From 764be31e954db1beb6e8b5d903a7a85c12094271 Mon Sep 17 00:00:00 2001
From: Avesh Agarwal <avagarwa@redhat.com>
Date: Thu, 12 Sep 2013 13:18:45 -0400
Subject: [PATCH] Fixed initialization crash of IMV and IMC particularly

  attestation imv/imc as libstrongswas was not getting
  initialized.
---
 imcv-initialization-crash-git-5ec08.patch | 145 ++++++++++++++++++++++
 strongswan.spec                           |   9 +-
 2 files changed, 153 insertions(+), 1 deletion(-)
 create mode 100644 imcv-initialization-crash-git-5ec08.patch

diff --git a/imcv-initialization-crash-git-5ec08.patch b/imcv-initialization-crash-git-5ec08.patch
new file mode 100644
index 0000000..d1fc80c
--- /dev/null
+++ b/imcv-initialization-crash-git-5ec08.patch
@@ -0,0 +1,145 @@
+diff -urNp strongswan-5.1.0/src/libimcv/plugins/imv_os/imv_os_agent.c strongswan-5.1.0-test/src/libimcv/plugins/imv_os/imv_os_agent.c
+--- strongswan-5.1.0/src/libimcv/plugins/imv_os/imv_os_agent.c	2013-07-04 15:55:16.000000000 -0400
++++ strongswan-5.1.0-test/src/libimcv/plugins/imv_os/imv_os_agent.c	2013-09-11 15:39:04.263741942 -0400
+@@ -779,6 +779,14 @@ imv_agent_if_t *imv_os_agent_create(cons
+ 									TNC_Version *actual_version)
+ {
+ 	private_imv_os_agent_t *this;
++	imv_agent_t *agent;
++
++	agent = imv_agent_create(name, msg_types, countof(msg_types), id,
++							 actual_version);
++	if (!agent)
++	{
++		return NULL;
++	}
+ 
+ 	INIT(this,
+ 		.public = {
+@@ -790,16 +798,10 @@ imv_agent_if_t *imv_os_agent_create(cons
+ 			.solicit_recommendation = _solicit_recommendation,
+ 			.destroy = _destroy,
+ 		},
+-		.agent = imv_agent_create(name, msg_types, countof(msg_types), id,
+-								 actual_version),
++		.agent = agent,
+ 		.db = imv_os_database_create(imcv_db),
+ 	);
+ 
+-	if (!this->agent)
+-	{
+-		destroy(this);
+-		return NULL;
+-	}
+ 	return &this->public;
+ }
+ 
+diff -urNp strongswan-5.1.0/src/libimcv/plugins/imv_test/imv_test_agent.c strongswan-5.1.0-test/src/libimcv/plugins/imv_test/imv_test_agent.c
+--- strongswan-5.1.0/src/libimcv/plugins/imv_test/imv_test_agent.c	2013-06-21 17:27:07.000000000 -0400
++++ strongswan-5.1.0-test/src/libimcv/plugins/imv_test/imv_test_agent.c	2013-09-11 15:39:04.263741942 -0400
+@@ -296,6 +296,14 @@ imv_agent_if_t *imv_test_agent_create(co
+ 									  TNC_Version *actual_version)
+ {
+ 	private_imv_test_agent_t *this;
++	imv_agent_t *agent;
++
++	agent = imv_agent_create(name, msg_types, countof(msg_types), id,
++							 actual_version);
++	if (!agent)
++	{
++		return NULL;
++	}
+ 
+ 	INIT(this,
+ 		.public = {
+@@ -307,15 +315,9 @@ imv_agent_if_t *imv_test_agent_create(co
+ 			.solicit_recommendation = _solicit_recommendation,
+ 			.destroy = _destroy,
+ 		},
+-		.agent = imv_agent_create(name, msg_types, countof(msg_types), id,
+-								  actual_version),
++		.agent = agent,
+ 	);
+ 
+-	if (!this->agent)
+-	{
+-		destroy(this);
+-		return NULL;
+-	}
+ 	return &this->public;
+ }
+ 
+diff -urNp strongswan-5.1.0/src/libpts/plugins/imc_attestation/imc_attestation.c strongswan-5.1.0-test/src/libpts/plugins/imc_attestation/imc_attestation.c
+--- strongswan-5.1.0/src/libpts/plugins/imc_attestation/imc_attestation.c	2013-05-14 05:16:46.000000000 -0400
++++ strongswan-5.1.0-test/src/libpts/plugins/imc_attestation/imc_attestation.c	2013-09-11 15:39:04.264741942 -0400
+@@ -71,11 +71,6 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID
+ 		DBG1(DBG_IMC, "IMC \"%s\" has already been initialized", imc_name);
+ 		return TNC_RESULT_ALREADY_INITIALIZED;
+ 	}
+-	if (!pts_meas_algo_probe(&supported_algorithms) ||
+-		!pts_dh_group_probe(&supported_dh_groups))
+-	{
+-		return TNC_RESULT_FATAL;
+-	}
+ 	imc_attestation = imc_agent_create(imc_name, msg_types, countof(msg_types),
+ 									   imc_id, actual_version);
+ 	if (!imc_attestation)
+@@ -83,6 +78,13 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID
+ 		return TNC_RESULT_FATAL;
+ 	}
+ 
++	if (!pts_meas_algo_probe(&supported_algorithms) ||
++		!pts_dh_group_probe(&supported_dh_groups))
++	{
++		imc_attestation->destroy(imc_attestation);
++		imc_attestation = NULL;
++		return TNC_RESULT_FATAL;
++	}
+ 	libpts_init();
+ 
+ 	if (min_version > TNC_IFIMC_VERSION_1 || max_version < TNC_IFIMC_VERSION_1)
+diff -urNp strongswan-5.1.0/src/libpts/plugins/imv_attestation/imv_attestation_agent.c strongswan-5.1.0-test/src/libpts/plugins/imv_attestation/imv_attestation_agent.c
+--- strongswan-5.1.0/src/libpts/plugins/imv_attestation/imv_attestation_agent.c	2013-07-10 05:00:34.000000000 -0400
++++ strongswan-5.1.0-test/src/libpts/plugins/imv_attestation/imv_attestation_agent.c	2013-09-11 15:39:04.264741942 -0400
+@@ -565,8 +565,16 @@ imv_agent_if_t *imv_attestation_agent_cr
+ 										 TNC_Version *actual_version)
+ {
+ 	private_imv_attestation_agent_t *this;
++	imv_agent_t *agent;
+ 	char *hash_alg, *dh_group, *cadir;
+ 
++	agent = imv_agent_create(name, msg_types, countof(msg_types), id,
++							 actual_version);
++	if (!agent)
++	{
++		return NULL;
++	}
++
+ 	hash_alg = lib->settings->get_str(lib->settings,
+ 					"libimcv.plugins.imv-attestation.hash_algorithm", "sha256");
+ 	dh_group = lib->settings->get_str(lib->settings,
+@@ -584,8 +592,7 @@ imv_agent_if_t *imv_attestation_agent_cr
+ 			.solicit_recommendation = _solicit_recommendation,
+ 			.destroy = _destroy,
+ 		},
+-		.agent = imv_agent_create(name, msg_types, countof(msg_types), id,
+-								  actual_version),
++		.agent = agent,
+ 		.supported_algorithms = PTS_MEAS_ALGO_NONE,
+ 		.supported_dh_groups = PTS_DH_GROUP_NONE,
+ 		.pts_credmgr = credential_manager_create(),
+@@ -595,8 +602,7 @@ imv_agent_if_t *imv_attestation_agent_cr
+ 
+ 	libpts_init();
+ 
+-	if (!this->agent ||
+-		!pts_meas_algo_probe(&this->supported_algorithms) ||
++	if (!pts_meas_algo_probe(&this->supported_algorithms) ||
+ 		!pts_dh_group_probe(&this->supported_dh_groups) ||
+ 		!pts_meas_algo_update(hash_alg, &this->supported_algorithms) ||
+ 		!pts_dh_group_update(dh_group, &this->supported_dh_groups))
+@@ -613,4 +619,3 @@ imv_agent_if_t *imv_attestation_agent_cr
+ 
+ 	return &this->public;
+ }
+-
diff --git a/strongswan.spec b/strongswan.spec
index f62adaf..a3d5772 100644
--- a/strongswan.spec
+++ b/strongswan.spec
@@ -9,7 +9,7 @@
 
 Name:           strongswan
 Version:        5.1.0
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        An OpenSource IPsec-based VPN Solution
 Group:          System Environment/Daemons
 License:        GPLv2+
@@ -19,6 +19,7 @@ Patch0:         strongswan-init.patch
 Patch1:         strongswan-pts-ecp-disable.patch
 Patch2:         libstrongswan-plugin.patch
 Patch3:         libstrongswan-settings-debug.patch
+Patch4:         imcv-initialization-crash-git-5ec08.patch
 
 BuildRequires:  gmp-devel
 BuildRequires:  libcurl-devel
@@ -79,6 +80,7 @@ implementation possessing a standard IF-IMC/IMV interface.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 echo "For migration from 4.6 to 5.0 see http://wiki.strongswan.org/projects/strongswan/wiki/CharonPlutoIKEv1" > README.Fedora
 
@@ -317,6 +319,11 @@ fi
 
 
 %changelog
+* Thu Sep 12 2013 Avesh Agarwal <avagarwa@redhat.com> - 5.1.0-3
+- Fixed initialization crash of IMV and IMC particularly
+  attestation imv/imc as libstrongswas was not getting
+  initialized.
+
 * Fri Aug 30 2013 Avesh Agarwal <avagarwa@redhat.com> - 5.1.0-2
 - Enabled fips support
 - Enabled TNC's ifmap support