This note describes how to build ipsec-tools
(racoon)
obtained from the Android repository
(https://android.googlesource.com/platform/external/ipsec-tools/) on a Ubuntu
laptop machine (Dell XPS 13). The system used for this work is Ubuntu 18.04.2
LTS: uname -a
gives
Linux xps13 4.15.0-1045-oem #50-Ubuntu SMP Wed Jun 26 11:16:36 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
-
Install dependencies
- Install
llvm/clang
sudo apt install clang
- Install
libbsd-dev
(for 'strlcat')
sudo apt install libbsd-dev
- Install openssl. Note that
sudo apt install libssl-dev
could satisfy the dependency requirement. However, I only tested with manual installation, as follows.
cd /tmp # Obtain openssl 1.0.2l wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz tar xvfz openssl-1.0.2l.tar.gz cd openssl-1.0.2l ./config --prefix=/tmp/openssl-for-ipsec-tools make make install
Now openssl headers and libraries have been installed in '/tmp/openssl-for-ipsec-tools/'.
- Install
-
Clone the Android ipsec-tools repository, and modify the source files.
cd /tmp git clone https://android.googlesource.com/platform/external/ipsec-tools cd ipsec-tools
Replace the included '<string.h>', with '<bsd/string.h>' in source files.
find . -name "*.c" | xargs sed -i.bak -e 's|<string\.h|<bsd\/string\.h|g'
The original source files are backed up to the corresponding '.bak' files. Applied the following patch to Makefile.
diff --git a/Makefile b/Makefile index d8c417f..d371807 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ all: - gcc -O3 -Wall -o racoon -I. -Isrc/include-glibc -Isrc/libipsec \ - -Isrc/racoon -Isrc/racoon/missing -DHAVE_CONFIG_H -lcrypto \ + clang -v -O1 -g -fsanitize=address -fno-omit-frame-pointer -o racoon -I. -Isrc/include-glibc -Isrc/libipsec \ + -Isrc/racoon -Isrc/racoon/missing -I/tmp/openssl-for-ipsec-tools/include -DHAVE_CONFIG_H \ src/libipsec/pfkey.c \ src/libipsec/ipsec_strerror.c \ src/racoon/algorithm.c \ @@ -32,4 +32,5 @@ all: src/racoon/vendorid.c \ src/racoon/vmbuf.c \ main.c \ - setup.c + setup.c \ + -L/tmp/openssl-for-ipsec-tools/lib -lcrypto -lbsd -ldl
-
Build 'ipsec-tools' with
make
. The generated binary isracoon
. Introduce a bug in 'main.c' to trigger an ASan warning.