From owner-svn-ports-all@freebsd.org Sun Apr 29 10:00:02 2018 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 64131FA8253; Sun, 29 Apr 2018 10:00:02 +0000 (UTC) (envelope-from eugen@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0F7B984E81; Sun, 29 Apr 2018 10:00:02 +0000 (UTC) (envelope-from eugen@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 05C7A22CC7; Sun, 29 Apr 2018 10:00:02 +0000 (UTC) (envelope-from eugen@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w3TA01rY065563; Sun, 29 Apr 2018 10:00:01 GMT (envelope-from eugen@FreeBSD.org) Received: (from eugen@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w3TA01Vx065561; Sun, 29 Apr 2018 10:00:01 GMT (envelope-from eugen@FreeBSD.org) Message-Id: <201804291000.w3TA01Vx065561@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: eugen set sender to eugen@FreeBSD.org using -f From: Eugene Grosbein Date: Sun, 29 Apr 2018 10:00:01 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r468617 - in head/security/ipsec-tools: . files X-SVN-Group: ports-head X-SVN-Commit-Author: eugen X-SVN-Commit-Paths: in head/security/ipsec-tools: . files X-SVN-Commit-Revision: 468617 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Apr 2018 10:00:02 -0000 Author: eugen Date: Sun Apr 29 10:00:01 2018 New Revision: 468617 URL: https://svnweb.freebsd.org/changeset/ports/468617 Log: Fix phase 1 initiation in the racoon daemon after base system change r285204 PR: 192774, 222065 Submitted by: Andreas Longwitz Approved by: VANHULLEBUS Yvan (maintainer, implicitly) Added: head/security/ipsec-tools/files/patch-isakmpinit (contents, props changed) Modified: head/security/ipsec-tools/Makefile Modified: head/security/ipsec-tools/Makefile ============================================================================== --- head/security/ipsec-tools/Makefile Sun Apr 29 09:33:51 2018 (r468616) +++ head/security/ipsec-tools/Makefile Sun Apr 29 10:00:01 2018 (r468617) @@ -8,7 +8,7 @@ PORTNAME= ipsec-tools PORTVERSION= 0.8.2 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security MASTER_SITES= SF Added: head/security/ipsec-tools/files/patch-isakmpinit ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/ipsec-tools/files/patch-isakmpinit Sun Apr 29 10:00:01 2018 (r468617) @@ -0,0 +1,64 @@ +--- src/racoon/isakmp_var.h.orig 2010-11-12 16:36:37.000000000 +0600 ++++ src/racoon/isakmp_var.h 2018-04-27 22:15:58.249644000 +0700 +@@ -128,7 +128,7 @@ + #endif + + extern int copy_ph1addresses __P(( struct ph1handle *, +- struct remoteconf *, struct sockaddr *, struct sockaddr *)); ++ struct remoteconf *, struct sockaddr *, struct sockaddr *, int)); + extern void log_ph1established __P((const struct ph1handle *)); + + extern void script_hook __P((struct ph1handle *, int)); +--- src/racoon/isakmp.c.orig 2018-04-27 22:13:23.465260000 +0700 ++++ src/racoon/isakmp.c 2018-04-27 22:20:44.865139000 +0700 +@@ -1075,7 +1075,7 @@ isakmp_ph1begin_i(rmconf, remote, local) + iph1->approval = NULL; + + /* XXX copy remote address */ +- if (copy_ph1addresses(iph1, rmconf, remote, local) < 0) { ++ if (copy_ph1addresses(iph1, rmconf, remote, local, 1) < 0) { + delph1(iph1); + return NULL; + } +@@ -1190,7 +1190,7 @@ isakmp_ph1begin_r(msg, remote, local, et + + /* copy remote address; remote and local always contain + * port numbers so rmconf is not needed */ +- if (copy_ph1addresses(iph1, NULL, remote, local) < 0) { ++ if (copy_ph1addresses(iph1, NULL, remote, local, 0) < 0) { + delph1(iph1); + return -1; + } +@@ -2906,10 +2906,11 @@ isakmp_printpacket(msg, from, my, decode + #endif /*HAVE_PRINT_ISAKMP_C*/ + + int +-copy_ph1addresses(iph1, rmconf, remote, local) ++copy_ph1addresses(iph1, rmconf, remote, local, initiator) + struct ph1handle *iph1; + struct remoteconf *rmconf; + struct sockaddr *remote, *local; ++ int initiator; + { + u_int16_t port; + +@@ -2925,7 +2926,7 @@ copy_ph1addresses(iph1, rmconf, remote, + * if remote has port # (in case of responder - from recvfrom(2)) + * respect content of "remote". + */ +- if (extract_port(iph1->remote) == 0) { ++ if (initiator || extract_port(iph1->remote) == 0) { + port = 0; + if (rmconf != NULL) + port = extract_port(rmconf->remote); +--- src/racoon/isakmp_inf.c.orig 2018-04-27 22:13:23.482870000 +0700 ++++ src/racoon/isakmp_inf.c 2018-04-27 22:21:27.080881000 +0700 +@@ -725,7 +725,7 @@ isakmp_info_send_nx(isakmp, remote, loca + #endif + + /* copy remote address */ +- if (copy_ph1addresses(iph1, NULL, remote, local) < 0) ++ if (copy_ph1addresses(iph1, NULL, remote, local, 0) < 0) + goto end; + + tlen = sizeof(*n) + spisiz;