关于openswan补丁
本帖最后由 外零 于 2014-02-06 10:49 编辑xl2tpd: IPsec SAref does not work with L2TP kernel mode yet, enabling force userspace=yes
xl2tpd: setsockopt recvref: Protocol not available
xl2tpd: Not looking for kernel support.
xl2tpd: open_controlfd: Unable to open /var/run/xl2tpd/l2tp-control for reading.
openswan的文档中并没有说一定要saref打上这个补丁,但是不管在xl2tpd中怎么配置,都会出现这样的问题。
内核2.6.32,
$uname -r
2.6.32-431.3.1.el6.i686
release centos 6.3
使用openswan-2.6.39/patches/kernel/2.6.32目录下的patch,然后重新编译内核的时候会出现以下问题
net/ipv4/ip_sockglue.c: In function ‘ip_cmsg_recv_ipsec_refinfo’:
net/ipv4/ip_sockglue.c:180: error: dereferencing pointer to incomplete type
net/ipv4/ip_sockglue.c:181: error: dereferencing pointer to incomplete type
net/ipv4/ip_sockglue.c: In function ‘ip_cmsg_send_ipsec_refinfo’:
net/ipv4/ip_sockglue.c:200: error: dereferencing pointer to incomplete type
net/ipv4/ip_sockglue.c:201: error: dereferencing pointer to incomplete type
查看代码 结构体 ipsec_secpath_saref_ops 未定义。
加上结构体定义:
struct ipsec_secpath_saref_ops {
int (*set_ipc_saref)(struct ipcm_cookie *ipc, xfrm_sec_unique_t saref);
void (*get_secpath_sarefs)(struct sec_path *sp,
xfrm_sec_unique_t *refme, xfrm_sec_unique_t *refhim);
};
net/ipv4/ip_sockglue.c:306: error: redefinition of ‘__kcrctab_ip_cmsg_send’
net/ipv4/ip_sockglue.c:258: note: previous definition of ‘__kcrctab_ip_cmsg_send’ was here
306和258行
EXPORT_SYMBOL(ip_cmsg_send);
重复。
页:
[1]