Date: Mon, 29 May 2017 19:30:30 +0000 (UTC) From: Olivier Cochard <olivier@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r442031 - in head/net/bird: . files Message-ID: <201705291930.v4TJUUgc058003@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: olivier Date: Mon May 29 19:30:30 2017 New Revision: 442031 URL: https://svnweb.freebsd.org/changeset/ports/442031 Log: Fix MD5 TCP signature usage with latest tcpmd5 kernel module PR: 21890 Submitted by: ae Reported by: Joseph Mulloy <freebsd-bugs@joe.mulloy.me> Approved by: melifaro (maintainer) Fix build with option FIREWALL PR: 217150 Submitted by: olivier Reported by: O. Hartmann <ohartmann@walstatt.org> Approved by: melifaro (maintainer) Sponsored by: Orange Added: head/net/bird/files/patch-sysdep-bsd-setkey.h (contents, props changed) Modified: head/net/bird/Makefile head/net/bird/files/bird.in head/net/bird/files/bird6.in head/net/bird/files/firewall_support.patch Modified: head/net/bird/Makefile ============================================================================== --- head/net/bird/Makefile Mon May 29 19:14:13 2017 (r442030) +++ head/net/bird/Makefile Mon May 29 19:30:30 2017 (r442031) @@ -3,7 +3,7 @@ PORTNAME?= bird PORTVERSION= 1.6.3 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= net MASTER_SITES= ftp://bird.network.cz/pub/bird/ \ http://bird.mpls.in/distfiles/bird/ Modified: head/net/bird/files/bird.in ============================================================================== --- head/net/bird/files/bird.in Mon May 29 19:14:13 2017 (r442030) +++ head/net/bird/files/bird.in Mon May 29 19:30:30 2017 (r442031) @@ -29,6 +29,6 @@ extra_commands="reload" : ${bird_enable="NO"} : ${bird_config="%%PREFIX%%/etc/bird.conf"} -command_args="-c $bird_config" +command_args="-P /var/run/${name}.pid -c $bird_config" run_rc_command "$1" Modified: head/net/bird/files/bird6.in ============================================================================== --- head/net/bird/files/bird6.in Mon May 29 19:14:13 2017 (r442030) +++ head/net/bird/files/bird6.in Mon May 29 19:30:30 2017 (r442031) @@ -29,6 +29,6 @@ extra_commands="reload" : ${bird6_enable="NO"} : ${bird6_config="%%PREFIX%%/etc/bird6.conf"} -command_args="-c $bird6_config" +command_args="-P /var/run/${name}.pid -c $bird6_config" run_rc_command "$1" Modified: head/net/bird/files/firewall_support.patch ============================================================================== --- head/net/bird/files/firewall_support.patch Mon May 29 19:14:13 2017 (r442030) +++ head/net/bird/files/firewall_support.patch Mon May 29 19:30:30 2017 (r442031) @@ -161,7 +161,7 @@ index 0000000..aefc606 +CF_ADDTO(proto, firewall_proto '}') + +firewall_proto_start: proto_start FIREWALL { -+ this_proto = proto_config_new(&proto_firewall, sizeof(struct firewall_config), $1); ++ this_proto = proto_config_new(&proto_firewall, $1); + this_proto->preference = 0; + FIREWALL_CFG->flush_start = 1; + FIREWALL_CFG->flush_shutdown = 1; @@ -217,7 +217,7 @@ new file mode 100644 index 0000000..e447470 --- /dev/null +++ proto/firewall/firewall.c -@@ -0,0 +1,198 @@ +@@ -0,0 +1,199 @@ +/* + * BIRD -- Firewall Protocol Configuration + * @@ -247,7 +247,7 @@ index 0000000..e447470 +#include "firewall.h" + +static int init_done = 0; -+struct rate_limit rl_fw_err; ++struct tbf rl_fw_err; + +static void +firewall_collect(void) @@ -408,6 +408,7 @@ index 0000000..e447470 + name: "Firewall", + template: "fw%d", + attr_class: EAP_FIREWALL, ++ config_size: sizeof(struct firewall_config), + init: firewall_init, + start: firewall_start, + shutdown: firewall_shutdown, @@ -472,7 +473,7 @@ index 0000000..c97ed38 +extern struct protocol proto_firewall; + +extern struct firewall_control fw_ipfw, fw_pf, fw_ipset; -+extern struct rate_limit rl_fw_err; ++extern struct tbf rl_fw_err; +#define FW_ERR(x, y...) log_rl(&rl_fw_err, L_ERR x, ##y) + +#endif Added: head/net/bird/files/patch-sysdep-bsd-setkey.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/bird/files/patch-sysdep-bsd-setkey.h Mon May 29 19:30:30 2017 (r442031) @@ -0,0 +1,19 @@ +--- sysdep/bsd/setkey.h 2017-05-15 14:04:47.215628000 +0300 ++++ sysdep/bsd/setkey.h 2017-05-15 14:05:36.850028000 +0300 +@@ -158,12 +158,14 @@ sk_set_md5_in_sasp_db(sock *s, ip_addr local, ip_addr + if (len > TCP_KEYLEN_MAX) + ERR_MSG("The password for TCP MD5 Signature is too long"); + +- if (setkey_md5(&src, &dst, passwd, SADB_ADD) < 0) ++ if (setkey_md5(&src, &dst, passwd, SADB_ADD) < 0 || ++ setkey_md5(&dst, &src, passwd, SADB_ADD) < 0) + ERR_MSG("Cannot add TCP-MD5 password into the IPsec SA/SP database"); + } + else + { +- if (setkey_md5(&src, &dst, NULL, SADB_DELETE) < 0) ++ if (setkey_md5(&src, &dst, NULL, SADB_DELETE) < 0 || ++ setkey_md5(&dst, &src, NULL, SADB_DELETE) < 0) + ERR_MSG("Cannot delete TCP-MD5 password from the IPsec SA/SP database"); + } + return 0;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201705291930.v4TJUUgc058003>