diff options
author | Timo Teräs <timo.teras@iki.fi> | 2015-11-19 22:14:30 +0200 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2015-11-19 22:14:30 +0200 |
commit | 3adb6561f830cc6f7eade5e2c465e3f51bb0324e (patch) | |
tree | f521cc7c9ba1f296a5b6b286f0fad82b05855dd0 /main/strongswan | |
parent | 84467229491d390cbbc0d77fb6bab3d92543b361 (diff) | |
download | aports-3adb6561f830cc6f7eade5e2c465e3f51bb0324e.tar.bz2 aports-3adb6561f830cc6f7eade5e2c465e3f51bb0324e.tar.xz |
main/strongswan: security upgrade to 5.3.4 (CVE-2015-8023)
Diffstat (limited to 'main/strongswan')
6 files changed, 69 insertions, 63 deletions
diff --git a/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch b/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch index 666355757..24c1537b1 100644 --- a/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch +++ b/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch @@ -1,4 +1,4 @@ -From e0189de4c7b8df5cb61c7b0e771dcc5534e9cc06 Mon Sep 17 00:00:00 2001 +From f60c91a440d8b8a0969d99c9c84df40fe2ffc8c4 Mon Sep 17 00:00:00 2001 From: Tobias Brunner <tobias@strongswan.org> Date: Fri, 17 Jul 2015 11:53:58 +0200 Subject: [PATCH] ike: Adhere to IKE_SA limit when checking out by config @@ -6,14 +6,14 @@ Subject: [PATCH] ike: Adhere to IKE_SA limit when checking out by config This prevents new SAs from getting created if we hit the global IKE_SA limit (we still allow checkout_new(), which is used for rekeying). --- - src/libcharon/sa/ike_sa_manager.c | 63 ++++++++++++++++++++------------------- - 1 file changed, 33 insertions(+), 30 deletions(-) + src/libcharon/sa/ike_sa_manager.c | 69 ++++++++++++++++++++------------------- + 1 file changed, 36 insertions(+), 33 deletions(-) diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c -index 51b7f2c..20b6e50 100644 +index 4625df5..aeed6fe 100644 --- a/src/libcharon/sa/ike_sa_manager.c +++ b/src/libcharon/sa/ike_sa_manager.c -@@ -1346,44 +1346,47 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, +@@ -1385,47 +1385,50 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, DBG2(DBG_MGR, "checkout IKE_SA by config"); @@ -35,7 +35,8 @@ index 51b7f2c..20b6e50 100644 - continue; - } - if (entry->ike_sa->get_state(entry->ike_sa) == IKE_DELETING) -- { /* skip IKE_SAs which are not usable */ +- { /* skip IKE_SAs which are not usable, wake other waiting threads */ +- entry->condvar->signal(entry->condvar); - continue; - } - @@ -53,9 +54,10 @@ index 51b7f2c..20b6e50 100644 - current_peer->get_name(current_peer)); - break; + continue; -+ } + } + if (entry->ike_sa->get_state(entry->ike_sa) == IKE_DELETING) -+ { /* skip IKE_SAs which are not usable */ ++ { /* skip IKE_SAs which are not usable, wake other waiting threads */ ++ entry->condvar->signal(entry->condvar); + continue; + } + current_peer = entry->ike_sa->get_peer_cfg(entry->ike_sa); @@ -72,8 +74,12 @@ index 51b7f2c..20b6e50 100644 + current_peer->get_name(current_peer)); + break; + } - } ++ } ++ /* other threads might be waiting for this entry */ ++ entry->condvar->signal(entry->condvar); } +- /* other threads might be waiting for this entry */ +- entry->condvar->signal(entry->condvar); + enumerator->destroy(enumerator); } - enumerator->destroy(enumerator); @@ -92,5 +98,5 @@ index 51b7f2c..20b6e50 100644 } charon->bus->set_sa(charon->bus, ike_sa); -- -2.4.6 +2.6.3 diff --git a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch index 3f61be658..3dda65152 100644 --- a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch +++ b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch @@ -1,4 +1,4 @@ -From 6bc204df6722a9c3726d95fc3b34353e7ce9bd3d Mon Sep 17 00:00:00 2001 +From 9ff109798ae6d9dab4a60e0b26ef7242252bc735 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Mon, 21 Sep 2015 13:41:58 +0300 Subject: [PATCH] charon: add optional source and remote overrides for initiate @@ -182,7 +182,7 @@ index 2e96f8f..e594a71 100644 { peer_cfg->destroy(peer_cfg); diff --git a/src/libcharon/plugins/stroke/stroke_control.c b/src/libcharon/plugins/stroke/stroke_control.c -index 0125d17..72c806c 100644 +index 5a1a507..9100883 100644 --- a/src/libcharon/plugins/stroke/stroke_control.c +++ b/src/libcharon/plugins/stroke/stroke_control.c @@ -109,7 +109,7 @@ static void charon_initiate(private_stroke_control_t *this, peer_cfg_t *peer_cfg @@ -341,7 +341,7 @@ index 5e88ac2..7043332 100644 case ACTION_ROUTE: DBG1(DBG_JOB, "start action: route '%s'", name); diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c -index 9a613a6..9fa615a 100644 +index aeed6fe..b2791cb 100644 --- a/src/libcharon/sa/ike_sa_manager.c +++ b/src/libcharon/sa/ike_sa_manager.c @@ -16,6 +16,28 @@ @@ -373,7 +373,7 @@ index 9a613a6..9fa615a 100644 #include <string.h> #include "ike_sa_manager.h" -@@ -1358,7 +1380,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*, +@@ -1374,7 +1396,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*, } METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, @@ -383,7 +383,7 @@ index 9a613a6..9fa615a 100644 { enumerator_t *enumerator; entry_t *entry; -@@ -1367,7 +1390,17 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, +@@ -1383,7 +1406,17 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, ike_cfg_t *current_ike; u_int segment; @@ -402,8 +402,8 @@ index 9a613a6..9fa615a 100644 if (this->reuse_ikesa) { -@@ -1382,6 +1415,16 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, - { /* skip IKE_SAs which are not usable */ +@@ -1399,6 +1432,16 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, + entry->condvar->signal(entry->condvar); continue; } + @@ -419,7 +419,7 @@ index 9a613a6..9fa615a 100644 current_peer = entry->ike_sa->get_peer_cfg(entry->ike_sa); if (current_peer && current_peer->equals(current_peer, peer_cfg)) { -@@ -1411,6 +1454,10 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, +@@ -1430,6 +1473,10 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, return NULL; } ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE); @@ -431,10 +431,10 @@ index 9a613a6..9fa615a 100644 charon->bus->set_sa(charon->bus, ike_sa); return ike_sa; diff --git a/src/libcharon/sa/ike_sa_manager.h b/src/libcharon/sa/ike_sa_manager.h -index 3ea928e..151ab22 100644 +index f1b7c25..dbe1e7d 100644 --- a/src/libcharon/sa/ike_sa_manager.h +++ b/src/libcharon/sa/ike_sa_manager.h -@@ -83,7 +83,8 @@ struct ike_sa_manager_t { +@@ -93,7 +93,8 @@ struct ike_sa_manager_t { ike_sa_t* (*checkout_by_message) (ike_sa_manager_t* this, message_t *message); /** @@ -444,7 +444,7 @@ index 3ea928e..151ab22 100644 * * To initiate, a CHILD_SA may be established within an existing IKE_SA. * This call checks for an existing IKE_SA by comparing the configuration. -@@ -93,10 +94,13 @@ struct ike_sa_manager_t { +@@ -103,10 +104,13 @@ struct ike_sa_manager_t { * the found IKE_SA is in the DELETING state. * * @param peer_cfg configuration used to find an existing IKE_SA @@ -460,10 +460,10 @@ index 3ea928e..151ab22 100644 /** * Check for duplicates of the given IKE_SA. diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c -index 63505c9..442919f 100644 +index 90ad7e4..8e642e8 100644 --- a/src/libcharon/sa/trap_manager.c +++ b/src/libcharon/sa/trap_manager.c -@@ -401,7 +401,7 @@ METHOD(trap_manager_t, acquire, void, +@@ -403,7 +403,7 @@ METHOD(trap_manager_t, acquire, void, peer_cfg_t *peer; child_cfg_t *child; ike_sa_t *ike_sa; @@ -472,7 +472,7 @@ index 63505c9..442919f 100644 bool wildcard, ignore = FALSE; this->lock->read_lock(this->lock); -@@ -477,36 +477,28 @@ METHOD(trap_manager_t, acquire, void, +@@ -479,36 +479,28 @@ METHOD(trap_manager_t, acquire, void, this->lock->unlock(this->lock); if (wildcard) @@ -607,5 +607,5 @@ index eb7b6ad..706fa57 100644 {"raw", 'r', 0, "dump raw response message"}, {"pretty", 'P', 0, "dump raw response message in pretty print"}, -- -2.5.3 +2.6.3 diff --git a/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch b/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch index 8caabd063..792d11381 100644 --- a/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch +++ b/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch @@ -1,4 +1,4 @@ -From 2a175cc40c5754b803ccfe3f641b438f54b569ec Mon Sep 17 00:00:00 2001 +From b24d03c86cedbaa8d2c89ab98aab9f974e4d4f27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Mon, 21 Sep 2015 13:42:05 +0300 Subject: [PATCH] vici: send certificates for ike-sa events @@ -12,10 +12,10 @@ Signed-off-by: Timo Teräs <timo.teras@iki.fi> 1 file changed, 41 insertions(+), 7 deletions(-) diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c -index 98d264f..5245afc 100644 +index 9a3d832..e66ef45 100644 --- a/src/libcharon/plugins/vici/vici_query.c +++ b/src/libcharon/plugins/vici/vici_query.c -@@ -225,13 +225,15 @@ static void list_task_queue(private_vici_query_t *this, vici_builder_t *b, +@@ -264,13 +264,15 @@ static void list_vips(private_vici_query_t *this, vici_builder_t *b, * List details of an IKE_SA */ static void list_ike(private_vici_query_t *this, vici_builder_t *b, @@ -32,7 +32,7 @@ index 98d264f..5245afc 100644 b->add_kv(b, "uniqueid", "%u", ike_sa->get_unique_id(ike_sa)); b->add_kv(b, "version", "%u", ike_sa->get_version(ike_sa)); -@@ -239,9 +241,41 @@ static void list_ike(private_vici_query_t *this, vici_builder_t *b, +@@ -278,9 +280,41 @@ static void list_ike(private_vici_query_t *this, vici_builder_t *b, b->add_kv(b, "local-host", "%H", ike_sa->get_my_host(ike_sa)); b->add_kv(b, "local-id", "%Y", ike_sa->get_my_id(ike_sa)); @@ -74,7 +74,7 @@ index 98d264f..5245afc 100644 eap = ike_sa->get_other_eap_id(ike_sa); -@@ -348,7 +382,7 @@ CALLBACK(list_sas, vici_message_t*, +@@ -395,7 +429,7 @@ CALLBACK(list_sas, vici_message_t*, b = vici_builder_create(); b->begin_section(b, ike_sa->get_name(ike_sa)); @@ -83,7 +83,7 @@ index 98d264f..5245afc 100644 b->begin_section(b, "child-sas"); csas = ike_sa->create_child_sa_enumerator(ike_sa); -@@ -1063,7 +1097,7 @@ METHOD(listener_t, ike_updown, bool, +@@ -1110,7 +1144,7 @@ METHOD(listener_t, ike_updown, bool, } b->begin_section(b, ike_sa->get_name(ike_sa)); @@ -92,7 +92,7 @@ index 98d264f..5245afc 100644 b->end_section(b); this->dispatcher->raise_event(this->dispatcher, -@@ -1088,10 +1122,10 @@ METHOD(listener_t, ike_rekey, bool, +@@ -1135,10 +1169,10 @@ METHOD(listener_t, ike_rekey, bool, b = vici_builder_create(); b->begin_section(b, old->get_name(old)); b->begin_section(b, "old"); @@ -105,7 +105,7 @@ index 98d264f..5245afc 100644 b->end_section(b); b->end_section(b); -@@ -1121,7 +1155,7 @@ METHOD(listener_t, child_updown, bool, +@@ -1168,7 +1202,7 @@ METHOD(listener_t, child_updown, bool, } b->begin_section(b, ike_sa->get_name(ike_sa)); @@ -114,7 +114,7 @@ index 98d264f..5245afc 100644 b->begin_section(b, "child-sas"); b->begin_section(b, child_sa->get_name(child_sa)); -@@ -1153,7 +1187,7 @@ METHOD(listener_t, child_rekey, bool, +@@ -1200,7 +1234,7 @@ METHOD(listener_t, child_rekey, bool, b = vici_builder_create(); b->begin_section(b, ike_sa->get_name(ike_sa)); @@ -124,5 +124,5 @@ index 98d264f..5245afc 100644 b->begin_section(b, old->get_name(old)); -- -2.5.3 +2.6.3 diff --git a/main/strongswan/1003-vici-add-support-for-individual-sa-state-changes.patch b/main/strongswan/1003-vici-add-support-for-individual-sa-state-changes.patch index ac739eafa..ccd943e1c 100644 --- a/main/strongswan/1003-vici-add-support-for-individual-sa-state-changes.patch +++ b/main/strongswan/1003-vici-add-support-for-individual-sa-state-changes.patch @@ -1,4 +1,4 @@ -From 6ca8cf5415f8a984d281a1b5115df34c26ef9057 Mon Sep 17 00:00:00 2001 +From c8d0da1b9b9a15b24938038cc386cee387f886e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Mon, 21 Sep 2015 13:42:11 +0300 Subject: [PATCH] vici: add support for individual sa state changes @@ -14,10 +14,10 @@ Signed-off-by: Timo Teräs <timo.teras@iki.fi> 1 file changed, 105 insertions(+) diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c -index 5245afc..71fbf54 100644 +index e66ef45..6488774 100644 --- a/src/libcharon/plugins/vici/vici_query.c +++ b/src/libcharon/plugins/vici/vici_query.c -@@ -1066,8 +1066,16 @@ static void manage_commands(private_vici_query_t *this, bool reg) +@@ -1113,8 +1113,16 @@ static void manage_commands(private_vici_query_t *this, bool reg) this->dispatcher->manage_event(this->dispatcher, "list-cert", reg); this->dispatcher->manage_event(this->dispatcher, "ike-updown", reg); this->dispatcher->manage_event(this->dispatcher, "ike-rekey", reg); @@ -34,7 +34,7 @@ index 5245afc..71fbf54 100644 manage_command(this, "list-sas", list_sas, reg); manage_command(this, "list-policies", list_policies, reg); manage_command(this, "list-conns", list_conns, reg); -@@ -1135,6 +1143,45 @@ METHOD(listener_t, ike_rekey, bool, +@@ -1182,6 +1190,45 @@ METHOD(listener_t, ike_rekey, bool, return TRUE; } @@ -80,7 +80,7 @@ index 5245afc..71fbf54 100644 METHOD(listener_t, child_updown, bool, private_vici_query_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa, bool up) { -@@ -1210,6 +1257,62 @@ METHOD(listener_t, child_rekey, bool, +@@ -1257,6 +1304,62 @@ METHOD(listener_t, child_rekey, bool, return TRUE; } @@ -143,7 +143,7 @@ index 5245afc..71fbf54 100644 METHOD(vici_query_t, destroy, void, private_vici_query_t *this) { -@@ -1229,8 +1332,10 @@ vici_query_t *vici_query_create(vici_dispatcher_t *dispatcher) +@@ -1276,8 +1379,10 @@ vici_query_t *vici_query_create(vici_dispatcher_t *dispatcher) .listener = { .ike_updown = _ike_updown, .ike_rekey = _ike_rekey, @@ -155,5 +155,5 @@ index 5245afc..71fbf54 100644 .destroy = _destroy, }, -- -2.5.3 +2.6.3 diff --git a/main/strongswan/1004-vici-support-asynchronous-initiation.patch b/main/strongswan/1004-vici-support-asynchronous-initiation.patch index b7d351a73..94f82f4b9 100644 --- a/main/strongswan/1004-vici-support-asynchronous-initiation.patch +++ b/main/strongswan/1004-vici-support-asynchronous-initiation.patch @@ -1,4 +1,4 @@ -From 69f5bad1039df91c3d459b5a599b03e8852aca65 Mon Sep 17 00:00:00 2001 +From b96502164de6b648a672cc55c53b8d4fdfcd1db7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Mon, 21 Sep 2015 13:42:15 +0300 Subject: [PATCH] vici: support asynchronous initiation @@ -43,5 +43,5 @@ index 174bae4..5a83cb1 100644 case SUCCESS: msg = send_reply(this, NULL); -- -2.5.3 +2.6.3 diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD index 4edcd00b5..09a4b7c47 100644 --- a/main/strongswan/APKBUILD +++ b/main/strongswan/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Jesse Young <jlyo@jlyo.org> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=strongswan -pkgver=5.3.3 +pkgver=5.3.4 _pkgver=${pkgver//_rc/rc} pkgrel=0 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE" @@ -112,30 +112,30 @@ package() { install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1 } -md5sums="5a25f3d1c31a77ef44d14a2e7b3eaad0 strongswan-5.3.3.tar.bz2 -c46165934687326a26ec9153a34e2227 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch -d75b757fa44738dbdc5bcc8c60c9780d 1001-charon-add-optional-source-and-remote-overrides-for-.patch -4dfadf6fcb74c95c7360e33a416fb0d8 1002-vici-send-certificates-for-ike-sa-events.patch -ada5c5fda3aa5cd5b797feff3cba4b5d 1003-vici-add-support-for-individual-sa-state-changes.patch -366d0ee2ed135d9364e6449b56ac596a 1004-vici-support-asynchronous-initiation.patch +md5sums="655a632a515c74a99f2e9cc337ab2f33 strongswan-5.3.4.tar.bz2 +5f476baa26448b8eb463b3ccc7416c59 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch +63d8d76d3af822819adc7db7e94d8248 1001-charon-add-optional-source-and-remote-overrides-for-.patch +82b8d2b282888abd7fe12fa3325ea946 1002-vici-send-certificates-for-ike-sa-events.patch +2fb36e79e83640044d0010fd23db27bf 1003-vici-add-support-for-individual-sa-state-changes.patch +12089aa81c7bdd472d1be27371e0effe 1004-vici-support-asynchronous-initiation.patch ccb77ee342e1b3108a49262549bbbf36 2001-support-gre-key-in-ikev1.patch 85ebc1b6c6b9c0c6640d8136e97da8e1 strongswan.initd 7962a720ebef6892d80a3cbdab72c204 charon.initd" -sha256sums="39d2e8f572a57a77dda8dd8bdaf2ee47ad3cefeb86bbb840d594aa75f00f33e2 strongswan-5.3.3.tar.bz2 -6ee2826d8f2acf4010886b9990c4fe1f1be99e869144f3dd3705e38184300ca1 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch -47152a8d54c8ae75ea6e1d7c3c7695fb2e6eb48d24e80b13c25589a6570e3977 1001-charon-add-optional-source-and-remote-overrides-for-.patch -e70a78f8efa29d3a428d6393cd7c59a36acfdf676b51897d14b495c236a1996c 1002-vici-send-certificates-for-ike-sa-events.patch -f814519a0476477620f06d8bde0fd16f9094ee79807c0cbe4eb6d45034b5ff7d 1003-vici-add-support-for-individual-sa-state-changes.patch -f4415bd1a68311fca2a4159b74aa7c2577c6500db7f323bfc684a9dfba7c6450 1004-vici-support-asynchronous-initiation.patch +sha256sums="938ad1f7b612e039f1d32333f4865160be70f9fb3c207a31127d0168116459aa strongswan-5.3.4.tar.bz2 +7a7f9fa4ec183f62e3e01564aa6b303a7a883b959391cd7b63336afb6357b6ef 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch +3570f7e209b8efc91f4b7d1f9b2747c47d391357ac871b82966f781b71e6f59c 1001-charon-add-optional-source-and-remote-overrides-for-.patch +3201072d73e875189b2d982c9144be824ecc6448f614d51de4c22b3810789099 1002-vici-send-certificates-for-ike-sa-events.patch +55418460a0fde9429b1f2f0138a3723f9b0a51502fd5eb71329fb6d945a585d7 1003-vici-add-support-for-individual-sa-state-changes.patch +15954f7b3b357806f32bc1cfc1afd6a0832e97bffc2bfc3aee4b522016f3aa51 1004-vici-support-asynchronous-initiation.patch bbdbc73ba6cafaaab1ea303eec6d026ebb50ecd12b7c32be0b4dfeaf8ae24245 2001-support-gre-key-in-ikev1.patch ad43d1ed2585d84e12ad1e67fbdfe93983c424c5c64b230d5027c0aae496c65f strongswan.initd 97b018796f0f15106b70694449cff36e8fc586292aab09ef83a05c0c13142e73 charon.initd" -sha512sums="469b32635bb4c60af1fa5ee535bea5abcd91081c7d482baa861e3951e4aab00783620698b5eade82d9a77aea4ab60d2a00fbf7e9e8760feeffb67c517756169f strongswan-5.3.3.tar.bz2 -6b01e9810566e4f928fa72f01b5fa6cdbddaf1045433cb5b73b5a3d1cd73260ff195709e4d46384c2aa6540e4e62ad9021d9cad19b2061bc0153581e74cf2d0e 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch -0daa63c1da1d84a02b6f675b2ba246c30de537a2494e43bceb13eb201ca9c90644493cf5b85d522b4ccdb57928978fb65b4d44a43ecd2648376c8fdc1cd8bc2d 1001-charon-add-optional-source-and-remote-overrides-for-.patch -3cf83b588e4bc1ae20956f940f5f92357cbcc0bdcf7bf1b5984b64e09ae16b4871e836a1503fee8f6f55a4dbd0a47f39c75b3d4ed5fd52b71dd41bea15964d28 1002-vici-send-certificates-for-ike-sa-events.patch -00dbbd8ea9a434de13f1bb74b7cd2d64a97fbefa7ff943ba138282d02d3860e1363ca4fded0d24c215dc5678f13af16242b61ed192d3b7935e2d747f9aafdf61 1003-vici-add-support-for-individual-sa-state-changes.patch -fbfb4a2740d98d633a6ba946eb1a6b3ecc1dd924989bb94f23b34e5525471b11f735c82f0e8ce56441f836866d6e86c2c34f9bfe83689cd34f814dab6641c107 1004-vici-support-asynchronous-initiation.patch +sha512sums="2ab1c9a5d285c7f85b130a827b9525dd238a6d2b4c0c0e15a38a5e09dbb58228bfe4a6ab6c57ba6781f5d0d7f565cbb82e0ee2feac758c8033894c969acb8155 strongswan-5.3.4.tar.bz2 +591cc0ebc746dee4ded51aa131d705d6edd6f0d840661732162c80781ae99bb629ad844d8601637d81f71dbde46d2017b3067fc7eee4ab87071f4cb6b0470a76 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch +dd6d8bad4de89d77d92c93c890935880eaa55dc056eac92100fe034c1c045e0771995db58f9787a9f29cc42c4887ed5cf850035d559a471aea12c7d69fe174d7 1001-charon-add-optional-source-and-remote-overrides-for-.patch +00c4e5303c16cd2921af6dd319ae3955e9fd91a59b45f18283d6329623c0a2dca76ba2fc2aed92c14cab226de6c240b1675f2b3a62b5087d46a8fb1f1e9bfa92 1002-vici-send-certificates-for-ike-sa-events.patch +4c538557b21621ebcdac6d57a3e9997e1c3780c926eea28f0d3b762826dddc9f1e748cee6fe136f6b568f4c49740e2262110fe4038030463d1b9ee1b6f658154 1003-vici-add-support-for-individual-sa-state-changes.patch +82ac04c4f093e19f031538de3da7632d7126f87fcbffb41461022a707f89c24f9388b1ba71138572f7a437065f6347cfabd86474884c86ffff50267facfc580d 1004-vici-support-asynchronous-initiation.patch 0e554a6117f51a564a1b269c9ed2f2858d22ef61df483e2eb09997a3075444deb10df9d0cc8b9ddbe2bb2f740640860c21b1492a9ec28657844fa9c41b822bfc 2001-support-gre-key-in-ikev1.patch b56008c07b804dacb3441d3802880058986ab7b314297fe485649a771861885b9232f9fd53b94faa3388a5e9330e2b38a86af5c04f3ff119199720043967ec64 strongswan.initd 6f3abaaa8da0925f06cdd184fdf534518e40c49533dba427dbf31dbe88172e5626bdc9aadf798d791f82fbded08801c1f565d514e2c289e1f28448d0c2e72b79 charon.initd" |