diff options
Diffstat (limited to 'main/strongswan/2001-support-gre-key-in-ikev1.patch')
| -rw-r--r-- | main/strongswan/2001-support-gre-key-in-ikev1.patch | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/main/strongswan/2001-support-gre-key-in-ikev1.patch b/main/strongswan/2001-support-gre-key-in-ikev1.patch index 72cdd8b825..9c1d9e0d8d 100644 --- a/main/strongswan/2001-support-gre-key-in-ikev1.patch +++ b/main/strongswan/2001-support-gre-key-in-ikev1.patch @@ -1,6 +1,6 @@ -From f69e2daf4c4ccc57c14fd73d6b7320c5359758c8 Mon Sep 17 00:00:00 2001 +From 8addb45c033b13f3063ece56823a925c2b8bf9a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> -Date: Mon, 13 Jul 2015 14:03:49 +0300 +Date: Mon, 21 Sep 2015 13:42:18 +0300 Subject: [PATCH] support gre key in ikev1 this implements gre key negotiation in ikev1 similarly to the @@ -205,10 +205,10 @@ index df1d075..7558e91 100644 #endif /** ID_PAYLOAD_H_ @}*/ diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c -index 55ec7cd..87a1d08 100644 +index f717194..cde175f 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c -@@ -1032,6 +1032,11 @@ static bool parse_protoport(char *token, u_int16_t *from_port, +@@ -1049,6 +1049,11 @@ static bool parse_protoport(char *token, u_int16_t *from_port, *from_port = 0xffff; *to_port = 0; } @@ -234,10 +234,10 @@ index 227d24b..7749d8c 100644 } first = FALSE; diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c -index 3c4e3ec..9495d4d 100644 +index 5537ed9..70c83d4 100644 --- a/src/libcharon/plugins/vici/vici_config.c +++ b/src/libcharon/plugins/vici/vici_config.c -@@ -586,8 +586,13 @@ CALLBACK(parse_ts, bool, +@@ -596,8 +596,13 @@ CALLBACK(parse_ts, bool, } else if (*port && !streq(port, "any")) { @@ -254,10 +254,10 @@ index 3c4e3ec..9495d4d 100644 from = to = ntohs(svc->s_port); } diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c -index 96edfd8..c0830dd 100644 +index d6a3f2c..8533112 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.c +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c -@@ -536,9 +536,9 @@ static void add_ts(private_quick_mode_t *this, message_t *message) +@@ -541,9 +541,9 @@ static void add_ts(private_quick_mode_t *this, message_t *message) { id_payload_t *id_payload; @@ -269,7 +269,7 @@ index 96edfd8..c0830dd 100644 message->add_payload(message, &id_payload->payload_interface); } -@@ -549,7 +549,7 @@ static bool get_ts(private_quick_mode_t *this, message_t *message) +@@ -554,7 +554,7 @@ static bool get_ts(private_quick_mode_t *this, message_t *message) { traffic_selector_t *tsi = NULL, *tsr = NULL; enumerator_t *enumerator; @@ -278,7 +278,7 @@ index 96edfd8..c0830dd 100644 payload_t *payload; host_t *hsi, *hsr; bool first = TRUE; -@@ -559,20 +559,22 @@ static bool get_ts(private_quick_mode_t *this, message_t *message) +@@ -564,20 +564,22 @@ static bool get_ts(private_quick_mode_t *this, message_t *message) { if (payload->get_type(payload) == PLV1_ID) { @@ -306,10 +306,10 @@ index 96edfd8..c0830dd 100644 /* create host2host selectors if ID payloads missing */ diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c -index f22e07d..e43df3f 100644 +index 605476e..ef94c26 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c -@@ -743,7 +743,18 @@ static struct xfrm_selector ts2selector(traffic_selector_t *src, +@@ -745,7 +745,18 @@ static struct xfrm_selector ts2selector(traffic_selector_t *src, ts2subnet(src, &sel.saddr, &sel.prefixlen_s); ts2ports(dst, &sel.dport, &sel.dport_mask); ts2ports(src, &sel.sport, &sel.sport_mask); @@ -328,8 +328,8 @@ index f22e07d..e43df3f 100644 + else if ((sel.proto == IPPROTO_ICMP || sel.proto == IPPROTO_ICMPV6) && (sel.dport || sel.sport)) { - /* the ICMP type is encoded in the most significant 8 bits and the ICMP -@@ -767,7 +778,7 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src) + /* the kernel expects the ICMP type and code in the source and +@@ -769,7 +780,7 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src) { u_char *addr; u_int8_t prefixlen; @@ -338,7 +338,7 @@ index f22e07d..e43df3f 100644 host_t *host = NULL; if (src) -@@ -776,7 +787,7 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src) +@@ -778,7 +789,7 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src) prefixlen = sel->prefixlen_s; if (sel->sport_mask) { @@ -347,7 +347,7 @@ index f22e07d..e43df3f 100644 } } else -@@ -785,14 +796,27 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src) +@@ -787,14 +798,27 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src) prefixlen = sel->prefixlen_d; if (sel->dport_mask) { @@ -379,7 +379,7 @@ index f22e07d..e43df3f 100644 } /* The Linux 2.6 kernel does not set the selector's family field, * so as a kludge we additionally test the prefix length. -@@ -809,7 +833,7 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src) +@@ -811,7 +835,7 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src) if (host) { return traffic_selector_create_from_subnet(host, prefixlen, @@ -389,7 +389,7 @@ index f22e07d..e43df3f 100644 return NULL; } diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c -index 3b7f8c5..c593a3f 100644 +index 6686324..776c765 100644 --- a/src/libstrongswan/selectors/traffic_selector.c +++ b/src/libstrongswan/selectors/traffic_selector.c @@ -209,6 +209,14 @@ static int print_icmp(printf_hook_data_t *data, u_int16_t port) @@ -503,5 +503,5 @@ index cf9a286..d458c68 100644 * * If protocol is ICMP or ICMPv6 the ports are interpreted as follows: If they -- -2.4.5 +2.5.3 |