aboutsummaryrefslogtreecommitdiffstats
path: root/main/strongswan
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2015-11-19 22:14:30 +0200
committerTimo Teräs <timo.teras@iki.fi>2015-11-19 22:14:30 +0200
commit3adb6561f830cc6f7eade5e2c465e3f51bb0324e (patch)
treef521cc7c9ba1f296a5b6b286f0fad82b05855dd0 /main/strongswan
parent84467229491d390cbbc0d77fb6bab3d92543b361 (diff)
downloadaports-3adb6561f830cc6f7eade5e2c465e3f51bb0324e.tar.bz2
aports-3adb6561f830cc6f7eade5e2c465e3f51bb0324e.tar.xz
main/strongswan: security upgrade to 5.3.4 (CVE-2015-8023)
Diffstat (limited to 'main/strongswan')
-rw-r--r--main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch26
-rw-r--r--main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch30
-rw-r--r--main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch20
-rw-r--r--main/strongswan/1003-vici-add-support-for-individual-sa-state-changes.patch14
-rw-r--r--main/strongswan/1004-vici-support-asynchronous-initiation.patch4
-rw-r--r--main/strongswan/APKBUILD38
6 files changed, 69 insertions, 63 deletions
diff --git a/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch b/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
index 666355757..24c1537b1 100644
--- a/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
+++ b/main/strongswan/0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
@@ -1,4 +1,4 @@
-From e0189de4c7b8df5cb61c7b0e771dcc5534e9cc06 Mon Sep 17 00:00:00 2001
+From f60c91a440d8b8a0969d99c9c84df40fe2ffc8c4 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 17 Jul 2015 11:53:58 +0200
Subject: [PATCH] ike: Adhere to IKE_SA limit when checking out by config
@@ -6,14 +6,14 @@ Subject: [PATCH] ike: Adhere to IKE_SA limit when checking out by config
This prevents new SAs from getting created if we hit the global IKE_SA
limit (we still allow checkout_new(), which is used for rekeying).
---
- src/libcharon/sa/ike_sa_manager.c | 63 ++++++++++++++++++++-------------------
- 1 file changed, 33 insertions(+), 30 deletions(-)
+ src/libcharon/sa/ike_sa_manager.c | 69 ++++++++++++++++++++-------------------
+ 1 file changed, 36 insertions(+), 33 deletions(-)
diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
-index 51b7f2c..20b6e50 100644
+index 4625df5..aeed6fe 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
-@@ -1346,44 +1346,47 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+@@ -1385,47 +1385,50 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
DBG2(DBG_MGR, "checkout IKE_SA by config");
@@ -35,7 +35,8 @@ index 51b7f2c..20b6e50 100644
- continue;
- }
- if (entry->ike_sa->get_state(entry->ike_sa) == IKE_DELETING)
-- { /* skip IKE_SAs which are not usable */
+- { /* skip IKE_SAs which are not usable, wake other waiting threads */
+- entry->condvar->signal(entry->condvar);
- continue;
- }
-
@@ -53,9 +54,10 @@ index 51b7f2c..20b6e50 100644
- current_peer->get_name(current_peer));
- break;
+ continue;
-+ }
+ }
+ if (entry->ike_sa->get_state(entry->ike_sa) == IKE_DELETING)
-+ { /* skip IKE_SAs which are not usable */
++ { /* skip IKE_SAs which are not usable, wake other waiting threads */
++ entry->condvar->signal(entry->condvar);
+ continue;
+ }
+ current_peer = entry->ike_sa->get_peer_cfg(entry->ike_sa);
@@ -72,8 +74,12 @@ index 51b7f2c..20b6e50 100644
+ current_peer->get_name(current_peer));
+ break;
+ }
- }
++ }
++ /* other threads might be waiting for this entry */
++ entry->condvar->signal(entry->condvar);
}
+- /* other threads might be waiting for this entry */
+- entry->condvar->signal(entry->condvar);
+ enumerator->destroy(enumerator);
}
- enumerator->destroy(enumerator);
@@ -92,5 +98,5 @@ index 51b7f2c..20b6e50 100644
}
charon->bus->set_sa(charon->bus, ike_sa);
--
-2.4.6
+2.6.3
diff --git a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
index 3f61be658..3dda65152 100644
--- a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
+++ b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
@@ -1,4 +1,4 @@
-From 6bc204df6722a9c3726d95fc3b34353e7ce9bd3d Mon Sep 17 00:00:00 2001
+From 9ff109798ae6d9dab4a60e0b26ef7242252bc735 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Mon, 21 Sep 2015 13:41:58 +0300
Subject: [PATCH] charon: add optional source and remote overrides for initiate
@@ -182,7 +182,7 @@ index 2e96f8f..e594a71 100644
{
peer_cfg->destroy(peer_cfg);
diff --git a/src/libcharon/plugins/stroke/stroke_control.c b/src/libcharon/plugins/stroke/stroke_control.c
-index 0125d17..72c806c 100644
+index 5a1a507..9100883 100644
--- a/src/libcharon/plugins/stroke/stroke_control.c
+++ b/src/libcharon/plugins/stroke/stroke_control.c
@@ -109,7 +109,7 @@ static void charon_initiate(private_stroke_control_t *this, peer_cfg_t *peer_cfg
@@ -341,7 +341,7 @@ index 5e88ac2..7043332 100644
case ACTION_ROUTE:
DBG1(DBG_JOB, "start action: route '%s'", name);
diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
-index 9a613a6..9fa615a 100644
+index aeed6fe..b2791cb 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -16,6 +16,28 @@
@@ -373,7 +373,7 @@ index 9a613a6..9fa615a 100644
#include <string.h>
#include "ike_sa_manager.h"
-@@ -1358,7 +1380,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
+@@ -1374,7 +1396,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
}
METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
@@ -383,7 +383,7 @@ index 9a613a6..9fa615a 100644
{
enumerator_t *enumerator;
entry_t *entry;
-@@ -1367,7 +1390,17 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+@@ -1383,7 +1406,17 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
ike_cfg_t *current_ike;
u_int segment;
@@ -402,8 +402,8 @@ index 9a613a6..9fa615a 100644
if (this->reuse_ikesa)
{
-@@ -1382,6 +1415,16 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
- { /* skip IKE_SAs which are not usable */
+@@ -1399,6 +1432,16 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+ entry->condvar->signal(entry->condvar);
continue;
}
+
@@ -419,7 +419,7 @@ index 9a613a6..9fa615a 100644
current_peer = entry->ike_sa->get_peer_cfg(entry->ike_sa);
if (current_peer && current_peer->equals(current_peer, peer_cfg))
{
-@@ -1411,6 +1454,10 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+@@ -1430,6 +1473,10 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
return NULL;
}
ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE);
@@ -431,10 +431,10 @@ index 9a613a6..9fa615a 100644
charon->bus->set_sa(charon->bus, ike_sa);
return ike_sa;
diff --git a/src/libcharon/sa/ike_sa_manager.h b/src/libcharon/sa/ike_sa_manager.h
-index 3ea928e..151ab22 100644
+index f1b7c25..dbe1e7d 100644
--- a/src/libcharon/sa/ike_sa_manager.h
+++ b/src/libcharon/sa/ike_sa_manager.h
-@@ -83,7 +83,8 @@ struct ike_sa_manager_t {
+@@ -93,7 +93,8 @@ struct ike_sa_manager_t {
ike_sa_t* (*checkout_by_message) (ike_sa_manager_t* this, message_t *message);
/**
@@ -444,7 +444,7 @@ index 3ea928e..151ab22 100644
*
* To initiate, a CHILD_SA may be established within an existing IKE_SA.
* This call checks for an existing IKE_SA by comparing the configuration.
-@@ -93,10 +94,13 @@ struct ike_sa_manager_t {
+@@ -103,10 +104,13 @@ struct ike_sa_manager_t {
* the found IKE_SA is in the DELETING state.
*
* @param peer_cfg configuration used to find an existing IKE_SA
@@ -460,10 +460,10 @@ index 3ea928e..151ab22 100644
/**
* Check for duplicates of the given IKE_SA.
diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c
-index 63505c9..442919f 100644
+index 90ad7e4..8e642e8 100644
--- a/src/libcharon/sa/trap_manager.c
+++ b/src/libcharon/sa/trap_manager.c
-@@ -401,7 +401,7 @@ METHOD(trap_manager_t, acquire, void,
+@@ -403,7 +403,7 @@ METHOD(trap_manager_t, acquire, void,
peer_cfg_t *peer;
child_cfg_t *child;
ike_sa_t *ike_sa;
@@ -472,7 +472,7 @@ index 63505c9..442919f 100644
bool wildcard, ignore = FALSE;
this->lock->read_lock(this->lock);
-@@ -477,36 +477,28 @@ METHOD(trap_manager_t, acquire, void,
+@@ -479,36 +479,28 @@ METHOD(trap_manager_t, acquire, void,
this->lock->unlock(this->lock);
if (wildcard)
@@ -607,5 +607,5 @@ index eb7b6ad..706fa57 100644
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
--
-2.5.3
+2.6.3
diff --git a/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch b/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch
index 8caabd063..792d11381 100644
--- a/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch
+++ b/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch
@@ -1,4 +1,4 @@
-From 2a175cc40c5754b803ccfe3f641b438f54b569ec Mon Sep 17 00:00:00 2001
+From b24d03c86cedbaa8d2c89ab98aab9f974e4d4f27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Mon, 21 Sep 2015 13:42:05 +0300
Subject: [PATCH] vici: send certificates for ike-sa events
@@ -12,10 +12,10 @@ Signed-off-by: Timo Teräs <timo.teras@iki.fi>
1 file changed, 41 insertions(+), 7 deletions(-)
diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c
-index 98d264f..5245afc 100644
+index 9a3d832..e66ef45 100644
--- a/src/libcharon/plugins/vici/vici_query.c
+++ b/src/libcharon/plugins/vici/vici_query.c
-@@ -225,13 +225,15 @@ static void list_task_queue(private_vici_query_t *this, vici_builder_t *b,
+@@ -264,13 +264,15 @@ static void list_vips(private_vici_query_t *this, vici_builder_t *b,
* List details of an IKE_SA
*/
static void list_ike(private_vici_query_t *this, vici_builder_t *b,
@@ -32,7 +32,7 @@ index 98d264f..5245afc 100644
b->add_kv(b, "uniqueid", "%u", ike_sa->get_unique_id(ike_sa));
b->add_kv(b, "version", "%u", ike_sa->get_version(ike_sa));
-@@ -239,9 +241,41 @@ static void list_ike(private_vici_query_t *this, vici_builder_t *b,
+@@ -278,9 +280,41 @@ static void list_ike(private_vici_query_t *this, vici_builder_t *b,
b->add_kv(b, "local-host", "%H", ike_sa->get_my_host(ike_sa));
b->add_kv(b, "local-id", "%Y", ike_sa->get_my_id(ike_sa));
@@ -74,7 +74,7 @@ index 98d264f..5245afc 100644
eap = ike_sa->get_other_eap_id(ike_sa);
-@@ -348,7 +382,7 @@ CALLBACK(list_sas, vici_message_t*,
+@@ -395,7 +429,7 @@ CALLBACK(list_sas, vici_message_t*,
b = vici_builder_create();
b->begin_section(b, ike_sa->get_name(ike_sa));
@@ -83,7 +83,7 @@ index 98d264f..5245afc 100644
b->begin_section(b, "child-sas");
csas = ike_sa->create_child_sa_enumerator(ike_sa);
-@@ -1063,7 +1097,7 @@ METHOD(listener_t, ike_updown, bool,
+@@ -1110,7 +1144,7 @@ METHOD(listener_t, ike_updown, bool,
}
b->begin_section(b, ike_sa->get_name(ike_sa));
@@ -92,7 +92,7 @@ index 98d264f..5245afc 100644
b->end_section(b);
this->dispatcher->raise_event(this->dispatcher,
-@@ -1088,10 +1122,10 @@ METHOD(listener_t, ike_rekey, bool,
+@@ -1135,10 +1169,10 @@ METHOD(listener_t, ike_rekey, bool,
b = vici_builder_create();
b->begin_section(b, old->get_name(old));
b->begin_section(b, "old");
@@ -105,7 +105,7 @@ index 98d264f..5245afc 100644
b->end_section(b);
b->end_section(b);
-@@ -1121,7 +1155,7 @@ METHOD(listener_t, child_updown, bool,
+@@ -1168,7 +1202,7 @@ METHOD(listener_t, child_updown, bool,
}
b->begin_section(b, ike_sa->get_name(ike_sa));
@@ -114,7 +114,7 @@ index 98d264f..5245afc 100644
b->begin_section(b, "child-sas");
b->begin_section(b, child_sa->get_name(child_sa));
-@@ -1153,7 +1187,7 @@ METHOD(listener_t, child_rekey, bool,
+@@ -1200,7 +1234,7 @@ METHOD(listener_t, child_rekey, bool,
b = vici_builder_create();
b->begin_section(b, ike_sa->get_name(ike_sa));
@@ -124,5 +124,5 @@ index 98d264f..5245afc 100644
b->begin_section(b, old->get_name(old));
--
-2.5.3
+2.6.3
diff --git a/main/strongswan/1003-vici-add-support-for-individual-sa-state-changes.patch b/main/strongswan/1003-vici-add-support-for-individual-sa-state-changes.patch
index ac739eafa..ccd943e1c 100644
--- a/main/strongswan/1003-vici-add-support-for-individual-sa-state-changes.patch
+++ b/main/strongswan/1003-vici-add-support-for-individual-sa-state-changes.patch
@@ -1,4 +1,4 @@
-From 6ca8cf5415f8a984d281a1b5115df34c26ef9057 Mon Sep 17 00:00:00 2001
+From c8d0da1b9b9a15b24938038cc386cee387f886e6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Mon, 21 Sep 2015 13:42:11 +0300
Subject: [PATCH] vici: add support for individual sa state changes
@@ -14,10 +14,10 @@ Signed-off-by: Timo Teräs <timo.teras@iki.fi>
1 file changed, 105 insertions(+)
diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c
-index 5245afc..71fbf54 100644
+index e66ef45..6488774 100644
--- a/src/libcharon/plugins/vici/vici_query.c
+++ b/src/libcharon/plugins/vici/vici_query.c
-@@ -1066,8 +1066,16 @@ static void manage_commands(private_vici_query_t *this, bool reg)
+@@ -1113,8 +1113,16 @@ static void manage_commands(private_vici_query_t *this, bool reg)
this->dispatcher->manage_event(this->dispatcher, "list-cert", reg);
this->dispatcher->manage_event(this->dispatcher, "ike-updown", reg);
this->dispatcher->manage_event(this->dispatcher, "ike-rekey", reg);
@@ -34,7 +34,7 @@ index 5245afc..71fbf54 100644
manage_command(this, "list-sas", list_sas, reg);
manage_command(this, "list-policies", list_policies, reg);
manage_command(this, "list-conns", list_conns, reg);
-@@ -1135,6 +1143,45 @@ METHOD(listener_t, ike_rekey, bool,
+@@ -1182,6 +1190,45 @@ METHOD(listener_t, ike_rekey, bool,
return TRUE;
}
@@ -80,7 +80,7 @@ index 5245afc..71fbf54 100644
METHOD(listener_t, child_updown, bool,
private_vici_query_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa, bool up)
{
-@@ -1210,6 +1257,62 @@ METHOD(listener_t, child_rekey, bool,
+@@ -1257,6 +1304,62 @@ METHOD(listener_t, child_rekey, bool,
return TRUE;
}
@@ -143,7 +143,7 @@ index 5245afc..71fbf54 100644
METHOD(vici_query_t, destroy, void,
private_vici_query_t *this)
{
-@@ -1229,8 +1332,10 @@ vici_query_t *vici_query_create(vici_dispatcher_t *dispatcher)
+@@ -1276,8 +1379,10 @@ vici_query_t *vici_query_create(vici_dispatcher_t *dispatcher)
.listener = {
.ike_updown = _ike_updown,
.ike_rekey = _ike_rekey,
@@ -155,5 +155,5 @@ index 5245afc..71fbf54 100644
.destroy = _destroy,
},
--
-2.5.3
+2.6.3
diff --git a/main/strongswan/1004-vici-support-asynchronous-initiation.patch b/main/strongswan/1004-vici-support-asynchronous-initiation.patch
index b7d351a73..94f82f4b9 100644
--- a/main/strongswan/1004-vici-support-asynchronous-initiation.patch
+++ b/main/strongswan/1004-vici-support-asynchronous-initiation.patch
@@ -1,4 +1,4 @@
-From 69f5bad1039df91c3d459b5a599b03e8852aca65 Mon Sep 17 00:00:00 2001
+From b96502164de6b648a672cc55c53b8d4fdfcd1db7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Mon, 21 Sep 2015 13:42:15 +0300
Subject: [PATCH] vici: support asynchronous initiation
@@ -43,5 +43,5 @@ index 174bae4..5a83cb1 100644
case SUCCESS:
msg = send_reply(this, NULL);
--
-2.5.3
+2.6.3
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD
index 4edcd00b5..09a4b7c47 100644
--- a/main/strongswan/APKBUILD
+++ b/main/strongswan/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Jesse Young <jlyo@jlyo.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=strongswan
-pkgver=5.3.3
+pkgver=5.3.4
_pkgver=${pkgver//_rc/rc}
pkgrel=0
pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
@@ -112,30 +112,30 @@ package() {
install -m755 -D "$srcdir/charon.initd" "$pkgdir/etc/init.d/charon" || return 1
}
-md5sums="5a25f3d1c31a77ef44d14a2e7b3eaad0 strongswan-5.3.3.tar.bz2
-c46165934687326a26ec9153a34e2227 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
-d75b757fa44738dbdc5bcc8c60c9780d 1001-charon-add-optional-source-and-remote-overrides-for-.patch
-4dfadf6fcb74c95c7360e33a416fb0d8 1002-vici-send-certificates-for-ike-sa-events.patch
-ada5c5fda3aa5cd5b797feff3cba4b5d 1003-vici-add-support-for-individual-sa-state-changes.patch
-366d0ee2ed135d9364e6449b56ac596a 1004-vici-support-asynchronous-initiation.patch
+md5sums="655a632a515c74a99f2e9cc337ab2f33 strongswan-5.3.4.tar.bz2
+5f476baa26448b8eb463b3ccc7416c59 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
+63d8d76d3af822819adc7db7e94d8248 1001-charon-add-optional-source-and-remote-overrides-for-.patch
+82b8d2b282888abd7fe12fa3325ea946 1002-vici-send-certificates-for-ike-sa-events.patch
+2fb36e79e83640044d0010fd23db27bf 1003-vici-add-support-for-individual-sa-state-changes.patch
+12089aa81c7bdd472d1be27371e0effe 1004-vici-support-asynchronous-initiation.patch
ccb77ee342e1b3108a49262549bbbf36 2001-support-gre-key-in-ikev1.patch
85ebc1b6c6b9c0c6640d8136e97da8e1 strongswan.initd
7962a720ebef6892d80a3cbdab72c204 charon.initd"
-sha256sums="39d2e8f572a57a77dda8dd8bdaf2ee47ad3cefeb86bbb840d594aa75f00f33e2 strongswan-5.3.3.tar.bz2
-6ee2826d8f2acf4010886b9990c4fe1f1be99e869144f3dd3705e38184300ca1 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
-47152a8d54c8ae75ea6e1d7c3c7695fb2e6eb48d24e80b13c25589a6570e3977 1001-charon-add-optional-source-and-remote-overrides-for-.patch
-e70a78f8efa29d3a428d6393cd7c59a36acfdf676b51897d14b495c236a1996c 1002-vici-send-certificates-for-ike-sa-events.patch
-f814519a0476477620f06d8bde0fd16f9094ee79807c0cbe4eb6d45034b5ff7d 1003-vici-add-support-for-individual-sa-state-changes.patch
-f4415bd1a68311fca2a4159b74aa7c2577c6500db7f323bfc684a9dfba7c6450 1004-vici-support-asynchronous-initiation.patch
+sha256sums="938ad1f7b612e039f1d32333f4865160be70f9fb3c207a31127d0168116459aa strongswan-5.3.4.tar.bz2
+7a7f9fa4ec183f62e3e01564aa6b303a7a883b959391cd7b63336afb6357b6ef 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
+3570f7e209b8efc91f4b7d1f9b2747c47d391357ac871b82966f781b71e6f59c 1001-charon-add-optional-source-and-remote-overrides-for-.patch
+3201072d73e875189b2d982c9144be824ecc6448f614d51de4c22b3810789099 1002-vici-send-certificates-for-ike-sa-events.patch
+55418460a0fde9429b1f2f0138a3723f9b0a51502fd5eb71329fb6d945a585d7 1003-vici-add-support-for-individual-sa-state-changes.patch
+15954f7b3b357806f32bc1cfc1afd6a0832e97bffc2bfc3aee4b522016f3aa51 1004-vici-support-asynchronous-initiation.patch
bbdbc73ba6cafaaab1ea303eec6d026ebb50ecd12b7c32be0b4dfeaf8ae24245 2001-support-gre-key-in-ikev1.patch
ad43d1ed2585d84e12ad1e67fbdfe93983c424c5c64b230d5027c0aae496c65f strongswan.initd
97b018796f0f15106b70694449cff36e8fc586292aab09ef83a05c0c13142e73 charon.initd"
-sha512sums="469b32635bb4c60af1fa5ee535bea5abcd91081c7d482baa861e3951e4aab00783620698b5eade82d9a77aea4ab60d2a00fbf7e9e8760feeffb67c517756169f strongswan-5.3.3.tar.bz2
-6b01e9810566e4f928fa72f01b5fa6cdbddaf1045433cb5b73b5a3d1cd73260ff195709e4d46384c2aa6540e4e62ad9021d9cad19b2061bc0153581e74cf2d0e 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
-0daa63c1da1d84a02b6f675b2ba246c30de537a2494e43bceb13eb201ca9c90644493cf5b85d522b4ccdb57928978fb65b4d44a43ecd2648376c8fdc1cd8bc2d 1001-charon-add-optional-source-and-remote-overrides-for-.patch
-3cf83b588e4bc1ae20956f940f5f92357cbcc0bdcf7bf1b5984b64e09ae16b4871e836a1503fee8f6f55a4dbd0a47f39c75b3d4ed5fd52b71dd41bea15964d28 1002-vici-send-certificates-for-ike-sa-events.patch
-00dbbd8ea9a434de13f1bb74b7cd2d64a97fbefa7ff943ba138282d02d3860e1363ca4fded0d24c215dc5678f13af16242b61ed192d3b7935e2d747f9aafdf61 1003-vici-add-support-for-individual-sa-state-changes.patch
-fbfb4a2740d98d633a6ba946eb1a6b3ecc1dd924989bb94f23b34e5525471b11f735c82f0e8ce56441f836866d6e86c2c34f9bfe83689cd34f814dab6641c107 1004-vici-support-asynchronous-initiation.patch
+sha512sums="2ab1c9a5d285c7f85b130a827b9525dd238a6d2b4c0c0e15a38a5e09dbb58228bfe4a6ab6c57ba6781f5d0d7f565cbb82e0ee2feac758c8033894c969acb8155 strongswan-5.3.4.tar.bz2
+591cc0ebc746dee4ded51aa131d705d6edd6f0d840661732162c80781ae99bb629ad844d8601637d81f71dbde46d2017b3067fc7eee4ab87071f4cb6b0470a76 0205-ike-Adhere-to-IKE_SA-limit-when-checking-out-by-conf.patch
+dd6d8bad4de89d77d92c93c890935880eaa55dc056eac92100fe034c1c045e0771995db58f9787a9f29cc42c4887ed5cf850035d559a471aea12c7d69fe174d7 1001-charon-add-optional-source-and-remote-overrides-for-.patch
+00c4e5303c16cd2921af6dd319ae3955e9fd91a59b45f18283d6329623c0a2dca76ba2fc2aed92c14cab226de6c240b1675f2b3a62b5087d46a8fb1f1e9bfa92 1002-vici-send-certificates-for-ike-sa-events.patch
+4c538557b21621ebcdac6d57a3e9997e1c3780c926eea28f0d3b762826dddc9f1e748cee6fe136f6b568f4c49740e2262110fe4038030463d1b9ee1b6f658154 1003-vici-add-support-for-individual-sa-state-changes.patch
+82ac04c4f093e19f031538de3da7632d7126f87fcbffb41461022a707f89c24f9388b1ba71138572f7a437065f6347cfabd86474884c86ffff50267facfc580d 1004-vici-support-asynchronous-initiation.patch
0e554a6117f51a564a1b269c9ed2f2858d22ef61df483e2eb09997a3075444deb10df9d0cc8b9ddbe2bb2f740640860c21b1492a9ec28657844fa9c41b822bfc 2001-support-gre-key-in-ikev1.patch
b56008c07b804dacb3441d3802880058986ab7b314297fe485649a771861885b9232f9fd53b94faa3388a5e9330e2b38a86af5c04f3ff119199720043967ec64 strongswan.initd
6f3abaaa8da0925f06cdd184fdf534518e40c49533dba427dbf31dbe88172e5626bdc9aadf798d791f82fbded08801c1f565d514e2c289e1f28448d0c2e72b79 charon.initd"