From 41222e6c1a0e0f5bac590ada1c6895b8f5909609 Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Mon, 6 Apr 2015 12:23:27 +0200 Subject: [PATCH] strongswan: bump to 5.3.0 Signed-off-by: Steven Barth --- net/strongswan/Makefile | 8 ++-- net/strongswan/patches/001-ikev1-fix.patch | 48 ------------------- .../300-include-ipsec-user-script.patch | 4 +- 3 files changed, 6 insertions(+), 54 deletions(-) delete mode 100644 net/strongswan/patches/001-ikev1-fix.patch diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index e4481c9ea..9500bcb9c 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan -PKG_VERSION:=5.2.2 -PKG_RELEASE:=2 +PKG_VERSION:=5.3.0 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=http://download.strongswan.org/ http://download2.strongswan.org/ -PKG_MD5SUM:=7ee1a33060b2bde35be0f6d78a1d26d0 +PKG_MD5SUM:=c52d4228231c2025d9c320d0e9990327 PKG_LICENSE:=GPL-2.0+ PKG_MAINTAINER:=Steven Barth @@ -407,7 +407,7 @@ endef define Plugin/updown/install $(INSTALL_DIR) $(1)/usr/lib/ipsec/plugins - $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/{_updown,_updown_espmark} $(1)/usr/lib/ipsec/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/_updown $(1)/usr/lib/ipsec/ $(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/plugins/libstrongswan-updown.so $(1)/usr/lib/ipsec/plugins/ $(INSTALL_DIR) $(1)/etc $(INSTALL_CONF) ./files/ipsec.user $(1)/etc/ diff --git a/net/strongswan/patches/001-ikev1-fix.patch b/net/strongswan/patches/001-ikev1-fix.patch deleted file mode 100644 index a48b0acdd..000000000 --- a/net/strongswan/patches/001-ikev1-fix.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 627f870ee6256b4b2e36e9ca768fc578febbccef Mon Sep 17 00:00:00 2001 -From: Tobias Brunner -Date: Tue, 10 Feb 2015 19:03:44 +0100 -Subject: [PATCH] ikev1: Set protocol ID and SPIs in INITIAL-CONTACT - notification payloads - -The payload we sent before is not compliant with RFC 2407 and thus some -peers might abort negotiation (e.g. with an INVALID-PROTOCOL-ID error). ---- - src/libcharon/sa/ikev1/tasks/main_mode.c | 15 +++++++++++++-- - 1 file changed, 13 insertions(+), 2 deletions(-) - -diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c -index 5065e70ffc25..3ea4a2a85e4f 100644 ---- a/src/libcharon/sa/ikev1/tasks/main_mode.c -+++ b/src/libcharon/sa/ikev1/tasks/main_mode.c -@@ -213,6 +213,10 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message, - { - identification_t *idr; - host_t *host; -+ notify_payload_t *notify; -+ ike_sa_id_t *ike_sa_id; -+ u_int64_t spi_i, spi_r; -+ chunk_t spi; - - idr = this->ph1->get_id(this->ph1, this->peer_cfg, FALSE); - if (idr && !idr->contains_wildcards(idr)) -@@ -224,8 +228,15 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message, - if (!charon->ike_sa_manager->has_contact(charon->ike_sa_manager, - idi, idr, host->get_family(host))) - { -- message->add_notify(message, FALSE, INITIAL_CONTACT_IKEV1, -- chunk_empty); -+ notify = notify_payload_create_from_protocol_and_type( -+ PLV1_NOTIFY, PROTO_IKE, INITIAL_CONTACT_IKEV1); -+ ike_sa_id = this->ike_sa->get_id(this->ike_sa); -+ spi_i = ike_sa_id->get_initiator_spi(ike_sa_id); -+ spi_r = ike_sa_id->get_responder_spi(ike_sa_id); -+ spi = chunk_cata("cc", chunk_from_thing(spi_i), -+ chunk_from_thing(spi_r)); -+ notify->set_spi_data(notify, spi); -+ message->add_payload(message, (payload_t*)notify); - } - } - } --- -1.9.1 - diff --git a/net/strongswan/patches/300-include-ipsec-user-script.patch b/net/strongswan/patches/300-include-ipsec-user-script.patch index d96e84492..6835e02fe 100644 --- a/net/strongswan/patches/300-include-ipsec-user-script.patch +++ b/net/strongswan/patches/300-include-ipsec-user-script.patch @@ -13,5 +13,5 @@ + +[ -e /etc/ipsec.user ] && . /etc/ipsec.user "$1" - # things that this script gets (from ipsec_pluto(8) man page) - # + # PLUTO_VERSION + # indicates what version of this interface is being