diff options
author | Timo Teräs <timo.teras@iki.fi> | 2013-01-24 08:51:04 +0200 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-30 06:53:56 +0000 |
commit | 659561c436ec0ba22e36144a06f4450469d9018e (patch) | |
tree | 0aa66f9a187685243813a72ea629637a9c134f08 | |
parent | 31ac4fa138c8df9ddad1ee090e9d5e13ea17fa2f (diff) | |
download | alpine_aports-659561c436ec0ba22e36144a06f4450469d9018e.tar.bz2 alpine_aports-659561c436ec0ba22e36144a06f4450469d9018e.tar.xz alpine_aports-659561c436ec0ba22e36144a06f4450469d9018e.zip |
main/ipsec-tools: apply a security fix from upstream commit
(cherry picked from commit e90e26659383d1702bdeb9be143f3a11f3783488)
(cherry picked from commit 95721d929927bf044848f43af5e473bc94cd05b4)
-rw-r--r-- | main/ipsec-tools/01-fix-deletion-notification.patch | 12 | ||||
-rw-r--r-- | main/ipsec-tools/APKBUILD | 4 |
2 files changed, 15 insertions, 1 deletions
diff --git a/main/ipsec-tools/01-fix-deletion-notification.patch b/main/ipsec-tools/01-fix-deletion-notification.patch new file mode 100644 index 0000000000..c81846289d --- /dev/null +++ b/main/ipsec-tools/01-fix-deletion-notification.patch | |||
@@ -0,0 +1,12 @@ | |||
1 | diff -u -r1.48 isakmp_inf.c | ||
2 | --- a/src/racoon/isakmp_inf.c 29 Aug 2012 12:01:30 -0000 1.48 | ||
3 | +++ b/src/racoon/isakmp_inf.c 24 Jan 2013 06:46:45 -0000 | ||
4 | @@ -492,7 +492,7 @@ | ||
5 | "delete payload for protocol %s\n", | ||
6 | s_ipsecdoi_proto(delete->proto_id)); | ||
7 | |||
8 | - if(!iph1->rmconf->weak_phase1_check && !encrypted) { | ||
9 | + if((iph1 == NULL || !iph1->rmconf->weak_phase1_check) && !encrypted) { | ||
10 | plog(LLV_WARNING, LOCATION, iph1->remote, | ||
11 | "Ignoring unencrypted delete payload " | ||
12 | "(check the weak_phase1_check option)\n"); | ||
diff --git a/main/ipsec-tools/APKBUILD b/main/ipsec-tools/APKBUILD index e62082f80d..0d62f8078c 100644 --- a/main/ipsec-tools/APKBUILD +++ b/main/ipsec-tools/APKBUILD | |||
@@ -1,7 +1,7 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=ipsec-tools | 2 | pkgname=ipsec-tools |
3 | pkgver=0.8.1 | 3 | pkgver=0.8.1 |
4 | pkgrel=0 | 4 | pkgrel=1 |
5 | pkgdesc="User-space IPsec tools for various IPsec implementations" | 5 | pkgdesc="User-space IPsec tools for various IPsec implementations" |
6 | url="http://ipsec-tools.sourceforge.net/" | 6 | url="http://ipsec-tools.sourceforge.net/" |
7 | arch="all" | 7 | arch="all" |
@@ -12,6 +12,7 @@ subpackages="$pkgname-doc $pkgname-dev" | |||
12 | source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz | 12 | source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz |
13 | racoon.initd | 13 | racoon.initd |
14 | racoon.confd | 14 | racoon.confd |
15 | 01-fix-deletion-notification.patch | ||
15 | 20-grekey-support.patch | 16 | 20-grekey-support.patch |
16 | 50-reverse-connect.patch | 17 | 50-reverse-connect.patch |
17 | 70-defer-isakmp-ident-handling.patch | 18 | 70-defer-isakmp-ident-handling.patch |
@@ -60,6 +61,7 @@ package() { | |||
60 | md5sums="4d5d5ccc402c9c6bec0e87217e451fe5 ipsec-tools-0.8.1.tar.gz | 61 | md5sums="4d5d5ccc402c9c6bec0e87217e451fe5 ipsec-tools-0.8.1.tar.gz |
61 | 74f12ed04ed273a738229c0bfbf829cc racoon.initd | 62 | 74f12ed04ed273a738229c0bfbf829cc racoon.initd |
62 | 2d00250cf72da7f2f559c91b65a48747 racoon.confd | 63 | 2d00250cf72da7f2f559c91b65a48747 racoon.confd |
64 | c8b141e2c705c31af1c35d481e695ee6 01-fix-deletion-notification.patch | ||
63 | 79b919ab23080f54dc3e7686877ca6bd 20-grekey-support.patch | 65 | 79b919ab23080f54dc3e7686877ca6bd 20-grekey-support.patch |
64 | f97205eea3dc68d2437a2ad8720f4520 50-reverse-connect.patch | 66 | f97205eea3dc68d2437a2ad8720f4520 50-reverse-connect.patch |
65 | 94773c94233e14cdce0fa02ff780a43e 70-defer-isakmp-ident-handling.patch | 67 | 94773c94233e14cdce0fa02ff780a43e 70-defer-isakmp-ident-handling.patch |