| View previous topic :: View next topic |
| Author |
Message |
FlashLight
Tux's lil' helper
Joined: 07 Sep 2003
Posts: 106
|
 Posted: Thu Dec 04, 2003 5:39 pm Post subject: freeswan and kernel |
 |
|
I'm trying to emerge freeswan 2.04 but I'm getting this message:
| Code: |
Calculating dependencies ...done!
>>> emerge (1 of 1) net-misc/freeswan-2.04 to /
>>> md5 src_uri ;-) freeswan-2.04.tar.gz
>>> md5 src_uri ;-) x509-1.4.8-freeswan-2.04.tar.gz
You need to have the crypto-enabled version of Gentoo Sources
with a symlink to it in /usr/src/linux in order to have IPSec
kernel compatibility.
|
The kernel I'm using I downloaded from kernel.org and applied the ben-h patches. So it's not emerged from the gentoo sources. What do I have to do to get my current kernel patched up with whatever it is freeswan needs without having to emerge the gentoo sources?
My current kernel is 2.4.23-pre5-ben0
Thanks. |
|
| Back to top |
|
 |
FlashLight
Tux's lil' helper
Joined: 07 Sep 2003
Posts: 106
|
| Posted: Fri Dec 05, 2003 7:15 pm Post subject: |
|
|
| anyone? |
|
| Back to top |
|
|
muphicks
n00b
Joined: 22 Nov 2003
Posts: 48
|
| Posted: Fri Dec 05, 2003 11:30 pm Post subject: |
|
|
Can't help, but I'm also getting the same error.
I've emerged the 2.6 development kernel and done a custom compile of it. I can't find any further kernel flags I need to set. Is there something else been missed here? |
|
| Back to top |
|
|
FlashLight
Tux's lil' helper
Joined: 07 Sep 2003
Posts: 106
|
| Posted: Sat Dec 06, 2003 2:43 am Post subject: |
|
|
| Out of desperation I went ahead and emerged ppc-sources-crypto. Installed it, rebuilt the kernel, did an emerge on freeswan and got the same error. /usr/src/linux is a symlink to ppc-sources-crypto. |
|
| Back to top |
|
|
tphamm
Tux's lil' helper
Joined: 01 Jun 2003
Posts: 112
Location: Saskatoon, SK, CA
|
| Posted: Sat Dec 06, 2003 4:01 am Post subject: |
|
|
The latest gentoo-sources-2.4.22-r1 has the IPSec patches applied. The option to enable is the very last one under "Networking options". Other than that, you may have to open up the freeswan sources yourself and follow the instructions within to patch your own kernel.
_________________
"This is a UNIX system! I know this!" -- little girl from dinasaur park |
|
| Back to top |
|
|
FlashLight
Tux's lil' helper
Joined: 07 Sep 2003
Posts: 106
|
| Posted: Sat Dec 06, 2003 5:18 am Post subject: |
|
|
| Thank you, I'll give this a shot. However, wasn't there an exploit for kernels under 2.4.22 and under? |
|
| Back to top |
|
|
FlashLight
Tux's lil' helper
Joined: 07 Sep 2003
Posts: 106
|
| Posted: Sat Dec 06, 2003 5:34 am Post subject: |
|
|
| Hi, I tried it and I don't see anything on IPSec under Networking Options. This was for ppc-sources-2.4.22-r3 Is there a certain USE flag that I have to set/unset? |
|
| Back to top |
|
|
FlashLight
Tux's lil' helper
Joined: 07 Sep 2003
Posts: 106
|
| Posted: Sun Dec 07, 2003 4:59 am Post subject: |
|
|
| Ok, so I uninstalled ppc-sources and did emerge -p freeswan and it lists ppc-sources as one of its dependencies. Thinking that this would install the proper kernel that would get freeswan to install, I went ahead with it. It dies off with the same error after installing what it claimed to be the dependency. Is the dependency for it just wrong or...? |
|
| Back to top |
|
|
BlackB1rd
Tux's lil' helper
Joined: 13 Aug 2003
Posts: 131
Location: /Europe/Netherlands/Haarlem
|
| Posted: Fri Dec 12, 2003 3:37 pm Post subject: |
|
|
| Got the same problem with kernel 2.6-test11-r1. Nobody knows a trick to get it working? |
|
| Back to top |
|
|
cselkirk
Apprentice
Joined: 09 Jun 2003
Posts: 199
Location: NL
|
| Posted: Sun Dec 14, 2003 11:34 pm Post subject: USE="crypt" |
|
|
For the ipsec patch to be applied you need to add "crypt" to your USE flags (in /etc/make.conf).
As for the OP: ppc-sources doesn't apply the freeswan kernel patch, but i wonder if infact freeswan was applied (via your attempt at using the freeswan sources) as it would create /usr/src/linux/net/ipsec, and the lack thereof tiggers the error. I use superfreeswan (now re-named "sfs") 2.04 and (patched) ppc sources .. running "make oldgo" in the sfs source tree (and I assume this is the same for freeswan) patched and built the new kernel and modules (note: I had previously configured the kernel, you may want to run "make menugo"). As already noted in this thread the ppc-sources-crypto suffer from a serious sercurity problem (namely the ptrace vunerability) so you are advised to stay clear of it.
_________________
cn=cselkirk,dc=xs4all,dc=nl |
|
| Back to top |
|
|
numbaonestunna
n00b
Joined: 05 Mar 2003
Posts: 48
|
| Posted: Wed Feb 25, 2004 6:57 pm Post subject: Re: USE="crypt" |
|
|
| cselkirk wrote: | For the ipsec patch to be applied you need to add "crypt" to your USE flags (in /etc/make.conf).
As for the OP: ppc-sources doesn't apply the freeswan kernel patch, but i wonder if infact freeswan was applied (via your attempt at using the freeswan sources) as it would create /usr/src/linux/net/ipsec, and the lack thereof tiggers the error. I use superfreeswan (now re-named "sfs") 2.04 and (patched) ppc sources .. running "make oldgo" in the sfs source tree (and I assume this is the same for freeswan) patched and built the new kernel and modules (note: I had previously configured the kernel, you may want to run "make menugo"). As already noted in this thread the ppc-sources-crypto suffer from a serious sercurity problem (namely the ptrace vunerability) so you are advised to stay clear of it. |
For which package? For kernel source you need "crypt" or for freeswan? |
|
| Back to top |
|
|
|
Networking & Security
