diff options
author | Eugene Grosbein <eugen@FreeBSD.org> | 2018-04-29 10:00:01 +0000 |
---|---|---|
committer | Eugene Grosbein <eugen@FreeBSD.org> | 2018-04-29 10:00:01 +0000 |
commit | fd23b98f317b0970aebadd729e0cf0a4e53b4b11 (patch) | |
tree | b37fffa00429e7e00874d0810dc52bffa8b26bd4 /security/ipsec-tools | |
parent | b64264b2cb532fdddd0b855d99f3b10af2b4e404 (diff) | |
download | ports-fd23b98f317b0970aebadd729e0cf0a4e53b4b11.tar.gz ports-fd23b98f317b0970aebadd729e0cf0a4e53b4b11.zip |
Notes
Diffstat (limited to 'security/ipsec-tools')
-rw-r--r-- | security/ipsec-tools/Makefile | 2 | ||||
-rw-r--r-- | security/ipsec-tools/files/patch-isakmpinit | 64 |
2 files changed, 65 insertions, 1 deletions
diff --git a/security/ipsec-tools/Makefile b/security/ipsec-tools/Makefile index 7c8e247311a7..7e8b96098bf8 100644 --- a/security/ipsec-tools/Makefile +++ b/security/ipsec-tools/Makefile @@ -8,7 +8,7 @@ PORTNAME= ipsec-tools PORTVERSION= 0.8.2 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security MASTER_SITES= SF diff --git a/security/ipsec-tools/files/patch-isakmpinit b/security/ipsec-tools/files/patch-isakmpinit new file mode 100644 index 000000000000..3723a322139d --- /dev/null +++ b/security/ipsec-tools/files/patch-isakmpinit @@ -0,0 +1,64 @@ +--- src/racoon/isakmp_var.h.orig 2010-11-12 16:36:37.000000000 +0600 ++++ src/racoon/isakmp_var.h 2018-04-27 22:15:58.249644000 +0700 +@@ -128,7 +128,7 @@ + #endif + + extern int copy_ph1addresses __P(( struct ph1handle *, +- struct remoteconf *, struct sockaddr *, struct sockaddr *)); ++ struct remoteconf *, struct sockaddr *, struct sockaddr *, int)); + extern void log_ph1established __P((const struct ph1handle *)); + + extern void script_hook __P((struct ph1handle *, int)); +--- src/racoon/isakmp.c.orig 2018-04-27 22:13:23.465260000 +0700 ++++ src/racoon/isakmp.c 2018-04-27 22:20:44.865139000 +0700 +@@ -1075,7 +1075,7 @@ isakmp_ph1begin_i(rmconf, remote, local) + iph1->approval = NULL; + + /* XXX copy remote address */ +- if (copy_ph1addresses(iph1, rmconf, remote, local) < 0) { ++ if (copy_ph1addresses(iph1, rmconf, remote, local, 1) < 0) { + delph1(iph1); + return NULL; + } +@@ -1190,7 +1190,7 @@ isakmp_ph1begin_r(msg, remote, local, et + + /* copy remote address; remote and local always contain + * port numbers so rmconf is not needed */ +- if (copy_ph1addresses(iph1, NULL, remote, local) < 0) { ++ if (copy_ph1addresses(iph1, NULL, remote, local, 0) < 0) { + delph1(iph1); + return -1; + } +@@ -2906,10 +2906,11 @@ isakmp_printpacket(msg, from, my, decode + #endif /*HAVE_PRINT_ISAKMP_C*/ + + int +-copy_ph1addresses(iph1, rmconf, remote, local) ++copy_ph1addresses(iph1, rmconf, remote, local, initiator) + struct ph1handle *iph1; + struct remoteconf *rmconf; + struct sockaddr *remote, *local; ++ int initiator; + { + u_int16_t port; + +@@ -2925,7 +2926,7 @@ copy_ph1addresses(iph1, rmconf, remote, + * if remote has port # (in case of responder - from recvfrom(2)) + * respect content of "remote". + */ +- if (extract_port(iph1->remote) == 0) { ++ if (initiator || extract_port(iph1->remote) == 0) { + port = 0; + if (rmconf != NULL) + port = extract_port(rmconf->remote); +--- src/racoon/isakmp_inf.c.orig 2018-04-27 22:13:23.482870000 +0700 ++++ src/racoon/isakmp_inf.c 2018-04-27 22:21:27.080881000 +0700 +@@ -725,7 +725,7 @@ isakmp_info_send_nx(isakmp, remote, loca + #endif + + /* copy remote address */ +- if (copy_ph1addresses(iph1, NULL, remote, local) < 0) ++ if (copy_ph1addresses(iph1, NULL, remote, local, 0) < 0) + goto end; + + tlen = sizeof(*n) + spisiz; |