kissbac
/
packages
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

strongswan: fix IKEv1 support 

Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth 9 years ago
parent
bfb8077f1c
commit
7e68031372
2 changed files with 49 additions and 1 deletions
Split View Show Diff Stats
  1. 1
    1
      net/strongswan/Makefile
  2. 48
    0
      net/strongswan/patches/001-ikev1-fix.patch

+ 1
- 1
net/strongswan/Makefile View File 

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
9 9
10 10 
 PKG_NAME:=strongswan
11 11 
 PKG_VERSION:=5.2.2
12 
-PKG_RELEASE:=1
12 
+PKG_RELEASE:=2
13 13
14 14 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
15 15 
 PKG_SOURCE_URL:=http://download.strongswan.org/ http://download2.strongswan.org/

+ 48
- 0
net/strongswan/patches/001-ikev1-fix.patch View File 

@@ -0,0 +1,48 @@
1 
+From 627f870ee6256b4b2e36e9ca768fc578febbccef Mon Sep 17 00:00:00 2001
2 
+From: Tobias Brunner <tobias@strongswan.org>
3 
+Date: Tue, 10 Feb 2015 19:03:44 +0100
4 
+Subject: [PATCH] ikev1: Set protocol ID and SPIs in INITIAL-CONTACT
5 
+ notification payloads
6 
+
7 
+The payload we sent before is not compliant with RFC 2407 and thus some
8 
+peers might abort negotiation (e.g. with an INVALID-PROTOCOL-ID error).
9 
+---
10 
+ src/libcharon/sa/ikev1/tasks/main_mode.c | 15 +++++++++++++--
11 
+ 1 file changed, 13 insertions(+), 2 deletions(-)
12 
+
13 
+diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c
14 
+index 5065e70ffc25..3ea4a2a85e4f 100644
15 
+--- a/src/libcharon/sa/ikev1/tasks/main_mode.c
16 
++++ b/src/libcharon/sa/ikev1/tasks/main_mode.c
17 
+@@ -213,6 +213,10 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
18 
+ {
19 
+ 	identification_t *idr;
20 
+ 	host_t *host;
21 
++	notify_payload_t *notify;
22 
++	ike_sa_id_t *ike_sa_id;
23 
++	u_int64_t spi_i, spi_r;
24 
++	chunk_t spi;
25 
+
26 
+ 	idr = this->ph1->get_id(this->ph1, this->peer_cfg, FALSE);
27 
+ 	if (idr && !idr->contains_wildcards(idr))
28 
+@@ -224,8 +228,15 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
29 
+ 			if (!charon->ike_sa_manager->has_contact(charon->ike_sa_manager,
30 
+ 										idi, idr, host->get_family(host)))
31 
+ 			{
32 
+-				message->add_notify(message, FALSE, INITIAL_CONTACT_IKEV1,
33 
+-									chunk_empty);
34 
++				notify = notify_payload_create_from_protocol_and_type(
35 
++								PLV1_NOTIFY, PROTO_IKE, INITIAL_CONTACT_IKEV1);
36 
++				ike_sa_id = this->ike_sa->get_id(this->ike_sa);
37 
++				spi_i = ike_sa_id->get_initiator_spi(ike_sa_id);
38 
++				spi_r = ike_sa_id->get_responder_spi(ike_sa_id);
39 
++				spi = chunk_cata("cc", chunk_from_thing(spi_i),
40 
++								 chunk_from_thing(spi_r));
41 
++				notify->set_spi_data(notify, spi);
42 
++				message->add_payload(message, (payload_t*)notify);
43 
+ 			}
44 
+ 		}
45 
+ 	}
46 
+--
47 
+1.9.1
48 
+