[Openswan Users] Klips - native ipsec compiling problem
lux
openswan at iotti.biz
Mon Mar 7 07:53:42 CET 2005
I ran into a problem that already appeared in list.
I just added to my kernel (Fedora 3) the ipsec patches from patch-o-matic-ng
from netfilter.
Now I fail to recompile klips (openswan 2.3.0) with errors about #defines
being redefined:
In file included from
/usr/src/redhat/BUILD/openswan-2.3.0/BUILD.i386/ipsec_init.c:97:
/usr/src/redhat/BUILD/openswan-2.3.0/linux/include/pfkeyv2.h:39:1: warning:
"SADB_X_NAT_T_NEW_MAPPING" redefined
In file included from include/net/xfrm.h:10,
from include/linux/netfilter_ipv4.h:93,
from include/net/ip.h:34,
from
/usr/src/redhat/BUILD/openswan-2.3.0/BUILD.i386/ipsec_init.c:63:
include/linux/pfkeyv2.h:243:1: warning: this is the location of the previous
definition
...
The same thing about SADB_EXT_MAX, SADB_SATYPE_MAX,... lots of constants in
pfkeyv2.h.
The problem arises because the pom-ng patches #include netfilter_ipv4.h in
ip.h (included in ipsec_init.c), which in turn includes xfrm.h which
includes pfkeyv2.h from the current kernel, hence the conflict with
openswan's pfkeyv2.h (this problem already appeared in list on a Suse, I
think because it includes the pom-ng ipsec patches out of the box).
It would be fairly trivial to eliminate the problem, testing in either
pfkeyv2.h if the other was already included.
What looks a problem to me is that the two pfkeyv2.h are fairly different:
what is the right one?
Using one or the other makes some difference?
Maybe this issue should be posted on the dev ML?
More information about the Users
mailing list