aboutsummaryrefslogtreecommitdiffstats
path: root/main/strongswan
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2015-07-17 11:55:55 +0300
committerTimo Teräs <timo.teras@iki.fi>2015-07-17 11:57:00 +0300
commit6f2ac56727056f7ba7c55640459e40bbb1f17ef6 (patch)
treef3a10eed7ccd10552b1dbf475e4edcb856468f6b /main/strongswan
parent562d4b1c781fc780fa893878ea3a6b850d6dbddb (diff)
downloadaports-6f2ac56727056f7ba7c55640459e40bbb1f17ef6.tar.bz2
aports-6f2ac56727056f7ba7c55640459e40bbb1f17ef6.tar.xz
amin/strongswan: upstream patch for applying limits to initiated connections
Diffstat (limited to 'main/strongswan')
-rw-r--r--main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch95
-rw-r--r--main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch6
-rw-r--r--main/strongswan/1003-vici-add-support-rekeying-events-and-individual-sa-s.patch8
-rw-r--r--main/strongswan/1004-vici-support-asynchronous-initiation.patch28
-rw-r--r--main/strongswan/APKBUILD38
5 files changed, 96 insertions, 79 deletions
diff --git a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
index 9bd1030d8a..b0c65223a2 100644
--- a/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
+++ b/main/strongswan/1001-charon-add-optional-source-and-remote-overrides-for-.patch
@@ -1,8 +1,7 @@
-From 75c546a8000f4ac294710e8d2b972587e14ad229 Mon Sep 17 00:00:00 2001
+From 9afff74c4bd8abadfd248f36cf9f8206928d3dc6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Wed, 27 Aug 2014 16:05:21 +0300
-Subject: [PATCH 1/4] charon: add optional source and remote overrides for
- initiate
+Subject: [PATCH] charon: add optional source and remote overrides for initiate
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@@ -18,30 +17,30 @@ Signed-off-by: Timo Teräs <timo.teras@iki.fi>
---
src/charon-cmd/cmd/cmd_connection.c | 2 +-
src/charon-nm/nm/nm_service.c | 2 +-
- src/libcharon/control/controller.c | 43 +++++++++++++++-
+ src/libcharon/control/controller.c | 43 ++++++++++++++-
src/libcharon/control/controller.h | 3 ++
src/libcharon/plugins/maemo/maemo_service.c | 2 +-
src/libcharon/plugins/stroke/stroke_control.c | 5 +-
src/libcharon/plugins/vici/vici_config.c | 2 +-
- src/libcharon/plugins/vici/vici_control.c | 58 ++++++++++++++++++---
+ src/libcharon/plugins/vici/vici_control.c | 63 ++++++++++++++++++----
src/libcharon/processing/jobs/start_action_job.c | 2 +-
src/libcharon/sa/ike_sa.c | 4 ++
- src/libcharon/sa/ike_sa_manager.c | 60 +++++++++++++++++++---
+ src/libcharon/sa/ike_sa_manager.c | 60 ++++++++++++++++++---
src/libcharon/sa/ike_sa_manager.h | 8 ++-
src/libcharon/sa/trap_manager.c | 3 +-
- src/swanctl/commands/initiate.c | 40 ++++++++++++++-
- 15 files changed, 210 insertions(+), 26 deletions(-)
+ src/swanctl/commands/initiate.c | 40 +++++++++++++-
+ 15 files changed, 213 insertions(+), 28 deletions(-)
diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c
-index 2c0b7b9..471b444 100644
+index 0c6a504..dc4eca3 100644
--- a/src/charon-cmd/cmd/cmd_connection.c
+++ b/src/charon-cmd/cmd/cmd_connection.c
@@ -434,7 +434,7 @@ static job_requeue_t initiate(private_cmd_connection_t *this)
child_cfg = create_child_cfg(this, peer_cfg);
if (charon->controller->initiate(charon->controller, peer_cfg, child_cfg,
-- controller_cb_empty, NULL, 0) != SUCCESS)
-+ NULL, NULL, controller_cb_empty, NULL, 0) != SUCCESS)
+- controller_cb_empty, NULL, 0, FALSE) != SUCCESS)
++ NULL, NULL, controller_cb_empty, NULL, 0, FALSE) != SUCCESS)
{
terminate(pid);
}
@@ -59,7 +58,7 @@ index fc7e899..4f4461a 100644
{
peer_cfg->destroy(peer_cfg);
diff --git a/src/libcharon/control/controller.c b/src/libcharon/control/controller.c
-index fd8349e..665c2fa 100644
+index 097f5ac..9c3b45b 100644
--- a/src/libcharon/control/controller.c
+++ b/src/libcharon/control/controller.c
@@ -15,6 +15,28 @@
@@ -108,7 +107,7 @@ index fd8349e..665c2fa 100644
* unique ID, used for various methods
*/
u_int32_t id;
-@@ -350,9 +382,14 @@ METHOD(job_t, initiate_execute, job_requeue_t,
+@@ -355,9 +387,14 @@ METHOD(job_t, initiate_execute, job_requeue_t,
ike_sa_t *ike_sa;
interface_listener_t *listener = &job->listener;
peer_cfg_t *peer_cfg = listener->peer_cfg;
@@ -124,7 +123,7 @@ index fd8349e..665c2fa 100644
if (!ike_sa)
{
listener->child_cfg->destroy(listener->child_cfg);
-@@ -362,6 +399,7 @@ METHOD(job_t, initiate_execute, job_requeue_t,
+@@ -366,6 +403,7 @@ METHOD(job_t, initiate_execute, job_requeue_t,
listener_done(listener);
return JOB_REQUEUE_NONE;
}
@@ -132,25 +131,25 @@ index fd8349e..665c2fa 100644
listener->lock->lock(listener->lock);
listener->ike_sa = ike_sa;
listener->lock->unlock(listener->lock);
-@@ -391,6 +429,7 @@ METHOD(job_t, initiate_execute, job_requeue_t,
+@@ -438,6 +476,7 @@ METHOD(job_t, initiate_execute, job_requeue_t,
METHOD(controller_t, initiate, status_t,
private_controller_t *this, peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
+ host_t *my_host, host_t *other_host,
- controller_cb_t callback, void *param, u_int timeout)
+ controller_cb_t callback, void *param, u_int timeout, bool limits)
{
interface_job_t *job;
-@@ -413,6 +452,8 @@ METHOD(controller_t, initiate, status_t,
+@@ -460,6 +499,8 @@ METHOD(controller_t, initiate, status_t,
.status = FAILED,
.child_cfg = child_cfg,
.peer_cfg = peer_cfg,
+ .my_host = my_host ? my_host->clone(my_host) : NULL,
+ .other_host = other_host ? other_host->clone(other_host) : NULL,
.lock = spinlock_create(),
+ .limits = limits,
},
- .public = {
diff --git a/src/libcharon/control/controller.h b/src/libcharon/control/controller.h
-index 02f4ebb..e70f2b5 100644
+index 5ffeac5..fb2e787 100644
--- a/src/libcharon/control/controller.h
+++ b/src/libcharon/control/controller.h
@@ -79,6 +79,8 @@ struct controller_t {
@@ -162,14 +161,14 @@ index 02f4ebb..e70f2b5 100644
* @param cb logging callback
* @param param parameter to include in each call of cb
* @param timeout timeout in ms to wait for callbacks, 0 to disable
-@@ -90,6 +92,7 @@ struct controller_t {
+@@ -92,6 +94,7 @@ struct controller_t {
*/
status_t (*initiate)(controller_t *this,
peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
+ host_t *my_host, host_t *other_host,
- controller_cb_t callback, void *param, u_int timeout);
+ controller_cb_t callback, void *param, u_int timeout,
+ bool limits);
- /**
diff --git a/src/libcharon/plugins/maemo/maemo_service.c b/src/libcharon/plugins/maemo/maemo_service.c
index 2e96f8f..e594a71 100644
--- a/src/libcharon/plugins/maemo/maemo_service.c
@@ -184,15 +183,15 @@ index 2e96f8f..e594a71 100644
{
peer_cfg->destroy(peer_cfg);
diff --git a/src/libcharon/plugins/stroke/stroke_control.c b/src/libcharon/plugins/stroke/stroke_control.c
-index 0084fbf..e5f38b4 100644
+index 0125d17..72c806c 100644
--- a/src/libcharon/plugins/stroke/stroke_control.c
+++ b/src/libcharon/plugins/stroke/stroke_control.c
@@ -109,7 +109,7 @@ static void charon_initiate(private_stroke_control_t *this, peer_cfg_t *peer_cfg
if (msg->output_verbosity < 0)
{
charon->controller->initiate(charon->controller, peer_cfg, child_cfg,
-- NULL, NULL, 0);
-+ NULL, NULL, NULL, NULL, 0);
+- NULL, NULL, 0, FALSE);
++ NULL, NULL, NULL, NULL, 0, FALSE);
}
else
{
@@ -203,24 +202,24 @@ index 0084fbf..e5f38b4 100644
- peer_cfg, child_cfg, (controller_cb_t)stroke_log,
+ peer_cfg, child_cfg, NULL, NULL,
+ (controller_cb_t)stroke_log,
- &info, this->timeout);
+ &info, this->timeout, FALSE);
switch (status)
{
diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
-index d232599..3c4e3ec 100644
+index dfea2ab..233af4c 100644
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
@@ -1558,7 +1558,7 @@ static void run_start_action(private_vici_config_t *this, peer_cfg_t *peer_cfg,
DBG1(DBG_CFG, "initiating '%s'", child_cfg->get_name(child_cfg));
charon->controller->initiate(charon->controller,
peer_cfg->get_ref(peer_cfg), child_cfg->get_ref(child_cfg),
-- NULL, NULL, 0);
-+ NULL, NULL, NULL, NULL, 0);
+- NULL, NULL, 0, FALSE);
++ NULL, NULL, NULL, NULL, 0, FALSE);
break;
case ACTION_ROUTE:
DBG1(DBG_CFG, "installing '%s'", child_cfg->get_name(child_cfg));
diff --git a/src/libcharon/plugins/vici/vici_control.c b/src/libcharon/plugins/vici/vici_control.c
-index 01d5036..9a58399 100644
+index 88574f8..d37e11f 100644
--- a/src/libcharon/plugins/vici/vici_control.c
+++ b/src/libcharon/plugins/vici/vici_control.c
@@ -13,6 +13,28 @@
@@ -263,11 +262,11 @@ index 01d5036..9a58399 100644
+ host_t *my_host = NULL, *other_host = NULL;
+ char *child, *my_host_str, *other_host_str;
u_int timeout;
+ bool limits;
log_info_t log = {
- .dispatcher = this->dispatcher,
-@@ -171,31 +195,51 @@ CALLBACK(initiate, vici_message_t*,
- child = request->get_str(request, NULL, "child");
+@@ -173,34 +197,55 @@ CALLBACK(initiate, vici_message_t*,
timeout = request->get_int(request, 0, "timeout");
+ limits = request->get_bool(request, FALSE, "init-limits");
log.level = request->get_int(request, 1, "loglevel");
+ my_host_str = request->get_str(request, NULL, "my-host");
+ other_host_str = request->get_str(request, NULL, "other-host");
@@ -287,7 +286,7 @@ index 01d5036..9a58399 100644
+ other_host = host_create_from_string(other_host_str, 0);
+ }
+
-+ DBG1(DBG_CFG, "vici initiate '%s', me %H, other %H", child, my_host, other_host);
++ DBG1(DBG_CFG, "vici initiate '%s', me %H, other %H, limits %d", child, my_host, other_host, limits);
child_cfg = find_child_cfg(child, &peer_cfg);
if (!child_cfg)
@@ -296,10 +295,11 @@ index 01d5036..9a58399 100644
+ msg = send_reply(this, "CHILD_SA config '%s' not found", child);
+ goto ret;
}
- switch (charon->controller->initiate(charon->controller,
-- peer_cfg, child_cfg, (controller_cb_t)log_vici, &log, timeout))
+- switch (charon->controller->initiate(charon->controller, peer_cfg,
+- child_cfg, (controller_cb_t)log_vici, &log, timeout, limits))
++ switch (charon->controller->initiate(charon->controller,
+ peer_cfg, child_cfg, my_host, other_host,
-+ (controller_cb_t)log_vici, &log, timeout))
++ (controller_cb_t)log_vici, &log, timeout, limits))
{
case SUCCESS:
- return send_reply(this, NULL);
@@ -310,6 +310,11 @@ index 01d5036..9a58399 100644
+ msg = send_reply(this, "CHILD_SA '%s' not established after %dms",
child, timeout);
+ break;
+ case INVALID_STATE:
+- return send_reply(this, "establishing CHILD_SA '%s' not possible "
++ msg = send_reply(this, "establishing CHILD_SA '%s' not possible "
+ "at the moment due to limits", child);
++ break;
case FAILED:
default:
- return send_reply(this, "establishing CHILD_SA '%s' failed", child);
@@ -324,15 +329,15 @@ index 01d5036..9a58399 100644
CALLBACK(terminate, vici_message_t*,
diff --git a/src/libcharon/processing/jobs/start_action_job.c b/src/libcharon/processing/jobs/start_action_job.c
-index 981473b..fd42f3b 100644
+index 5e88ac2..7043332 100644
--- a/src/libcharon/processing/jobs/start_action_job.c
+++ b/src/libcharon/processing/jobs/start_action_job.c
@@ -61,7 +61,7 @@ METHOD(job_t, execute, job_requeue_t,
charon->controller->initiate(charon->controller,
peer_cfg->get_ref(peer_cfg),
child_cfg->get_ref(child_cfg),
-- NULL, NULL, 0);
-+ NULL, NULL, NULL, NULL, 0);
+- NULL, NULL, 0, FALSE);
++ NULL, NULL, NULL, NULL, 0, FALSE);
break;
case ACTION_ROUTE:
DBG1(DBG_JOB, "start action: route '%s'", name);
@@ -352,7 +357,7 @@ index 3aafa4c..dcd54a1 100644
if (host)
{
diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
-index 938f784..23d0488 100644
+index 987260d..2f44f7c 100644
--- a/src/libcharon/sa/ike_sa_manager.c
+++ b/src/libcharon/sa/ike_sa_manager.c
@@ -16,6 +16,28 @@
@@ -384,7 +389,7 @@ index 938f784..23d0488 100644
#include <string.h>
#include "ike_sa_manager.h"
-@@ -1328,16 +1350,28 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
+@@ -1335,16 +1357,28 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
}
METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
@@ -416,7 +421,7 @@ index 938f784..23d0488 100644
if (!this->reuse_ikesa)
{ /* IKE_SA reuse disable by config */
-@@ -1358,14 +1392,24 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+@@ -1365,14 +1399,24 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
continue;
}
@@ -443,7 +448,7 @@ index 938f784..23d0488 100644
DBG2(DBG_MGR, "found existing IKE_SA %u with a '%s' config",
ike_sa->get_unique_id(ike_sa),
current_peer->get_name(current_peer));
-@@ -1375,9 +1419,13 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
+@@ -1382,9 +1426,13 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
}
enumerator->destroy(enumerator);
@@ -581,5 +586,5 @@ index eb7b6ad..706fa57 100644
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
--
-2.4.2
+2.4.5
diff --git a/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch b/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch
index 2769dff243..e8853d9ccc 100644
--- a/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch
+++ b/main/strongswan/1002-vici-send-certificates-for-ike-sa-events.patch
@@ -1,7 +1,7 @@
-From b47b7feba0a45d70c8909fad37e97baa0d317144 Mon Sep 17 00:00:00 2001
+From c1a33f1b826536a90951be611de9804a3a524b32 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 30 Apr 2015 12:08:13 +0300
-Subject: [PATCH 2/4] vici: send certificates for ike-sa events
+Subject: [PATCH] vici: send certificates for ike-sa events
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@@ -102,5 +102,5 @@ index d94d760..3d461f7 100644
b->begin_section(b, child_sa->get_name(child_sa));
--
-2.4.2
+2.4.5
diff --git a/main/strongswan/1003-vici-add-support-rekeying-events-and-individual-sa-s.patch b/main/strongswan/1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
index 635e75fee5..95d67eff50 100644
--- a/main/strongswan/1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
+++ b/main/strongswan/1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
@@ -1,8 +1,8 @@
-From 228bfd9f9c0fb27a6802f5d4dc8d747cf4644a1d Mon Sep 17 00:00:00 2001
+From 9a695f579173f087c9e72620fa70d6e28171e1f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 30 Apr 2015 10:58:15 +0300
-Subject: [PATCH 3/4] vici: add support rekeying events, and individual sa
- state changes
+Subject: [PATCH] vici: add support rekeying events, and individual sa state
+ changes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@@ -209,5 +209,5 @@ index 3d461f7..ade181c 100644
.destroy = _destroy,
},
--
-2.4.2
+2.4.5
diff --git a/main/strongswan/1004-vici-support-asynchronous-initiation.patch b/main/strongswan/1004-vici-support-asynchronous-initiation.patch
index eefda89fd5..5c99482796 100644
--- a/main/strongswan/1004-vici-support-asynchronous-initiation.patch
+++ b/main/strongswan/1004-vici-support-asynchronous-initiation.patch
@@ -1,7 +1,7 @@
-From 18c8cb346648a385878d6cde8d1d95fa22cf0a9b Mon Sep 17 00:00:00 2001
+From 4564b52fdbb6e588398178e607023fbac2819da8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Thu, 28 May 2015 13:06:51 +0300
-Subject: [PATCH 4/4] vici: support asynchronous initiation
+Subject: [PATCH] vici: support asynchronous initiation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@@ -12,36 +12,36 @@ Signed-off-by: Timo Teräs <timo.teras@iki.fi>
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/libcharon/plugins/vici/vici_control.c b/src/libcharon/plugins/vici/vici_control.c
-index 9a58399..e9bcb90 100644
+index d37e11f..66478fd 100644
--- a/src/libcharon/plugins/vici/vici_control.c
+++ b/src/libcharon/plugins/vici/vici_control.c
-@@ -186,7 +186,7 @@ CALLBACK(initiate, vici_message_t*,
- peer_cfg_t *peer_cfg;
+@@ -187,7 +187,7 @@ CALLBACK(initiate, vici_message_t*,
host_t *my_host = NULL, *other_host = NULL;
char *child, *my_host_str, *other_host_str;
-- u_int timeout;
-+ u_int timeout, async;
+ u_int timeout;
+- bool limits;
++ bool limits, async;
log_info_t log = {
.dispatcher = this->dispatcher,
.id = id,
-@@ -194,6 +194,7 @@ CALLBACK(initiate, vici_message_t*,
-
+@@ -196,6 +196,7 @@ CALLBACK(initiate, vici_message_t*,
child = request->get_str(request, NULL, "child");
timeout = request->get_int(request, 0, "timeout");
-+ async = request->get_int(request, 0, "async");
+ limits = request->get_bool(request, FALSE, "init-limits");
++ async = request->get_bool(request, FALSE, "async");
log.level = request->get_int(request, 1, "loglevel");
my_host_str = request->get_str(request, NULL, "my-host");
other_host_str = request->get_str(request, NULL, "other-host");
-@@ -222,7 +223,8 @@ CALLBACK(initiate, vici_message_t*,
+@@ -224,7 +225,8 @@ CALLBACK(initiate, vici_message_t*,
}
switch (charon->controller->initiate(charon->controller,
peer_cfg, child_cfg, my_host, other_host,
-- (controller_cb_t)log_vici, &log, timeout))
+- (controller_cb_t)log_vici, &log, timeout, limits))
+ async ? NULL : (controller_cb_t)log_vici,
-+ &log, timeout))
++ &log, timeout, limits))
{
case SUCCESS:
msg = send_reply(this, NULL);
--
-2.4.2
+2.4.5
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD
index 0de3ab8e86..f14ff2019c 100644
--- a/main/strongswan/APKBUILD
+++ b/main/strongswan/APKBUILD
@@ -3,7 +3,7 @@
pkgname=strongswan
pkgver=5.3.2
_pkgver=${pkgver//_rc/rc}
-pkgrel=3
+pkgrel=4
pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
url="http://www.strongswan.org/"
arch="all"
@@ -18,6 +18,9 @@ subpackages="$pkgname-doc $pkgname-dbg"
source="http://download.strongswan.org/$pkgname-$_pkgver.tar.bz2
0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
+ 0003-controller-Optionally-adhere-to-init-limits-also-whe.patch
+ 0004-vici-Add-get_bool-convenience-getter-for-VICI-messag.patch
+ 0005-vici-Optionally-check-limits-when-initiating-connect.patch
1001-charon-add-optional-source-and-remote-overrides-for-.patch
1002-vici-send-certificates-for-ike-sa-events.patch
1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
@@ -108,30 +111,39 @@ package() {
md5sums="fab014be1477ef4ebf9a765e10f8802c strongswan-5.3.2.tar.bz2
eb8d38dbf918e5f3adfd55f8ace7aeb1 0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
53982788f8ab0962193f695da30a8a94 0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
-e553c5e9a895a2d95b1cbc33407d64a0 1001-charon-add-optional-source-and-remote-overrides-for-.patch
-8bea05feac6f4e90c4973b2459864437 1002-vici-send-certificates-for-ike-sa-events.patch
-125c4e648f73b0dbdaa741ac13ed6d87 1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
-f65811bd1ae6e7f98cf9d76928a0aa03 1004-vici-support-asynchronous-initiation.patch
+c46a4f2b21a83988512f6108e154620b 0003-controller-Optionally-adhere-to-init-limits-also-whe.patch
+8b5ea458119df0c1ecee181c0f7f7c57 0004-vici-Add-get_bool-convenience-getter-for-VICI-messag.patch
+0f8316631df321caad6c9b6b5c0b6e5c 0005-vici-Optionally-check-limits-when-initiating-connect.patch
+b7244e10364e6348665048b9eec43cc6 1001-charon-add-optional-source-and-remote-overrides-for-.patch
+4970959a1722b4139e7a22a2d93e866d 1002-vici-send-certificates-for-ike-sa-events.patch
+89f7d85291d6a82230e5337cfa071a67 1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
+aac217481a1a8ae68719771039c27354 1004-vici-support-asynchronous-initiation.patch
b9f874287c35cce075b761087c28ab50 2001-support-gre-key-in-ikev1.patch
85ebc1b6c6b9c0c6640d8136e97da8e1 strongswan.initd
7962a720ebef6892d80a3cbdab72c204 charon.initd"
sha256sums="a4a9bc8c4e42bdc4366a87a05a02bf9f425169a7ab0c6f4482d347e44acbf225 strongswan-5.3.2.tar.bz2
bce611d5f3d773589c6a751aec7fbaab39c8926134cab6fe2d5586639244bdc0 0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
4e1f76a76278c7621ca860156c25dfda90a7d9010b6426a9fd7c74c190166043 0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
-a472df28677d4f43a063926a65b52b317dfca0b74f8c6a2e3bf852b94fbf5f0f 1001-charon-add-optional-source-and-remote-overrides-for-.patch
-c1cfe3d1e3345238e125a46a492f8dc0800aa3dc75aea060d54cdbab35fd60cb 1002-vici-send-certificates-for-ike-sa-events.patch
-4e08d4fe01717de0601411b4756141394ced2d3107adc47f2c2beac2f92a967e 1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
-42171ee35e7679fe3d4efb80fdb121b0a7ea8df5cf3395bbcccb97d56327027c 1004-vici-support-asynchronous-initiation.patch
+fb7478cad812e40134f5796c5faea4f939a71c4676efe9d17573041b696a61c7 0003-controller-Optionally-adhere-to-init-limits-also-whe.patch
+31f8e5c1f451ed14045072cd13f2085c39f064403f264d12fb2f75aa5e996f5a 0004-vici-Add-get_bool-convenience-getter-for-VICI-messag.patch
+a5601aa4ce0be4ac74f482817fd64c60e4986781271a2ed354806bbcbcd2223b 0005-vici-Optionally-check-limits-when-initiating-connect.patch
+a3d471cbcc9481264352ca029b70ad8f85fab15495a4aef3cbb209fc19765436 1001-charon-add-optional-source-and-remote-overrides-for-.patch
+baa8ee13f207f5e89b34b759c355e48ed79138fabcd9af841692afb15cf8b61f 1002-vici-send-certificates-for-ike-sa-events.patch
+e0de13d4fc6d66e33973696d62b4a45cd63b5fa6c477891e7651102c2bc3a4d7 1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
+295476ace69d36f1059c48afb99ec5180086710146a6e10c28c7eed96759a976 1004-vici-support-asynchronous-initiation.patch
ec58de15c3856a2fd9ea003b7e78a7434dad54f9a4c54d499b09a6eef3761d18 2001-support-gre-key-in-ikev1.patch
ad43d1ed2585d84e12ad1e67fbdfe93983c424c5c64b230d5027c0aae496c65f strongswan.initd
97b018796f0f15106b70694449cff36e8fc586292aab09ef83a05c0c13142e73 charon.initd"
sha512sums="60b17645c00769d497f4cea2229b41a217c29fe1109b58be256a0d4a6ccf4765348b9eb89466539c2528756344c2fa969f25ea1cd8856d56c5d55aa78e632e68 strongswan-5.3.2.tar.bz2
5ec6fd6160a55d7313f8dd3315a353d426f98ea57d167e73e97bff25ca175d2848f7ea0956cb2ec9cbca24f2be1dc0c1b1d123ee947f64baa6dfc712d04e77e1 0001-kernel-netlink-Actually-verify-if-the-netlink-messag.patch
ee5dc2d2c719895e69d9a0324b48d43b4b86122eb8848143db7a4a629e79d594deeb4a000a429c85a31552358e9e1e2a7de8a1917c6ebb075a77281f074e0740 0002-kernel-netlink-Use-the-PAGE_SIZE-as-default-for-the-.patch
-682c768e82c6b8e48680ab73db49eb3a462b90ee317c943a42a82812d171a19da27ff4139bff0fc9af7b228cdcef44a75b86979f4b1b3af0bbc9698e4329fb4a 1001-charon-add-optional-source-and-remote-overrides-for-.patch
-ca6eec72f75f243234baa1b361ab6dba82a810d1efb01dbcfd16cd7ce104c3f18fb932c1f6f280a566bfcbe16bc67d7d55e024f72c9eef82a62fe78505293c5c 1002-vici-send-certificates-for-ike-sa-events.patch
-2e28af9043cab41f16c57f41ccb65b6591ec32d50a811bd393c4dcf7f0ffe81fac67679c41b716dfc74fca9ebedd178fe0b572b1c2cda3ccc685a0ad0d02f65a 1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
-39e4a9839b2f6f42f662620b20697c684b90949622f8cc21c393ca55ab40e669befd1d2055e0f0c799cf37733a37bbf4df2b9cebc984a45bb66ecba6fa0ef116 1004-vici-support-asynchronous-initiation.patch
+7da65c2f5459811e4c6a1643d42eca0dedd206335a0127277a6f11cf15a75a2a546848219065517d065016639ffa2e2b40f275cca7083adc3ee545f3e051e050 0003-controller-Optionally-adhere-to-init-limits-also-whe.patch
+4192aa916c5018046a21bb2d94e82ae35a81f4f462107f81b2f1b0a95372f212411852768d34ec3937c141570789b8ac1a1734552b0a07cac96a085fe28bc848 0004-vici-Add-get_bool-convenience-getter-for-VICI-messag.patch
+4a36a0c9c456537e6b71975e6947a15a0fdcda875454ded4d23f9d1073c9258b901d7a4116786f63a590f30725cc41c23eca414e0757f240cc4f4eb8e56cb285 0005-vici-Optionally-check-limits-when-initiating-connect.patch
+4cfe0b15a28b600b51be2ae270d303a65854756e30d60d8d897e0106f77ba7e05ec1625cc7cfafce54443bcb8c72ded09aa759f2540589afea491c81a05e65f0 1001-charon-add-optional-source-and-remote-overrides-for-.patch
+142e3207aa3646a82ed1831635ef16003b86625f763927d56e074aeb5d6d04f108a21f713f877afc48119ee3df784af727e5bee8dddf0671dc2a6058f9708af4 1002-vici-send-certificates-for-ike-sa-events.patch
+1781b8de169d0d41f8cb4d63c0b85b1e9eae2d52935d3753a876e8fee542ab58933be11c36f2a230233144c94c12c1d7641dbb58c89481e27d889e7f17fad87e 1003-vici-add-support-rekeying-events-and-individual-sa-s.patch
+aaf0701a4564fdce9d4422e8c33ea704142e371392cb7fa552cf0c71cb00d0dbd5901c21e45fadc23798cfdb95066da9d24b2f2b9b037761e670ee30f4b93b35 1004-vici-support-asynchronous-initiation.patch
723aad9269ae7da54b1d551b290c80951c3b779737353fa845c00d190c9ef6c6bc406d8ed22254a27844985b7ffaa12b99acce91ec0b192caf639c81b06bf771 2001-support-gre-key-in-ikev1.patch
b56008c07b804dacb3441d3802880058986ab7b314297fe485649a771861885b9232f9fd53b94faa3388a5e9330e2b38a86af5c04f3ff119199720043967ec64 strongswan.initd
6f3abaaa8da0925f06cdd184fdf534518e40c49533dba427dbf31dbe88172e5626bdc9aadf798d791f82fbded08801c1f565d514e2c289e1f28448d0c2e72b79 charon.initd"