From ea33d94f92a94646be7ff360c0982508e00d95b4 Mon Sep 17 00:00:00 2001
From: Jianjun Shen <shenj@vmware.com>
Date: Tue, 1 Sep 2020 23:15:18 -0700
Subject: [PATCH] Fix strongSwan configuration file with strongSwan >= version
 5.7.0 (#1191)

Starting from version 5.7.0, strongSwan no longer supports specifying a
configuration parameter with the path delimited by dots in a
configuration file. This change breaks ovs-ipsec-monitor which writes
strongSwan configuration parameters with the dotted paths.
This commit applies an ovs-monitor-ipsec patch to fix the issue, as a
workaround before the patch is merged to OVS upstream.
---
 build/images/ovs/apply-patches.sh | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/build/images/ovs/apply-patches.sh b/build/images/ovs/apply-patches.sh
index 1070203e10a..b0105d36d81 100755
--- a/build/images/ovs/apply-patches.sh
+++ b/build/images/ovs/apply-patches.sh
@@ -78,8 +78,17 @@ curl https://github.com/openvswitch/ovs/commit/fe175ac17352ceb2dbc9958112b4b1bc1
 curl https://github.com/lzhecheng/ovs/commit/869b06356e389079861962160e864df609d033e5.patch | \
     git apply
 
+# Starting from version 5.7.0, strongSwan no longer supports specifying a configuration parameter
+# with the path delimited by dots in a configuration file. This patch fixes the strongSwan
+# configuration parameters that ovs-monitor-ipsec writes, to comply with the new strongSwan format.
+# After the patch is merged into OVS upstream, we should update the patch URL with the upstream
+# commit. After a new OVS release with the fix is available, we can switch to use that OVS release,
+# and remove the workaround to apply the patch here.
+curl https://github.com/jianjuns/ovs/commit/714b133ef2b2d8dac0770b78265a8b52c2f00f2f.patch | \
+    git apply
+
 # OVS hardcodes the installation path to /usr/lib/python3.7/dist-packages/ but this location
 # does not seem to be in the Python path in Ubuntu 20.04. There may be a better way to do this,
 # but this seems like an acceptable workaround.
 sed -i 's/python3\.7/python3\.8/' debian/openvswitch-test.install
-sed -i 's/python3\.7/python3\.8/' debian/python3-openvswitch.install
\ No newline at end of file
+sed -i 's/python3\.7/python3\.8/' debian/python3-openvswitch.install