ipsec
- CONFDIR=$(DESTDIR)$(FINALCONFDIR)
-
- # An attempt is made to automatically figure out where boot/shutdown scripts
-@@ -74,17 +74,18 @@
- # If none of those exists (or INC_RCDIRS is empty), INC_RCDEFAULT gets them.
- # With a non-null DESTDIR, INC_RCDEFAULT will be used unless one of the
- # INC_RCDIRS directories has been pre-created under DESTDIR.
--INC_RCDIRS=/etc/rc.d/init.d /etc/rc.d /etc/init.d /sbin/init.d
--INC_RCDEFAULT=/etc/rc.d/init.d
-+#INC_RCDIRS=/etc/rc.d/init.d /etc/rc.d /etc/init.d /sbin/init.d
-+#INC_RCDEFAULT=/etc/rc.d/init.d
-
- # RCDIR is where boot/shutdown scripts go; FINALRCDIR is where they think
- # will finally be (so utils/Makefile can create a symlink in BINDIR to the
- # place where the boot/shutdown script will finally be, rather than the
- # place where it is installed).
--FINALRCDIR=$(shell for d in $(INC_RCDIRS) ; \
-- do if test -d $(DESTDIR)/$$d ; \
-- then echo $$d ; exit 0 ; \
-- fi ; done ; echo $(INC_RCDEFAULT) )
-+#FINALRCDIR=$(shell for d in $(INC_RCDIRS) ; \
-+# do if test -d $(DESTDIR)/$$d ; \
-+# then echo $$d ; exit 0 ; \
-+# fi ; done ; echo $(INC_RCDEFAULT) )
-+FINALRCDIR=/etc/rc.d/init.d
- RCDIR=$(DESTDIR)$(FINALRCDIR)
-
-
-@@ -126,8 +127,8 @@
-
- # extra compile flags, for userland and kernel stuff, e.g. -g for debug info
- # (caution, this stuff is still being sorted out, will change in future)
--USERCOMPILE=-g -O3
--KLIPSCOMPILE=-O3
-+USERCOMPILE=$(OPT_FLAGS)
-+KLIPSCOMPILE=$(OPT_FLAGS)
-
- # command used to link/copy KLIPS into kernel source tree
- # There are good reasons why this is "ln -s"; only people like distribution
+++ /dev/null
---- freeswan-1.97/utils/_confread Tue Mar 26 18:49:42 2002
-+++ freeswan-1.97/utils/_confread.org Wed May 1 18:30:05 2002
-@@ -14,7 +14,7 @@
- #
- # RCSID $Id$
- #
--# Extract configuration info from /etc/ipsec.conf, repackage as assignments
-+# Extract configuration info from /etc/ipsec/ipsec.conf, repackage as assignments
- # to shell variables or tab-delimited fields. Success or failure is reported
- # inline, as extra data, due to the vagaries of shell backquote handling.
- # In the absence of --varprefix, output is tab-separated fields, like:
-@@ -41,7 +41,7 @@
- # exit 1
- # fi
-
--config=${IPSEC_CONFS-/etc}/ipsec.conf
-+config=/etc/ipsec/ipsec.conf
- include=yes
- type=conn
- fieldfmt=yes
---- freeswan-1.97/utils/auto Tue Mar 26 06:07:48 2002
-+++ freeswan-1.97/utils/auto.org Wed May 1 18:30:51 2002
-@@ -24,7 +24,7 @@
- other options: [--config ipsecconfigfile] [--verbose] [--show]"
-
- showonly=
--config=
-+config=/etc/ipsec/ipsec.conf
- info=/var/run/ipsec.info
- shopts=
- noinclude=
---- freeswan-1.97/utils/barf Tue Mar 26 18:49:42 2002
-+++ freeswan-1.97/utils/barf.org Wed May 1 18:32:11 2002
-@@ -16,7 +16,7 @@
-
- KERNSRC=${KERNSRC-/usr/src/linux}
- LOGS=${LOGS-/var/log}
--CONFS=${IPSEC_CONFS-/etc}
-+CONFS=/etc/ipsec/ipsec.conf
- me="ipsec barf"
-
- # message patterns that start relevant parts of logs
---- freeswan-1.97/utils/showhostkey Fri Oct 26 18:17:02 2001
-+++ freeswan-1.97/utils/showhostkey.org Wed May 1 18:33:00 2002
-@@ -17,7 +17,7 @@
- me="ipsec showhostkey"
- usage="Usage: $me [--file secrets] [--left] [--right] [--txt gateway] [--id id]"
-
--file=/etc/ipsec.secrets
-+file=/etc/ipsec/ipsec.secrets
- fmt="dns"
- gw=
- id=
+++ /dev/null
---- freeswan-1.97/Makefile Fri Apr 12 06:08:31 2002
-+++ freeswan-1.97/Makefile.org Fri May 3 12:42:39 2002
-@@ -50,7 +50,8 @@
- @false
-
- # everything that's necessary to put Klips into the kernel
--insert: patches klink klipsdefaults
-+.NOTPARALLEL: myprecheck patches klink klipsdefaults
-+insert: myprecheck patches klink klipsdefaults
-
- # create KERNELKLIPS and populate it with symlinks to the sources
- klink:
-@@ -214,6 +215,8 @@
- POST=confcheck programs install kernel
- MPOST=confcheck programs install module
- RPOST=confcheck programs rpminstall module rpmkinstall rpms
-+KMPOST=confcheck programs install kmodule
-+
- ogo: $(PRE) pcf $(POST)
- oldgo: $(PRE) ocf $(POST)
- menugo: $(PRE) mcf $(POST)
-@@ -227,6 +230,7 @@
- oldrpm: $(PRE) ocf $(RPOST)
- menurpm: $(PRE) mcf $(RPOST)
- xrpm: $(PRE) xcf $(RPOST)
-+modgo: $(PRE) ncf $(KMPOST)
-
- # preliminaries
- precheck:
-@@ -256,6 +260,11 @@
- echo '*** please do that first; the results are necessary.' ; \
- exit 1 ; \
- fi
-+myprecheck: myocf
-+
-+myocf: precheck
-+ -cd $(KERNELSRC) ; yes "" | $(MAKE) oldconfig; $(MAKE) include/linux/version.h
-+
-
- # set version code if this is a fresh CVS checkout
- verset:
-@@ -279,6 +288,16 @@
- ocf:
- -cd $(KERNELSRC) ; $(MAKE) $(KERNMAKEOPTS) oldconfig dep </dev/null >/dev/null
-
-+
-+ENTER := "M\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
-+ncf: insert
-+ -cd $(KERNELSRC); echo -e $(ENTER) | $(MAKE) oldconfig
-+
-+ncf_k: ncf
-+ -cd $(KERNELSRC); $(MAKE) dep kernel
-+
-+confcheck: ncf
-+
- rpm:
- mkdir -p ${RPMKERNDIR}
- rm -rf $(RPMTMPDIR)
-@@ -329,6 +348,24 @@
- then set -x ; \
- ( cd $(KERNELSRC) ; \
- $(MAKE) $(KERNMAKEOPTS) modules 2>&1 ) | tee -a out.kbuild ; \
-+
-+ fi
-+ utils/errcheck out.kbuild
-+
-+ # kernel building, with error checks
-+ kmodule: confcheck
-+ rm -f out.kbuild out.kinstall
-+ cp -pf Makefile.ipsec $(KERNELSRC)/net/ipsec/
-+ #( cd $(KERNELSRC) ; $(MAKE) dep kernel) 2>&1 | tee out.kbuild
-+ @if egrep -q '^CONFIG_MODULES=y' $(KCFILE) ; \
-+ then set -x ; \
-+ ( cd $(KERNELSRC)/net/ipsec ; \
-+ ln -sf ../../arch .; ln -sf ../../Rules.make .; cd ../..; \
-+ $(MAKE) -C net/ipsec -f Makefile.ipsec 2>&1 ) | tee -a out.kbuild ; \
-+ rm $(KERNELSRC)/net/ipsec/arch $(KERNELSRC)/net/ipsec/Rules.make; \
-+ else \
-+ echo "BUG: You have to enable modules!"; \
-+ exit 1; \
- fi
- utils/errcheck out.kbuild
-
+++ /dev/null
-CONFIG_IPSEC=m
-CONFIG_IPSEC_IPIP=y
-CONFIG_IPSEC_AH=y
-CONFIG_IPSEC_AUTH_HMAC_MD5=y
-CONFIG_IPSEC_AUTH_HMAC_SHA1=y
-CONFIG_IPSEC_ESP=y
-CONFIG_IPSEC_ENC_3DES=y
-CONFIG_IPSEC_IPCOMP=y
-CONFIG_IPSEC_DEBUG=y
+++ /dev/null
---- freeswan-1.97/utils/Makefile Mon Apr 1 22:05:27 2002
-+++ freeswan-1.97/utils/Makefile.org Wed May 1 18:41:09 2002
-@@ -71,17 +71,19 @@
-
- # generate RSA private key... if, and only if, /etc/ipsec.secrets does
- # not already exist
--BLURB=-- not filled in because ipsec.secrets existed at build time --
-+# BLURB=-- not filled in because ipsec.secrets existed at build time --
-+#
-+# This will be done in %post in spec file
- secrets.eg: secrets.proto ranbits rsasigkey
-- rm -f $@
-- umask 077 ; ( \
-- sed '/yyy/,$$d' secrets.proto ; \
-- if test ! -f $(CONFDIR)/ipsec.secrets ; \
-- then ./rsasigkey --verbose $(RSAKEYBITS) ; \
-- else echo " # $(BLURB)" ; \
-- fi ; \
-- sed '1,/yyy/d' secrets.proto ; \
-- ) | egrep -v RCSID >$@
-+# rm -f $@
-+# umask 077 ; ( \
-+# sed '/yyy/,$$d' secrets.proto ; \
-+# if test ! -f $(CONFDIR)/ipsec.secrets ; \
-+# then ./rsasigkey --verbose $(RSAKEYBITS) ; \
-+# else echo " # $(BLURB)" ; \
-+# fi ; \
-+# sed '1,/yyy/d' secrets.proto ; \
-+# ) | egrep -v RCSID >$@
-
- # force full secrets-file build
- newsecrets:
-@@ -106,8 +108,8 @@
- $(INSTMAN) $(PUB) $$f $(CMANDIR)/ipsec_$$f || exit 1 ; \
- ./manlink $(CMANDIR) ipsec_$$f ; \
- done
-- test -f $(CONFDIR)/ipsec.secrets || \
-- $(INSTCONF) $(PRIV) secrets.eg $(CONFDIR)/ipsec.secrets
-+# test -f $(CONFDIR)/ipsec.secrets || \
-+# $(INSTCONF) $(PRIV) secrets.eg $(CONFDIR)/ipsec.secrets
- test -f $(CONFDIR)/ipsec.conf || \
- $(INSTCONF) $(PUB) conf.eg $(CONFDIR)/ipsec.conf
- # main copy must go in RCDIR, BINDIR may not be mounted at boot time
+++ /dev/null
---- freeswan-1.97/Makefile.module Fri May 3 13:06:04 2002
-+++ freeswan-1.97/Makefile.module.org Fri May 3 12:51:46 2002
-@@ -0,0 +1,27 @@
-+# Makefile for the ipsec (FreeS/WAN) module.
-+# (c) Kloc Piotr <pioklo@pld.org.pl> ,2002-05-03, GNU GPL
-+
-+KDIR=linux
-+TOPDIR=$(KDIR)
-+
-+default: module
-+all: module
-+modules: module
-+
-+module:
-+ $(MAKE) -f Makefile kmodule
-+
-+install: install_mod
-+
-+install_mod:
-+ ( cd $(KDIR)/net/ipsec; \
-+ ln -sf ../../arch .; ln -sf ../../Rules.make .; cd ../..; \
-+ $(MAKE) -C net/ipsec -f Makefile.ipsec ipsecmod_inst )
-+ rm $(KDIR)/net/ipsec/arch $(KDIR)/net/ipsec/Rules.make
-+ $(MAKE) -f Makefile unpatch
-+ ( cd $(KDIR); rm -rf net/ipsec; yes "" | $(MAKE) oldconfig )
-+
-+clean:
-+ $(MAKE) -f Makefile unpatch
-+ rm -rf $(KDIR)/net/ipsec
-+ (cd $(KDIR); yes "" | $(MAKE) oldconfig)
-+
---- freeswan-1.97/Makefile.ipsec Fri May 3 13:14:54 2002
-+++ freeswan-1.97/Makefile.ipsec.org Fri May 3 13:14:43 2002
-@@ -0,0 +1,36 @@
-+# Makefile for the ipsec (FreeS/WAN) driver
-+# (w) 5/2002, pioklo@pld.org.pl
-+
-+KDIR := linux
-+TOPDIR := $(KDIR)
-+
-+TARGET = ipsec.o
-+
-+default: $(TARGET)
-+
-+TOPDIR := $(KDIR)
-+include $(KDIR)/.config
-+include $(KDIR)/Makefile
-+TOPDIR := $(KDIR)
-+
-+CFLAGS := -I$(KDIR)/include $(CFLAGS) -DMODULE
-+ifdef CONFIG_MODVERSIONS
-+CFLAGS += -DMODVERSIONS -include $(KDIR)/include/linux/modversions.h
-+endif
-+
-+include Makefile
-+
-+ifndef MODLIB
-+MODLIB = $(INSTALL_MOD_PATH)/lib/modules/$(KERNELRELEASE)
-+endif
-+
-+ifeq ($(PATCHLEVEL),2)
-+MODSUB := misc
-+else
-+MODSUB := kernel/misc
-+endif
-+
-+ipsecmod_inst:
-+ install -o root -g root -m 0755 -d $(MODLIB)/$(MODSUB)
-+ install -o root -g root -m 0644 ipsec.o $(MODLIB)/$(MODSUB)/
-+
+++ /dev/null
---- freeswan-1.97/utils/manlink Wed Jul 7 05:12:52 1999
-+++ freeswan-1.97/utils/manlink.org Wed May 1 18:41:59 2002
-@@ -49,7 +49,7 @@
- esac
- if test " $ff" != " $m"
- then
-- ln -f -s $m $ff
-+ echo ".so $m" > $ff
- fi
- done
- done
+++ /dev/null
---- freeswan-1.97/klips/net/ipsec/ipcomp.c Fri May 3 14:19:16 2002
-+++ freeswan-1.97/klips/net/ipsec/ipcomp.c.org Fri May 3 14:21:58 2002
-@@ -721,7 +721,6 @@
- #endif /* !NETDEV_23 */
- n->pkt_type=skb->pkt_type;
- #ifndef NETDEV_23
-- n->pkt_bridged=skb->pkt_bridged;
- #endif /* NETDEV_23 */
- n->ip_summed=0;
- n->stamp=skb->stamp;
+++ /dev/null
---- linux/net/ipsec/ipcomp.c Fri Feb 23 17:55:52 2001
-+++ linux/net/ipsec/ipcomp.c.sz Fri Feb 23 18:05:15 2001
-@@ -707,7 +707,6 @@
- n->mac.raw=NULL;
- n->used=skb->used;
- n->pkt_type=skb->pkt_type;
-- n->pkt_bridged=skb->pkt_bridged;
- n->ip_summed=0;
- n->stamp=skb->stamp;
- #if defined(CONFIG_SHAPER) || defined(CONFIG_SHAPER_MODULE)
+++ /dev/null
---- freeswan-1.97/pluto/whack.h Wed May 1 20:29:27 2002
-+++ freeswan-1.97/pluto/whack.h.org Wed May 1 20:30:26 2002
-@@ -205,7 +205,7 @@
- /* options of whack --reread*** command */
-
- #define REREAD_NONE 0x00 /* don't reread anything */
--#define REREAD_SECRETS 0x01 /* reread /etc/ipsec.secrets */
-+#define REREAD_SECRETS 0x01 /* reread /etc/ipsec/ipsec.secrets */
- #define REREAD_MYCERT 0x02 /* reread /etc/x509cert.der (deprecated) */
- #define REREAD_CACERTS 0x04 /* reread certs in /etc/ipsec.d/cacerts */
- #define REREAD_CRLS 0x08 /* reread crls in /etc/ipsec.d/crls */