Project

General

Profile

Bug #2118

libipsec, Windows and missing headers

Added by Noel Kuntze about 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Category:
windows
Target version:
Start date:
22.09.2016
Due date:
Estimated time:
Affected version:
5.5.0
Resolution:
Fixed

Description

Hello,

As you might know, I'm porting (or ported) (kernel-)libipsec to Windows with support for the OpenVPN TAP-Windows6 driver.
I've got that all working and done. However, before I can contribute that to the project, I need to take care of the licensing issues regarding the different pieces of software.

The primary problem I have right now is that Windows does not ship (And neither does the Windows Driver SDK or any other component that I could install as prerequisite)
with any header definitions for IPv4 or IPv6, but they are required to compile libipsec, because the code in ip_packet.c and esp_packet.c require them.

At the moment I solved this by copying the required headers into a header file and including them in those source files (ip_packet.c and esp_packet.c).
However, those headers are under the GPLV2 or the BSD license, so that violates the contribution requirement (You require all the code to be under the MIT X11 license).

Do you have any idea how I can/could solve this in sane way? Simply importing in.h, ip.h and ip6.h does not and will not work, because those files are not necessarily available
when compiling the strongSwan source code for Windows and those files import other files by themselves, which are not necesarily available.

libipsec-win.patch (2.28 KB) libipsec-win.patch Tobias Brunner, 22.09.2016 09:55
libipsec-win.patch (2.32 KB) libipsec-win.patch IPv6 header struct fixed Tobias Brunner, 23.09.2016 08:48

Associated revisions

Revision 1da56773 (diff)
Added by Tobias Brunner almost 4 years ago

libipsec: Fix Windows build via MinGW

Fixes #2118.

History

#1 Updated by Tobias Brunner about 4 years ago

I guess we could just define the stuff we need like I did for the UDP and TCP headers in ip_packet.c. The attached patch fixes the build of libipsec via MinGW here.

#2 Updated by Tobias Brunner about 4 years ago

  • Category set to windows

#3 Updated by Noel Kuntze about 4 years ago

Well, if the patch does not violate other people's copyright on the code and is licensable under the MIT license, I'll just use that instead of the header file I produced.

#4 Updated by Noel Kuntze about 4 years ago

There's certainly something wrong with that patch, because with it (and without my own), The following log messages appear and those IPv6-Adresses obviously aren't right.
I'm going to fiddle around to try and find out what the problem is.

08[ESP] no matching outbound IPsec policy for 5c11:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 183a:ff00:: == 0:ff:200::1ff
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 192.168.178.218 == 191.232.139.64
08[ESP] no matching outbound IPsec policy for 203a:ff2a:340:0:630:6400:: == 0:7ff:200::
08[ESP] no matching outbound IPsec policy for 103a:fffe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 192.168.178.218 == 191.232.139.64
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 192.168.178.218 == 191.232.139.64
08[ESP] no matching outbound IPsec policy for 283a:802a:340:0:630:6400:: == 0:72a:14:5040:108:1400::
08[ESP] no matching outbound IPsec policy for 192.168.178.218 == 191.232.139.64
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 3800:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 1e11:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 2400:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::
08[ESP] no matching outbound IPsec policy for 1e11:1fe:8000::59:6bbf:9296 == 3f63:a3ff:200::

#5 Updated by Noel Kuntze about 4 years ago

I made some changes and it's working alright now. To contribute my code, I still need another header file from the OpenVPN Tech guys, but that's already nearly done on their side. I'm just waiting for the file now.

#6 Updated by Tobias Brunner about 4 years ago

There's certainly something wrong with that patch, because with it (and without my own), The following log messages appear and those IPv6-Adresses obviously aren't right.

Yes, my bad, the first field in the ip6_hdr struct should have been 32-bit long.

#7 Updated by Tobias Brunner almost 4 years ago

  • Tracker changed from Issue to Bug
  • Assignee set to Tobias Brunner
  • Target version set to 5.5.2
  • Resolution set to Fixed

#8 Updated by Tobias Brunner over 3 years ago

  • Status changed from Feedback to Closed

Also available in: Atom PDF