main/strongswan: cherry-pick upstream fixes

also fixes a minor memory leak in patch 1001 (the offending hunk is now just deleted, as other upstream commits fixed the issue it tried to address)
author: Timo Teräs <timo.teras@iki.fi> 2015-07-28 11:33:38 +0300
committer: Timo Teräs <timo.teras@iki.fi> 2015-07-28 11:35:47 +0300
commit: fc1ceeb02b3e149645205e67bcc009e742140590 (patch)
tree: b559837b40485a7c0f77ce6459c03f131191283d /main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
parent: c3aa1460dbeb4e1e10972fc00314d7a80413707e (diff)
download: aports-fc1ceeb02b3e149645205e67bcc009e742140590.tar.bz2
aports-fc1ceeb02b3e149645205e67bcc009e742140590.tar.xz
1 files changed, 44 insertions, 77 deletions
diff --git a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
index b0c65223a2..e246c04294 100644
--- a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
+++ b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
@@ -1,4 +1,4 @@
-From 9afff74c4bd8abadfd248f36cf9f8206928d3dc6 Mon Sep 17 00:00:00 2001
+From 82c26f6c6c8dc8de620cdb6b191f04451ddedd11 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
 Date: Wed, 27 Aug 2014 16:05:21 +0300
 Subject: [PATCH] charon: add optional source and remote overrides for initiate
@@ -15,21 +15,20 @@ and is a prerequisite for dmvpn support.
 
 Signed-off-by: Timo Teräs <timo.teras@iki.fi>
 ---
- src/charon-cmd/cmd/cmd_connection.c                |  2 +-
- src/charon-nm/nm/nm_service.c                      |  2 +-
- src/libcharon/control/controller.c                 | 43 ++++++++++++++-
- src/libcharon/control/controller.h                 |  3 ++
- src/libcharon/plugins/maemo/maemo_service.c        |  2 +-
- src/libcharon/plugins/stroke/stroke_control.c      |  5 +-
- src/libcharon/plugins/vici/vici_config.c           |  2 +-
- src/libcharon/plugins/vici/vici_control.c          | 63 ++++++++++++++++++----
- src/libcharon/processing/jobs/start_action_job.c   |  2 +-
- src/libcharon/sa/ike_sa.c                          |  4 ++
- src/libcharon/sa/ike_sa_manager.c                  | 60 ++++++++++++++++++---
- src/libcharon/sa/ike_sa_manager.h                  |  8 ++-
- src/libcharon/sa/trap_manager.c                    |  3 +-
- src/swanctl/commands/initiate.c                    | 40 +++++++++++++-
- 15 files changed, 213 insertions(+), 28 deletions(-)
+ src/charon-cmd/cmd/cmd_connection.c              |  2 +-
+ src/charon-nm/nm/nm_service.c                    |  2 +-
+ src/libcharon/control/controller.c               | 43 +++++++++++++++-
+ src/libcharon/control/controller.h               |  3 ++
+ src/libcharon/plugins/maemo/maemo_service.c      |  2 +-
+ src/libcharon/plugins/stroke/stroke_control.c    |  5 +-
+ src/libcharon/plugins/vici/vici_config.c         |  2 +-
+ src/libcharon/plugins/vici/vici_control.c        | 63 ++++++++++++++++++++----
+ src/libcharon/processing/jobs/start_action_job.c |  2 +-
+ src/libcharon/sa/ike_sa_manager.c                | 51 ++++++++++++++++++-
+ src/libcharon/sa/ike_sa_manager.h                |  8 ++-
+ src/libcharon/sa/trap_manager.c                  |  3 +-
+ src/swanctl/commands/initiate.c                  | 40 ++++++++++++++-
+ 13 files changed, 203 insertions(+), 23 deletions(-)
 
 diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c
 index 0c6a504..dc4eca3 100644
@@ -206,10 +205,10 @@ index 0125d17..72c806c 100644
  		switch (status)
  		{
 diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
-index dfea2ab..233af4c 100644
+index b6950f3..600b83f 100644
 --- a/src/libcharon/plugins/vici/vici_config.c
 +++ b/src/libcharon/plugins/vici/vici_config.c
-@@ -1558,7 +1558,7 @@ static void run_start_action(private_vici_config_t *this, peer_cfg_t *peer_cfg,
+@@ -1584,7 +1584,7 @@ static void run_start_action(private_vici_config_t *this, peer_cfg_t *peer_cfg,
  			DBG1(DBG_CFG, "initiating '%s'", child_cfg->get_name(child_cfg));
  			charon->controller->initiate(charon->controller,
  					peer_cfg->get_ref(peer_cfg), child_cfg->get_ref(child_cfg),
@@ -219,7 +218,7 @@ index dfea2ab..233af4c 100644
  		case ACTION_ROUTE:
  			DBG1(DBG_CFG, "installing '%s'", child_cfg->get_name(child_cfg));
 diff --git a/src/libcharon/plugins/vici/vici_control.c b/src/libcharon/plugins/vici/vici_control.c
-index 88574f8..d37e11f 100644
+index 88574f8..55f667b 100644
 --- a/src/libcharon/plugins/vici/vici_control.c
 +++ b/src/libcharon/plugins/vici/vici_control.c
 @@ -13,6 +13,28 @@
@@ -341,23 +340,8 @@ index 5e88ac2..7043332 100644
  					break;
  				case ACTION_ROUTE:
  					DBG1(DBG_JOB, "start action: route '%s'", name);
-diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
-index 3aafa4c..dcd54a1 100644
---- a/src/libcharon/sa/ike_sa.c
-+++ b/src/libcharon/sa/ike_sa.c
-@@ -1208,6 +1208,10 @@ static void resolve_hosts(private_ike_sa_t *this)
- 	else
- 	{
- 		host = this->ike_cfg->resolve_other(this->ike_cfg, family);
-+		if (host->is_anyaddr(host))
-+		{
-+			host = NULL;
-+		}
- 	}
- 	if (host)
- 	{
 diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
-index 987260d..2f44f7c 100644
+index 20b6e50..ccce3de 100644
 --- a/src/libcharon/sa/ike_sa_manager.c
 +++ b/src/libcharon/sa/ike_sa_manager.c
 @@ -16,6 +16,28 @@
@@ -389,7 +373,7 @@ index 987260d..2f44f7c 100644
  #include <string.h>
  
  #include "ike_sa_manager.h"
-@@ -1335,16 +1357,28 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
+@@ -1335,7 +1357,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
  }
  
  METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
@@ -399,12 +383,9 @@ index 987260d..2f44f7c 100644
  {
  	enumerator_t *enumerator;
  	entry_t *entry;
--	ike_sa_t *ike_sa = NULL;
-+	ike_sa_t *ike_sa;
- 	peer_cfg_t *current_peer;
+@@ -1344,7 +1367,17 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
  	ike_cfg_t *current_ike;
  	u_int segment;
-+	bool matched = FALSE;
  
 -	DBG2(DBG_MGR, "checkout IKE_SA by config");
 +	if (my_host && my_host->get_port(my_host) == 0)
@@ -419,42 +400,28 @@ index 987260d..2f44f7c 100644
 +	DBG2(DBG_MGR, "checkout IKE_SA by config '%s', me %H, other %H",
 +		 peer_cfg->get_name(peer_cfg), my_host, other_host);
  
- 	if (!this->reuse_ikesa)
- 	{	/* IKE_SA reuse disable by config */
-@@ -1365,14 +1399,24 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
- 			continue;
- 		}
- 
--		current_peer = entry->ike_sa->get_peer_cfg(entry->ike_sa);
-+		ike_sa = entry->ike_sa;
-+		if (my_host && !my_host->ip_equals(my_host, ike_sa->get_my_host(ike_sa)))
-+		{
-+			continue;
-+		}
-+		if (other_host && !other_host->ip_equals(other_host, ike_sa->get_other_host(ike_sa)))
-+		{
-+			continue;
-+		}
+ 	if (this->reuse_ikesa)
+ 	{
+@@ -1359,6 +1392,16 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+ 			{	/* skip IKE_SAs which are not usable */
+ 				continue;
+ 			}
 +
-+		current_peer = ike_sa->get_peer_cfg(ike_sa);
- 		if (current_peer && current_peer->equals(current_peer, peer_cfg))
- 		{
- 			current_ike = current_peer->get_ike_cfg(current_peer);
- 			if (current_ike->equals(current_ike, peer_cfg->get_ike_cfg(peer_cfg)))
++			if (my_host && !my_host->ip_equals(my_host, entry->ike_sa->get_my_host(entry->ike_sa)))
++			{
++				continue;
++			}
++			if (other_host && !other_host->ip_equals(other_host, entry->ike_sa->get_other_host(entry->ike_sa)))
++			{
++				continue;
++			}
++
+ 			current_peer = entry->ike_sa->get_peer_cfg(entry->ike_sa);
+ 			if (current_peer && current_peer->equals(current_peer, peer_cfg))
  			{
- 				entry->checked_out = TRUE;
--				ike_sa = entry->ike_sa;
-+				matched = TRUE;
- 				DBG2(DBG_MGR, "found existing IKE_SA %u with a '%s' config",
- 						ike_sa->get_unique_id(ike_sa),
- 						current_peer->get_name(current_peer));
-@@ -1382,9 +1426,13 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
- 	}
- 	enumerator->destroy(enumerator);
- 
--	if (!ike_sa)
-+	if (!matched)
- 	{	/* no IKE_SA using such a config, hand out a new */
+@@ -1388,6 +1431,10 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+ 			return NULL;
+ 		}
  		ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE);
 +		if (my_host || other_host)
 +		{
@@ -493,10 +460,10 @@ index f259d8e..5a69083 100644
  	/**
  	 * Check for duplicates of the given IKE_SA.
 diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c
-index d6ff3c8..eeb188e 100644
+index 424d9e7..62a70f5 100644
 --- a/src/libcharon/sa/trap_manager.c
 +++ b/src/libcharon/sa/trap_manager.c
-@@ -351,7 +351,8 @@ METHOD(trap_manager_t, acquire, void,
+@@ -421,7 +421,8 @@ METHOD(trap_manager_t, acquire, void,
  	this->lock->unlock(this->lock);
  
  	ike_sa = charon->ike_sa_manager->checkout_by_config(
@@ -586,5 +553,5 @@ index eb7b6ad..706fa57 100644
  			{"raw",			'r', 0, "dump raw response message"},
  			{"pretty",		'P', 0, "dump raw response message in pretty print"},
 -- 
-2.4.5
+2.4.6
author	Timo Teräs <timo.teras@iki.fi>	2015-07-28 11:33:38 +0300
committer	Timo Teräs <timo.teras@iki.fi>	2015-07-28 11:35:47 +0300
commit	fc1ceeb02b3e149645205e67bcc009e742140590 (patch)
tree	b559837b40485a7c0f77ce6459c03f131191283d /main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
parent	c3aa1460dbeb4e1e10972fc00314d7a80413707e (diff)
download	aports-fc1ceeb02b3e149645205e67bcc009e742140590.tar.bz2 aports-fc1ceeb02b3e149645205e67bcc009e742140590.tar.xz