I'm using strongswan (currently 2.8.0) to connect to my office via VPN. The VPN setup at our company requires USE_NAT_TRAVERSAL_TRANSPORT_MODE to be enabled in the Makefile.inc (which is disabled by default for security reasons). Therefore, I created a small patch to the 2.8.0 ebuild, which adds a new use-flag "nat-transport". I think this might be useful for others too, so please consider adding it to the official ebuild. Here's the patch (diff -Naur): --- /home/chr/strongswan-2.8.0.ebuild 2006-12-21 14:34:36.428028613 +0100 +++ strongswan-2.8.0.ebuild 2006-12-21 14:06:44.811682137 +0100 @@ -11,7 +11,7 @@ LICENSE="GPL-2 RSA-MD2 RSA-MD5 RSA-PKCS11 DES" SLOT="0" KEYWORDS="~amd64 ~ppc ~sparc ~x86" -IUSE="curl ldap smartcard" +IUSE="curl ldap smartcardi nat-transport" COMMON_DEPEND="!net-misc/openswan dev-libs/gmp" @@ -67,6 +67,12 @@ eend $? fi + if use nat-transport ; then + ebegin "Enabling NAT-Traversal on Transport mode" + sed -i -e 's:\(USE_NAT_TRAVERSAL_TRANSPORT_MODE?=\)false:\1true:g' Makefile.inc || die + eend $? + fi + if use smartcard ; then ebegin "Smartcard support requested. Enabling opensc support" sed -i -e 's:\(USE_SMARTCARD?=\)false:\1true:g' Makefile.inc || die
I added it to net-misc/strongswan-2.8.1. Please test.
The 2.8.1 ebuild fails on my box, looks like -ldl is missing somewhere. When adding -ldl to programs/pluto/Makefile line 133 and manually running make, everything seems to run fine. Btw, -ldl is added to $LIBSPLUTO when USE_SMARTCARD is set to true. This is kinda odd ;) Here's the build output: cc -o pluto kernel_alg.o ike_alg.o alg_info.o db_ops.o asn1.o connections.o constants.o cookie.o crypto.o defs.o fetch.o foodgroups.o log.o state.o plutomain.o server.o timer.o oid.o pem.o pgp.o pkcs1.o pkcs7.o x509.o ca.o certs.o id.o ipsec_doi.o kernel.o kernel_netlink.o kernel_pfkey.o mp_defs.o kernel_noklips.o rcv_whack.o demux.o packet.o lex.o keys.o dnskey.o smartcard.o ac.o rnd.o spdb.o sha1.o md5.o md2.o modecfg.o ocsp.o crl.o vendor.o nat_traversal.o virtual.o xauth.o alg/libalg.o ../../lib/libdes/libdes.a ../../lib/libfreeswan/libfreeswan.a -lgmp -lresolv xauth.o: In function `xauth_finalize': /var/tmp/portage/strongswan-2.8.1/work/strongswan-2.8.1/programs/pluto/xauth.c:66: undefined reference to `dlclose' collect2: ld gab 1 als Ende-Status zurück make[2]: *** [pluto] Fehler 1 make[2]: Leaving directory `/var/tmp/portage/strongswan-2.8.1/work/strongswan-2.8.1/programs/pluto' make[1]: *** [programs] Fehler 1 make[1]: Leaving directory `/var/tmp/portage/strongswan-2.8.1/work/strongswan-2.8.1/programs' make: *** [programs] Fehler 1
(In reply to comment #2) > The 2.8.1 ebuild fails on my box, looks like -ldl is missing somewhere. When > adding -ldl to programs/pluto/Makefile line 133 and manually running make, > everything seems to run fine. I can not verify this problem.