diff options
Diffstat (limited to 'package/isakmpd/patches')
-rw-r--r-- | package/isakmpd/patches/010-debian_3.patch | 145 | ||||
-rw-r--r-- | package/isakmpd/patches/020-standardize.patch | 92 | ||||
-rw-r--r-- | package/isakmpd/patches/030-openssl_hashes.patch | 57 | ||||
-rw-r--r-- | package/isakmpd/patches/040-security_fix.patch | 12 | ||||
-rw-r--r-- | package/isakmpd/patches/050-ar_cross.patch | 7 |
5 files changed, 185 insertions, 128 deletions
diff --git a/package/isakmpd/patches/010-debian_3.patch b/package/isakmpd/patches/010-debian_3.patch index 551ae1ffcd..0f50cf9c07 100644 --- a/package/isakmpd/patches/010-debian_3.patch +++ b/package/isakmpd/patches/010-debian_3.patch @@ -1,5 +1,7 @@ ---- isakmpd-20041012.orig/dpd.c -+++ isakmpd-20041012/dpd.c +Index: isakmpd-20041012.orig/dpd.c +=================================================================== +--- isakmpd-20041012.orig.orig/dpd.c 2007-06-04 13:22:39.088912864 +0200 ++++ isakmpd-20041012.orig/dpd.c 2007-06-04 13:22:39.282883376 +0200 @@ -26,6 +26,7 @@ #include <sys/types.h> @@ -24,8 +26,10 @@ } if (!sa->dpd_event) log_print("dpd_timer_reset: timer_add_event failed"); ---- isakmpd-20041012.orig/ipsec.c -+++ isakmpd-20041012/ipsec.c +Index: isakmpd-20041012.orig/ipsec.c +=================================================================== +--- isakmpd-20041012.orig.orig/ipsec.c 2007-06-04 13:22:39.093912104 +0200 ++++ isakmpd-20041012.orig/ipsec.c 2007-06-04 13:22:39.283883224 +0200 @@ -1020,6 +1020,52 @@ } } @@ -99,8 +103,10 @@ type = conf_get_str(section, "ID-type"); if (!type) { ---- isakmpd-20041012.orig/GNUmakefile -+++ isakmpd-20041012/GNUmakefile +Index: isakmpd-20041012.orig/GNUmakefile +=================================================================== +--- isakmpd-20041012.orig.orig/GNUmakefile 2007-06-04 13:22:39.099911192 +0200 ++++ isakmpd-20041012.orig/GNUmakefile 2007-06-04 13:22:39.283883224 +0200 @@ -40,12 +40,12 @@ # integrated, freebsd/netbsd means FreeBSD/NetBSD with KAME IPsec. # darwin means MacOS X 10.2 and later with KAME IPsec. linux means Linux-2.5 @@ -157,8 +163,10 @@ CFLAGS+= ${IPSEC_CFLAGS} LDADD+= ${DESLIB} DPADD+= ${DESLIBDEP} ---- isakmpd-20041012.orig/exchange.h -+++ isakmpd-20041012/exchange.h +Index: isakmpd-20041012.orig/exchange.h +=================================================================== +--- isakmpd-20041012.orig.orig/exchange.h 2007-06-04 13:22:39.104910432 +0200 ++++ isakmpd-20041012.orig/exchange.h 2007-06-04 13:22:39.283883224 +0200 @@ -221,6 +221,8 @@ #define EXCHANGE_FLAG_NAT_T_ENABLE 0x10 /* We are doing NAT-T. */ #define EXCHANGE_FLAG_NAT_T_KEEPALIVE 0x20 /* We are the NAT:ed peer. */ @@ -168,8 +176,10 @@ extern int exchange_add_certs(struct message *); extern void exchange_finalize(struct message *); ---- isakmpd-20041012.orig/log.c -+++ isakmpd-20041012/log.c +Index: isakmpd-20041012.orig/log.c +=================================================================== +--- isakmpd-20041012.orig.orig/log.c 2007-06-04 13:22:39.110909520 +0200 ++++ isakmpd-20041012.orig/log.c 2007-06-04 13:22:39.284883072 +0200 @@ -79,7 +79,6 @@ struct packhdr { @@ -237,8 +247,10 @@ sum = 0; for (i = 0; i < hdrlen; i += 2) ---- isakmpd-20041012.orig/nat_traversal.c -+++ isakmpd-20041012/nat_traversal.c +Index: isakmpd-20041012.orig/nat_traversal.c +=================================================================== +--- isakmpd-20041012.orig.orig/nat_traversal.c 2007-06-04 13:22:39.115908760 +0200 ++++ isakmpd-20041012.orig/nat_traversal.c 2007-06-04 13:22:39.284883072 +0200 @@ -1,4 +1,4 @@ -/* $OpenBSD: nat_traversal.c,v 1.7 2004/08/08 19:11:06 deraadt Exp $ */ +/* $OpenBSD: nat_traversal.c,v 1.17 2006/06/14 14:03:33 hshoexer Exp $ */ @@ -583,8 +595,10 @@ return 1; hbuf = nat_t_generate_nat_d_hash(msg, sa, &hbuflen); ---- isakmpd-20041012.orig/udp_encap.c -+++ isakmpd-20041012/udp_encap.c +Index: isakmpd-20041012.orig/udp_encap.c +=================================================================== +--- isakmpd-20041012.orig.orig/udp_encap.c 2007-06-04 13:22:39.121907848 +0200 ++++ isakmpd-20041012.orig/udp_encap.c 2007-06-04 13:22:39.284883072 +0200 @@ -61,6 +61,11 @@ #define UDP_SIZE 65536 @@ -616,16 +630,20 @@ /* Wildcard address ? */ switch (laddr->sa_family) { case AF_INET: ---- isakmpd-20041012.orig/apps/Makefile -+++ isakmpd-20041012/apps/Makefile +Index: isakmpd-20041012.orig/apps/Makefile +=================================================================== +--- isakmpd-20041012.orig.orig/apps/Makefile 2007-06-04 13:22:39.126907088 +0200 ++++ isakmpd-20041012.orig/apps/Makefile 2007-06-04 13:22:39.285882920 +0200 @@ -31,4 +31,4 @@ SUBDIR= certpatch -.include <bsd.subdir.mk> +#.include <bsd.subdir.mk> ---- isakmpd-20041012.orig/apps/certpatch/GNUmakefile -+++ isakmpd-20041012/apps/certpatch/GNUmakefile +Index: isakmpd-20041012.orig/apps/certpatch/GNUmakefile +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ isakmpd-20041012.orig/apps/certpatch/GNUmakefile 2007-06-04 13:22:39.285882920 +0200 @@ -0,0 +1,55 @@ +# $OpenBSD: Makefile,v 1.7 2003/06/03 14:35:00 ho Exp $ +# $EOM: Makefile,v 1.6 2000/03/28 21:22:06 ho Exp $ @@ -682,8 +700,10 @@ + +clean: + rm -f ${PROG} ---- isakmpd-20041012.orig/pf_key_v2.c -+++ isakmpd-20041012/pf_key_v2.c +Index: isakmpd-20041012.orig/pf_key_v2.c +=================================================================== +--- isakmpd-20041012.orig.orig/pf_key_v2.c 2007-06-04 13:22:39.137905416 +0200 ++++ isakmpd-20041012.orig/pf_key_v2.c 2007-06-04 13:22:39.287882616 +0200 @@ -1055,6 +1055,10 @@ #endif #if defined (USE_NAT_TRAVERSAL) && defined (SADB_X_EXT_UDPENCAP) @@ -800,8 +820,10 @@ msg.sadb_msg_satype = SADB_SATYPE_UNSPEC; msg.sadb_msg_seq = 0; flow = pf_key_v2_msg_new(&msg, 0); ---- isakmpd-20041012.orig/isakmp_num.cst -+++ isakmpd-20041012/isakmp_num.cst +Index: isakmpd-20041012.orig/isakmp_num.cst +=================================================================== +--- isakmpd-20041012.orig.orig/isakmp_num.cst 2007-06-04 13:22:39.143904504 +0200 ++++ isakmpd-20041012.orig/isakmp_num.cst 2007-06-04 13:22:39.287882616 +0200 @@ -57,15 +57,18 @@ KD 17 # RFC 3547, Key Download SEQ 18 # RFC 3547, Sequence Number @@ -824,8 +846,10 @@ . # ISAKMP exchange types. ---- isakmpd-20041012.orig/ipsec_num.cst -+++ isakmpd-20041012/ipsec_num.cst +Index: isakmpd-20041012.orig/ipsec_num.cst +=================================================================== +--- isakmpd-20041012.orig.orig/ipsec_num.cst 2007-06-04 13:22:39.149903592 +0200 ++++ isakmpd-20041012.orig/ipsec_num.cst 2007-06-04 13:22:39.287882616 +0200 @@ -62,10 +62,10 @@ IPSEC_ENCAP TUNNEL 1 @@ -841,8 +865,10 @@ . # IPSEC authentication algorithm. ---- isakmpd-20041012.orig/nat_traversal.h -+++ isakmpd-20041012/nat_traversal.h +Index: isakmpd-20041012.orig/nat_traversal.h +=================================================================== +--- isakmpd-20041012.orig.orig/nat_traversal.h 2007-06-04 13:22:39.154902832 +0200 ++++ isakmpd-20041012.orig/nat_traversal.h 2007-06-04 13:22:39.287882616 +0200 @@ -1,4 +1,4 @@ -/* $OpenBSD: nat_traversal.h,v 1.2 2004/06/21 23:27:10 ho Exp $ */ +/* $OpenBSD: nat_traversal.h,v 1.4 2005/07/25 15:03:47 hshoexer Exp $ */ @@ -874,8 +900,10 @@ void nat_t_init(void); int nat_t_add_vendor_payloads(struct message *); void nat_t_check_vendor_payload(struct message *, struct payload *); ---- isakmpd-20041012.orig/message.c -+++ isakmpd-20041012/message.c +Index: isakmpd-20041012.orig/message.c +=================================================================== +--- isakmpd-20041012.orig.orig/message.c 2007-06-04 13:22:39.160901920 +0200 ++++ isakmpd-20041012.orig/message.c 2007-06-04 13:22:39.288882464 +0200 @@ -112,6 +112,7 @@ message_validate_hash, message_validate_sig, message_validate_nonce, message_validate_notify, message_validate_delete, @@ -925,8 +953,10 @@ return ISAKMP_NAT_OA_SZ; #endif /* Not yet supported and any other unknown payloads. */ ---- isakmpd-20041012.orig/policy.c -+++ isakmpd-20041012/policy.c +Index: isakmpd-20041012.orig/policy.c +=================================================================== +--- isakmpd-20041012.orig.orig/policy.c 2007-06-04 13:22:39.165901160 +0200 ++++ isakmpd-20041012.orig/policy.c 2007-06-04 13:22:39.289882312 +0200 @@ -511,7 +511,10 @@ break; } @@ -964,8 +994,10 @@ /* Get policy file from configuration. */ policy_file = conf_get_str("General", "Policy-file"); if (!policy_file) ---- isakmpd-20041012.orig/ike_phase_1.c -+++ isakmpd-20041012/ike_phase_1.c +Index: isakmpd-20041012.orig/ike_phase_1.c +=================================================================== +--- isakmpd-20041012.orig.orig/ike_phase_1.c 2007-06-04 13:22:39.170900400 +0200 ++++ isakmpd-20041012.orig/ike_phase_1.c 2007-06-04 13:22:39.290882160 +0200 @@ -1040,9 +1040,9 @@ /* Compare expected/desired and received remote ID */ @@ -978,8 +1010,10 @@ return -1; } free(rid); ---- isakmpd-20041012.orig/x509.c -+++ isakmpd-20041012/x509.c +Index: isakmpd-20041012.orig/x509.c +=================================================================== +--- isakmpd-20041012.orig.orig/x509.c 2007-06-04 13:22:39.176899488 +0200 ++++ isakmpd-20041012.orig/x509.c 2007-06-04 13:22:39.290882160 +0200 @@ -910,7 +910,11 @@ X509_STORE_CTX_init(&csc, x509_cas, cert, NULL); #if OPENSSL_VERSION_NUMBER >= 0x00907000L @@ -992,8 +1026,10 @@ X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK); X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK_ALL); } ---- isakmpd-20041012.orig/sysdep/linux/sysdep.c -+++ isakmpd-20041012/sysdep/linux/sysdep.c +Index: isakmpd-20041012.orig/sysdep/linux/sysdep.c +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/linux/sysdep.c 2007-06-04 13:22:39.182898576 +0200 ++++ isakmpd-20041012.orig/sysdep/linux/sysdep.c 2007-06-04 13:22:39.291882008 +0200 @@ -169,22 +169,22 @@ return 0; @@ -1026,8 +1062,10 @@ return -1; } return 0; ---- isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep -+++ isakmpd-20041012/sysdep/linux/GNUmakefile.sysdep +Index: isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.187897816 +0200 ++++ isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.291882008 +0200 @@ -33,13 +33,13 @@ LDADD+= -lgmp ${LIBSYSDEP} ${LIBCRYPTO} DPADD+= ${LIBGMP} ${LIBSYSDEP} @@ -1055,8 +1093,10 @@ CFLAGS="${CFLAGS}" MKDEP="${MKDEP}" ${MAKECMDGOALS} ifeq ($(findstring clean,$(MAKECMDGOALS)),clean) ---- isakmpd-20041012.orig/sysdep/linux/include/bitstring.h -+++ isakmpd-20041012/sysdep/linux/include/bitstring.h +Index: isakmpd-20041012.orig/sysdep/linux/include/bitstring.h +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ isakmpd-20041012.orig/sysdep/linux/include/bitstring.h 2007-06-04 13:22:39.291882008 +0200 @@ -0,0 +1,132 @@ +/* $OpenBSD: bitstring.h,v 1.4 2002/06/19 02:50:10 millert Exp $ */ +/* $NetBSD: bitstring.h,v 1.5 1997/05/14 15:49:55 pk Exp $ */ @@ -1190,8 +1230,10 @@ +} while(0) + +#endif /* !_BITSTRING_H_ */ ---- isakmpd-20041012.orig/sysdep/linux/include/sys/queue.h -+++ isakmpd-20041012/sysdep/linux/include/sys/queue.h +Index: isakmpd-20041012.orig/sysdep/linux/include/sys/queue.h +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ isakmpd-20041012.orig/sysdep/linux/include/sys/queue.h 2007-06-04 13:22:39.292881856 +0200 @@ -0,0 +1,453 @@ +/* + * Copyright (c) 1991, 1993 @@ -1646,8 +1688,10 @@ +#endif /* _KERNEL */ + +#endif /* !_SYS_QUEUE_H_ */ ---- isakmpd-20041012.orig/sysdep/common/pcap.h -+++ isakmpd-20041012/sysdep/common/pcap.h +Index: isakmpd-20041012.orig/sysdep/common/pcap.h +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/common/pcap.h 2007-06-04 13:22:39.203895384 +0200 ++++ isakmpd-20041012.orig/sysdep/common/pcap.h 2007-06-04 13:22:39.292881856 +0200 @@ -55,8 +55,13 @@ u_int32_t linktype; /* data link type (DLT_*) */ }; @@ -1663,8 +1707,10 @@ u_int32_t caplen; /* length of portion present */ u_int32_t len; /* length this packet (off wire) */ }; ---- isakmpd-20041012.orig/sysdep/common/libsysdep/arc4random.c -+++ isakmpd-20041012/sysdep/common/libsysdep/arc4random.c +Index: isakmpd-20041012.orig/sysdep/common/libsysdep/arc4random.c +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/arc4random.c 2007-06-04 13:22:39.211894168 +0200 ++++ isakmpd-20041012.orig/sysdep/common/libsysdep/arc4random.c 2007-06-04 13:22:39.292881856 +0200 @@ -78,7 +78,7 @@ static void arc4_stir(struct arc4_stream *as) @@ -1674,8 +1720,10 @@ struct { struct timeval tv; u_int8_t rnd[128 - sizeof(struct timeval)]; ---- isakmpd-20041012.orig/x509v3.cnf -+++ isakmpd-20041012/x509v3.cnf +Index: isakmpd-20041012.orig/x509v3.cnf +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ isakmpd-20041012.orig/x509v3.cnf 2007-06-04 13:22:39.293881704 +0200 @@ -0,0 +1,26 @@ +# default settings +CERTPATHLEN = 1 @@ -1703,4 +1751,3 @@ +# The address must be provided in the CERTFQDN environment variable +[x509v3_FQDN] +subjectAltName=DNS:$ENV::CERTFQDN - diff --git a/package/isakmpd/patches/020-standardize.patch b/package/isakmpd/patches/020-standardize.patch index d6c5e87b5b..435782b637 100644 --- a/package/isakmpd/patches/020-standardize.patch +++ b/package/isakmpd/patches/020-standardize.patch @@ -1,7 +1,16 @@ -diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile ---- isakmpd/GNUmakefile 2004-01-16 13:36:32.000000000 +0100 -+++ isakmpd.new/GNUmakefile 2006-09-03 17:33:03.000000000 +0200 -@@ -238,3 +238,16 @@ +Index: isakmpd-20041012.orig/GNUmakefile +=================================================================== +--- isakmpd-20041012.orig.orig/GNUmakefile 2007-06-04 13:22:39.283883224 +0200 ++++ isakmpd-20041012.orig/GNUmakefile 2007-06-04 13:22:39.722816496 +0200 +@@ -168,7 +168,6 @@ + X509= x509.c + CFLAGS+= -DUSE_LIBCRYPTO + LDADD+= -lcrypto +-DPADD+= ${LIBCRYPTO} + endif + + ifdef USE_RAWKEY +@@ -242,3 +241,16 @@ realcleandepend: rm -f .depend tags @@ -18,9 +27,10 @@ diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile + $(INSTALL) $(INSTALL_OPTS) -m 444 isakmpd.8 $(DESTDIR)$(MANDIR)/man8 + -mkdir -p $(DESTDIR)$(MANDIR)/man5 + $(INSTALL) $(INSTALL_OPTS) -m 444 isakmpd.conf.5 isakmpd.policy.5 $(DESTDIR)$(MANDIR)/man5 -diff -urN isakmpd/samples/Makefile isakmpd.new/samples/Makefile ---- isakmpd/samples/Makefile 2003-06-03 16:39:50.000000000 +0200 -+++ isakmpd.new/samples/Makefile 2006-09-03 17:07:24.000000000 +0200 +Index: isakmpd-20041012.orig/samples/Makefile +=================================================================== +--- isakmpd-20041012.orig.orig/samples/Makefile 2007-06-04 13:22:39.015923960 +0200 ++++ isakmpd-20041012.orig/samples/Makefile 2007-06-04 13:22:39.722816496 +0200 @@ -26,7 +26,7 @@ # @@ -30,10 +40,10 @@ diff -urN isakmpd/samples/Makefile isakmpd.new/samples/Makefile # The mkdir below is for installation on OpenBSD pre 2.7 install: - -diff -urN isakmp.old/sysdep/linux/GNUmakefile.sysdep isakmp.dev/sysdep/linux/GNUmakefile.sysdep ---- isakmp.old/sysdep/linux/GNUmakefile.sysdep 2006-09-07 13:49:20.000000000 +0200 -+++ isakmp.dev/sysdep/linux/GNUmakefile.sysdep 2006-09-07 13:51:41.000000000 +0200 +Index: isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.291882008 +0200 ++++ isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.722816496 +0200 @@ -25,18 +25,18 @@ # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # @@ -57,20 +67,10 @@ diff -urN isakmp.old/sysdep/linux/GNUmakefile.sysdep isakmp.dev/sysdep/linux/GNU FEATURES= debug tripledes blowfish cast ec aggressive x509 policy FEATURES+= dpd nat_traversal isakmp_cfg des aes -diff -ruN isakmpd-20041012.orig/GNUmakefile isakmpd-20041012.new/GNUmakefile ---- isakmpd-20041012.orig/GNUmakefile 2006-12-16 22:41:26.000000000 +0100 -+++ isakmpd-20041012.new/GNUmakefile 2006-12-16 22:48:27.000000000 +0100 -@@ -169,7 +169,6 @@ - X509= x509.c - CFLAGS+= -DUSE_LIBCRYPTO - LDADD+= -lcrypto --DPADD+= ${LIBCRYPTO} - endif - - ifdef USE_RAWKEY -diff -ruN isakmpd-20041012.orig/Makefile isakmpd-20041012.new/Makefile ---- isakmpd-20041012.orig/Makefile 2004-10-12 23:25:52.000000000 +0200 -+++ isakmpd-20041012.new/Makefile 2006-12-16 22:46:48.000000000 +0100 +Index: isakmpd-20041012.orig/Makefile +=================================================================== +--- isakmpd-20041012.orig.orig/Makefile 2007-06-04 13:22:39.028921984 +0200 ++++ isakmpd-20041012.orig/Makefile 2007-06-04 13:22:39.723816344 +0200 @@ -147,7 +147,6 @@ .ifdef USE_LIBCRYPTO CFLAGS+= -DUSE_LIBCRYPTO @@ -79,9 +79,10 @@ diff -ruN isakmpd-20041012.orig/Makefile isakmpd-20041012.new/Makefile .endif .ifdef USE_LIBDES -diff -ruN isakmpd-20041012.orig/apps/certpatch/Makefile isakmpd-20041012.new/apps/certpatch/Makefile ---- isakmpd-20041012.orig/apps/certpatch/Makefile 2004-10-12 23:25:52.000000000 +0200 -+++ isakmpd-20041012.new/apps/certpatch/Makefile 2006-12-16 22:48:58.000000000 +0100 +Index: isakmpd-20041012.orig/apps/certpatch/Makefile +=================================================================== +--- isakmpd-20041012.orig.orig/apps/certpatch/Makefile 2007-06-04 13:22:39.035920920 +0200 ++++ isakmpd-20041012.orig/apps/certpatch/Makefile 2007-06-04 13:22:39.723816344 +0200 @@ -40,7 +40,6 @@ .PATH: ${TOPSRC} ${TOPSRC}/sysdep/${OS} ${TOPOBJ} CFLAGS+= -I${TOPSRC} -I${TOPSRC}/sysdep/${OS} -I${TOPOBJ} -Wall @@ -90,9 +91,10 @@ diff -ruN isakmpd-20041012.orig/apps/certpatch/Makefile isakmpd-20041012.new/app MAN= certpatch.8 .if ${FEATURES:Mgmp} == "gmp" -diff -ruN isakmpd-20041012.orig/regress/crypto/Makefile isakmpd-20041012.new/regress/crypto/Makefile ---- isakmpd-20041012.orig/regress/crypto/Makefile 2004-10-12 23:25:52.000000000 +0200 -+++ isakmpd-20041012.new/regress/crypto/Makefile 2006-12-16 22:50:02.000000000 +0100 +Index: isakmpd-20041012.orig/regress/crypto/Makefile +=================================================================== +--- isakmpd-20041012.orig.orig/regress/crypto/Makefile 2007-06-04 13:22:39.041920008 +0200 ++++ isakmpd-20041012.orig/regress/crypto/Makefile 2007-06-04 13:22:39.723816344 +0200 @@ -13,7 +13,7 @@ -DUSE_TRIPLEDES -DUSE_CAST -DUSE_BLOWFISH -DUSE_DES \ -DUSE_AES @@ -102,9 +104,10 @@ diff -ruN isakmpd-20041012.orig/regress/crypto/Makefile isakmpd-20041012.new/reg NOMAN= DEBUG= -g -diff -ruN isakmpd-20041012.orig/regress/dh/Makefile isakmpd-20041012.new/regress/dh/Makefile ---- isakmpd-20041012.orig/regress/dh/Makefile 2004-10-12 23:25:52.000000000 +0200 -+++ isakmpd-20041012.new/regress/dh/Makefile 2006-12-16 22:49:25.000000000 +0100 +Index: isakmpd-20041012.orig/regress/dh/Makefile +=================================================================== +--- isakmpd-20041012.orig.orig/regress/dh/Makefile 2007-06-04 13:22:39.048918944 +0200 ++++ isakmpd-20041012.orig/regress/dh/Makefile 2007-06-04 13:22:39.726815888 +0200 @@ -15,7 +15,6 @@ -DUSE_EC NOMAN= @@ -113,9 +116,10 @@ diff -ruN isakmpd-20041012.orig/regress/dh/Makefile isakmpd-20041012.new/regress DEBUG= -g .if ${FEATURES:Mgmp} == "gmp" -diff -ruN isakmpd-20041012.orig/regress/group/Makefile isakmpd-20041012.new/regress/group/Makefile ---- isakmpd-20041012.orig/regress/group/Makefile 2004-10-12 23:25:52.000000000 +0200 -+++ isakmpd-20041012.new/regress/group/Makefile 2006-12-16 22:49:30.000000000 +0100 +Index: isakmpd-20041012.orig/regress/group/Makefile +=================================================================== +--- isakmpd-20041012.orig.orig/regress/group/Makefile 2007-06-04 13:22:39.054918032 +0200 ++++ isakmpd-20041012.orig/regress/group/Makefile 2007-06-04 13:22:39.727815736 +0200 @@ -15,7 +15,6 @@ -DUSE_EC NOMAN= @@ -124,9 +128,10 @@ diff -ruN isakmpd-20041012.orig/regress/group/Makefile isakmpd-20041012.new/regr DEBUG= -g .if ${FEATURES:Mgmp} == "gmp" -diff -ruN isakmpd-20041012.orig/regress/rsakeygen/Makefile isakmpd-20041012.new/regress/rsakeygen/Makefile ---- isakmpd-20041012.orig/regress/rsakeygen/Makefile 2004-10-12 23:25:52.000000000 +0200 -+++ isakmpd-20041012.new/regress/rsakeygen/Makefile 2006-12-16 22:49:41.000000000 +0100 +Index: isakmpd-20041012.orig/regress/rsakeygen/Makefile +=================================================================== +--- isakmpd-20041012.orig.orig/regress/rsakeygen/Makefile 2007-06-04 13:22:39.060917120 +0200 ++++ isakmpd-20041012.orig/regress/rsakeygen/Makefile 2007-06-04 13:22:39.727815736 +0200 @@ -62,7 +62,6 @@ .ifdef USE_LIBCRYPTO CFLAGS+= -DUSE_LIBCRYPTO @@ -135,9 +140,10 @@ diff -ruN isakmpd-20041012.orig/regress/rsakeygen/Makefile isakmpd-20041012.new/ .endif .if !defined (HAVE_DLOPEN) && !defined (USE_LIBCRYPTO) -diff -ruN isakmpd-20041012.orig/regress/x509/Makefile isakmpd-20041012.new/regress/x509/Makefile ---- isakmpd-20041012.orig/regress/x509/Makefile 2004-10-12 23:25:52.000000000 +0200 -+++ isakmpd-20041012.new/regress/x509/Makefile 2006-12-16 22:49:49.000000000 +0100 +Index: isakmpd-20041012.orig/regress/x509/Makefile +=================================================================== +--- isakmpd-20041012.orig.orig/regress/x509/Makefile 2007-06-04 13:22:39.068915904 +0200 ++++ isakmpd-20041012.orig/regress/x509/Makefile 2007-06-04 13:22:39.727815736 +0200 @@ -78,7 +78,6 @@ X509= x509.c CFLAGS+= -DUSE_LIBCRYPTO diff --git a/package/isakmpd/patches/030-openssl_hashes.patch b/package/isakmpd/patches/030-openssl_hashes.patch index 680db86a31..f50afc598e 100644 --- a/package/isakmpd/patches/030-openssl_hashes.patch +++ b/package/isakmpd/patches/030-openssl_hashes.patch @@ -1,7 +1,8 @@ -diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile ---- isakmpd/GNUmakefile 2006-09-01 19:29:05.000000000 +0200 -+++ isakmpd.new/GNUmakefile 2006-09-01 19:29:28.000000000 +0200 -@@ -75,13 +75,14 @@ +Index: isakmpd-20041012.orig/GNUmakefile +=================================================================== +--- isakmpd-20041012.orig.orig/GNUmakefile 2007-06-04 13:22:39.722816496 +0200 ++++ isakmpd-20041012.orig/GNUmakefile 2007-06-04 13:22:40.000774240 +0200 +@@ -76,13 +76,14 @@ isakmp_fld.c isakmp_fld.h MAN= isakmpd.8 isakmpd.conf.5 isakmpd.policy.5 @@ -17,7 +18,7 @@ diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile # Do execution time profiles #CFLAGS+= -pg -@@ -172,6 +173,14 @@ +@@ -175,6 +176,14 @@ CFLAGS+= -DUSE_RAWKEY endif @@ -30,11 +31,12 @@ diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile +endif + SRCS+= ${IPSEC_SRCS} ${X509} ${POLICY} ${EC} ${AGGRESSIVE} ${DNSSEC} \ - $(ISAKMP_CFG) + $(ISAKMP_CFG) ${DPD} ${NAT_TRAVERSAL} CFLAGS+= ${IPSEC_CFLAGS} -diff -urN isakmpd/sysdep/common/libsysdep/GNUmakefile isakmpd.new/sysdep/common/libsysdep/GNUmakefile ---- isakmpd/sysdep/common/libsysdep/GNUmakefile 2003-06-03 16:52:06.000000000 +0200 -+++ isakmpd.new/sysdep/common/libsysdep/GNUmakefile 2006-09-01 19:29:28.000000000 +0200 +Index: isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/GNUmakefile 2007-06-04 13:22:38.959932472 +0200 ++++ isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile 2007-06-04 13:22:40.000774240 +0200 @@ -31,10 +31,18 @@ .CURDIR:= $(shell pwd) @@ -55,9 +57,10 @@ diff -urN isakmpd/sysdep/common/libsysdep/GNUmakefile isakmpd.new/sysdep/common/ lib${LIB}.a: ${SRCS:%.c=%.o} ar cq $@ ${SRCS:%.c=%.o} -diff -urN isakmpd/sysdep/common/libsysdep/md5.c isakmpd.new/sysdep/common/libsysdep/md5.c ---- isakmpd/sysdep/common/libsysdep/md5.c 2002-06-14 23:34:58.000000000 +0200 -+++ isakmpd.new/sysdep/common/libsysdep/md5.c 2006-09-01 19:29:28.000000000 +0200 +Index: isakmpd-20041012.orig/sysdep/common/libsysdep/md5.c +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/md5.c 2007-06-04 13:22:38.964931712 +0200 ++++ isakmpd-20041012.orig/sysdep/common/libsysdep/md5.c 2007-06-04 13:22:40.000774240 +0200 @@ -5,6 +5,8 @@ * changes to accommodate it in the kernel by ji. */ @@ -72,9 +75,10 @@ diff -urN isakmpd/sysdep/common/libsysdep/md5.c isakmpd.new/sysdep/common/libsys #endif +#endif /* USE_OPENSSL_MD5 */ -diff -urN isakmpd/sysdep/common/libsysdep/sha1.c isakmpd.new/sysdep/common/libsysdep/sha1.c ---- isakmpd/sysdep/common/libsysdep/sha1.c 2001-01-28 23:38:48.000000000 +0100 -+++ isakmpd.new/sysdep/common/libsysdep/sha1.c 2006-09-01 19:29:28.000000000 +0200 +Index: isakmpd-20041012.orig/sysdep/common/libsysdep/sha1.c +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/sha1.c 2007-06-04 13:22:38.970930800 +0200 ++++ isakmpd-20041012.orig/sysdep/common/libsysdep/sha1.c 2007-06-04 13:22:40.001774088 +0200 @@ -1,5 +1,7 @@ /* $OpenBSD: sha1.c,v 1.2 2001/01/28 22:38:48 niklas Exp $ */ @@ -89,9 +93,10 @@ diff -urN isakmpd/sysdep/common/libsysdep/sha1.c isakmpd.new/sysdep/common/libsy } + +#endif /* USE_OPENSSL_SHA1 */ -diff -urN isakmpd/sysdep/common/md5.h isakmpd.new/sysdep/common/md5.h ---- isakmpd/sysdep/common/md5.h 2001-01-28 23:38:47.000000000 +0100 -+++ isakmpd.new/sysdep/common/md5.h 2006-09-01 19:29:28.000000000 +0200 +Index: isakmpd-20041012.orig/sysdep/common/md5.h +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/common/md5.h 2007-06-04 13:22:38.976929888 +0200 ++++ isakmpd-20041012.orig/sysdep/common/md5.h 2007-06-04 13:22:40.001774088 +0200 @@ -1,5 +1,15 @@ /* $OpenBSD: md5.h,v 1.2 2001/01/28 22:38:47 niklas Exp $ */ @@ -114,9 +119,10 @@ diff -urN isakmpd/sysdep/common/md5.h isakmpd.new/sysdep/common/md5.h #define _MD5_H_ + +#endif /* USE_OPENSSL_MD5 */ -diff -urN isakmpd/sysdep/common/sha1.h isakmpd.new/sysdep/common/sha1.h ---- isakmpd/sysdep/common/sha1.h 2001-01-28 23:38:47.000000000 +0100 -+++ isakmpd.new/sysdep/common/sha1.h 2006-09-01 19:29:28.000000000 +0200 +Index: isakmpd-20041012.orig/sysdep/common/sha1.h +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/common/sha1.h 2007-06-04 13:22:38.982928976 +0200 ++++ isakmpd-20041012.orig/sysdep/common/sha1.h 2007-06-04 13:22:40.001774088 +0200 @@ -1,5 +1,16 @@ /* $OpenBSD: sha1.h,v 1.2 2001/01/28 22:38:47 niklas Exp $ */ @@ -140,10 +146,11 @@ diff -urN isakmpd/sysdep/common/sha1.h isakmpd.new/sysdep/common/sha1.h void SHA1Final(unsigned char digest[20], SHA1_CTX* context); + +#endif /* USE_OPENSSL_SHA1 */ -diff -urN isakmpd/sysdep/linux/GNUmakefile.sysdep isakmpd.new/sysdep/linux/GNUmakefile.sysdep ---- isakmpd/sysdep/linux/GNUmakefile.sysdep 2006-09-01 19:29:05.000000000 +0200 -+++ isakmpd.new/sysdep/linux/GNUmakefile.sysdep 2006-09-01 19:29:29.000000000 +0200 -@@ -48,6 +48,8 @@ +Index: isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.722816496 +0200 ++++ isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:40.001774088 +0200 +@@ -47,6 +47,8 @@ USE_LIBCRYPO= defined HAVE_DLOPEN= defined USE_KEYNOTE= defined diff --git a/package/isakmpd/patches/040-security_fix.patch b/package/isakmpd/patches/040-security_fix.patch index 9128880107..d70a722452 100644 --- a/package/isakmpd/patches/040-security_fix.patch +++ b/package/isakmpd/patches/040-security_fix.patch @@ -1,12 +1,8 @@ -Index: sbin/isakmpd/ipsec.c +Index: isakmpd-20041012.orig/ipsec.c =================================================================== -RCS file: /cvs/src/sbin/isakmpd/ipsec.c,v -retrieving revision 1.122 -retrieving revision 1.122.2.1 -diff -u -p -r1.122 -r1.122.2.1 ---- isakmpd/ipsec.c 23 Sep 2005 14:44:03 -0000 1.122 -+++ isakmpd/ipsec.c 19 Aug 2006 20:23:28 -0000 1.122.2.1 -@@ -2076,9 +2076,10 @@ ipsec_proto_init(struct proto *proto, ch +--- isakmpd-20041012.orig.orig/ipsec.c 2007-06-04 13:22:39.283883224 +0200 ++++ isakmpd-20041012.orig/ipsec.c 2007-06-04 13:22:40.247736696 +0200 +@@ -2176,9 +2176,10 @@ { struct ipsec_proto *iproto = proto->data; diff --git a/package/isakmpd/patches/050-ar_cross.patch b/package/isakmpd/patches/050-ar_cross.patch index 775e94d905..2bac048db3 100644 --- a/package/isakmpd/patches/050-ar_cross.patch +++ b/package/isakmpd/patches/050-ar_cross.patch @@ -1,6 +1,7 @@ -diff -ruN isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile isakmpd-20041012.new/sysdep/common/libsysdep/GNUmakefile ---- isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile 2007-01-08 03:16:16.000000000 +0100 -+++ isakmpd-20041012.new/sysdep/common/libsysdep/GNUmakefile 2007-01-08 03:23:24.000000000 +0100 +Index: isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile +=================================================================== +--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/GNUmakefile 2007-06-04 13:22:40.000774240 +0200 ++++ isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile 2007-06-04 13:22:40.431708728 +0200 @@ -44,7 +44,7 @@ endif |