[yocto] [meta-cgl][PATCH] racoon2: add new recipe
Yi Zhao
yi.zhao at windriver.com
Thu Jun 15 17:40:44 PDT 2017
在 2017年06月15日 23:37, Adrian Dudau 写道:
> On fre, 2017-06-09 at 14:17 +0800, yi.zhao at windriver.com wrote:
>> From: Yi Zhao <yi.zhao at windriver.com>
>>
>> The Racoon2 project is a joint effort which provides an
>> implementation
>> of key management system for IPsec. It supports IKEv1, IKEv2, and
>> KINK
>> protocols.
>>
>> Signed-off-by: Yi Zhao <yi.zhao at windriver.com>
>> ---
>> .../recipes-cgl/racoon2/racoon2/iked.service | 14 +
>> .../racoon2-Add-Value-to-HAVE_NSSWITCH_CONF.patch | 32 +++
>> .../racoon2/racoon2/racoon2-DESTDIR.patch | 202
>> +++++++++++++++
>> .../racoon2/racoon2-Remove-INSTALL_OPTS.patch | 87 +++++++
>> .../racoon2/racoon2-configure-autoheader.patch | 60 +++++
>> .../racoon2/racoon2/racoon2-configure-memcmp.patch | 32 +++
>> ...oon2-configure.in-remove-redundant-macros.patch | 199
>> +++++++++++++++
>> .../racoon2-correct-openssl-include-path.patch | 70 +++++
>> .../racoon2/racoon2-disable-hard-limit-timer.patch | 80 ++++++
>> .../racoon2/racoon2-fix-configure-error.patch | 50 ++++
>> .../racoon2/racoon2-fix-hardcoded-sysconfdir.patch | 281
>> +++++++++++++++++++++
>> .../racoon2/racoon2-fix-rekeying-reply.patch | 28 ++
>> .../racoon2-fix-sadb_msg_seq-collision.patch | 41 +++
>> ...oon2-fix-target-perl-path-to-generate-RPM.patch | 86 +++++++
>> .../racoon2/racoon2-fwrite-return-value.patch | 34 +++
>> .../racoon2/racoon2/racoon2-iked-initscript.patch | 34 +++
>> .../racoon2/racoon2-iked-needs-libcrypto.patch | 34 +++
>> .../racoon2/racoon2/racoon2-kinkd-initscript.patch | 34 +++
>> .../racoon2/racoon2-reenable-the-ipv6-check.patch | 65 +++++
>> .../racoon2-remove-deprecated-do-clause.patch | 19 ++
>> .../racoon2-removed-conflicting-prototypes.patch | 51 ++++
>> .../racoon2/racoon2/racoon2-spmd-initscript.patch | 33 +++
>> .../recipes-cgl/racoon2/racoon2/spmd.service | 12 +
>> .../racoon2/racoon2/volatiles.99_racoon2 | 1 +
>> .../recipes-cgl/racoon2/racoon2_20100526a.bb | 104 ++++++++
>> 25 files changed, 1683 insertions(+)
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/iked.service
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-Add-Value-to-HAVE_NSSWITCH_CONF.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-DESTDIR.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-Remove-INSTALL_OPTS.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-configure-autoheader.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-configure-memcmp.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-configure.in-remove-redundant-
>> macros.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-correct-openssl-include-path.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-disable-hard-limit-timer.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-configure-error.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-hardcoded-sysconfdir.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-rekeying-reply.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-sadb_msg_seq-collision.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-target-perl-path-to-generate-
>> RPM.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fwrite-return-value.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-iked-initscript.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-iked-needs-libcrypto.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-kinkd-initscript.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-reenable-the-ipv6-check.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-remove-deprecated-do-clause.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-removed-conflicting-prototypes.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-spmd-initscript.patch
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/spmd.service
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/volatiles.99_racoon2
>> create mode 100644 meta-cgl-common/recipes-
>> cgl/racoon2/racoon2_20100526a.bb
>
> ./racoon2-iked-initscript.patch
> ./racoon2-kinkd-initscript.patch
> ./racoon2-spmd-initscript.patch
>
> These patches are missing the Upstream-Status tag. Also, it might be
> useful to include some comments on what some of these patches do and
> why they're needed, for future recipe updates.
>
> Otherwise the recipe looks good and builds fine.
>
> Adrian
Thanks. I will send V2
Yi
>
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/iked.service
>> b/meta-cgl-common/recipes-cgl/racoon2/racoon2/iked.service
>> new file mode 100644
>> index 0000000..3ec4f96
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/iked.service
>> @@ -0,0 +1,14 @@
>> +[Unit]
>> +Description=daemon for the Internet Key Exchange
>> +After=syslog.target network.target spmd.service
>> +Requires=spmd.service
>> +
>> +[Service]
>> +Type=forking
>> +PIDFile=/var/run/iked.pid
>> +ExecStart=@SBINDIR@/iked
>> +ExecReload=@BASE_BINDIR@/kill -HUP $MAINPID
>> +SuccessExitStatus=1
>> +
>> +[Install]
>> +WantedBy=multi-user.target
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-Add-
>> Value-to-HAVE_NSSWITCH_CONF.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-Add-Value-to-HAVE_NSSWITCH_CONF.patch
>> new file mode 100644
>> index 0000000..9ca88a8
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-Add-Value-
>> to-HAVE_NSSWITCH_CONF.patch
>> @@ -0,0 +1,32 @@
>> +From 2ad8c9b2e99be296fc7c7bf94161a53aa3984b24 Mon Sep 17 00:00:00
>> 2001
>> +From: Aws Ismail <aws.ismail at windriver.com>
>> +Date: Tue, 23 Oct 2012 18:07:23 -0400
>> +Subject: [PATCH 2/3] Add Value to HAVE_NSSWITCH_CONF
>> +
>> +Use a more verbose form of AC_DEFINE
>> +to force value of "1" to
>> +HAVE_NSSWITCH_CONF macro.
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Aws Ismail <aws.ismail at windriver.com>
>> +---
>> + spmd/configure.in | 2 +-
>> + 1 files changed, 1 insertions(+), 1 deletions(-)
>> +
>> +diff --git a/spmd/configure.in b/spmd/configure.in
>> +index c149c2d..c079c56 100644
>> +--- a/spmd/configure.in
>> ++++ b/spmd/configure.in
>> +@@ -91,7 +91,7 @@ case "$target" in
>> + ;;
>> + *)
>> + AC_MSG_RESULT(use /etc/nsswitch.conf)
>> +- AC_DEFINE(HAVE_NSSWITCH_CONF)
>> ++ AC_DEFINE(HAVE_NSSWITCH_CONF, [1], [Define if
>> nsswitch conf file exists])
>> + ;;
>> + esac
>> +
>> +--
>> +1.7.0.4
>> +
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> DESTDIR.patch b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> DESTDIR.patch
>> new file mode 100644
>> index 0000000..b2a0eac
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> DESTDIR.patch
>> @@ -0,0 +1,202 @@
>> +Enable non-standard destdir
>> +
>> +Add in $(DESTDIR) to all the install lines,
>> +so that we can get things installed into a
>> +non-standard location.
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-of-by: Aws Ismail <aws.ismail at windriver.com>
>> +
>> +diff -r -u a/iked/Makefile.in b/iked/Makefile.in
>> +--- a/iked/Makefile.in
>> ++++ b/iked/Makefile.in
>> +@@ -66,16 +66,16 @@
>> + install: install-prog install-doc
>> +
>> + install-prog: $(PROG)
>> +- $(INSTALL) -d $(sbindir)
>> +- $(INSTALL_PROGRAM) $(PROG) $(sbindir)
>> ++ $(INSTALL) -d $(DESTDIR)$(sbindir)
>> ++ $(INSTALL_PROGRAM) $(PROG) $(DESTDIR)$(sbindir)
>> +
>> + install-doc:
>> +- $(INSTALL) -d $(mandir)/man8
>> ++ $(INSTALL) -d $(DESTDIR)$(mandir)/man8
>> + # not friendly with -n :-(
>> + sysconfdir="$$(echo '$(sysconfdir)' | sed 's/%/\\\%/g')"; \
>> + for f in $(MAN); do \
>> + sed -e s%\@sysconfdir\@%"$$sysconfdir"%g < $$f >
>> $${f}.tmp; \
>> +- $(INSTALL_DATA) $${f}.tmp
>> $(mandir)/man$${f##*.}/$$f; \
>> ++ $(INSTALL_DATA) $${f}.tmp
>> $(DESTDIR)$(mandir)/man$${f##*.}/$$f; \
>> + rm $${f}.tmp; \
>> + done
>> +
>> +diff -r -u a/kinkd/Makefile.in b/kinkd/Makefile.in
>> +--- a/kinkd/Makefile.in
>> ++++ b/kinkd/Makefile.in
>> +@@ -46,14 +46,14 @@
>> + ../lib/libracoon.a: # check its timestamp only when
>> there is.
>> +
>> + install: all
>> +- $(INSTALL) -d $(sbindir)
>> +- $(INSTALL_PROGRAM) $(PROG) $(sbindir)
>> +- $(INSTALL) -d $(mandir)/man8
>> ++ $(INSTALL) -d $(DESTDIR)$(sbindir)
>> ++ $(INSTALL_PROGRAM) $(PROG) $(DESTDIR)$(sbindir)
>> ++ $(INSTALL) -d $(DESTDIR)$(mandir)/man8
>> + # not friendly with -n :-(
>> + sysconfdir="$$(echo '$(sysconfdir)' | sed 's/%/\\\%/g')"; \
>> + for f in $(MAN); do \
>> + sed -e s%\@sysconfdir\@%"$$sysconfdir"%g < $$f >
>> $${f}.tmp; \
>> +- $(INSTALL_DATA) $${f}.tmp
>> $(mandir)/man$${f##*.}/$$f; \
>> ++ $(INSTALL_DATA) $${f}.tmp
>> $(DESTDIR)$(mandir)/man$${f##*.}/$$f; \
>> + rm $${f}.tmp; \
>> + done
>> +
>> +diff -r -u a/pskgen/Makefile.in b/pskgen/Makefile.in
>> +--- a/pskgen/Makefile.in
>> ++++ b/pskgen/Makefile.in
>> +@@ -17,10 +17,10 @@
>> + all:
>> +
>> + install: all
>> +- $(INSTALL) -d $(sbindir)
>> +- $(INSTALL_SCRIPT) $(PROG) $(sbindir)
>> +- $(INSTALL_DATA) $(PROG).8 $(mandir)/man8
>> +- $(INSTALL) -d $(prefix)/etc/racoon2
>> ++ $(INSTALL) -d $(DESTDIR)$(sbindir)
>> ++ $(INSTALL_SCRIPT) $(PROG) $(DESTDIR)$(sbindir)
>> ++ $(INSTALL_DATA) $(PROG).8 $(DESTDIR)$(mandir)/man8
>> ++ $(INSTALL) -d $(DESTDIR)$(prefix)/etc/racoon2
>> + sh ./autogen.spmd.pwd
>> +
>> + depend:
>> +diff -r -u a/samples/Makefile.in b/samples/Makefile.in
>> +--- a/samples/Makefile.in
>> ++++ b/samples/Makefile.in
>> +@@ -12,60 +12,60 @@
>> + all:
>> +
>> + install: all install-startup- at startup_scripts@ install-samples
>> install-hook
>> +- $(INSTALL) -d -o 0 -g 0 -m 700 /var/run/racoon2
>> ++ $(INSTALL) -d -o 0 -g 0 -m 700 $(DESTDIR)/var/run/racoon2
>> +
>> + install-samples:
>> +- $(INSTALL) -d $(sysconfdir)
>> +- $(INSTALL) -m 600 racoon2.conf
>> $(sysconfdir)/racoon2.conf.sample
>> +- $(INSTALL) -m 600 vals.conf $(sysconfdir)/vals.conf.sample
>> +- $(INSTALL) -m 600 default.conf
>> $(sysconfdir)/default.conf.sample
>> +- $(INSTALL) -m 600 transport_ike.conf
>> $(sysconfdir)/transport_ike.conf.sample
>> +- $(INSTALL) -m 600 tunnel_ike.conf
>> $(sysconfdir)/tunnel_ike.conf.sample
>> +- $(INSTALL) -m 600 tunnel_ike_natt.conf
>> $(sysconfdir)/tunnel_ike_natt.conf.sample
>> +- $(INSTALL) -m 600 transport_kink.conf
>> $(sysconfdir)/transport_kink.conf.sample
>> +- $(INSTALL) -m 600 tunnel_kink.conf
>> $(sysconfdir)/tunnel_kink.conf.sample
>> +- $(INSTALL) -m 600 local-test.conf $(sysconfdir)/local-
>> test.conf.sample
>> +- $(INSTALL) -d -m 700 $(sysconfdir)/psk
>> +- $(INSTALL) -d -m 700 $(sysconfdir)/cert
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)
>> ++ $(INSTALL) -m 600 racoon2.conf
>> $(DESTDIR)$(sysconfdir)/racoon2.conf.sample
>> ++ $(INSTALL) -m 600 vals.conf
>> $(DESTDIR)$(sysconfdir)/vals.conf.sample
>> ++ $(INSTALL) -m 600 default.conf
>> $(DESTDIR)$(sysconfdir)/default.conf.sample
>> ++ $(INSTALL) -m 600 transport_ike.conf
>> $(DESTDIR)$(sysconfdir)/transport_ike.conf.sample
>> ++ $(INSTALL) -m 600 tunnel_ike.conf
>> $(DESTDIR)$(sysconfdir)/tunnel_ike.conf.sample
>> ++ $(INSTALL) -m 600 tunnel_ike_natt.conf
>> $(DESTDIR)$(sysconfdir)/tunnel_ike_natt.conf.sample
>> ++ $(INSTALL) -m 600 transport_kink.conf
>> $(DESTDIR)$(sysconfdir)/transport_kink.conf.sample
>> ++ $(INSTALL) -m 600 tunnel_kink.conf
>> $(DESTDIR)$(sysconfdir)/tunnel_kink.conf.sample
>> ++ $(INSTALL) -m 600 local-test.conf
>> $(DESTDIR)$(sysconfdir)/local-test.conf.sample
>> ++ $(INSTALL) -d -m 700 $(DESTDIR)$(sysconfdir)/psk
>> ++ $(INSTALL) -d -m 700 $(DESTDIR)$(sysconfdir)/cert
>> +
>> + install-startup-rc-d:
>> +- $(INSTALL) -d $(sysconfdir)/rc.d
>> +- $(INSTALL_SCRIPT) rc.d-iked $(sysconfdir)/rc.d/iked
>> +- $(INSTALL_SCRIPT) rc.d-kinkd $(sysconfdir)/rc.d/kinkd
>> +- $(INSTALL_SCRIPT) rc.d-spmd $(sysconfdir)/rc.d/spmd
>> +- $(INSTALL_SCRIPT) rc.d-racoon2 $(sysconfdir)/rc.d/racoon2
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/rc.d
>> ++ $(INSTALL_SCRIPT) rc.d-iked
>> $(DESTDIR)$(sysconfdir)/rc.d/iked
>> ++ $(INSTALL_SCRIPT) rc.d-kinkd
>> $(DESTDIR)$(sysconfdir)/rc.d/kinkd
>> ++ $(INSTALL_SCRIPT) rc.d-spmd
>> $(DESTDIR)$(sysconfdir)/rc.d/spmd
>> ++ $(INSTALL_SCRIPT) rc.d-racoon2
>> $(DESTDIR)$(sysconfdir)/rc.d/racoon2
>> +
>> + install-startup-init-d:
>> +- $(INSTALL) -d $(sysconfdir)/init.d
>> +- $(INSTALL_SCRIPT) init.d-iked $(sysconfdir)/init.d/iked
>> +- $(INSTALL_SCRIPT) init.d-kinkd $(sysconfdir)/init.d/kinkd
>> +- $(INSTALL_SCRIPT) init.d-spmd $(sysconfdir)/init.d/spmd
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/init.d
>> ++ $(INSTALL_SCRIPT) init.d-iked
>> $(DESTDIR)$(sysconfdir)/init.d/iked
>> ++ $(INSTALL_SCRIPT) init.d-kinkd
>> $(DESTDIR)$(sysconfdir)/init.d/kinkd
>> ++ $(INSTALL_SCRIPT) init.d-spmd
>> $(DESTDIR)$(sysconfdir)/init.d/spmd
>> +
>> + install-startup-none:
>> +
>> + install-hook:
>> +- $(INSTALL) -d $(sysconfdir)/hook
>> +- $(INSTALL_DATA) functions $(sysconfdir)/hook
>> +- $(INSTALL) -d $(sysconfdir)/hook/ikesa-up.d
>> +- $(INSTALL_SCRIPT) ikesa-up $(sysconfdir)/hook
>> +- $(INSTALL) -d $(sysconfdir)/hook/ikesa-down.d
>> +- $(INSTALL_SCRIPT) ikesa-down $(sysconfdir)/hook
>> +- $(INSTALL) -d $(sysconfdir)/hook/ikesa-rekey.d
>> +- $(INSTALL_SCRIPT) ikesa-rekey $(sysconfdir)/hook
>> +- $(INSTALL) -d $(sysconfdir)/hook/child-up.d
>> +- $(INSTALL_SCRIPT) child-up $(sysconfdir)/hook
>> +- $(INSTALL) -d $(sysconfdir)/hook/child-down.d
>> +- $(INSTALL_SCRIPT) child-down $(sysconfdir)/hook
>> +- $(INSTALL) -d $(sysconfdir)/hook/child-rekey.d
>> +- $(INSTALL_SCRIPT) child-rekey $(sysconfdir)/hook
>> +- $(INSTALL) -d $(sysconfdir)/hook/migration.d
>> +- $(INSTALL_SCRIPT) migration $(sysconfdir)/hook
>> +- $(INSTALL_SCRIPT) 00ikesaup_sample
>> $(sysconfdir)/hook/ikesa-up.d
>> +- $(INSTALL_SCRIPT) 00childup_sample
>> $(sysconfdir)/hook/child-up.d
>> +- $(INSTALL) -d $(sysconfdir)/hook/ph1-up.d
>> +- $(INSTALL_SCRIPT) ph1-up $(sysconfdir)/hook
>> +- $(INSTALL) -d $(sysconfdir)/hook/ph1-down.d
>> +- $(INSTALL_SCRIPT) ph1-down $(sysconfdir)/hook
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL_DATA) functions $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook/ikesa-up.d
>> ++ $(INSTALL_SCRIPT) ikesa-up $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook/ikesa-down.d
>> ++ $(INSTALL_SCRIPT) ikesa-down $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook/ikesa-rekey.d
>> ++ $(INSTALL_SCRIPT) ikesa-rekey $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook/child-up.d
>> ++ $(INSTALL_SCRIPT) child-up $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook/child-down.d
>> ++ $(INSTALL_SCRIPT) child-down $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook/child-rekey.d
>> ++ $(INSTALL_SCRIPT) child-rekey $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook/migration.d
>> ++ $(INSTALL_SCRIPT) migration $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL_SCRIPT) 00ikesaup_sample
>> $(DESTDIR)$(sysconfdir)/hook/ikesa-up.d
>> ++ $(INSTALL_SCRIPT) 00childup_sample
>> $(DESTDIR)$(sysconfdir)/hook/child-up.d
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook/ph1-up.d
>> ++ $(INSTALL_SCRIPT) ph1-up $(DESTDIR)$(sysconfdir)/hook
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)/hook/ph1-down.d
>> ++ $(INSTALL_SCRIPT) ph1-down $(DESTDIR)$(sysconfdir)/hook
>> +
>> + # empty
>> + depend:
>> +diff -r -u a/spmd/Makefile.in b/spmd/Makefile.in
>> +--- a/spmd/Makefile.in
>> ++++ b/spmd/Makefile.in
>> +@@ -38,11 +38,11 @@
>> + spmdctl.o: spmd_internal.h
>> +
>> + install: all
>> +- $(INSTALL_DIR) $(sbindir)
>> +- $(INSTALL_PROGRAM) $(DAEMON) $(sbindir)
>> +- $(INSTALL_PROGRAM) $(COMMAND) $(sbindir)
>> +- $(INSTALL_DIR) $(man8dir)
>> +- $(INSTALL_DATA) $(MANFILES) $(man8dir)
>> ++ $(INSTALL_DIR) $(DESTDIR)$(sbindir)
>> ++ $(INSTALL_PROGRAM) $(DAEMON) $(DESTDIR)$(sbindir)
>> ++ $(INSTALL_PROGRAM) $(COMMAND) $(DESTDIR)$(sbindir)
>> ++ $(INSTALL_DIR) $(DESTDIR)$(man8dir)
>> ++ $(INSTALL_DATA) $(MANFILES) $(DESTDIR)$(man8dir)
>> +
>> + clean:
>> + -rm -f $(TARGET) *.o $(COMMAND)
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> Remove-INSTALL_OPTS.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-Remove-INSTALL_OPTS.patch
>> new file mode 100644
>> index 0000000..5e0d2e7
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-Remove-
>> INSTALL_OPTS.patch
>> @@ -0,0 +1,87 @@
>> +From f9c98441876ae1d426ef4fcad3fef389be3adb25 Mon Sep 17 00:00:00
>> 2001
>> +From: Aws Ismail <aws.ismail at windriver.com>
>> +Date: Tue, 23 Oct 2012 18:16:34 -0400
>> +Subject: [PATCH 3/3] Remove @INSTALL_OPTS@
>> +
>> +Removed the redundant @INSTALL_OPTS@
>> +which could give an error during installation
>> +
>> +Upstream-Status: Inappropriate [embedded specific]
>> +
>> +Signed-off-by: Aws Ismail <aws.ismail at windriver.com>
>> +---
>> + iked/Makefile.in | 2 +-
>> + kinkd/Makefile.in | 2 +-
>> + pskgen/Makefile.in | 2 +-
>> + samples/Makefile.in | 2 +-
>> + spmd/Makefile.in | 2 +-
>> + 5 files changed, 5 insertions(+), 5 deletions(-)
>> +
>> +diff --git a/iked/Makefile.in b/iked/Makefile.in
>> +index acb355f..8dfa69c 100644
>> +--- a/iked/Makefile.in
>> ++++ b/iked/Makefile.in
>> +@@ -22,7 +22,7 @@ host_cpu = @host_cpu@
>> + host_vendor = @host_vendor@
>> + host_os = @host_os@
>> + CC = @CC@
>> +-INSTALL = @INSTALL@ @INSTALL_OPTS@
>> ++INSTALL = @INSTALL@
>> + INSTALL_PROGRAM = @INSTALL_PROGRAM@
>> + INSTALL_SCRIPT= @INSTALL_SCRIPT@
>> + INSTALL_DATA = @INSTALL_DATA@
>> +diff --git a/kinkd/Makefile.in b/kinkd/Makefile.in
>> +index b3c52a7..b14ff35 100644
>> +--- a/kinkd/Makefile.in
>> ++++ b/kinkd/Makefile.in
>> +@@ -12,7 +12,7 @@ CPPFLAGS=@CPPFLAGS@ @DEFS@
>> -DRACOON2_CONFIG_DIR=\"$(sysconfdir)\"
>> + LDFLAGS =@LDFLAGS@
>> + LIBS =@LIBS@
>> + CFLAGS =@CFLAGS@ $(OPTFLAG)
>> +-INSTALL =@INSTALL@ @INSTALL_OPTS@
>> ++INSTALL =@INSTALL@
>> + INSTALL_PROGRAM=@INSTALL_PROGRAM@
>> + INSTALL_DATA=@INSTALL_DATA@
>> + MKDEP =@MKDEP@
>> +diff --git a/pskgen/Makefile.in b/pskgen/Makefile.in
>> +index 2d5092d..ff0d374 100644
>> +--- a/pskgen/Makefile.in
>> ++++ b/pskgen/Makefile.in
>> +@@ -7,7 +7,7 @@ sbindir=@sbindir@
>> + sysconfdir=@sysconfdir@
>> + mandir=@mandir@
>> +
>> +-INSTALL =@INSTALL@ @INSTALL_OPTS@
>> ++INSTALL =@INSTALL@
>> + INSTALL_PROGRAM=@INSTALL_PROGRAM@
>> + INSTALL_SCRIPT=@INSTALL_SCRIPT@
>> + INSTALL_DATA=@INSTALL_DATA@
>> +diff --git a/samples/Makefile.in b/samples/Makefile.in
>> +index 5f6c3ea..f0d488b 100644
>> +--- a/samples/Makefile.in
>> ++++ b/samples/Makefile.in
>> +@@ -3,7 +3,7 @@
>> + srcdir=@srcdir@
>> + prefix=@prefix@
>> + sysconfdir=@sysconfdir@
>> +-INSTALL =@INSTALL@ @INSTALL_OPTS@
>> ++INSTALL =@INSTALL@
>> + INSTALL_PROGRAM=@INSTALL_PROGRAM@
>> + INSTALL_DATA=@INSTALL_DATA@
>> + INSTALL_SCRIPT=@INSTALL_SCRIPT@
>> +diff --git a/spmd/Makefile.in b/spmd/Makefile.in
>> +index 9b13ef2..6a78d33 100644
>> +--- a/spmd/Makefile.in
>> ++++ b/spmd/Makefile.in
>> +@@ -4,7 +4,7 @@ CFLAGS = @CFLAGS@ @CPPFLAGS@ @DEFS@
>> -DSYSCONFDIR=\"${sysconfdir}\"
>> + # CFLAGS +=-DSADB_X_MIGRATE
>> + LDFLAGS = @LDFLAGS@
>> + LIBS = @LIBS@
>> +-INSTALL=@INSTALL@ @INSTALL_OPTS@
>> ++INSTALL=@INSTALL@
>> + INSTALL_PROGRAM=@INSTALL_PROGRAM@
>> + INSTALL_DATA=@INSTALL_DATA@
>> + INSTALL_DIR=@INSTALL_DIR@
>> +--
>> +1.7.0.4
>> +
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> configure-autoheader.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-configure-autoheader.patch
>> new file mode 100644
>> index 0000000..903cbe8
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-configure-
>> autoheader.patch
>> @@ -0,0 +1,60 @@
>> +From cddb9b757bdcd60c58d6320479d572ebdd15b449 Mon Sep 17 00:00:00
>> 2001
>> +From: Robert Yang <liezhi.yang at windriver.com>
>> +Date: Sun, 8 Jun 2014 06:37:01 -0700
>> +Subject: [PATCH] spmd/configure.in: add description for AC_DEFINE
>> +
>> +The autoheader now requires the AC_DEFINE to have a description,
>> +otherewise it would fail.
>> +
>> +See oe-core's dd9c3d7bc946ff44e0ca90f4e345711d6ad21728
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Robert Yang <liezhi.yang at windriver.com>
>> +---
>> + spmd/configure.in | 10 +++++-----
>> + 1 file changed, 5 insertions(+), 5 deletions(-)
>> +
>> +diff --git a/spmd/configure.in b/spmd/configure.in
>> +index 3858aa1..e3e8650 100644
>> +--- a/spmd/configure.in
>> ++++ b/spmd/configure.in
>> +@@ -74,18 +74,18 @@ int main(void)
>> + exit(0);
>> + }
>> + ],
>> +-AC_DEFINE(HAVE_SA_LEN)
>> ++AC_DEFINE([HAVE_SA_LEN], [1], [Define if have sa_len])
>> + AC_MSG_RESULT(yes),
>> + AC_MSG_RESULT(no),:)
>> +
>> + echo $ac_n "checking for architecture""... $ac_c" 1>&6
>> + case "$target" in
>> + *freebsd4*)
>> +- AC_DEFINE(HAVE_HOST_CONF)
>> ++ AC_DEFINE([HAVE_HOST_CONF], [1], [Define if have
>> host.conf])
>> + AC_MSG_RESULT(use /etc/host.conf)
>> + ;;
>> + *openbsd*)
>> +- AC_DEFINE(HAVE_LOOKUP_IN_RESOLV_CONF)
>> ++ AC_DEFINE([HAVE_LOOKUP_IN_RESOLV_CONF], [1],
>> [Define if have lookup in resolv.conf])
>> + AC_MSG_RESULT(use lookup in /etc/resolv.conf)
>> + ;;
>> + *)
>> +@@ -97,11 +97,11 @@ esac
>> + echo $ac_n "checking for SPDUPDATE BUG""... $ac_c" 1>&6
>> + case $host_os in
>> + *netbsd*)
>> +- AC_DEFINE(HAVE_SPDUPDATE_BUG)
>> ++ AC_DEFINE([HAVE_SPDUPDATE_BUG], [1], [Define if
>> have spdupdate_bug])
>> + AC_MSG_RESULT(yes)
>> + ;;
>> + *freebsd*)
>> +- AC_DEFINE(HAVE_SPDUPDATE_BUG)
>> ++ AC_DEFINE([HAVE_SPDUPDATE_BUG], [1], [Define if
>> have spdupdate_bug])
>> + AC_MSG_RESULT(yes)
>> + ;;
>> + *)
>> +--
>> +1.7.9.5
>> +
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> configure-memcmp.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-configure-memcmp.patch
>> new file mode 100644
>> index 0000000..97857c7
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-configure-
>> memcmp.patch
>> @@ -0,0 +1,32 @@
>> +Comment out memmcp.clean configure-related option
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Aws Ismail <aws.ismail at windriver.com>
>> +
>> +diff --git a/iked/configure b/iked/configure
>> +index 80ca9a3..9205bc3 100755
>> +--- a/iked/configure
>> ++++ b/iked/configure
>> +@@ -1758,7 +1758,7 @@ fi
>> + fi
>> +
>> + echo "$ac_t""$ac_cv_func_memcmp_clean" 1>&6
>> +-test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS
>> memcmp.${ac_objext}"
>> ++# test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS
>> memcmp.${ac_objext}"
>> +
>> + echo $ac_n "checking return type of signal handlers""... $ac_c"
>> 1>&6
>> + echo "configure:1765: checking return type of signal handlers" >&5
>> +diff --git a/lib/configure b/lib/configure
>> +index c7d057a..6390794 100755
>> +--- a/lib/configure
>> ++++ b/lib/configure
>> +@@ -1909,7 +1909,7 @@ fi
>> + fi
>> +
>> + echo "$ac_t""$ac_cv_func_memcmp_clean" 1>&6
>> +-test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS
>> memcmp.${ac_objext}"
>> ++# test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS
>> memcmp.${ac_objext}"
>> +
>> + echo $ac_n "checking for strftime""... $ac_c" 1>&6
>> + echo "configure:1916: checking for strftime" >&5
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> configure.in-remove-redundant-macros.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-configure.in-remove-redundant-
>> macros.patch
>> new file mode 100644
>> index 0000000..7a69857
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> configure.in-remove-redundant-macros.patch
>> @@ -0,0 +1,199 @@
>> +* autotools was used for the build process and these macros became
>> +redundant, so remove them to avoid errors in configure:
>> +./configure: line 4619: RC_WITH_OPENSSL_LIB: command not found
>> +
>> +* a bash syntax error is also fixed here:
>> +./configure: line 4636: test: =: unary operator expected
>> +
>> +Upstream-Status: Inappropriate [embedded specific]
>> +
>> +Signed-off-by: Jackie Huang <jackie.huang at windriver.com>
>> +---
>> + configure.in | 1 -
>> + iked/configure.in | 20 +-------------------
>> + kinkd/configure.in | 5 +----
>> + lib/configure.in | 10 +---------
>> + spmd/configure.in | 11 +----------
>> + 5 files changed, 4 insertions(+), 43 deletions(-)
>> +
>> +diff --git a/configure.in b/configure.in
>> +index 5eaa7c5..e74433e 100644
>> +--- a/configure.in
>> ++++ b/configure.in
>> +@@ -10,7 +10,6 @@ AC_CANONICAL_HOST
>> + dnl Checks for programs.
>> + AC_PROG_INSTALL
>> + AC_PROG_MAKE_SET
>> +-RC_IF_INSTALL_OPTS
>> +
>> + dnl XXX see the comment below.
>> + dnl AC_CONFIG_SUBDIRS(lib)
>> +diff --git a/iked/configure.in b/iked/configure.in
>> +index 031e499..6b9352e 100644
>> +--- a/iked/configure.in
>> ++++ b/iked/configure.in
>> +@@ -51,9 +51,6 @@ if test x"$ikev2" = x"yes"; then
>> + IKEV2_SRC='$(IKEV2_SRC)'
>> + fi
>> +
>> +-# check --enable-debug
>> +-RC_IF_BUILD_DEBUG
>> +-
>> + # including pcap if enable_debug is yes
>> + if test "$enable_debug" = yes -a "$enable_pcap" = yes ; then
>> + AC_CHECK_LIB(pcap, pcap_dump,,[AC_MSG_ERROR(failed finding
>> libpcap)])
>> +@@ -120,9 +117,6 @@ if test "${ikev2_ipsec_window_size+set}" =
>> "set"; then
>> + AC_DEFINE_UNQUOTED(IKEV2_IPSEC_WINDOW_SIZE,
>> $ikev2_ipsec_window_size, [window size of IPsec SA created by IKEv2])
>> + fi
>> +
>> +-# check for --with-install-opts
>> +-RC_IF_INSTALL_OPTS
>> +-
>> + # Checks for header files.
>> + AC_HEADER_STDC
>> + AC_CHECK_HEADERS([limits.h netdb.h netinet/in.h netinet6/ipsec.h
>> netipsec/ipsec.h stdarg.h stddef.h stdlib.h string.h sys/param.h
>> sys/socket.h sys/time.h unistd.h inttypes.h stdint.h])
>> +@@ -133,8 +127,6 @@ AC_ARG_WITH(kernel_build_dir, [ --with-kernel-
>> build-dir=DIR specify the d
>> + [kernel_build_dir=$withval], [kernel_build_dir=no])
>> + AC_MSG_RESULT(${kernel_build_dir})
>> +
>> +-RC_CHECK_PFKEYV2_H
>> +-RC_IF_NATT_ENABLE
>> + if test x"$enable_natt" = x"yes"; then
>> + if test x"$ikev1" = x"yes"; then
>> + IKEV1_SRC="${IKEV1_SRC} \$(IKEV1_NATT_SRC)"
>> +@@ -195,11 +187,6 @@ AC_TRY_COMPILE([],
>> + AC_DEFINE(HAVE_FUNC_MACRO, 1, [define if __func__ macro is
>> available])
>> + ], [AC_MSG_RESULT(no)])
>> +
>> +-# check for struct sockaddr
>> +-RC_IF_SA_LEN
>> +-
>> +-# check for --enable-ipv6
>> +-RC_IF_IPV6_ENABLE
>> + if test "$ipv6" = "yes"; then
>> + AC_MSG_CHECKING(for advanced API support)
>> + AC_CACHE_VAL(racoon_cv_advapi, [dnl
>> +@@ -239,10 +226,6 @@ fi
>> + # Look for dlopen (libc in FreeBSD, libdl in Debian)
>> + AC_SEARCH_LIBS(dlopen, dl)
>> +
>> +-# checks for OpenSSL
>> +-# check for --with-openssl-libdir
>> +-RC_WITH_OPENSSL_LIB
>> +-
>> + # check Engine interface
>> + AC_MSG_CHECKING(--enable-engine)
>> + engine='yes'
>> +@@ -315,9 +298,8 @@ if test x"$sha2" = x"yes"; then
>> + AC_DEFINE(WITH_SHA2, 1, [define if SHA2 can be used])
>> + fi
>> +
>> +-RC_CHECK_MAKE
>> + AC_SUBST(IF_GMAKE)
>> +-if test $MAKE_TYPE = gmake; then
>> ++if test "$MAKE_TYPE" = "gmake"; then
>> + IF_GMAKE=''
>> + else
>> + IF_GMAKE='#'
>> +diff --git a/kinkd/configure.in b/kinkd/configure.in
>> +index 272c1eb..a332436 100644
>> +--- a/kinkd/configure.in
>> ++++ b/kinkd/configure.in
>> +@@ -10,7 +10,6 @@ AC_PROG_CPP
>> + AC_PROG_LEX
>> + AC_PROG_INSTALL
>> + AC_PROG_MAKE_SET
>> +-RC_PROG_MKDEP
>> +
>> + AC_CANONICAL_HOST
>> +
>> +@@ -263,11 +262,9 @@ sys_queue_ng
>> + AC_MSG_RESULT(ok)
>> + )
>> +
>> +-RC_IF_INSTALL_OPTS
>> +
>> +-RC_CHECK_MAKE
>> + AC_SUBST(IF_GMAKE)
>> +-if test $MAKE_TYPE = gmake; then
>> ++if test "$MAKE_TYPE" = "gmake"; then
>> + IF_GMAKE=''
>> + else
>> + IF_GMAKE='#'
>> +diff --git a/lib/configure.in b/lib/configure.in
>> +index 883a28c..414d7b1 100644
>> +--- a/lib/configure.in
>> ++++ b/lib/configure.in
>> +@@ -12,7 +12,6 @@ AC_PROG_YACC
>> + AC_PROG_RANLIB
>> + AC_PROG_INSTALL
>> + AC_PROG_MAKE_SET
>> +-RC_PROG_MKDEP
>> +
>> + AC_CANONICAL_HOST
>> +
>> +@@ -112,9 +111,6 @@ AC_HEADER_STDC
>> + AC_HEADER_SYS_WAIT
>> + AC_CHECK_HEADERS(sys/time.h net/if_var.h net/ethernet.h limits.h
>> unistd.h stdarg.h varargs.h netinet6/ipsec.h netipsec/ipsec.h)
>> +
>> +-RC_CHECK_PFKEYV2_H
>> +-RC_IF_NATT_ENABLE
>> +-
>> + dnl Checks for typedefs, structures, and compiler characteristics.
>> + AC_C_CONST
>> + AC_TYPE_PID_T
>> +@@ -198,14 +194,10 @@ AC_TRY_COMPILE([#include <sys/types.h>
>> + AC_MSG_RESULT(yes),
>> + AC_MSG_RESULT(no))
>> +
>> +-dnl --with-openssl-libdir
>> +-RC_WITH_OPENSSL_LIB
>> +-
>> + AC_CHECK_HEADERS(openssl/evp.h)
>> +
>> +-RC_CHECK_MAKE
>> + AC_SUBST(IF_GMAKE)
>> +-if test $MAKE_TYPE = gmake; then
>> ++if test "$MAKE_TYPE" = "gmake"; then
>> + IF_GMAKE=''
>> + else
>> + IF_GMAKE='#'
>> +diff --git a/spmd/configure.in b/spmd/configure.in
>> +index c079c56..3858aa1 100644
>> +--- a/spmd/configure.in
>> ++++ b/spmd/configure.in
>> +@@ -13,7 +13,6 @@ dnl Checks for programs.
>> + AC_PROG_CC
>> + AC_PROG_CPP
>> + AC_PROG_INSTALL
>> +-RC_PROG_MKDEP
>> +
>> + INSTALL_LIB="\${INSTALL_DATA}"
>> + AC_SUBST(INSTALL_LIB)
>> +@@ -119,22 +118,14 @@ AC_MSG_RESULT($libracoon_path)
>> + LDFLAGS="$LDFLAGS -L$libracoon_path"
>> + LIBS="-lracoon $LIBS"
>> +
>> +-dnl --with-openssl-libdir
>> +-RC_WITH_OPENSSL_LIB
>> +-
>> + AC_CHECK_HEADER(openssl/evp.h)
>> +
>> +-RC_CHECK_MAKE
>> + AC_SUBST(IF_GMAKE)
>> +-if test $MAKE_TYPE = gmake; then
>> ++if test "$MAKE_TYPE" = "gmake"; then
>> + IF_GMAKE=''
>> + else
>> + IF_GMAKE='#'
>> + fi
>> +
>> +-RC_IF_INSTALL_OPTS
>> +-
>> +-RC_CHECK_PFKEYV2_H
>> +-
>> + AC_CONFIG_HEADER(config.h)
>> + AC_OUTPUT(Makefile)
>> +--
>> +1.7.9.5
>> +
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> correct-openssl-include-path.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-correct-openssl-include-path.patch
>> new file mode 100644
>> index 0000000..2ccd61d
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-correct-
>> openssl-include-path.patch
>> @@ -0,0 +1,70 @@
>> +commit 60800fb6e9bd48a54c52d34fe4f1a4444e2160f7
>> +Author: Aws Ismail <aws.ismail at windriver.com>
>> +Date: Mon Aug 20 13:57:43 2012 -0400
>> +
>> +Use correct path for openssl includes
>> +
>> +Originally, if $openssl_libdir is set then
>> +CFLAGS in will append $openssl_libdir/include
>> +which does not exist.
>> +
>> +Correct location should be $openssl_libdir/usr/
>> +include/openssl. Provided that --with-openssl-libdir
>> +is given bitbake_build/tmp/sysroots/<target>/
>> +
>> +Upstream-Status: Inappropriate [embedded specific]
>> +
>> +Signed-off-by: Aws Ismail <aws.ismail at windriver.com>
>> +
>> +diff --git a/aclocal.m4 b/aclocal.m4
>> +index 2deda2f..91889c5 100644
>> +--- a/aclocal.m4
>> ++++ b/aclocal.m4
>> +@@ -150,7 +150,7 @@ AC_MSG_RESULT($openssl_libdir)
>> + if test "$openssl_libdir" != "none" ; then
>> + if test -f "$openssl_libdir/lib/libcrypto.a"; then
>> + LDFLAGS="$LDFLAGS -L$openssl_libdir/lib"
>> +- CPPFLAGS="$CPPFLAGS -I$openssl_libdir/include"
>> ++ CPPFLAGS="$CPPFLAGS
>> -I$openssl_libdir/usr/include/openssl"
>> + elif test -f "$openssl_libdir/libcrypto.a"; then
>> + LDFLAGS="$LDFLAGS -L$openssl_libdir";
>> + CPPFLAGS="$CPPFLAGS -I$openssl_libdir/include"
>> +diff --git a/iked/configure b/iked/configure
>> +index 80ca9a3..f06c310 100755
>> +--- a/iked/configure
>> ++++ b/iked/configure
>> +@@ -2143,7 +2143,7 @@ echo "$ac_t""$openssl_libdir" 1>&6
>> + if test "$openssl_libdir" != "none" ; then
>> + if test -f "$openssl_libdir/lib/libcrypto.a"; then
>> + LDFLAGS="$LDFLAGS -L$openssl_libdir/lib"
>> +- CPPFLAGS="$CPPFLAGS -I$openssl_libdir/include"
>> ++ CPPFLAGS="$CPPFLAGS
>> -I$openssl_libdir/usr/include/openssl"
>> + elif test -f "$openssl_libdir/libcrypto.a"; then
>> + LDFLAGS="$LDFLAGS -L$openssl_libdir";
>> + CPPFLAGS="$CPPFLAGS -I$openssl_libdir/include"
>> +diff --git a/lib/configure b/lib/configure
>> +index c7d057a..555c35f 100755
>> +--- a/lib/configure
>> ++++ b/lib/configure
>> +@@ -2358,7 +2358,7 @@ echo "$ac_t""$openssl_libdir" 1>&6
>> + if test "$openssl_libdir" != "none" ; then
>> + if test -f "$openssl_libdir/lib/libcrypto.a"; then
>> + LDFLAGS="$LDFLAGS -L$openssl_libdir/lib"
>> +- CPPFLAGS="$CPPFLAGS -I$openssl_libdir/include"
>> ++ CPPFLAGS="$CPPFLAGS
>> -I$openssl_libdir/usr/include/openssl"
>> + elif test -f "$openssl_libdir/libcrypto.a"; then
>> + LDFLAGS="$LDFLAGS -L$openssl_libdir";
>> + CPPFLAGS="$CPPFLAGS -I$openssl_libdir/include"
>> +diff --git a/spmd/configure b/spmd/configure
>> +index 49d4039..bebb002 100755
>> +--- a/spmd/configure
>> ++++ b/spmd/configure
>> +@@ -1963,7 +1963,7 @@ echo "$ac_t""$openssl_libdir" 1>&6
>> + if test "$openssl_libdir" != "none" ; then
>> + if test -f "$openssl_libdir/lib/libcrypto.a"; then
>> + LDFLAGS="$LDFLAGS -L$openssl_libdir/lib"
>> +- CPPFLAGS="$CPPFLAGS -I$openssl_libdir/include"
>> ++ CPPFLAGS="$CPPFLAGS
>> -I$openssl_libdir/usr/include/openssl"
>> + elif test -f "$openssl_libdir/libcrypto.a"; then
>> + LDFLAGS="$LDFLAGS -L$openssl_libdir";
>> + CPPFLAGS="$CPPFLAGS -I$openssl_libdir/include"
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> disable-hard-limit-timer.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-disable-hard-limit-timer.patch
>> new file mode 100644
>> index 0000000..e555695
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-disable-
>> hard-limit-timer.patch
>> @@ -0,0 +1,80 @@
>> +Disable hard-limit timer
>> +
>> +Since we only deliver racoon2 on linux platform and linux
>> +kernel implemented a timer for monitoring the hard-limit,
>> +disable the one realized on racoon2.
>> +
>> +Upstream-Status: Inappropriate [embedded specific]
>> +
>> +Signed-off-by: Yong Zhang <yong.zhang at windriver.com>
>> +Signed-of-by: Aws Ismail <aws.ismail at windriver.com>
>> +
>> +---
>> + iked/ikev2_child.c | 14 +++++++-------
>> + 1 file changed, 7 insertions(+), 7 deletions(-)
>> +
>> +--- a/iked/ikev2_child.c
>> ++++ b/iked/ikev2_child.c
>> +@@ -683,7 +683,7 @@ ikev2_create_child_responder_cont(struct
>> + ikev2_add_ipsec_sa(child_sa, &child_sa->child_param,
>> + child_sa->peer_proposal, child_sa-
>>> my_proposal[1]);
>> +
>> +- /* #if defined(__FreeBSD__) || defined(__NetBSD__) */
>> ++#if defined(__FreeBSD__) || defined(__NetBSD__)
>> + /* KAME does not generate hard lifetime expiration message
>> */
>> + /* start expiration timer */
>> + {
>> +@@ -705,7 +705,7 @@ ikev2_create_child_responder_cont(struct
>> + }
>> + }
>> + }
>> +- /* #endif */
>> ++#endif
>> +
>> + TRACE((PLOGLOC, "ike_sa state %d\n", ike_sa->state));
>> + switch (ike_sa->state) {
>> +@@ -1481,7 +1481,7 @@ ikev2_update_child(struct ikev2_child_sa
>> +
>> + ikev2_child_state_set(child_sa, IKEV2_CHILD_STATE_MATURE);
>> +
>> +- /* #if defined(__FreeBSD__) || defined(__NetBSD__) */
>> ++#if defined(__FreeBSD__) || defined(__NetBSD__)
>> + /* KAME does not generate hard lifetime expiration message
>> */
>> + /* start expiration timer */
>> + {
>> +@@ -1505,7 +1505,7 @@ ikev2_update_child(struct ikev2_child_sa
>> + goto abort_nomem;
>> + }
>> + }
>> +- /* #endif */
>> ++#endif
>> +
>> + done:
>> + if (new_my_proposal_list)
>> +@@ -1566,7 +1566,7 @@ ikev2_update_child(struct ikev2_child_sa
>> + goto done;
>> + }
>> +
>> +-/* #if defined(__FreeBSD__) || defined(__NetBSD__) */
>> ++#if defined(__FreeBSD__) || defined(__NetBSD__)
>> + /*
>> + * timer callback for child_sa expiration
>> + */
>> +@@ -1579,7 +1579,7 @@ ikev2_child_expire_callback(void *param)
>> + SCHED_KILL(child_sa->timer);
>> + ikev2_expire_child(child_sa);
>> + }
>> +-/* #endif */
>> ++#endif
>> +
>> + int
>> + ikev2_expired(struct sadb_request *req, struct rcpfk_msg *param)
>> +@@ -1707,7 +1707,7 @@ ikev2_expire_sa(struct ikev2_child_sa *c
>> + }
>> + return;
>> + case 2: /* hard expired */
>> +-#if 1
>> ++#if 0
>> + /*
>> + * hard expire is not used, due to difference of
>> KAME and USAGI.
>> + * instead, use child_sa->timer
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-
>> configure-error.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-configure-error.patch
>> new file mode 100644
>> index 0000000..5f853d9
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-
>> configure-error.patch
>> @@ -0,0 +1,50 @@
>> +commit 26a49879f53b69a1aa91f5cd9678f7829f524845
>> +Author: Aws Ismail <aws.ismail at windriver.com>
>> +Date: Thu Oct 25 13:43:17 2012 -0400
>> +
>> +Specify racoon2 submodules for configure
>> +
>> +Literally specify the submodules to configure
>> +instead of using the $SELECTED_MODULES variable
>> +lib, spmd, iked are always available. kinkd
>> +is selected if enabled and that depends
>> +on the availability of krb5 on the target.
>> +
>> +Upstream-Status: Inappropriate [embedded specific]
>> +
>> +Signed-off-by: Aws Ismail <aws.ismail at windriver.com>
>> +
>> +diff --git a/configure.in b/configure.in
>> +index 3f83241..5eaa7c5 100644
>> +--- a/configure.in
>> ++++ b/configure.in
>> +@@ -49,6 +49,9 @@ if test x$prefix = x"NONE" ; then
>> + ac_configure_args="$ac_configure_args --prefix='$prefix'"
>> + fi
>> +
>> ++AC_CONFIG_SUBDIRS(lib)
>> ++AC_CONFIG_SUBDIRS(spmd)
>> ++
>> + dnl Enable/disable each module
>> + AC_MSG_CHECKING(if --enable-iked option is specified)
>> + AC_ARG_ENABLE(iked, [ --enable-iked build iked [yes]],
>> +@@ -56,6 +59,7 @@ AC_ARG_ENABLE(iked, [ --enable-
>> iked build iked [yes]],
>> + AC_MSG_RESULT($enable_iked)
>> + if test x"$enable_iked" = xyes; then
>> + SELECTED_MODULES="$SELECTED_MODULES iked"
>> ++ AC_CONFIG_SUBDIRS(iked)
>> + fi
>> + AC_MSG_CHECKING(if --enable-kinkd option is specified)
>> + AC_ARG_ENABLE(kinkd, [ --enable-kinkd build kinkd [yes]],
>> +@@ -63,10 +67,8 @@ AC_ARG_ENABLE(kinkd, [ --enable-
>> kinkd build kinkd [yes]],
>> + AC_MSG_RESULT($enable_kinkd)
>> + if test x"$enable_kinkd" = xyes; then
>> + SELECTED_MODULES="$SELECTED_MODULES kinkd"
>> ++ AC_CONFIG_SUBDIRS(kinkd)
>> + fi
>> +-dnl XXX Variables should not be used with AC_CONFIG_SUBDIRS on
>> autoconf-2.5x,
>> +-dnl but multiple/selective AC_CONFIG_SUBDIRSes don't work on
>> autoconf-2.13.
>> +-AC_CONFIG_SUBDIRS(lib $SELECTED_MODULES)
>> +
>> + dnl Switch for startup mechanism.
>> + AC_SUBST(startup_scripts)
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-
>> hardcoded-sysconfdir.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-hardcoded-sysconfdir.patch
>> new file mode 100644
>> index 0000000..4758644
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-
>> hardcoded-sysconfdir.patch
>> @@ -0,0 +1,281 @@
>> +From d71fb0712175b76304795bf90a125bc2b8d4c959 Mon Sep 17 00:00:00
>> 2001
>> +From: Yi Zhao <yi.zhao at windriver.com>
>> +Date: Fri, 9 Jun 2017 08:55:36 +0800
>> +Subject: [PATCH] racoon2: fix hardcoded sysconfdir
>> +
>> +Replace the hardcoded path /etc/racoon2 with $sysconfdir
>> +
>> +Upstream-Status: Inappropriate [configuration]
>> +
>> +Signed-off-by: Yi Zhao <yi.zhao at windriver.com>
>> +---
>> + pskgen/Makefile.in | 2 +-
>> + pskgen/autogen.spmd.pwd.in | 8 ++++----
>> + samples/child-down.in | 2 +-
>> + samples/child-rekey.in | 2 +-
>> + samples/child-up.in | 2 +-
>> + samples/ikesa-down.in | 2 +-
>> + samples/ikesa-rekey.in | 2 +-
>> + samples/ikesa-up.in | 2 +-
>> + samples/migration.in | 2 +-
>> + samples/ph1-down.in | 2 +-
>> + samples/ph1-up.in | 2 +-
>> + samples/racoon2.conf.in | 18 +++++++++---------
>> + samples/vals.conf.in | 22 +++++++++++-----------
>> + 13 files changed, 34 insertions(+), 34 deletions(-)
>> +
>> +diff --git a/pskgen/Makefile.in b/pskgen/Makefile.in
>> +index ff0d374..8d272df 100644
>> +--- a/pskgen/Makefile.in
>> ++++ b/pskgen/Makefile.in
>> +@@ -20,7 +20,7 @@ install: all
>> + $(INSTALL) -d $(DESTDIR)$(sbindir)
>> + $(INSTALL_SCRIPT) $(PROG) $(DESTDIR)$(sbindir)
>> + $(INSTALL_DATA) $(PROG).8 $(DESTDIR)$(mandir)/man8
>> +- $(INSTALL) -d $(DESTDIR)$(prefix)/etc/racoon2
>> ++ $(INSTALL) -d $(DESTDIR)$(sysconfdir)
>> + sh ./autogen.spmd.pwd
>> +
>> + depend:
>> +diff --git a/pskgen/autogen.spmd.pwd.in b/pskgen/autogen.spmd.pwd.in
>> +index ac6560c..a9981f3 100755
>> +--- a/pskgen/autogen.spmd.pwd.in
>> ++++ b/pskgen/autogen.spmd.pwd.in
>> +@@ -1,11 +1,11 @@
>> + #!/bin/sh
>> +
>> +-if [ -f @prefix@/etc/racoon2/spmd.pwd ]
>> ++if [ -f @sysconfdir@/spmd.pwd ]
>> + then
>> +- mv @prefix@/etc/racoon2/spmd.pwd
>> @prefix@/etc/racoon2/spmd.pwd.bak
>> ++ mv @sysconfdir@/spmd.pwd @sysconfdir@/spmd.pwd.bak
>> + fi
>> +
>> +-if [ -x @prefix@/sbin/pskgen ]
>> ++if [ -x @sbindir@/pskgen ]
>> + then
>> +- @prefix@/sbin/pskgen -r -o @prefix@/etc/racoon2/spmd.pwd
>> ++ @sbindir@/pskgen -r -o @sysconfdir@/spmd.pwd
>> + fi
>> +diff --git a/samples/child-down.in b/samples/child-down.in
>> +index 01bae1f..8ac9061 100644
>> +--- a/samples/child-down.in
>> ++++ b/samples/child-down.in
>> +@@ -3,7 +3,7 @@
>> + # run scripts in the child-down.d directory when CHILD_SA is
>> removed
>> + #
>> +
>> +-cd @prefix@/etc/racoon2/hook
>> ++cd @sysconfdir@/hook
>> +
>> + . ./functions
>> +
>> +diff --git a/samples/child-rekey.in b/samples/child-rekey.in
>> +index a10d673..63f3db7 100644
>> +--- a/samples/child-rekey.in
>> ++++ b/samples/child-rekey.in
>> +@@ -3,7 +3,7 @@
>> + # run scripts in the child-rekey.d directory when CHILD_SA is
>> rekeyed
>> + #
>> +
>> +-cd @prefix@/etc/racoon2/hook
>> ++cd @sysconfdir@/hook
>> +
>> + . ./functions
>> +
>> +diff --git a/samples/child-up.in b/samples/child-up.in
>> +index d3e8c65..0cacd04 100644
>> +--- a/samples/child-up.in
>> ++++ b/samples/child-up.in
>> +@@ -3,7 +3,7 @@
>> + # run scripts in the child-up.d directory when CHILD_SA is
>> established
>> + #
>> +
>> +-cd @prefix@/etc/racoon2/hook
>> ++cd @sysconfdir@/hook
>> +
>> + . ./functions
>> +
>> +diff --git a/samples/ikesa-down.in b/samples/ikesa-down.in
>> +index 5a12092..492d8a6 100644
>> +--- a/samples/ikesa-down.in
>> ++++ b/samples/ikesa-down.in
>> +@@ -3,7 +3,7 @@
>> + # run scripts in the ikesa-down.d directory when IKE_SA is removed
>> + #
>> +
>> +-cd @prefix@/etc/racoon2/hook
>> ++cd @sysconfdir@/hook
>> +
>> + . ./functions
>> +
>> +diff --git a/samples/ikesa-rekey.in b/samples/ikesa-rekey.in
>> +index fd9668c..0f54c50 100644
>> +--- a/samples/ikesa-rekey.in
>> ++++ b/samples/ikesa-rekey.in
>> +@@ -3,7 +3,7 @@
>> + # run scripts in the ikesa-rekey.d directory when IKE_SA is
>> rekeyed
>> + #
>> +
>> +-cd @prefix@/etc/racoon2/hook
>> ++cd @sysconfdir@/hook
>> +
>> + . ./functions
>> +
>> +diff --git a/samples/ikesa-up.in b/samples/ikesa-up.in
>> +index 2d72f96..5ab3d51 100644
>> +--- a/samples/ikesa-up.in
>> ++++ b/samples/ikesa-up.in
>> +@@ -3,7 +3,7 @@
>> + # run scripts in the ikesa-up.d directory when IKE_SA is
>> established
>> + #
>> +
>> +-cd @prefix@/etc/racoon2/hook
>> ++cd @sysconfdir@/hook
>> +
>> + . ./functions
>> +
>> +diff --git a/samples/migration.in b/samples/migration.in
>> +index 0847eae..52f7980 100644
>> +--- a/samples/migration.in
>> ++++ b/samples/migration.in
>> +@@ -3,7 +3,7 @@
>> + # run scripts in the migration.d directory when MIP6 MIGRATE is
>> issued
>> + #
>> +
>> +-cd @prefix@/etc/racoon2/hook
>> ++cd @sysconfdir@/hook
>> +
>> + . ./functions
>> +
>> +diff --git a/samples/ph1-down.in b/samples/ph1-down.in
>> +index 9d2e305..a7a8b0a 100644
>> +--- a/samples/ph1-down.in
>> ++++ b/samples/ph1-down.in
>> +@@ -3,7 +3,7 @@
>> + # run scripts in the ph1-down.d directory when ISAKMP SA is removed
>> + #
>> +
>> +-cd @prefix@/etc/racoon2/hook
>> ++cd @sysconfdir@/hook
>> +
>> + . ./functions
>> +
>> +diff --git a/samples/ph1-up.in b/samples/ph1-up.in
>> +index ab205fa..75e8cab 100644
>> +--- a/samples/ph1-up.in
>> ++++ b/samples/ph1-up.in
>> +@@ -3,7 +3,7 @@
>> + # run scripts in the ph1-up.d directory when ISAKMP SA is
>> established
>> + #
>> +
>> +-cd @prefix@/etc/racoon2/hook
>> ++cd @sysconfdir@/hook
>> +
>> + . ./functions
>> +
>> +diff --git a/samples/racoon2.conf.in b/samples/racoon2.conf.in
>> +index 5afda24..f365731 100644
>> +--- a/samples/racoon2.conf.in
>> ++++ b/samples/racoon2.conf.in
>> +@@ -1,7 +1,7 @@
>> + # $Id: racoon2.conf.in,v 1.34 2007/12/27 01:08:52 mk Exp $
>> +
>> + ## Edit vals.conf for your environment
>> +-include "@prefix@/etc/racoon2/vals.conf";
>> ++include "@sysconfdir@/vals.conf";
>> +
>> + # interface info
>> + interface
>> +@@ -17,7 +17,7 @@ interface
>> + spmd {
>> + unix "/var/run/racoon2/spmif";
>> + };
>> +- spmd_password "@prefix@/etc/racoon2/spmd.pwd";
>> ++ spmd_password "@sysconfdir@/spmd.pwd";
>> + };
>> +
>> + # resolver info
>> +@@ -42,7 +42,7 @@ resolver
>> + # Please don't touch this line (especially novice user);
>> + #
>> +
>> +-include "@prefix@/etc/racoon2/default.conf";
>> ++include "@sysconfdir@/default.conf";
>> +
>> + #
>> + # These are examples of configuration for each peer.
>> +@@ -50,21 +50,21 @@ include "@prefix@/etc/racoon2/default.conf";
>> + # Uncomment following one 'include' line you want to use.
>> +
>> + ## Transport mode IKEv2 or IKEv1
>> +-# include "@prefix@/etc/racoon2/transport_ike.conf";
>> ++# include "@sysconfdir@/transport_ike.conf";
>> +
>> + ## Tunnel mode IKEv2 or IKEv1 (initiator and responder)
>> +-# include "@prefix@/etc/racoon2/tunnel_ike.conf";
>> ++# include "@sysconfdir@/tunnel_ike.conf";
>> +
>> + ## Tunnel mode IKEv2 (responder; NAT-T support)
>> + ## Enable this if you're a responder in global net and
>> + ## the peer is an initiator behind NAT.
>> +-# include "@prefix@/etc/racoon2/tunnel_ike_natt.conf";
>> ++# include "@sysconfdir@/tunnel_ike_natt.conf";
>> +
>> + ## Transport mode KINK
>> +-# include "@prefix@/etc/racoon2/transport_kink.conf";
>> ++# include "@sysconfdir@/transport_kink.conf";
>> +
>> + ## Tunnel mode KINK
>> +-# include "@prefix@/etc/racoon2/tunnel_kink.conf";
>> ++# include "@sysconfdir@/tunnel_kink.conf";
>> +
>> + ## For local test
>> +-# include "@prefix@/etc/racoon2/local-test.conf";
>> ++# include "@sysconfdir@/local-test.conf";
>> +diff --git a/samples/vals.conf.in b/samples/vals.conf.in
>> +index a0e8023..2fa7e4d 100644
>> +--- a/samples/vals.conf.in
>> ++++ b/samples/vals.conf.in
>> +@@ -2,10 +2,10 @@
>> + setval {
>> + ### Directory Settings ###
>> + # Preshared key file directory : specify if you want to use
>> preshared keys
>> +- PSKDIR "@prefix@/etc/racoon2/psk";
>> ++ PSKDIR "@sysconfdir@/psk";
>> +
>> + # Cert file directory : specify if you want to use certs
>> +- CERTDIR "@prefix@/etc/racoon2/cert";
>> ++ CERTDIR "@sysconfdir@/cert";
>> +
>> + ### ID Settings ###
>> + # your FQDN : specify if you want to use FQDN as your ID
>> +@@ -75,16 +75,16 @@ setval {
>> +
>> + ### Scripts
>> + ## IKEv2
>> +- IKESAUP_SCR "@prefix@/etc/racoon2/hook/ikesa-up";
>> +- IKESADOWN_SCR "@prefix@/etc/racoon2/hook/ikesa-
>> down";
>> +- CHILDUP_SCR "@prefix@/etc/racoon2/hook/child-up";
>> +- CHILDOWN_SCR "@prefix@/etc/racoon2/hook/child-down";
>> +- IKESAREKEY_SCR "@prefix@/etc/racoon2/hook/ikesa-
>> rekey";
>> +- CHILDREKEY_SCR "@prefix@/etc/racoon2/hook/child-
>> rekey";
>> +- MIGRATION_SCR "@prefix@/etc/racoon2/hook/migration";
>> ++ IKESAUP_SCR "@sysconfdir@/hook/ikesa-up";
>> ++ IKESADOWN_SCR "@sysconfdir@/hook/ikesa-down";
>> ++ CHILDUP_SCR "@sysconfdir@/hook/child-up";
>> ++ CHILDOWN_SCR "@sysconfdir@/hook/child-down";
>> ++ IKESAREKEY_SCR "@sysconfdir@/hook/ikesa-rekey";
>> ++ CHILDREKEY_SCR "@sysconfdir@/hook/child-rekey";
>> ++ MIGRATION_SCR "@sysconfdir@/hook/migration";
>> + ## IKEv1
>> +- PH1UP_SCR "@prefix@/etc/racoon2/hook/ph1-up";
>> +- PH1DOWN_SCR "@prefix@/etc/racoon2/hook/ph1-down";
>> ++ PH1UP_SCR "@sysconfdir@/hook/ph1-up";
>> ++ PH1DOWN_SCR "@sysconfdir@/hook/ph1-down";
>> +
>> + ### KINK ###
>> + # Kerberos5 principal
>> +--
>> +1.9.1
>> +
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-
>> rekeying-reply.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-rekeying-reply.patch
>> new file mode 100644
>> index 0000000..515241d
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-
>> rekeying-reply.patch
>> @@ -0,0 +1,28 @@
>> +racoon2: fix rekeying reply
>> +
>> +Why did node_a send the CREATE_CHILD_SA having the duplicated id?
>> +racoon2 has a counter for counting the number of transmitted request
>> messages.
>> +You can find the counter named request_pending in the source code.
>> +This counter is counted up when a request message is sent,
>> +and it is counted down when the corresponding response message
>> arrives.
>> +The problem is that racoon2 does not count up the counter mistakenly
>> +when sending the initial IKE_SA_INIT message in initiator mode.
>> +This makes the counter corrupt
>> +then the CREATE_CHILD_SA sent with an unexpected message id.
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: LiWang <li.wang at windriver.com>
>> +Signed-of-by: Aws Ismail <aws.ismail at windriver.com>
>> +
>> +--- racoon2-20090327c.org/iked/ikev2.c 2010-05-14
>> 10:19:34.000000000 +0800
>> ++++ racoon2-20090327c/iked/ikev2.c 2010-05-14
>> 10:23:54.000000000 +0800
>> +@@ -923,6 +923,8 @@
>> + if (!pkt)
>> + goto fail;
>> +
>> ++ ++ike_sa->request_pending;
>> ++
>> + /* save message data for AUTH calculation */
>> + if (ike_sa->my_first_message)
>> + rc_vfree(ike_sa->my_first_message);
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-
>> sadb_msg_seq-collision.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-sadb_msg_seq-collision.patch
>> new file mode 100644
>> index 0000000..2fca085
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-
>> sadb_msg_seq-collision.patch
>> @@ -0,0 +1,41 @@
>> +Fix sadb_msg_seq collision
>> +
>> +It looks like there's a problem in SADB message sequence number
>> +handling. As a temporary measure, initializing sadb_msg_seq with a
>> +large random number might help.
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Yong Zhang <yong.zhang at windriver.com>
>> +Signed-of-by: Aws Ismail <aws.ismail at windriver.com>
>> +
>> +---
>> + iked/ike_pfkey.c | 10 +++++++++-
>> + 1 file changed, 9 insertions(+), 1 deletion(-)
>> +
>> +--- a/iked/ike_pfkey.c
>> ++++ b/iked/ike_pfkey.c
>> +@@ -131,6 +131,7 @@
>> + static int pfkey_socket;
>> + static uint32_t sadb_msg_seq = 0x4000000; /* arbitrary large
>> number to avoid collision with kernel message */
>> +
>> ++static struct sadb_request *sadb_find_by_seq(uint32_t seq);
>> + static int sadb_getspi_callback(struct rcpfk_msg *param);
>> + static int sadb_update_callback(struct rcpfk_msg *param);
>> + static int sadb_get_callback(struct rcpfk_msg *param);
>> +@@ -207,7 +208,14 @@
>> + uint32_t
>> + sadb_new_seq(void)
>> + {
>> +- return ++sadb_msg_seq;
>> ++ while (1) {
>> ++ /* make sure there is no existing request having
>> ++ the same seq number */
>> ++ if (!sadb_find_by_seq(++sadb_msg_seq))
>> ++ break;
>> ++ }
>> ++
>> ++ return sadb_msg_seq;
>> + }
>> +
>> + static void
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-
>> target-perl-path-to-generate-RPM.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fix-target-perl-path-to-generate-
>> RPM.patch
>> new file mode 100644
>> index 0000000..ed66c6f
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fix-target-
>> perl-path-to-generate-RPM.patch
>> @@ -0,0 +1,86 @@
>> +racoon2: fix target perl path to generate RPM
>> +
>> +The configuration tools passed the host perl's path as the path
>> +to the target perl. This is not correct when the host perl was
>> +not installed in '/usr/bin/perl'. So hardcode perl path here to
>> +generate RPM of racoon2.
>> +
>> +Upstream-Status: Inappropriate [embedded specific]
>> +
>> +Signed-off-by: Chunbo Luo <chunbo.luo at windriver.com>
>> +Signed-of-by: Aws Ismail <aws.ismail at windriver.com>
>> +
>> +---
>> + configure | 42 +-----------------------------------------
>> + configure.in | 2 +-
>> + 2 files changed, 2 insertions(+), 42 deletions(-)
>> +
>> +diff --git a/configure b/configure
>> +index f39cb06..25ac906 100755
>> +--- a/configure
>> ++++ b/configure
>> +@@ -796,47 +796,7 @@ else
>> + startup_scripts=none
>> + fi
>> +
>> +-for ac_prog in perl
>> +-do
>> +-# Extract the first word of "$ac_prog", so it can be a program name
>> with args.
>> +-set dummy $ac_prog; ac_word=$2
>> +-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
>> +-echo "configure:805: checking for $ac_word" >&5
>> +-if eval "test \"`echo '$''{'ac_cv_path_perl_bindir'+set}'`\" =
>> set"; then
>> +- echo $ac_n "(cached) $ac_c" 1>&6
>> +-else
>> +- case "$perl_bindir" in
>> +- /*)
>> +- ac_cv_path_perl_bindir="$perl_bindir" # Let the user override the
>> test with a path.
>> +- ;;
>> +- ?:/*)
>> +- ac_cv_path_perl_bindir="$perl_bindir" # Let the user override the
>> test with a dos path.
>> +- ;;
>> +- *)
>> +- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
>> +- ac_dummy="$PATH"
>> +- for ac_dir in $ac_dummy; do
>> +- test -z "$ac_dir" && ac_dir=.
>> +- if test -f $ac_dir/$ac_word; then
>> +- ac_cv_path_perl_bindir="$ac_dir/$ac_word"
>> +- break
>> +- fi
>> +- done
>> +- IFS="$ac_save_ifs"
>> +- ;;
>> +-esac
>> +-fi
>> +-perl_bindir="$ac_cv_path_perl_bindir"
>> +-if test -n "$perl_bindir"; then
>> +- echo "$ac_t""$perl_bindir" 1>&6
>> +-else
>> +- echo "$ac_t""no" 1>&6
>> +-fi
>> +-
>> +-test -n "$perl_bindir" && break
>> +-done
>> +-test -n "$perl_bindir" || perl_bindir="missing_perl"
>> +-
>> ++perl_bindir='/usr/bin/perl'
>> +
>> +
>> + trap '' 1 2 15
>> +diff --git a/configure.in b/configure.in
>> +index a7ede4e..3f83241 100644
>> +--- a/configure.in
>> ++++ b/configure.in
>> +@@ -89,7 +89,7 @@ else
>> + fi
>> +
>> + dnl perl_bindir
>> +-AC_PATH_PROGS(perl_bindir, perl, missing_perl)
>> ++perl_bindir='/usr/bin/perl'
>> + AC_SUBST(perl_bindir)
>> +
>> + AC_OUTPUT([Makefile samples/Makefile samples/racoon2.conf
>> samples/vals.conf \
>> +--
>> +1.6.4
>> +
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> fwrite-return-value.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-fwrite-return-value.patch
>> new file mode 100644
>> index 0000000..a013199
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-fwrite-
>> return-value.patch
>> @@ -0,0 +1,34 @@
>> +racoon2: fix compile error for MIPS
>> +
>> +Correct compile error with fortify-source.
>> +When compiling with FORTIFY_SOURCE specified,
>> +the racoon2 package fails. The root cause is a
>> +macro introduces a call to fwrite() where the return code
>> +isn't checked. This patch moves the macro to an earlier
>> +spot where this problem is corrected.
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Greg Moffatt <greg.moffatt at windriver.com>
>> +Signed-of-by: Aws Ismail <aws.ismail at windriver.com>
>> +
>> +---
>> + cftoken.l | 7 +++++++
>> + 1 file changed, 7 insertions(+)
>> +
>> +--- a/lib/cftoken.l
>> ++++ b/lib/cftoken.l
>> +@@ -84,6 +84,13 @@
>> + #define DP
>> + #endif
>> +
>> ++#ifndef ECHO
>> ++/* This used to be an fputs(), but since the string might contain
>> NUL's,
>> ++ * we now use fwrite().
>> ++ */
>> ++#define ECHO do { if (fwrite( yytext, yyleng, 1, yyout )) {} }
>> while (0)
>> ++#endif
>> ++
>> + /* the include files stack */
>> + #define CF_INCLUDE_DEPTH 10
>> + static struct rcf_include_stack {
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> iked-initscript.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-iked-initscript.patch
>> new file mode 100644
>> index 0000000..202ecf9
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-iked-
>> initscript.patch
>> @@ -0,0 +1,34 @@
>> +diff --git a/samples/init.d-iked.in b/samples/init.d-iked.in
>> +index 4e65b94..ff5f355 100644
>> +--- a/samples/init.d-iked.in
>> ++++ b/samples/init.d-iked.in
>> +@@ -3,6 +3,9 @@
>> + # iked startup script
>> + #
>> +
>> ++# Source function library.
>> ++. /etc/init.d/functions
>> ++
>> + prefix=@prefix@
>> + exec_prefix=@exec_prefix@
>> +
>> +@@ -25,6 +28,10 @@ stop)
>> + read pid junk < $PIDFILE && kill $pid
>> + echo "."
>> + ;;
>> ++ status)
>> ++ status $DAEMON;
>> ++ exit $?
>> ++ ;;
>> + restart)
>> + $0 stop
>> + $0 start
>> +@@ -35,7 +42,7 @@ reload)
>> + echo "."
>> + ;;
>> + *)
>> +- echo "usage: $0 {start|stop|restart|reload}"
>> ++ echo "usage: $0 {start|stop|status|restart|reload}"
>> + exit 1
>> + ;;
>> + esac
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> iked-needs-libcrypto.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-iked-needs-libcrypto.patch
>> new file mode 100644
>> index 0000000..0c57c65
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-iked-needs-
>> libcrypto.patch
>> @@ -0,0 +1,34 @@
>> +iked needs libcrypto
>> +
>> +Add libcrypto to the list of LIBS for iked to avoid undefined
>> reference
>> +errors during compilation.
>> +
>> +If add libcrypto to the list of LDFLAGS, the result is same as
>> "gcc -lcrypto
>> +-o eaytest eaytest.o crypto_openssl.o str2val.o", since the linker
>> searchs an
>> +archive only once, at the location where it is specified on the
>> command line,
>> +crypto_openssl.o will report undefined symbol which is defined in
>> libcrypto
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Aws Ismail <aws.ismail at windriver.com>
>> +Signed-off-by: Roy.Li <rongqing.li at windriver.com>
>> +---
>> + iked/Makefile.in | 2 +-
>> + 1 files changed, 1 insertions(+), 1 deletions(-)
>> +
>> +diff --git a/iked/Makefile.in b/iked/Makefile.in
>> +index 57134f3..5a9160c 100644
>> +--- a/iked/Makefile.in
>> ++++ b/iked/Makefile.in
>> +@@ -56,7 +56,7 @@ OBJS += @CRYPTOBJS@
>> + TESTSRC = eaytest.c
>> + TESTOBJ = $(TESTSRC:%.c=%.o)
>> +
>> +-LIBS = @LIBS@
>> ++LIBS = @LIBS@ -lcrypto
>> + LIBRARIES = @LIBRARIES@
>> +
>> + MAN = iked.8
>> +--
>> +1.7.1
>> +
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> kinkd-initscript.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-kinkd-initscript.patch
>> new file mode 100644
>> index 0000000..d88e0c0
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-kinkd-
>> initscript.patch
>> @@ -0,0 +1,34 @@
>> +diff --git a/samples/init.d-kinkd.in b/samples/init.d-kinkd.in
>> +index 1813b39..71d0855 100644
>> +--- a/samples/init.d-kinkd.in
>> ++++ b/samples/init.d-kinkd.in
>> +@@ -3,6 +3,9 @@
>> + # kinkd start up script
>> + #
>> +
>> ++# Source function library.
>> ++. /etc/init.d/functions
>> ++
>> + prefix=@prefix@
>> + exec_prefix=@exec_prefix@
>> +
>> +@@ -25,6 +28,10 @@ stop)
>> + read pid junk < $PIDFILE && kill $pid
>> + echo "."
>> + ;;
>> ++ status)
>> ++ status $DAEMON;
>> ++ exit $?
>> ++ ;;
>> + restart)
>> + $0 stop
>> + $0 start
>> +@@ -35,7 +42,7 @@ reload)
>> + echo "."
>> + ;;
>> + *)
>> +- echo "usage: $0 {start|stop|restart|reload}"
>> ++ echo "usage: $0 {start|stop|status|restart|reload}"
>> + exit 1
>> + ;;
>> + esac
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> reenable-the-ipv6-check.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-reenable-the-ipv6-check.patch
>> new file mode 100644
>> index 0000000..fe00ba2
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-reenable-
>> the-ipv6-check.patch
>> @@ -0,0 +1,65 @@
>> +[PATCH] reenable the ipv6 check
>> +
>> +The patch racoon2-configure.in-remove-redundant-macros.patch made
>> ipv6 off
>> +for iked (RC_IF_IPV6_ENABLE is removed), since the autotools does
>> not autocheck
>> +--enable-ipv6, and copy ipv6 checking codes from lib/configure.in to
>> +iked/configure.in to reenable it
>> +
>> +Upstream-Status: Inappropriate [configuration]
>> +
>> +Signed-off-by: Roy Li <rongqing.li at windriver.com>
>> +---
>> + iked/configure.in | 37 +++++++++++++++++++++++++++++++++++++
>> + 1 file changed, 37 insertions(+)
>> +
>> +diff --git a/iked/configure.in b/iked/configure.in
>> +index 6b9352e..c155536 100644
>> +--- a/iked/configure.in
>> ++++ b/iked/configure.in
>> +@@ -187,6 +187,43 @@ AC_TRY_COMPILE([],
>> + AC_DEFINE(HAVE_FUNC_MACRO, 1, [define if __func__ macro is
>> available])
>> + ], [AC_MSG_RESULT(no)])
>> +
>> ++
>> ++dnl check if ipv6 is available.
>> ++AC_MSG_CHECKING(if ipv6 is available)
>> ++AC_ARG_ENABLE(ipv6,
>> ++[ --enable-ipv6 enable ipv6 (with ipv4) support
>> ++ --disable-ipv6 disable ipv6 support],
>> ++ [ case "$enableval" in
>> ++ no)
>> ++ AC_MSG_RESULT(no)
>> ++ ipv6=no
>> ++ ;;
>> ++ *) AC_MSG_RESULT(yes)
>> ++ AC_DEFINE(INET6, 1, [enable ipv6])
>> ++ ipv6=yes
>> ++ ;;
>> ++ esac ],
>> ++ AC_TRY_RUN([ /* AF_INET6 avalable check */
>> ++#include <sys/types.h>
>> ++#include <sys/socket.h>
>> ++main()
>> ++{
>> ++ exit(0);
>> ++ if (socket(AF_INET6, SOCK_STREAM, 0) < 0)
>> ++ exit(1);
>> ++ else
>> ++ exit(0);
>> ++}
>> ++],
>> ++ AC_MSG_RESULT(yes)
>> ++ AC_DEFINE(INET6, 1 , [enable ipv6])
>> ++ ipv6=yes,
>> ++ AC_MSG_RESULT(no)
>> ++ ipv6=no,
>> ++ AC_MSG_RESULT(no)
>> ++ ipv6=no
>> ++))
>> ++
>> + if test "$ipv6" = "yes"; then
>> + AC_MSG_CHECKING(for advanced API support)
>> + AC_CACHE_VAL(racoon_cv_advapi, [dnl
>> +--
>> +1.9.1
>> +
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> remove-deprecated-do-clause.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-remove-deprecated-do-clause.patch
>> new file mode 100644
>> index 0000000..7718235
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-remove-
>> deprecated-do-clause.patch
>> @@ -0,0 +1,19 @@
>> +Remove deprecated do clause which is not supported by perl 5 any
>> more.
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Kai Kang <kai.kang at windriver.com>
>> +
>> +--- racoon2-20100526a/pskgen/pskgen.in.orig 2014-01-27
>> 16:19:19.028054860 +0800
>> ++++ racoon2-20100526a/pskgen/pskgen.in 2014-01-27
>> 16:19:47.707748768 +0800
>> +@@ -59,8 +59,8 @@
>> + exit 0;
>> + }
>> +
>> +-require 'getopts.pl';
>> +-do Getopts('rs:o:di:he:d');
>> ++use Getopt::Std;
>> ++getopts('rs:o:di:he:d');
>> + $output = '-';
>> + $output = $opt_o if ($opt_o);
>> +
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> removed-conflicting-prototypes.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-removed-conflicting-prototypes.patch
>> new file mode 100644
>> index 0000000..1c3b1ee
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-removed-
>> conflicting-prototypes.patch
>> @@ -0,0 +1,51 @@
>> +Removed conflicting prototypes
>> +
>> +Flex 2.5.36 chaned the prototype of yyget_leng(). Portback upstream
>> +patch to fix the compiling errors:
>> +
>> + <stdout>:1414:11: error: conflicting types for 'yyget_leng'
>> + cftoken.l:56:12: note: previous declaration of 'yyget_leng' was
>> \
>> + here extern int yyget_leng (void);
>> +
>> +Upstream-Status: Backport
>> +
>> +Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
>> +===================================================================
>> +RCS file: /RACOON2/anoncvs/racoon2/lib/cftoken.l,v
>> +retrieving revision 1.53
>> +retrieving revision 1.54
>> +diff -c -p -r1.53 -r1.54
>> +*** racoon2/lib/cftoken.l 2009/03/20 21:57:16 1.53
>> +--- racoon2/lib/cftoken.l 2013/07/30 07:04:51 1.54
>> +***************
>> +*** 1,4 ****
>> +! /* $Id: cftoken.l,v 1.53 2009/03/20 21:57:16 mk Exp $ */
>> + /*
>> + * Copyright (C) 2004 WIDE Project.
>> + * All rights reserved.
>> +--- 1,4 ----
>> +! /* $Id: cftoken.l,v 1.54 2013/07/30 07:04:51 kamada Exp $ */
>> + /*
>> + * Copyright (C) 2004 WIDE Project.
>> + * All rights reserved.
>> +***************
>> +*** 50,67 ****
>> +
>> + #include "safefile.h"
>> +
>> +- extern int yyget_lineno (void);
>> +- extern FILE *yyget_in (void);
>> +- extern FILE *yyget_out (void);
>> +- extern int yyget_leng (void);
>> +- extern char *yyget_text (void);
>> +- extern void yyset_lineno (int);
>> +- extern void yyset_in (FILE *);
>> +- extern void yyset_out (FILE *);
>> +- extern int yyget_debug (void);
>> +- extern void yyset_debug (int);
>> +- extern int yylex_destroy (void);
>> +-
>> + /* avoid gcc error */
>> + #define YY_NO_INPUT 1
>> +
>> +--- 50,55 ----
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-
>> spmd-initscript.patch b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/racoon2-spmd-initscript.patch
>> new file mode 100644
>> index 0000000..8ef1b73
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/racoon2-spmd-
>> initscript.patch
>> @@ -0,0 +1,33 @@
>> +diff --git a/samples/init.d-spmd.in b/samples/init.d-spmd.in
>> +index d38b825..624f22d 100644
>> +--- a/samples/init.d-spmd.in
>> ++++ b/samples/init.d-spmd.in
>> +@@ -1,5 +1,8 @@
>> + #! /bin/sh
>> +
>> ++# Source function library.
>> ++. /etc/init.d/functions
>> ++
>> + prefix=@prefix@
>> + exec_prefix=@exec_prefix@
>> +
>> +@@ -27,6 +30,10 @@ case "$1" in
>> + $DAEMON -k
>> + echo "."
>> + ;;
>> ++ status)
>> ++ status $DAEMON;
>> ++ exit $?
>> ++ ;;
>> + restart|force-reload)
>> + $0 stop
>> + $0 start
>> +@@ -34,7 +41,7 @@ case "$1" in
>> + *)
>> + N=/etc/init.d/$NAME
>> + # echo "Usage: $N {start|stop|restart|reload|force-reload}"
>>> &2
>> +- echo "Usage: $N {start|stop|restart|force-reload}" >&2
>> ++ echo "Usage: $N {start|stop|status|restart|force-reload}"
>>> &2
>> + exit 1
>> + ;;
>> + esac
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2/spmd.service
>> b/meta-cgl-common/recipes-cgl/racoon2/racoon2/spmd.service
>> new file mode 100644
>> index 0000000..22e7acb
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2/spmd.service
>> @@ -0,0 +1,12 @@
>> +[Unit]
>> +Description=Manages IPsec Security Policy for racoon2
>> +After=syslog.target network.target
>> +
>> +[Service]
>> +Type=forking
>> +PIDFile=/var/run/spmd.pid
>> +ExecStart=@SBINDIR@/spmd
>> +ExecStop=@SBINDIR@/spmd -k
>> +
>> +[Install]
>> +WantedBy=multi-user.target
>> diff --git a/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/volatiles.99_racoon2 b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/volatiles.99_racoon2
>> new file mode 100644
>> index 0000000..8c82176
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-
>> cgl/racoon2/racoon2/volatiles.99_racoon2
>> @@ -0,0 +1 @@
>> +d root root 0700 /var/run/racoon2 none
>> diff --git a/meta-cgl-common/recipes-cgl/racoon2/racoon2_20100526a.bb
>> b/meta-cgl-common/recipes-cgl/racoon2/racoon2_20100526a.bb
>> new file mode 100644
>> index 0000000..ada4e24
>> --- /dev/null
>> +++ b/meta-cgl-common/recipes-cgl/racoon2/racoon2_20100526a.bb
>> @@ -0,0 +1,104 @@
>> +SUMMARY = "An implementation of key management system for IPsec"
>> +DESCRIPTION = "The Racoon2 project is a joint effort which provides
>> an \
>> +implementation of key management system for IPsec. The
>> implementation is \
>> +called Racoon2, a successor of Racoon, which was developed by the
>> KAME \
>> +project. It supports IKEv1, IKEv2, and KINK protocols. It works on \
>> +FreeBSD, NetBSD, Linux, and Mac OS X."
>> +
>> +HOMEPAGE = "http://ftp.racoon2.wide.ad.jp/pub/racoon2/"
>> +
>> +DEPENDS = "${@bb.utils.contains('DISTRO_FEATURES', 'krb5', 'krb5',
>> '', d)} libpcap openssl bison flex-native util-linux"
>> +RDEPENDS_${PN} += "perl"
>> +
>> +LICENSE = "BSD-3-Clause"
>> +LIC_FILES_CHKSUM =
>> "file://COPYRIGHT;md5=99a60756441098855c538fe86f859afe"
>> +
>> +SRC_URI = "http://ftp.racoon2.wide.ad.jp/pub/${PN}/${BPN}-${PV}.tgz
>> \
>> + file://racoon2-configure-memcmp.patch \
>> + file://racoon2-correct-openssl-include-path.patch \
>> + file://racoon2-DESTDIR.patch \
>> + file://racoon2-disable-hard-limit-timer.patch \
>> + file://racoon2-fix-rekeying-reply.patch \
>> + file://racoon2-fix-sadb_msg_seq-collision.patch \
>> + file://racoon2-fix-target-perl-path-to-generate-RPM.patch
>> \
>> + file://racoon2-fwrite-return-value.patch \
>> + file://racoon2-fix-configure-error.patch \
>> + file://racoon2-Add-Value-to-HAVE_NSSWITCH_CONF.patch \
>> + file://racoon2-Remove-INSTALL_OPTS.patch \
>> + file://racoon2-iked-needs-libcrypto.patch \
>> + file://racoon2-removed-conflicting-prototypes.patch \
>> + file://racoon2-iked-initscript.patch \
>> + file://racoon2-kinkd-initscript.patch \
>> + file://racoon2-spmd-initscript.patch \
>> + file://racoon2-remove-deprecated-do-clause.patch \
>> + file://racoon2-configure.in-remove-redundant-macros.patch
>> \
>> + file://racoon2-reenable-the-ipv6-check.patch \
>> + file://racoon2-fix-hardcoded-sysconfdir.patch \
>> + file://racoon2-configure-autoheader.patch \
>> + file://volatiles.99_racoon2 \
>> + file://iked.service \
>> + file://spmd.service \
>> + "
>> +
>> +SRC_URI[md5sum] = "2fa33abff1ccd6fc22876a23db77aaa8"
>> +SRC_URI[sha256sum] =
>> "f23773e4d97cec823ec634085b5e60a7884a13467ff1bffc17daac14d02f9caa"
>> +
>> +inherit autotools-brokensep update-rc.d systemd
>> +
>> +EXTRA_OECONF += "--sysconfdir=${sysconfdir}/${BPN} \
>> + --disable-pedant \
>> + --enable-pcap=yes \
>> + --enable-iked=yes \
>> + ${@bb.utils.contains('DISTRO_FEATURES', 'krb5', '
>> --enable-kinkd', '--disable-kinkd', d)} \
>> + ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '
>> --enable-ipv6', '--disable-ipv6', d)} \
>> + --with-openssl-libdir=${STAGING_DIR_TARGET} \
>> + --with-kernel-build-dir=${STAGING_INCDIR}"
>> +
>> +
>> +do_install_append() {
>> + install -d -m 0755 ${D}${sysconfdir}/init.d/
>> + cp -rfa ${D}${sysconfdir}/${BPN}/init.d/*
>> ${D}${sysconfdir}/init.d/
>> +
>> + rmdir ${D}${localstatedir}/run/racoon2 ${D}${localstatedir}/run
>> ${D}${localstatedir}
>> + install -d ${D}${sysconfdir}/default/volatiles
>> + install -m 0700 ${WORKDIR}/volatiles.99_racoon2
>> ${D}${sysconfdir}/default/volatiles/99_racoon2
>> + if ${@bb.utils.contains('DISTRO_FEATURES', 'krb5', 'false',
>> 'true', d)}; then
>> + rm -f ${D}${sysconfdir}/init.d/kinkd
>> ${D}${sysconfdir}/${BPN}/init.d/kinkd \
>> + ${D}${sysconfdir}/${BPN}/transport_kink.conf.sample
>> ${D}${sysconfdir}/${BPN}/tunnel_kink.conf.sample
>> + fi
>> +
>> + # Install systemd service files
>> + install -d ${D}${systemd_system_unitdir}
>> + install -m 0644 ${WORKDIR}/iked.service
>> ${D}${systemd_system_unitdir}
>> + install -m 0644 ${WORKDIR}/spmd.service
>> ${D}${systemd_system_unitdir}
>> + sed -i -e 's#@SBINDIR@#${sbindir}#g' -e
>> 's, at BASE_BINDIR@,${base_bindir},g' \
>> + ${D}${systemd_system_unitdir}/*.service
>> +
>> + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true',
>> 'false', d)}; then
>> + install -d ${D}${sysconfdir}/tmpfiles.d
>> + echo "d /var/run/racoon2 0700 root root -" \
>> + > ${D}${sysconfdir}/tmpfiles.d/${BPN}.conf
>> + fi
>> +}
>> +
>> +INITSCRIPT_PACKAGES = "${PN} ${PN}-iked ${PN}-${@bb.utils.contains('
>> DISTRO_FEATURES', 'krb5', 'kinkd', '', d)}"
>> +INITSCRIPT_NAME_${PN} = "spmd"
>> +INITSCRIPT_PARAMS_${PN} = "remove"
>> +INITSCRIPT_NAME_${PN}-iked = "iked"
>> +INITSCRIPT_PARAMS_${PN}-iked = "remove"
>> +INITSCRIPT_NAME_${PN}-kinkd = "kinkd"
>> +INITSCRIPT_PARAMS_${PN}-kinkd= "remove"
>> +
>> +SYSTEMD_PACKAGES = "${PN}"
>> +SYSTEMD_SERVICE_${PN} = "spmd.service iked.service"
>> +SYSTEMD_AUTO_ENABLE = "disable"
>> +
>> +
>> +pkg_postinst_${PN} () {
>> + if [ -z "$D" ]; then
>> + if [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then
>> + ${sysconfdir}/init.d/populate-volatile.sh update
>> + fi
>> + fi
>> +}
>> +
>> --
>> 2.7.4
>>
More information about the yocto
mailing list