From owner-freebsd-bugs@FreeBSD.ORG Fri Oct 5 10:40:02 2007 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 225CB16A418 for ; Fri, 5 Oct 2007 10:40:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id E76D913C465 for ; Fri, 5 Oct 2007 10:40:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.1/8.14.1) with ESMTP id l95Ae1kO033140 for ; Fri, 5 Oct 2007 10:40:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.1/8.14.1/Submit) id l95Ae12Q033139; Fri, 5 Oct 2007 10:40:01 GMT (envelope-from gnats) Resent-Date: Fri, 5 Oct 2007 10:40:01 GMT Resent-Message-Id: <200710051040.l95Ae12Q033139@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Raffaele De Lorenzo Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C92BF16A417 for ; Fri, 5 Oct 2007 10:38:33 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id AAE0A13C480 for ; Fri, 5 Oct 2007 10:38:33 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.1/8.14.1) with ESMTP id l95AcXI8031297 for ; Fri, 5 Oct 2007 10:38:33 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.1/8.14.1/Submit) id l95AcXrK031296; Fri, 5 Oct 2007 10:38:33 GMT (envelope-from nobody) Message-Id: <200710051038.l95AcXrK031296@www.freebsd.org> Date: Fri, 5 Oct 2007 10:38:33 GMT From: Raffaele De Lorenzo To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: misc/116949: Some Cisco Concentrators refuse Connection (ISAKMP_N_INVALID_PAYLOAD_TYPE(1)) X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Oct 2007 10:40:02 -0000 >Number: 116949 >Category: misc >Synopsis: Some Cisco Concentrators refuse Connection (ISAKMP_N_INVALID_PAYLOAD_TYPE(1)) >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Oct 05 10:40:01 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Raffaele De Lorenzo >Release: FreeBSD 6.2-STABLE-200706 >Organization: >Environment: FreeBSD noel.localhost 6.2-STABLE-200706 FreeBSD 6.2-STABLE-200706 #0: Sun Jun 3 13:54:03 UTC 2007 root@dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 >Description: Some Cisco Concentrator refuse connection if the Presentation Version String is not the same like Official "Cisco VPN Client". This patch maskered the version to "Cisco Systems VPN Client 4.8.00 (0490):Linux", and solve this problem. >How-To-Repeat: >Fix: Patch attached with submission follows: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # vpnc # vpnc/Makefile # vpnc/distinfo # vpnc/pkg-descr # vpnc/files # vpnc/files/patch-Makefile # vpnc/files/patch-config.c # vpnc/files/patch-vpnc-disconnect # vpnc/files/patch-vpnc-script # vpnc/files/vpnc.in # echo c - vpnc mkdir -p vpnc > /dev/null 2>&1 echo x - vpnc/Makefile sed 's/^X//' >vpnc/Makefile << 'END-of-vpnc/Makefile' X# New ports collection makefile for: vpnc X# Date created: 15 December 2003 X# Whom: Christian Lackas X# X# $FreeBSD: ports/security/vpnc/Makefile,v 1.26 2007/09/23 12:47:55 rafan Exp $ X# X XPORTNAME= vpnc XPORTVERSION= 0.4.0 XPORTREVISION= 3 XCATEGORIES= security XMASTER_SITES= http://www.unix-ag.uni-kl.de/~massar/vpnc/ X XMAINTAINER= delta@lackas.net XCOMMENT= Client for Cisco 3000 VPN Concentrator X XLIB_DEPENDS= gcrypt.13:${PORTSDIR}/security/libgcrypt X XUSE_GMAKE= yes XALL_TARGET= vpnc X XUSE_RC_SUBR= vpnc XUSE_PERL5_BUILD= yes X XPLIST_FILES= sbin/vpnc \ X sbin/vpnc-script \ X sbin/vpnc-disconnect \ X etc/vpnc.conf.sample X XPORTDOCS= README TODO XMAN8= vpnc.8 X X.include X Xpost-patch: X @${REINPLACE_CMD} -e \ X 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/config.c X @${REINPLACE_CMD} -e \ X 's|%%PREFIX%%|${PREFIX}|;s|%%CC%%|${CC}|;s|%%CFLAGS%%|${CFLAGS}|' \ X ${WRKSRC}/Makefile X Xdo-install: X @${INSTALL_PROGRAM} -m 751 ${WRKSRC}/vpnc ${PREFIX}/sbin/vpnc X @${INSTALL_SCRIPT} -m 751 ${WRKSRC}/vpnc-script ${PREFIX}/sbin/vpnc-script X @${INSTALL_SCRIPT} -m 751 ${WRKSRC}/vpnc-disconnect ${PREFIX}/sbin/vpnc-disconnect X @${INSTALL_DATA} -m 600 ${WRKSRC}/vpnc.conf ${PREFIX}/etc/vpnc.conf.sample X.if !defined(NO_INSTALL_MANPAGES) X @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|' ${WRKSRC}/vpnc.8 X @${INSTALL_MAN} ${WRKSRC}/vpnc.8 ${PREFIX}/man/man8 X.endif X.if !defined(NOPORTDOCS) X ${MKDIR} ${DOCSDIR} X @cd ${WRKSRC} && ${INSTALL_DATA} ${PORTDOCS} ${DOCSDIR} X.endif X X.include END-of-vpnc/Makefile echo x - vpnc/distinfo sed 's/^X//' >vpnc/distinfo << 'END-of-vpnc/distinfo' XMD5 (vpnc-0.4.0.tar.gz) = 604807e7dd90fce00a4e2344ee29c76d XSHA256 (vpnc-0.4.0.tar.gz) = f91c6bc2547cb503fde4f244ba82304553fec3954c65521482f8db2491700586 XSIZE (vpnc-0.4.0.tar.gz) = 75491 END-of-vpnc/distinfo echo x - vpnc/pkg-descr sed 's/^X//' >vpnc/pkg-descr << 'END-of-vpnc/pkg-descr' XVPNC - Client for Cisco 3000 VPN Concentrator, IOS and PIX X XVpnc is a VPN client for the Cisco 3000 VPN Concentrator, creating a XIPSec-like connection as a tunneling network device for the local Xsystem. The created connection is presented as a tunneling network Xdevice to the local system. The daemon runs entirely in userspace. X XWWW: http://www.unix-ag.uni-kl.de/~massar/vpnc/ END-of-vpnc/pkg-descr echo c - vpnc/files mkdir -p vpnc/files > /dev/null 2>&1 echo x - vpnc/files/patch-Makefile sed 's/^X//' >vpnc/files/patch-Makefile << 'END-of-vpnc/files/patch-Makefile' X--- ./Makefile.orig 2007-02-19 21:51:12.000000000 +0100 X+++ ./Makefile 2007-07-24 16:45:36.000000000 +0200 X@@ -20,7 +20,7 @@ X # $Id: Makefile 148 2007-02-19 20:51:14Z Maurice Massar $ X X DESTDIR= X-PREFIX=/usr/local X+PREFIX=%%PREFIX%% X ETCDIR=/etc/vpnc X BINDIR=$(PREFIX)/bin X SBINDIR=$(PREFIX)/sbin X@@ -34,8 +34,7 @@ X VERSION := $(shell sh mk-version) X RELEASE_VERSION := $(shell cat VERSION) X X-CC=gcc X-CFLAGS += -W -Wall -O3 -Wmissing-declarations -Wwrite-strings -g X+CC=%%CC%% X CPPFLAGS = -DVERSION=\"$(VERSION)\" X LDFLAGS = -g $(shell libgcrypt-config --libs) X CFLAGS += $(shell libgcrypt-config --cflags) END-of-vpnc/files/patch-Makefile echo x - vpnc/files/patch-config.c sed 's/^X//' >vpnc/files/patch-config.c << 'END-of-vpnc/files/patch-config.c' X--- config.c.orig Fri Feb 16 18:22:06 2007 X+++ config.c Fri Oct 5 11:52:49 2007 X@@ -241,22 +241,19 @@ X X static const char *config_def_app_version(void) X { X- struct utsname uts; X char *version; X- X- uname(&uts); X- asprintf(&version, "Cisco Systems VPN Client %s:%s", VERSION, uts.sysname); X+ asprintf(&version, "Cisco Systems VPN Client %s:%s", "4.8.00 (0490)", "Linux"); X return version; X } X X static const char *config_def_script(void) X { X- return "/etc/vpnc/vpnc-script"; X+ return "/usr/local/sbin/vpnc-script"; X } X X static const char *config_def_pid_file(void) X { X- return "/var/run/vpnc/pid"; X+ return "/var/run/vpnc.pid"; X } X X static const char *config_def_vendor(void) X@@ -485,7 +482,7 @@ X { X char *realname; X X- asprintf(&realname, "%s%s%s", index(name, '/') ? "" : "/etc/vpnc/", name, add_dot_conf ? ".conf" : ""); X+ asprintf(&realname, "%s%s%s", index(name, '/') ? "" : "/usr/local/etc/vpnc/", name, add_dot_conf ? ".conf" : ""); X return realname; X } X X@@ -701,8 +698,8 @@ X } X X if (!got_conffile) { X- read_config_file("/etc/vpnc/default.conf", config, 1); X- read_config_file("/etc/vpnc.conf", config, 1); X+ read_config_file("/usr/local/etc/vpnc/default.conf", config, 1); X+ read_config_file("/usr/local/etc/vpnc.conf", config, 1); X } X X if (!print_config) { END-of-vpnc/files/patch-config.c echo x - vpnc/files/patch-vpnc-disconnect sed 's/^X//' >vpnc/files/patch-vpnc-disconnect << 'END-of-vpnc/files/patch-vpnc-disconnect' X--- vpnc-disconnect.orig Tue Mar 13 16:27:11 2007 X+++ vpnc-disconnect Tue Mar 13 16:27:17 2007 X@@ -1,6 +1,6 @@ X #!/bin/sh X X-pid=/var/run/vpnc/pid X+pid=/var/run/vpnc.pid X X if [ $# -ne 0 ]; then X echo "Usage: $0" 1>&2 END-of-vpnc/files/patch-vpnc-disconnect echo x - vpnc/files/patch-vpnc-script sed 's/^X//' >vpnc/files/patch-vpnc-script << 'END-of-vpnc/files/patch-vpnc-script' X--- vpnc-script.orig Tue Mar 13 16:03:06 2007 X+++ vpnc-script Tue Mar 13 16:03:24 2007 X@@ -31,8 +31,8 @@ X ;; X esac X X-DEFAULT_ROUTE_FILE=/var/run/vpnc/defaultroute X-RESOLV_CONF_BACKUP=/var/run/vpnc/resolv.conf-backup X+DEFAULT_ROUTE_FILE=/var/run/vpnc.defaultroute X+RESOLV_CONF_BACKUP=/var/run/vpnc.resolv.conf-backup X X # some systems, eg. Darwin & FreeBSD, prune /var/run on boot X if ! [ -d "/var/run/vpnc" ]; then END-of-vpnc/files/patch-vpnc-script echo x - vpnc/files/vpnc.in sed 's/^X//' >vpnc/files/vpnc.in << 'END-of-vpnc/files/vpnc.in' X#!/bin/sh X# X# Author: kamikaze X# Contact: LoN_Kamikaze@gmx.de X# X# If vpnc_conf is defined, it will be treated as a list of configuration files X# in vpnc_conf_dir. This managed mode is useful where where vpnc tunnels have X# to be established through other vpnc tunnels. X# You can pass further command line options to vpnc by specifying X# them in vpnc_flags. X# X X# PROVIDE: vpnc X# REQUIRE: LOGIN X# KEYWORD: shutdown X X# Default settings - don't change this. X: ${vpnc_enable="NO"} X: ${vpnc_pid_dir="/var/run"} X: ${vpnc_conf_dir="%%PREFIX%%/etc"} X: ${vpnc_record="$vpnc_pid_dir/vpnc.record"} X X. %%RC_SUBR%% X Xname="vpnc" Xrcvar=`set_rcvar` X Xcommand="%%PREFIX%%/sbin/$name" X Xvpnc_start() { X if [ -z "$vpnc_conf" ]; then X #No configuration files given, run unmanaged. X $command $vpnc_flags X return $? X fi X X # A list of configurations is present. Connect managing X # what is required for a clean shutdown later. X X for config in $vpnc_conf; do X X # The current configuration file. X current="$vpnc_conf_dir/$config" X X # Start vpnc. X $command --local-port 0 $current $vpnc_flags X status=$? X if [ $status != 0 ]; then X # VPNC does not print a newline after an error. X echo X echo "Running 'vpnc $current --local-port 0 $vpnc_flags' failed." X return $status X fi X X # Move files to allow a clean shutdown X # of multiple connections. X X /bin/mv "$vpnc_pid_dir/vpnc.pid" "$vpnc_pid_dir/vpnc.$config.pid" X /bin/mv "$vpnc_pid_dir/vpnc.defaultroute" "$vpnc_pid_dir/vpnc.$config.defaultroute" 2> /dev/null X /bin/mv "$vpnc_pid_dir/vpnc.resolv.conf-backup" "$vpnc_pid_dir/vpnc.$config.resolv.conf-backup" 2> /dev/null X echo "$config" >> "$vpnc_record" X X # Wait for the system to catch up. X /bin/sleep 1 X done X} X Xvpnc_stop() { X if [ ! -e "$vpnc_record" ]; then X /bin/sleep 1 X # There's no record of connections, assume unmanaged shutdown. X $command-disconnect X return $? X fi X X # A record of vpnc connections is present. Attempt a X # managed shutdown. X X for config in `/usr/bin/tail -r "$vpnc_record"`; do X X # Wait to give the system a chance to catch up with X # recent changes. X X /bin/sleep 1 X X # Move the vpnc files back into position. X X /bin/mv "$vpnc_pid_dir/vpnc.$config.pid" "$vpnc_pid_dir/vpnc.pid" X /bin/mv "$vpnc_pid_dir/vpnc.$config.defaultroute" "$vpnc_pid_dir/vpnc.defaultroute" 2> /dev/null X /bin/mv "$vpnc_pid_dir/vpnc.$config.resolv.conf-backup" "$vpnc_pid_dir/vpnc.resolv.conf-backup" 2> /dev/null X X # Run the disconnect command. X $command-disconnect X done X X # Remove the connection record. X X /bin/rm "$vpnc_record" X} X Xstart_cmd=vpnc_start Xstop_cmd=vpnc_stop X Xload_rc_config $name Xrun_rc_command "$1" END-of-vpnc/files/vpnc.in exit >Release-Note: >Audit-Trail: >Unformatted: