diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2013-01-24 08:51:04 +0200 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-30 06:53:56 +0000 |
| commit | 659561c436ec0ba22e36144a06f4450469d9018e (patch) | |
| tree | 0aa66f9a187685243813a72ea629637a9c134f08 | |
| parent | 31ac4fa138c8df9ddad1ee090e9d5e13ea17fa2f (diff) | |
| download | aports-659561c436ec0ba22e36144a06f4450469d9018e.tar.bz2 aports-659561c436ec0ba22e36144a06f4450469d9018e.tar.xz | |
main/ipsec-tools: apply a security fix from upstream commit
(cherry picked from commit e90e26659383d1702bdeb9be143f3a11f3783488)
(cherry picked from commit 95721d929927bf044848f43af5e473bc94cd05b4)
| -rw-r--r-- | main/ipsec-tools/01-fix-deletion-notification.patch | 12 | ||||
| -rw-r--r-- | main/ipsec-tools/APKBUILD | 4 |
2 files changed, 15 insertions, 1 deletions
diff --git a/main/ipsec-tools/01-fix-deletion-notification.patch b/main/ipsec-tools/01-fix-deletion-notification.patch new file mode 100644 index 0000000000..c81846289d --- /dev/null +++ b/main/ipsec-tools/01-fix-deletion-notification.patch @@ -0,0 +1,12 @@ +diff -u -r1.48 isakmp_inf.c +--- a/src/racoon/isakmp_inf.c 29 Aug 2012 12:01:30 -0000 1.48 ++++ b/src/racoon/isakmp_inf.c 24 Jan 2013 06:46:45 -0000 +@@ -492,7 +492,7 @@ + "delete payload for protocol %s\n", + s_ipsecdoi_proto(delete->proto_id)); + +- if(!iph1->rmconf->weak_phase1_check && !encrypted) { ++ if((iph1 == NULL || !iph1->rmconf->weak_phase1_check) && !encrypted) { + plog(LLV_WARNING, LOCATION, iph1->remote, + "Ignoring unencrypted delete payload " + "(check the weak_phase1_check option)\n"); diff --git a/main/ipsec-tools/APKBUILD b/main/ipsec-tools/APKBUILD index e62082f80d..0d62f8078c 100644 --- a/main/ipsec-tools/APKBUILD +++ b/main/ipsec-tools/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=ipsec-tools pkgver=0.8.1 -pkgrel=0 +pkgrel=1 pkgdesc="User-space IPsec tools for various IPsec implementations" url="http://ipsec-tools.sourceforge.net/" arch="all" @@ -12,6 +12,7 @@ subpackages="$pkgname-doc $pkgname-dev" source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz racoon.initd racoon.confd + 01-fix-deletion-notification.patch 20-grekey-support.patch 50-reverse-connect.patch 70-defer-isakmp-ident-handling.patch @@ -60,6 +61,7 @@ package() { md5sums="4d5d5ccc402c9c6bec0e87217e451fe5 ipsec-tools-0.8.1.tar.gz 74f12ed04ed273a738229c0bfbf829cc racoon.initd 2d00250cf72da7f2f559c91b65a48747 racoon.confd +c8b141e2c705c31af1c35d481e695ee6 01-fix-deletion-notification.patch 79b919ab23080f54dc3e7686877ca6bd 20-grekey-support.patch f97205eea3dc68d2437a2ad8720f4520 50-reverse-connect.patch 94773c94233e14cdce0fa02ff780a43e 70-defer-isakmp-ident-handling.patch |