Date: Sun, 29 Apr 2018 10:00:01 +0000 (UTC) From: Eugene Grosbein <eugen@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r468617 - in head/security/ipsec-tools: . files Message-ID: <201804291000.w3TA01Vx065561@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: eugen Date: Sun Apr 29 10:00:01 2018 New Revision: 468617 URL: https://svnweb.freebsd.org/changeset/ports/468617 Log: Fix phase 1 initiation in the racoon daemon after base system change r285204 PR: 192774, 222065 Submitted by: Andreas Longwitz <longwitz@incore.de> Approved by: VANHULLEBUS Yvan (maintainer, implicitly) Added: head/security/ipsec-tools/files/patch-isakmpinit (contents, props changed) Modified: head/security/ipsec-tools/Makefile Modified: head/security/ipsec-tools/Makefile ============================================================================== --- head/security/ipsec-tools/Makefile Sun Apr 29 09:33:51 2018 (r468616) +++ head/security/ipsec-tools/Makefile Sun Apr 29 10:00:01 2018 (r468617) @@ -8,7 +8,7 @@ PORTNAME= ipsec-tools PORTVERSION= 0.8.2 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security MASTER_SITES= SF Added: head/security/ipsec-tools/files/patch-isakmpinit ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/ipsec-tools/files/patch-isakmpinit Sun Apr 29 10:00:01 2018 (r468617) @@ -0,0 +1,64 @@ +--- src/racoon/isakmp_var.h.orig 2010-11-12 16:36:37.000000000 +0600 ++++ src/racoon/isakmp_var.h 2018-04-27 22:15:58.249644000 +0700 +@@ -128,7 +128,7 @@ + #endif + + extern int copy_ph1addresses __P(( struct ph1handle *, +- struct remoteconf *, struct sockaddr *, struct sockaddr *)); ++ struct remoteconf *, struct sockaddr *, struct sockaddr *, int)); + extern void log_ph1established __P((const struct ph1handle *)); + + extern void script_hook __P((struct ph1handle *, int)); +--- src/racoon/isakmp.c.orig 2018-04-27 22:13:23.465260000 +0700 ++++ src/racoon/isakmp.c 2018-04-27 22:20:44.865139000 +0700 +@@ -1075,7 +1075,7 @@ isakmp_ph1begin_i(rmconf, remote, local) + iph1->approval = NULL; + + /* XXX copy remote address */ +- if (copy_ph1addresses(iph1, rmconf, remote, local) < 0) { ++ if (copy_ph1addresses(iph1, rmconf, remote, local, 1) < 0) { + delph1(iph1); + return NULL; + } +@@ -1190,7 +1190,7 @@ isakmp_ph1begin_r(msg, remote, local, et + + /* copy remote address; remote and local always contain + * port numbers so rmconf is not needed */ +- if (copy_ph1addresses(iph1, NULL, remote, local) < 0) { ++ if (copy_ph1addresses(iph1, NULL, remote, local, 0) < 0) { + delph1(iph1); + return -1; + } +@@ -2906,10 +2906,11 @@ isakmp_printpacket(msg, from, my, decode + #endif /*HAVE_PRINT_ISAKMP_C*/ + + int +-copy_ph1addresses(iph1, rmconf, remote, local) ++copy_ph1addresses(iph1, rmconf, remote, local, initiator) + struct ph1handle *iph1; + struct remoteconf *rmconf; + struct sockaddr *remote, *local; ++ int initiator; + { + u_int16_t port; + +@@ -2925,7 +2926,7 @@ copy_ph1addresses(iph1, rmconf, remote, + * if remote has port # (in case of responder - from recvfrom(2)) + * respect content of "remote". + */ +- if (extract_port(iph1->remote) == 0) { ++ if (initiator || extract_port(iph1->remote) == 0) { + port = 0; + if (rmconf != NULL) + port = extract_port(rmconf->remote); +--- src/racoon/isakmp_inf.c.orig 2018-04-27 22:13:23.482870000 +0700 ++++ src/racoon/isakmp_inf.c 2018-04-27 22:21:27.080881000 +0700 +@@ -725,7 +725,7 @@ isakmp_info_send_nx(isakmp, remote, loca + #endif + + /* copy remote address */ +- if (copy_ph1addresses(iph1, NULL, remote, local) < 0) ++ if (copy_ph1addresses(iph1, NULL, remote, local, 0) < 0) + goto end; + + tlen = sizeof(*n) + spisiz;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201804291000.w3TA01Vx065561>