Commit b8ae3637 authored by Francesco Colista's avatar Francesco Colista
parents 9b377692 140c56e4
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgdesc="Script to build Alpine Packages"
pkgname=abuild
pkgver=2.7.4
pkgver=2.8.2
pkgrel=0
url=http://git.alpinelinux.org/cgit/abuild/
source="http://git.alpinelinux.org/cgit/abuild.git/snapshot/abuild-$pkgver.tar.bz2
......@@ -37,4 +37,4 @@ package() {
install -d -m 775 -g abuild "$pkgdir"/var/cache/distfiles
}
md5sums="b39a68e836b8873307cf6617f1bfeb23 abuild-2.7.4.tar.bz2"
md5sums="77208071fdeb879cd17ec62a81bdd680 abuild-2.8.2.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-alpine-baselayout
pkgver=0.8.1
pkgver=0.8.2
pkgrel=0
pkgdesc="A web-based system administration interface for alpine-baselayout"
url="http://git.alpinelinux.org/cgit/acf-alpine-baselayout"
......@@ -15,4 +15,4 @@ package() {
make DESTDIR="$pkgdir" install
}
md5sums="b5db0e519b6254c3120efeec4175f0fd acf-alpine-baselayout-0.8.1.tar.bz2"
md5sums="3c621d2dfbafc11224139083c8be2bdc acf-alpine-baselayout-0.8.2.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-asterisk
pkgver=0.2.3
pkgrel=2
pkgver=0.3.0
pkgrel=0
pkgdesc="A web-based system administration interface for asterisk"
url="http://git.alpinelinux.org/cgit/acf-asterisk"
arch="noarch"
......@@ -20,4 +20,4 @@ package() {
}
md5sums="7ad426d23385b6bcc295a330526dcb69 acf-asterisk-0.2.3.tar.bz2"
md5sums="961ce238956562b60d264fdb45355e9f acf-asterisk-0.3.0.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-core
pkgver=0.12.0
pkgrel=2
pkgver=0.13.0
pkgrel=0
pkgdesc="A web-based system administration interface framework"
url="http://git.alpinelinux.org/cgit/acf-core"
arch="noarch"
......@@ -15,4 +15,4 @@ package() {
cd "$srcdir/$pkgname-$pkgver"
make DESTDIR="$pkgdir" install
}
md5sums="f44c74e0ceebdc953553c6dc7386f3a7 acf-core-0.12.0.tar.bz2"
md5sums="a8b37ce56333d783c1b30561c5b78027 acf-core-0.13.0.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-dansguardian
pkgver=0.3.3
pkgrel=2
pkgver=0.4.0
pkgrel=0
pkgdesc="A web-based system administration interface for dansguardian"
url="http://git.alpinelinux.org/cgit/acf-dansguardian"
arch="noarch"
......@@ -20,4 +20,4 @@ package() {
}
md5sums="2a6eae287f2e9315bd822b6a41bf41ed acf-dansguardian-0.3.3.tar.bz2"
md5sums="864ac9cbf48ad1658ca2c1c6ce471799 acf-dansguardian-0.4.0.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-dnscache
pkgver=0.2.2
pkgrel=3
pkgver=0.3.0
pkgrel=0
pkgdesc="A web-based system administration interface for dnscache"
url="http://git.alpinelinux.org/cgit/acf-dnscache"
arch="noarch"
......@@ -14,4 +14,4 @@ package() {
cd "$srcdir/$pkgname-$pkgver"
make DESTDIR="$pkgdir" install
}
md5sums="fca9c93b1ed06e1391c44fe783056a46 acf-dnscache-0.2.2.tar.bz2"
md5sums="eec8af4eb887448613626d8b08cdc456 acf-dnscache-0.3.0.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-dnsmasq
pkgver=0.2.2
pkgrel=2
pkgver=0.3.0
pkgrel=0
pkgdesc="A web-based system administration interface for dnsmasq"
url="http://git.alpinelinux.org/cgit/acf-dnsmasq"
arch="noarch"
......@@ -14,4 +14,4 @@ package() {
cd "$srcdir/$pkgname-$pkgver"
make DESTDIR="$pkgdir" install
}
md5sums="ab84c2ebab6dae6628326c8f7aefcfa6 acf-dnsmasq-0.2.2.tar.bz2"
md5sums="5c1843623c805fbf9be4dcde32049206 acf-dnsmasq-0.3.0.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-fetchmail
pkgver=0.4.2
pkgrel=2
pkgver=0.5.0
pkgrel=0
pkgdesc="A web-based system administration interface for fetchmail"
url="http://git.alpinelinux.org/cgit/acf-fetchmail"
arch="noarch"
......@@ -20,4 +20,4 @@ package() {
}
md5sums="bfa66c719cfbc6075e4773311730318b acf-fetchmail-0.4.2.tar.bz2"
md5sums="41ae8840c5d4cdceb5b21fc9e8debf1b acf-fetchmail-0.5.0.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-ipsec-tools
pkgver=0.6.1
pkgrel=2
pkgver=0.7.0
pkgrel=0
pkgdesc="A web-based system administration interface for ipsec-tools"
url="http://git.alpinelinux.org/cgit/acf-ipsec-tools"
arch="noarch"
......@@ -14,4 +14,4 @@ package() {
cd "$srcdir/$pkgname-$pkgver"
make DESTDIR="$pkgdir" install
}
md5sums="eb1c906a3691789178e118ca8809af47 acf-ipsec-tools-0.6.1.tar.bz2"
md5sums="819f891066ca94640d5b7ef3dd985296 acf-ipsec-tools-0.7.0.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-shorewall
pkgver=0.6.2
pkgrel=2
pkgver=0.7.0
pkgrel=0
pkgdesc="A web-based system administration interface for shorewall"
url="http://git.alpinelinux.org/cgit/acf-shorewall"
arch="noarch"
......@@ -14,4 +14,4 @@ package() {
cd "$srcdir/$pkgname-$pkgver"
make DESTDIR="$pkgdir" install
}
md5sums="d92c0f4ebdbe52dff156a13c08055cf9 acf-shorewall-0.6.2.tar.bz2"
md5sums="190a278c301d0b20afc512b9585148c0 acf-shorewall-0.7.0.tar.bz2"
# Contributor: Ted Trask <ttrask01@yahoo.com>
# Maintainer: Ted Trask <ttrask01@yahoo.com>
pkgname=acf-tinydns
pkgver=0.6.0
pkgrel=2
pkgver=0.7.0
pkgrel=0
pkgdesc="A web-based system administration interface for tinydns"
url="http://git.alpinelinux.org/cgit/acf-tinydns"
arch="noarch"
......@@ -14,4 +14,4 @@ package() {
cd "$srcdir/$pkgname-$pkgver"
make DESTDIR="$pkgdir" install
}
md5sums="7cb568e6960b1e13da492827d47c1fbd acf-tinydns-0.6.0.tar.bz2"
md5sums="20597fd493bd37414247abd4b1ae10ed acf-tinydns-0.7.0.tar.bz2"
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=doxygen
pkgver=1.7.3
pkgver=1.7.4
pkgrel=0
pkgdesc="A documentation system for C++, C, Java, IDL and PHP"
url="http://www.doxygen.org/"
......@@ -43,4 +43,4 @@ package() {
make DESTDIR="$pkgdir" MAN1DIR=share/man/man1 install
}
md5sums="6cc5ad566dbec5cf843dc600b1162808 doxygen-1.7.3.src.tar.gz"
md5sums="ff908759ff7cd9464424b04ae6c68e48 doxygen-1.7.4.src.tar.gz"
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=imagemagick
pkgver=6.6.8.7
pkgver=6.6.9.1
_pkgver=${pkgver%.*}-${pkgver##*.}
pkgrel=0
pkgdesc="A collection of tools and libraries for many image formats"
......@@ -48,4 +48,4 @@ dev() {
"$pkgdir"/usr/lib/ImageMagick-$_v/modules-Q16/filters/
}
md5sums="f719a8e814dd926b1c9ddd7b9ebd6e3a ImageMagick-6.6.8-7.tar.gz"
md5sums="560dbda9acb7c95672caf3cccadc8a0f ImageMagick-6.6.9-1.tar.gz"
Index: ipsec-tools-cvs-HEAD/src/racoon/racoonctl.c
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/racoonctl.c 2011-03-03 19:28:29.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/racoonctl.c 2011-03-03 19:29:42.000000000 +0200
--- ipsec-tools-cvs-HEAD.orig/src/racoon/racoonctl.c 2011-03-05 09:23:59.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/racoonctl.c 2011-03-29 22:08:43.000000000 +0300
@@ -232,7 +232,7 @@
"\n"
" <saopts>: \"isakmp\" <family> <src> <dst>\n"
......@@ -83,8 +83,8 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/racoonctl.c
if (p_port)
Index: ipsec-tools-cvs-HEAD/src/racoon/admin.c
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/admin.c 2011-03-03 19:28:29.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/admin.c 2011-03-03 21:16:47.000000000 +0200
--- ipsec-tools-cvs-HEAD.orig/src/racoon/admin.c 2011-03-05 09:23:59.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/admin.c 2011-03-30 09:41:46.000000000 +0300
@@ -444,7 +444,7 @@
/* search appropreate configuration */
......@@ -94,27 +94,18 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/admin.c
else
rmconf = getrmconf_by_name(name);
if (rmconf == NULL) {
@@ -536,6 +536,16 @@
@@ -536,6 +536,7 @@
spidx.prefs = ndx->prefd;
spidx.prefd = ndx->prefs;
spidx.ul_proto = ndx->ul_proto;
+ switch (ndx->ul_proto) {
+ case IPPROTO_ICMP:
+ case IPPROTO_ICMPV6:
+ case IPPROTO_GRE:
+ /* Ports are UL specific data, and should
+ * not get swapped */
+ set_port((struct sockaddr *) &spidx.src, extract_port(src));
+ set_port((struct sockaddr *) &spidx.dst, extract_port(dst));
+ break;
+ }
+ spidx_normalize_ulports(&spidx);
sp_in = getsp_r(&spidx);
if (sp_in) {
Index: ipsec-tools-cvs-HEAD/src/racoon/cftoken.l
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/cftoken.l 2011-03-03 19:57:26.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/cftoken.l 2011-03-04 13:07:03.000000000 +0200
--- ipsec-tools-cvs-HEAD.orig/src/racoon/cftoken.l 2011-03-05 09:23:59.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/cftoken.l 2011-03-29 22:08:43.000000000 +0300
@@ -288,6 +288,7 @@
<S_SAINF>any { YYD; return(ANY); }
<S_SAINF>from { YYD; return(FROM); }
......@@ -125,9 +116,9 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/cftoken.l
<S_SAINF>{semi} { BEGIN S_INI; return(EOS); }
Index: ipsec-tools-cvs-HEAD/src/racoon/cfparse.y
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/cfparse.y 2011-03-03 19:57:30.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/cfparse.y 2011-03-04 13:09:01.000000000 +0200
@@ -213,7 +213,7 @@
--- ipsec-tools-cvs-HEAD.orig/src/racoon/cfparse.y 2011-03-14 19:12:41.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/cfparse.y 2011-03-29 22:08:43.000000000 +0300
@@ -214,7 +214,7 @@
/* algorithm */
%token ALGORITHM_CLASS ALGORITHMTYPE STRENGTHTYPE
/* sainfo */
......@@ -136,7 +127,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/cfparse.y
/* remote */
%token REMOTE ANONYMOUS CLIENTADDR INHERIT REMOTE_ADDRESS
%token EXCHANGE_MODE EXCHANGETYPE DOI DOITYPE SITUATION SITUATIONTYPE
@@ -1301,6 +1301,35 @@
@@ -1302,6 +1302,35 @@
cur_sainfo->idsrc = $1;
cur_sainfo->iddst = $2;
}
......@@ -172,7 +163,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/cfparse.y
;
sainfo_id
: IDENTIFIERTYPE ADDRSTRING prefix port ul_proto
@@ -1667,7 +1696,7 @@
@@ -1668,7 +1697,7 @@
{
struct remoteconf *from, *new;
......@@ -183,13 +174,14 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/cfparse.y
saddr2str($4));
Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.h
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/ipsec_doi.h 2011-03-03 20:19:23.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.h 2011-03-03 20:42:35.000000000 +0200
@@ -227,6 +227,9 @@
--- ipsec-tools-cvs-HEAD.orig/src/racoon/ipsec_doi.h 2011-03-05 09:23:59.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.h 2011-03-30 09:22:13.000000000 +0300
@@ -227,6 +227,10 @@
extern int set_identifier_qual __P((vchar_t **, int, vchar_t *, int));
extern int ipsecdoi_setid2 __P((struct ph2handle *));
extern vchar_t *ipsecdoi_sockaddr2id __P((struct sockaddr *, u_int, u_int));
+extern int ipsecdoi_fixup_id_uldata __P((vchar_t *, vchar_t *, u_int16_t, u_int16_t, u_int16_t));
+extern int ipsecdoi_normalize_id_uldata __P((vchar_t *, vchar_t *));
+extern int ipsecdoi_id_has_port __P((vchar_t *));
+
extern int ipsecdoi_id2sockaddr __P((vchar_t *, struct sockaddr *,
......@@ -197,9 +189,36 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.h
extern char *ipsecdoi_id2str __P((const vchar_t *));
Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/ipsec_doi.c 2011-03-03 20:19:23.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c 2011-03-03 21:01:16.000000000 +0200
@@ -3371,6 +3371,7 @@
--- ipsec-tools-cvs-HEAD.orig/src/racoon/ipsec_doi.c 2011-03-05 09:23:59.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c 2011-03-30 16:59:49.000000000 +0300
@@ -3308,6 +3308,7 @@
const vchar_t *subnet;
const vchar_t *address;
{
+ struct in_addr *a, *b;
struct in_addr *mask;
if (address->l != sizeof(struct in_addr))
@@ -3316,12 +3317,15 @@
if (subnet->l != (sizeof(struct in_addr)*2))
return 1;
+ a = (struct in_addr*)(subnet->v);
+ b = (struct in_addr*)(address->v);
mask = (struct in_addr*)(subnet->v + sizeof(struct in_addr));
- if (mask->s_addr!=0xffffffff)
- return 1;
+ //if (mask->s_addr!=0xffffffff)
+ // return 1;
+ //return memcmp(subnet->v,address->v,address->l);
- return memcmp(subnet->v,address->v,address->l);
+ return (a->s_addr & mask->s_addr) != (b->s_addr & mask->s_addr);
}
#ifdef INET6
@@ -3371,6 +3375,7 @@
vchar_t ident_t;
vchar_t ident_s;
int result;
......@@ -207,7 +226,37 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
/* handle wildcard IDs */
@@ -3460,6 +3461,7 @@
@@ -3410,12 +3415,14 @@
if ((id_bs->type == IPSECDOI_ID_IPV4_ADDR)&&
(id_bt->type == IPSECDOI_ID_IPV4_ADDR_SUBNET)) {
+ check_ports = 1;
result = ipsecdoi_subnetisaddr_v4(&ident_t,&ident_s);
goto cmpid_result;
}
if ((id_bs->type == IPSECDOI_ID_IPV4_ADDR_SUBNET)&&
(id_bt->type == IPSECDOI_ID_IPV4_ADDR)) {
+ check_ports = 1;
result = ipsecdoi_subnetisaddr_v4(&ident_s,&ident_t);
goto cmpid_result;
}
@@ -3423,12 +3430,14 @@
#ifdef INET6
if ((id_bs->type == IPSECDOI_ID_IPV6_ADDR)&&
(id_bt->type == IPSECDOI_ID_IPV6_ADDR_SUBNET)) {
+ check_ports = 1;
result = ipsecdoi_subnetisaddr_v6(&ident_t,&ident_s);
goto cmpid_result;
}
if ((id_bs->type == IPSECDOI_ID_IPV6_ADDR_SUBNET)&&
(id_bt->type == IPSECDOI_ID_IPV6_ADDR)) {
+ check_ports = 1;
result = ipsecdoi_subnetisaddr_v6(&ident_s,&ident_t);
goto cmpid_result;
}
@@ -3460,6 +3469,7 @@
case IPSECDOI_ID_IPV4_ADDR:
/* validate lengths */
......@@ -215,7 +264,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
if ((ident_t.l != sizeof(struct in_addr))||
(ident_s.l != sizeof(struct in_addr)))
goto cmpid_invalid;
@@ -3468,6 +3470,7 @@
@@ -3468,6 +3478,7 @@
case IPSECDOI_ID_IPV4_ADDR_SUBNET:
case IPSECDOI_ID_IPV4_ADDR_RANGE:
/* validate lengths */
......@@ -223,7 +272,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
if ((ident_t.l != (sizeof(struct in_addr)*2))||
(ident_s.l != (sizeof(struct in_addr)*2)))
goto cmpid_invalid;
@@ -3476,6 +3479,7 @@
@@ -3476,6 +3487,7 @@
#ifdef INET6
case IPSECDOI_ID_IPV6_ADDR:
/* validate lengths */
......@@ -231,7 +280,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
if ((ident_t.l != sizeof(struct in6_addr))||
(ident_s.l != sizeof(struct in6_addr)))
goto cmpid_invalid;
@@ -3484,6 +3488,7 @@
@@ -3484,6 +3496,7 @@
case IPSECDOI_ID_IPV6_ADDR_SUBNET:
case IPSECDOI_ID_IPV6_ADDR_RANGE:
/* validate lengths */
......@@ -239,26 +288,29 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
if ((ident_t.l != (sizeof(struct in6_addr)*2))||
(ident_s.l != (sizeof(struct in6_addr)*2)))
goto cmpid_invalid;
@@ -3502,10 +3507,15 @@
@@ -3502,12 +3515,18 @@
}
/* validate matching data and length */
- if (ident_t.l == ident_s.l)
- result = memcmp(ident_t.v,ident_s.v,ident_t.l);
- else
+ if (check_ports &&
+ (id_bt->port != id_bs->port && id_bs->port != 0))
+ /* if target is wildcard, source should be too, otherwise
+ * specific rule matches wildcard request */
+ if (ident_t.l != ident_s.l)
result = 1;
+ else if (ident_t.l != ident_s.l)
+ result = 1;
+ else
+ result = memcmp(ident_t.v,ident_s.v,ident_t.l);
cmpid_result:
+ if (check_ports &&
+ (id_bt->port != id_bs->port && id_bs->port != 0)) {
+ /* if target is wildcard, source should be too, otherwise
+ * specific rule matches wildcard request */
+ result = 1;
+ }
@@ -4089,6 +4099,44 @@
/* debug level output */
if(loglevel >= LLV_DEBUG) {
@@ -4089,6 +4108,67 @@
return new;
}
......@@ -280,6 +332,29 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
+ return 0;
+}
+
+int ipsecdoi_normalize_id_uldata(srcid, dstid)
+ vchar_t *srcid, *dstid;
+{
+ struct ipsecdoi_id_b *src = (struct ipsecdoi_id_b *) srcid->v;
+ struct ipsecdoi_id_b *dst = (struct ipsecdoi_id_b *) dstid->v;
+ u_int16_t tmp;
+
+ if (src->proto_id != dst->proto_id)
+ return -1;
+
+ switch (src->proto_id) {
+ case IPPROTO_ICMP:
+ case IPPROTO_ICMPV6:
+ case IPPROTO_GRE:
+ tmp = src->port;
+ src->port = dst->port;
+ dst->port = tmp;
+ break;
+ }
+
+ return 0;
+}
+
+int ipsecdoi_id_has_port(id)
+ vchar_t *id;
+{
......@@ -303,7 +378,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
vchar_t *
ipsecdoi_sockrange2id(laddr, haddr, ul_proto)
struct sockaddr *laddr, *haddr;
@@ -4318,7 +4366,7 @@
@@ -4318,7 +4398,7 @@
saddr.sa.sa_len = sizeof(struct sockaddr_in);
#endif
saddr.sa.sa_family = AF_INET;
......@@ -312,7 +387,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
memcpy(&saddr.sin.sin_addr,
id->v + sizeof(*id_b), sizeof(struct in_addr));
break;
@@ -4331,7 +4379,7 @@
@@ -4331,7 +4411,7 @@
saddr.sa.sa_len = sizeof(struct sockaddr_in6);
#endif
saddr.sa.sa_family = AF_INET6;
......@@ -321,7 +396,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
memcpy(&saddr.sin6.sin6_addr,
id->v + sizeof(*id_b), sizeof(struct in6_addr));
saddr.sin6.sin6_scope_id =
@@ -4347,7 +4395,7 @@
@@ -4347,7 +4427,7 @@
#ifdef INET6
case IPSECDOI_ID_IPV6_ADDR:
#endif
......@@ -330,7 +405,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
break;
case IPSECDOI_ID_IPV4_ADDR_SUBNET:
@@ -4403,7 +4451,9 @@
@@ -4403,7 +4483,9 @@
plen += l;
}
......@@ -341,7 +416,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
}
break;
@@ -4415,12 +4465,12 @@
@@ -4415,12 +4497,12 @@
saddr.sa.sa_len = sizeof(struct sockaddr_in);
#endif
saddr.sa.sa_family = AF_INET;
......@@ -356,7 +431,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
break;
#ifdef INET6
@@ -4431,7 +4481,7 @@
@@ -4431,7 +4513,7 @@
saddr.sa.sa_len = sizeof(struct sockaddr_in6);
#endif
saddr.sa.sa_family = AF_INET6;
......@@ -365,7 +440,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
memcpy(&saddr.sin6.sin6_addr,
id->v + sizeof(*id_b) + sizeof(struct in6_addr),
sizeof(struct in6_addr));
@@ -4440,7 +4490,7 @@
@@ -4440,7 +4522,7 @@
? ((struct sockaddr_in6 *)id_b)->sin6_scope_id
: 0);
......@@ -376,8 +451,8 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/ipsec_doi.c
Index: ipsec-tools-cvs-HEAD/src/racoon/sainfo.c
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/sainfo.c 2011-03-03 20:07:44.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/sainfo.c 2011-03-03 20:55:02.000000000 +0200
--- ipsec-tools-cvs-HEAD.orig/src/racoon/sainfo.c 2011-03-05 09:23:59.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/sainfo.c 2011-03-29 22:08:44.000000000 +0300
@@ -124,7 +124,7 @@
plog(LLV_DEBUG, LOCATION, NULL,
"evaluating sainfo: %s\n", sainfostr);
......@@ -416,9 +491,9 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/sainfo.c
}
Index: ipsec-tools-cvs-HEAD/src/racoon/isakmp.c
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/isakmp.c 2011-03-03 20:55:57.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/isakmp.c 2011-03-03 21:14:13.000000000 +0200
@@ -2170,7 +2170,15 @@
--- ipsec-tools-cvs-HEAD.orig/src/racoon/isakmp.c 2011-03-14 19:18:12.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/isakmp.c 2011-03-30 09:41:46.000000000 +0300
@@ -2173,7 +2173,15 @@
* so no need to bother yet. --arno */
if (iph1hint == NULL || iph1hint->rmconf == NULL) {
......@@ -435,7 +510,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/isakmp.c
if (rmconf == NULL) {
plog(LLV_ERROR, LOCATION, NULL,
"no configuration found for %s.\n",
@@ -2246,7 +2254,7 @@
@@ -2249,7 +2257,7 @@
struct secpolicy *sp_out, *sp_in;
{
struct remoteconf *conf;
......@@ -444,7 +519,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/isakmp.c
plog(LLV_DEBUG, LOCATION, NULL,
"new acquire %s\n", spidx2str(&sp_out->spidx));
@@ -2273,7 +2281,7 @@
@@ -2276,7 +2284,7 @@
return -1;
}
......@@ -453,10 +528,27 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/isakmp.c
if (conf != NULL)
remoteid = conf->ph1id;
else
@@ -3582,6 +3590,8 @@
#undef _XIDT
+ spidx_normalize_ulports(&spidx);
+
plog(LLV_DEBUG, LOCATION, NULL,
"get a src address from ID payload "
"%s prefixlen=%u ul_proto=%u\n",
@@ -3654,6 +3664,7 @@
pref = spidx.prefs;
spidx.prefs = spidx.prefd;
spidx.prefd = pref;
+ spidx_normalize_ulports(&spidx);
if (pk_sendspddelete(iph2) < 0) {
plog(LLV_ERROR, LOCATION, NULL,
Index: ipsec-tools-cvs-HEAD/src/racoon/remoteconf.c
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/remoteconf.c 2011-03-03 21:06:03.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/remoteconf.c 2011-03-03 21:17:09.000000000 +0200
--- ipsec-tools-cvs-HEAD.orig/src/racoon/remoteconf.c 2011-03-14 19:12:41.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/remoteconf.c 2011-03-29 22:08:44.000000000 +0300
@@ -217,6 +217,13 @@
return MATCH_NONE;
}
......@@ -493,8 +585,8 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/remoteconf.c
plog(LLV_ERROR, LOCATION, remote,
Index: ipsec-tools-cvs-HEAD/src/racoon/remoteconf.h
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/remoteconf.h 2011-03-03 21:06:03.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/remoteconf.h 2011-03-03 21:10:53.000000000 +0200
--- ipsec-tools-cvs-HEAD.orig/src/racoon/remoteconf.h 2011-03-14 19:12:41.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/remoteconf.h 2011-03-29 22:08:44.000000000 +0300
@@ -178,6 +178,7 @@
int flags;
struct sockaddr *remote;
......@@ -520,9 +612,17 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/remoteconf.h
Index: ipsec-tools-cvs-HEAD/src/racoon/pfkey.c
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/pfkey.c 2011-03-03 21:14:45.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/pfkey.c 2011-03-03 21:16:17.000000000 +0200
@@ -2898,7 +2898,7 @@
--- ipsec-tools-cvs-HEAD.orig/src/racoon/pfkey.c 2011-03-14 19:18:13.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/racoon/pfkey.c 2011-03-30 08:21:09.000000000 +0300
@@ -1886,6 +1886,7 @@
spidx.prefs = sp_out->spidx.prefd;
spidx.prefd = sp_out->spidx.prefs;
spidx.ul_proto = sp_out->spidx.ul_proto;
+ spidx_normalize_ulports(&spidx);
#ifdef HAVE_SECCTX
if (m_sec_ctx) {
@@ -2898,7 +2899,7 @@
/* If we are not acting as initiator, let's just leave and
* let the remote peer handle the restart */
......@@ -531,7 +631,7 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/pfkey.c
if (rmconf == NULL || !rmconf->passive) {
iph1->status = PHASE1ST_EXPIRED;
sched_schedule(&iph1->sce, 1, isakmp_ph1delete_stub);
@@ -3068,8 +3068,10 @@
@@ -3068,8 +3069,10 @@
if (iph2->ph1 && iph2->ph1->rmconf)
rmconf = iph2->ph1->rmconf;
......@@ -545,8 +645,8 @@ Index: ipsec-tools-cvs-HEAD/src/racoon/pfkey.c
struct ph1handle *iph1hint;
Index: ipsec-tools-cvs-HEAD/src/setkey/setkey.8
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/setkey/setkey.8 2011-03-04 11:48:30.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/setkey/setkey.8 2011-03-04 11:48:56.000000000 +0200
--- ipsec-tools-cvs-HEAD.orig/src/setkey/setkey.8 2011-03-05 09:23:59.000000000 +0200
+++ ipsec-tools-cvs-HEAD/src/setkey/setkey.8 2011-03-29 22:08:44.000000000 +0300
@@ -453,7 +453,7 @@
.Pp
A second example of requiring transport mode encryption of specific
......@@ -558,8 +658,8 @@ Index: ipsec-tools-cvs-HEAD/src/setkey/setkey.8
.Ar upperspec
Index: ipsec-tools-cvs-HEAD/src/racoon/racoon.conf.5
===================================================================
--- ipsec-tools-cvs-HEAD.orig/src/racoon/racoon.conf.5 2011-03-04 11:57:36.000000000 +0200