rpms-fedora-extras/strongswan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/el6'

Browse Source 
Conflicts:
	.gitignore
	libstrongswan-plugin.patch
	libstrongswan-settings-debug.patch
	sources
	strongswan-init.patch
	strongswan-pts-ecp-disable.patch
	strongswan.spec
This commit is contained in:
Pavel Šimerda
2014-01-07 15:41:33 +01:00
parent e7d4f90452 12770476b6
commit b5963e1653
5 changed files with 109 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
libimcv-attestatiom-imv-crash.patch Normal file
View File

@@ -0,0 +1,27 @@
diff -urNp strongswan-5.0.4-patched/src/libpts/plugins/imv_attestation/imv_attestation.c strongswan-5.0.4-current/src/libpts/plugins/imv_attestation/imv_attestation.c
--- strongswan-5.0.4-patched/src/libpts/plugins/imv_attestation/imv_attestation.c 2013-05-01 15:50:51.331560749 -0400
+++ strongswan-5.0.4-current/src/libpts/plugins/imv_attestation/imv_attestation.c 2013-06-28 11:10:30.703893643 -0400
@@ -90,11 +90,6 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID
DBG1(DBG_IMV, "IMV \"%s\" has already been initialized", imv_name);
return TNC_RESULT_ALREADY_INITIALIZED;
}
- if (!pts_meas_algo_probe(&supported_algorithms) ||
- !pts_dh_group_probe(&supported_dh_groups))
- {
- return TNC_RESULT_FATAL;
- }
imv_attestation = imv_agent_create(imv_name, msg_types, countof(msg_types),
imv_id, actual_version);
if (!imv_attestation)
@@ -104,6 +99,11 @@ TNC_Result TNC_IMV_Initialize(TNC_IMVID
libpts_init();
+ if (!pts_meas_algo_probe(&supported_algorithms) ||
+ !pts_dh_group_probe(&supported_dh_groups))
+ {
+ return TNC_RESULT_FATAL;
+ }
if (min_version > TNC_IFIMV_VERSION_1 || max_version < TNC_IFIMV_VERSION_1)
{
DBG1(DBG_IMV, "no common IF-IMV version");

25
strongswan-Change-ipsec-scepclient-to-strongswan-scepclient.patch Normal file
View File

@@ -0,0 +1,25 @@
From c282e8fa3c55a9d0046a3119d7b2a3fe07d83c37 Mon Sep 17 00:00:00 2001
From: Jamie Nguyen <j@jamielinux.com>
Date: Mon, 15 Jul 2013 22:31:34 +0100
Subject: [PATCH] Change 'ipsec scepclient' to 'strongswan scepclent'
---
src/starter/starter.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/starter/starter.c b/src/starter/starter.c
index 917e52d..868b224 100644
--- a/src/starter/starter.c
+++ b/src/starter/starter.c
@@ -293,7 +293,7 @@ static void generate_selfcert()
#endif
setegid(gid);
seteuid(uid);
- ignore_result(system("ipsec scepclient --out pkcs1 --out cert-self --quiet"));
+ ignore_result(system("strongswan scepclient --out pkcs1 --out cert-self --quiet"));
seteuid(0);
setegid(0);
--
1.8.3.1

25
strongswan-Change-ipsec-updown-to-strongswan-updown.patch Normal file
View File

@@ -0,0 +1,25 @@
From daa81c04068956ff34fb0efb72956401969a8d9b Mon Sep 17 00:00:00 2001
From: Jamie Nguyen <j@jamielinux.com>
Date: Mon, 15 Jul 2013 13:42:14 +0100
Subject: [PATCH] Change 'ipsec _updown' to 'strongswan _updown'
---
src/starter/confread.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/starter/confread.c b/src/starter/confread.c
index f0f05b0..ffd44c0 100644
--- a/src/starter/confread.c
+++ b/src/starter/confread.c
@@ -38,7 +38,7 @@
static const char ike_defaults[] = "aes128-sha1-modp2048,3des-sha1-modp1536";
static const char esp_defaults[] = "aes128-sha1,3des-sha1";
-static const char firewall_defaults[] = "ipsec _updown iptables";
+static const char firewall_defaults[] = "strongswan _updown iptables";
static bool daemon_exists(char *daemon, char *path)
{
--
1.8.3.1

26
strongswan.git-71d740cac68f83c77d981368a4c041eb620310ed.patch Normal file
View File

@@ -0,0 +1,26 @@
From 71d740cac68f83c77d981368a4c041eb620310ed Mon Sep 17 00:00:00 2001
From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Fri, 24 May 2013 12:56:21 +0200
Subject: [PATCH] Make plugins in standalone libimcv configurable
---
src/libimcv/imcv.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/src/libimcv/imcv.c b/src/libimcv/imcv.c
index 6cee0ad..f9ecf79 100644
--- a/src/libimcv/imcv.c
+++ b/src/libimcv/imcv.c
@@ -118,7 +118,8 @@ bool libimcv_init(void)
openlog("imcv", 0, LOG_DAEMON);
if (!lib->plugins->load(lib->plugins, NULL,
- "sha1 sha2 random nonce gmp pubkey x509"))
+ lib->settings->get_str(lib->settings, "libimcv.load",
+ "random nonce gmp pubkey x509")))
{
library_deinit();
return FALSE;
--
1.7.4.1

6
strongswan.spec
View File

@@ -192,6 +192,12 @@ fi
%else %else
%endif %endif
# Create ipsec.d directory tree.
install -d -m 700 %{buildroot}%{_sysconfdir}/%{name}/ipsec.d
for i in aacerts acerts certs cacerts crls ocspcerts private reqs; do
install -d -m 700 %{buildroot}%{_sysconfdir}/%{name}/ipsec.d/${i}
done
%files %files
%doc README README.Fedora COPYING NEWS TODO %doc README README.Fedora COPYING NEWS TODO