diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2015-11-19 22:14:30 +0200 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2015-11-19 22:14:30 +0200 |
| commit | 3adb6561f830cc6f7eade5e2c465e3f51bb0324e (patch) | |
| tree | f521cc7c9ba1f296a5b6b286f0fad82b05855dd0 /main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch | |
| parent | 84467229491d390cbbc0d77fb6bab3d92543b361 (diff) | |
| download | aports-3adb6561f830cc6f7eade5e2c465e3f51bb0324e.tar.bz2 aports-3adb6561f830cc6f7eade5e2c465e3f51bb0324e.tar.xz | |
main/strongswan: security upgrade to 5.3.4 (CVE-2015-8023)
Diffstat (limited to 'main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch')
| -rw-r--r-- | main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch index 3f61be6584..3dda65152b 100644 --- a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch +++ b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch @@ -1,4 +1,4 @@ -From 6bc204df6722a9c3726d95fc3b34353e7ce9bd3d Mon Sep 17 00:00:00 2001 +From 9ff109798ae6d9dab4a60e0b26ef7242252bc735 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Mon, 21 Sep 2015 13:41:58 +0300 Subject: [PATCH] charon: add optional source and remote overrides for initiate @@ -182,7 +182,7 @@ index 2e96f8f..e594a71 100644 { peer_cfg->destroy(peer_cfg); diff --git a/src/libcharon/plugins/stroke/stroke_control.c b/src/libcharon/plugins/stroke/stroke_control.c -index 0125d17..72c806c 100644 +index 5a1a507..9100883 100644 --- a/src/libcharon/plugins/stroke/stroke_control.c +++ b/src/libcharon/plugins/stroke/stroke_control.c @@ -109,7 +109,7 @@ static void charon_initiate(private_stroke_control_t *this, peer_cfg_t *peer_cfg @@ -341,7 +341,7 @@ index 5e88ac2..7043332 100644 case ACTION_ROUTE: DBG1(DBG_JOB, "start action: route '%s'", name); diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c -index 9a613a6..9fa615a 100644 +index aeed6fe..b2791cb 100644 --- a/src/libcharon/sa/ike_sa_manager.c +++ b/src/libcharon/sa/ike_sa_manager.c @@ -16,6 +16,28 @@ @@ -373,7 +373,7 @@ index 9a613a6..9fa615a 100644 #include <string.h> #include "ike_sa_manager.h" -@@ -1358,7 +1380,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*, +@@ -1374,7 +1396,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*, } METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, @@ -383,7 +383,7 @@ index 9a613a6..9fa615a 100644 { enumerator_t *enumerator; entry_t *entry; -@@ -1367,7 +1390,17 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, +@@ -1383,7 +1406,17 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, ike_cfg_t *current_ike; u_int segment; @@ -402,8 +402,8 @@ index 9a613a6..9fa615a 100644 if (this->reuse_ikesa) { -@@ -1382,6 +1415,16 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, - { /* skip IKE_SAs which are not usable */ +@@ -1399,6 +1432,16 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, + entry->condvar->signal(entry->condvar); continue; } + @@ -419,7 +419,7 @@ index 9a613a6..9fa615a 100644 current_peer = entry->ike_sa->get_peer_cfg(entry->ike_sa); if (current_peer && current_peer->equals(current_peer, peer_cfg)) { -@@ -1411,6 +1454,10 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, +@@ -1430,6 +1473,10 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*, return NULL; } ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE); @@ -431,10 +431,10 @@ index 9a613a6..9fa615a 100644 charon->bus->set_sa(charon->bus, ike_sa); return ike_sa; diff --git a/src/libcharon/sa/ike_sa_manager.h b/src/libcharon/sa/ike_sa_manager.h -index 3ea928e..151ab22 100644 +index f1b7c25..dbe1e7d 100644 --- a/src/libcharon/sa/ike_sa_manager.h +++ b/src/libcharon/sa/ike_sa_manager.h -@@ -83,7 +83,8 @@ struct ike_sa_manager_t { +@@ -93,7 +93,8 @@ struct ike_sa_manager_t { ike_sa_t* (*checkout_by_message) (ike_sa_manager_t* this, message_t *message); /** @@ -444,7 +444,7 @@ index 3ea928e..151ab22 100644 * * To initiate, a CHILD_SA may be established within an existing IKE_SA. * This call checks for an existing IKE_SA by comparing the configuration. -@@ -93,10 +94,13 @@ struct ike_sa_manager_t { +@@ -103,10 +104,13 @@ struct ike_sa_manager_t { * the found IKE_SA is in the DELETING state. * * @param peer_cfg configuration used to find an existing IKE_SA @@ -460,10 +460,10 @@ index 3ea928e..151ab22 100644 /** * Check for duplicates of the given IKE_SA. diff --git a/src/libcharon/sa/trap_manager.c b/src/libcharon/sa/trap_manager.c -index 63505c9..442919f 100644 +index 90ad7e4..8e642e8 100644 --- a/src/libcharon/sa/trap_manager.c +++ b/src/libcharon/sa/trap_manager.c -@@ -401,7 +401,7 @@ METHOD(trap_manager_t, acquire, void, +@@ -403,7 +403,7 @@ METHOD(trap_manager_t, acquire, void, peer_cfg_t *peer; child_cfg_t *child; ike_sa_t *ike_sa; @@ -472,7 +472,7 @@ index 63505c9..442919f 100644 bool wildcard, ignore = FALSE; this->lock->read_lock(this->lock); -@@ -477,36 +477,28 @@ METHOD(trap_manager_t, acquire, void, +@@ -479,36 +479,28 @@ METHOD(trap_manager_t, acquire, void, this->lock->unlock(this->lock); if (wildcard) @@ -607,5 +607,5 @@ index eb7b6ad..706fa57 100644 {"raw", 'r', 0, "dump raw response message"}, {"pretty", 'P', 0, "dump raw response message in pretty print"}, -- -2.5.3 +2.6.3 |