diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2013-01-24 08:51:04 +0200 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-29 16:01:16 +0000 |
| commit | 95721d929927bf044848f43af5e473bc94cd05b4 (patch) | |
| tree | 49c62de1fd36bd0eabe75f8db1593bdf87600890 | |
| parent | 390d7c24a40c667fa713be619513798524b10a74 (diff) | |
| download | alpine_aports-95721d929927bf044848f43af5e473bc94cd05b4.tar.bz2 alpine_aports-95721d929927bf044848f43af5e473bc94cd05b4.tar.xz alpine_aports-95721d929927bf044848f43af5e473bc94cd05b4.zip | |
main/ipsec-tools: apply a security fix from upstream commit
(cherry picked from commit e90e26659383d1702bdeb9be143f3a11f3783488)
| -rw-r--r-- | main/ipsec-tools/01-fix-deletion-notification.patch | 12 | ||||
| -rw-r--r-- | main/ipsec-tools/APKBUILD | 4 |
2 files changed, 15 insertions, 1 deletions
diff --git a/main/ipsec-tools/01-fix-deletion-notification.patch b/main/ipsec-tools/01-fix-deletion-notification.patch new file mode 100644 index 0000000000..c81846289d --- /dev/null +++ b/main/ipsec-tools/01-fix-deletion-notification.patch | |||
| @@ -0,0 +1,12 @@ | |||
| 1 | diff -u -r1.48 isakmp_inf.c | ||
| 2 | --- a/src/racoon/isakmp_inf.c 29 Aug 2012 12:01:30 -0000 1.48 | ||
| 3 | +++ b/src/racoon/isakmp_inf.c 24 Jan 2013 06:46:45 -0000 | ||
| 4 | @@ -492,7 +492,7 @@ | ||
| 5 | "delete payload for protocol %s\n", | ||
| 6 | s_ipsecdoi_proto(delete->proto_id)); | ||
| 7 | |||
| 8 | - if(!iph1->rmconf->weak_phase1_check && !encrypted) { | ||
| 9 | + if((iph1 == NULL || !iph1->rmconf->weak_phase1_check) && !encrypted) { | ||
| 10 | plog(LLV_WARNING, LOCATION, iph1->remote, | ||
| 11 | "Ignoring unencrypted delete payload " | ||
| 12 | "(check the weak_phase1_check option)\n"); | ||
diff --git a/main/ipsec-tools/APKBUILD b/main/ipsec-tools/APKBUILD index e62082f80d..0d62f8078c 100644 --- a/main/ipsec-tools/APKBUILD +++ b/main/ipsec-tools/APKBUILD | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
| 2 | pkgname=ipsec-tools | 2 | pkgname=ipsec-tools |
| 3 | pkgver=0.8.1 | 3 | pkgver=0.8.1 |
| 4 | pkgrel=0 | 4 | pkgrel=1 |
| 5 | pkgdesc="User-space IPsec tools for various IPsec implementations" | 5 | pkgdesc="User-space IPsec tools for various IPsec implementations" |
| 6 | url="http://ipsec-tools.sourceforge.net/" | 6 | url="http://ipsec-tools.sourceforge.net/" |
| 7 | arch="all" | 7 | arch="all" |
| @@ -12,6 +12,7 @@ subpackages="$pkgname-doc $pkgname-dev" | |||
| 12 | source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz | 12 | source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz |
| 13 | racoon.initd | 13 | racoon.initd |
| 14 | racoon.confd | 14 | racoon.confd |
| 15 | 01-fix-deletion-notification.patch | ||
| 15 | 20-grekey-support.patch | 16 | 20-grekey-support.patch |
| 16 | 50-reverse-connect.patch | 17 | 50-reverse-connect.patch |
| 17 | 70-defer-isakmp-ident-handling.patch | 18 | 70-defer-isakmp-ident-handling.patch |
| @@ -60,6 +61,7 @@ package() { | |||
| 60 | md5sums="4d5d5ccc402c9c6bec0e87217e451fe5 ipsec-tools-0.8.1.tar.gz | 61 | md5sums="4d5d5ccc402c9c6bec0e87217e451fe5 ipsec-tools-0.8.1.tar.gz |
| 61 | 74f12ed04ed273a738229c0bfbf829cc racoon.initd | 62 | 74f12ed04ed273a738229c0bfbf829cc racoon.initd |
| 62 | 2d00250cf72da7f2f559c91b65a48747 racoon.confd | 63 | 2d00250cf72da7f2f559c91b65a48747 racoon.confd |
| 64 | c8b141e2c705c31af1c35d481e695ee6 01-fix-deletion-notification.patch | ||
| 63 | 79b919ab23080f54dc3e7686877ca6bd 20-grekey-support.patch | 65 | 79b919ab23080f54dc3e7686877ca6bd 20-grekey-support.patch |
| 64 | f97205eea3dc68d2437a2ad8720f4520 50-reverse-connect.patch | 66 | f97205eea3dc68d2437a2ad8720f4520 50-reverse-connect.patch |
| 65 | 94773c94233e14cdce0fa02ff780a43e 70-defer-isakmp-ident-handling.patch | 67 | 94773c94233e14cdce0fa02ff780a43e 70-defer-isakmp-ident-handling.patch |