summaryrefslogtreecommitdiffstats
path: root/package/isakmpd
diff options
context:
space:
mode:
Diffstat (limited to 'package/isakmpd')
-rw-r--r--package/isakmpd/patches/010-debian_3.patch145
-rw-r--r--package/isakmpd/patches/020-standardize.patch92
-rw-r--r--package/isakmpd/patches/030-openssl_hashes.patch57
-rw-r--r--package/isakmpd/patches/040-security_fix.patch12
-rw-r--r--package/isakmpd/patches/050-ar_cross.patch7
5 files changed, 185 insertions, 128 deletions
diff --git a/package/isakmpd/patches/010-debian_3.patch b/package/isakmpd/patches/010-debian_3.patch
index 551ae1ffc..0f50cf9c0 100644
--- a/package/isakmpd/patches/010-debian_3.patch
+++ b/package/isakmpd/patches/010-debian_3.patch
@@ -1,5 +1,7 @@
---- isakmpd-20041012.orig/dpd.c
-+++ isakmpd-20041012/dpd.c
+Index: isakmpd-20041012.orig/dpd.c
+===================================================================
+--- isakmpd-20041012.orig.orig/dpd.c 2007-06-04 13:22:39.088912864 +0200
++++ isakmpd-20041012.orig/dpd.c 2007-06-04 13:22:39.282883376 +0200
@@ -26,6 +26,7 @@
#include <sys/types.h>
@@ -24,8 +26,10 @@
}
if (!sa->dpd_event)
log_print("dpd_timer_reset: timer_add_event failed");
---- isakmpd-20041012.orig/ipsec.c
-+++ isakmpd-20041012/ipsec.c
+Index: isakmpd-20041012.orig/ipsec.c
+===================================================================
+--- isakmpd-20041012.orig.orig/ipsec.c 2007-06-04 13:22:39.093912104 +0200
++++ isakmpd-20041012.orig/ipsec.c 2007-06-04 13:22:39.283883224 +0200
@@ -1020,6 +1020,52 @@
}
}
@@ -99,8 +103,10 @@
type = conf_get_str(section, "ID-type");
if (!type) {
---- isakmpd-20041012.orig/GNUmakefile
-+++ isakmpd-20041012/GNUmakefile
+Index: isakmpd-20041012.orig/GNUmakefile
+===================================================================
+--- isakmpd-20041012.orig.orig/GNUmakefile 2007-06-04 13:22:39.099911192 +0200
++++ isakmpd-20041012.orig/GNUmakefile 2007-06-04 13:22:39.283883224 +0200
@@ -40,12 +40,12 @@
# integrated, freebsd/netbsd means FreeBSD/NetBSD with KAME IPsec.
# darwin means MacOS X 10.2 and later with KAME IPsec. linux means Linux-2.5
@@ -157,8 +163,10 @@
CFLAGS+= ${IPSEC_CFLAGS}
LDADD+= ${DESLIB}
DPADD+= ${DESLIBDEP}
---- isakmpd-20041012.orig/exchange.h
-+++ isakmpd-20041012/exchange.h
+Index: isakmpd-20041012.orig/exchange.h
+===================================================================
+--- isakmpd-20041012.orig.orig/exchange.h 2007-06-04 13:22:39.104910432 +0200
++++ isakmpd-20041012.orig/exchange.h 2007-06-04 13:22:39.283883224 +0200
@@ -221,6 +221,8 @@
#define EXCHANGE_FLAG_NAT_T_ENABLE 0x10 /* We are doing NAT-T. */
#define EXCHANGE_FLAG_NAT_T_KEEPALIVE 0x20 /* We are the NAT:ed peer. */
@@ -168,8 +176,10 @@
extern int exchange_add_certs(struct message *);
extern void exchange_finalize(struct message *);
---- isakmpd-20041012.orig/log.c
-+++ isakmpd-20041012/log.c
+Index: isakmpd-20041012.orig/log.c
+===================================================================
+--- isakmpd-20041012.orig.orig/log.c 2007-06-04 13:22:39.110909520 +0200
++++ isakmpd-20041012.orig/log.c 2007-06-04 13:22:39.284883072 +0200
@@ -79,7 +79,6 @@
struct packhdr {
@@ -237,8 +247,10 @@
sum = 0;
for (i = 0; i < hdrlen; i += 2)
---- isakmpd-20041012.orig/nat_traversal.c
-+++ isakmpd-20041012/nat_traversal.c
+Index: isakmpd-20041012.orig/nat_traversal.c
+===================================================================
+--- isakmpd-20041012.orig.orig/nat_traversal.c 2007-06-04 13:22:39.115908760 +0200
++++ isakmpd-20041012.orig/nat_traversal.c 2007-06-04 13:22:39.284883072 +0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: nat_traversal.c,v 1.7 2004/08/08 19:11:06 deraadt Exp $ */
+/* $OpenBSD: nat_traversal.c,v 1.17 2006/06/14 14:03:33 hshoexer Exp $ */
@@ -583,8 +595,10 @@
return 1;
hbuf = nat_t_generate_nat_d_hash(msg, sa, &hbuflen);
---- isakmpd-20041012.orig/udp_encap.c
-+++ isakmpd-20041012/udp_encap.c
+Index: isakmpd-20041012.orig/udp_encap.c
+===================================================================
+--- isakmpd-20041012.orig.orig/udp_encap.c 2007-06-04 13:22:39.121907848 +0200
++++ isakmpd-20041012.orig/udp_encap.c 2007-06-04 13:22:39.284883072 +0200
@@ -61,6 +61,11 @@
#define UDP_SIZE 65536
@@ -616,16 +630,20 @@
/* Wildcard address ? */
switch (laddr->sa_family) {
case AF_INET:
---- isakmpd-20041012.orig/apps/Makefile
-+++ isakmpd-20041012/apps/Makefile
+Index: isakmpd-20041012.orig/apps/Makefile
+===================================================================
+--- isakmpd-20041012.orig.orig/apps/Makefile 2007-06-04 13:22:39.126907088 +0200
++++ isakmpd-20041012.orig/apps/Makefile 2007-06-04 13:22:39.285882920 +0200
@@ -31,4 +31,4 @@
SUBDIR= certpatch
-.include <bsd.subdir.mk>
+#.include <bsd.subdir.mk>
---- isakmpd-20041012.orig/apps/certpatch/GNUmakefile
-+++ isakmpd-20041012/apps/certpatch/GNUmakefile
+Index: isakmpd-20041012.orig/apps/certpatch/GNUmakefile
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ isakmpd-20041012.orig/apps/certpatch/GNUmakefile 2007-06-04 13:22:39.285882920 +0200
@@ -0,0 +1,55 @@
+# $OpenBSD: Makefile,v 1.7 2003/06/03 14:35:00 ho Exp $
+# $EOM: Makefile,v 1.6 2000/03/28 21:22:06 ho Exp $
@@ -682,8 +700,10 @@
+
+clean:
+ rm -f ${PROG}
---- isakmpd-20041012.orig/pf_key_v2.c
-+++ isakmpd-20041012/pf_key_v2.c
+Index: isakmpd-20041012.orig/pf_key_v2.c
+===================================================================
+--- isakmpd-20041012.orig.orig/pf_key_v2.c 2007-06-04 13:22:39.137905416 +0200
++++ isakmpd-20041012.orig/pf_key_v2.c 2007-06-04 13:22:39.287882616 +0200
@@ -1055,6 +1055,10 @@
#endif
#if defined (USE_NAT_TRAVERSAL) && defined (SADB_X_EXT_UDPENCAP)
@@ -800,8 +820,10 @@
msg.sadb_msg_satype = SADB_SATYPE_UNSPEC;
msg.sadb_msg_seq = 0;
flow = pf_key_v2_msg_new(&msg, 0);
---- isakmpd-20041012.orig/isakmp_num.cst
-+++ isakmpd-20041012/isakmp_num.cst
+Index: isakmpd-20041012.orig/isakmp_num.cst
+===================================================================
+--- isakmpd-20041012.orig.orig/isakmp_num.cst 2007-06-04 13:22:39.143904504 +0200
++++ isakmpd-20041012.orig/isakmp_num.cst 2007-06-04 13:22:39.287882616 +0200
@@ -57,15 +57,18 @@
KD 17 # RFC 3547, Key Download
SEQ 18 # RFC 3547, Sequence Number
@@ -824,8 +846,10 @@
.
# ISAKMP exchange types.
---- isakmpd-20041012.orig/ipsec_num.cst
-+++ isakmpd-20041012/ipsec_num.cst
+Index: isakmpd-20041012.orig/ipsec_num.cst
+===================================================================
+--- isakmpd-20041012.orig.orig/ipsec_num.cst 2007-06-04 13:22:39.149903592 +0200
++++ isakmpd-20041012.orig/ipsec_num.cst 2007-06-04 13:22:39.287882616 +0200
@@ -62,10 +62,10 @@
IPSEC_ENCAP
TUNNEL 1
@@ -841,8 +865,10 @@
.
# IPSEC authentication algorithm.
---- isakmpd-20041012.orig/nat_traversal.h
-+++ isakmpd-20041012/nat_traversal.h
+Index: isakmpd-20041012.orig/nat_traversal.h
+===================================================================
+--- isakmpd-20041012.orig.orig/nat_traversal.h 2007-06-04 13:22:39.154902832 +0200
++++ isakmpd-20041012.orig/nat_traversal.h 2007-06-04 13:22:39.287882616 +0200
@@ -1,4 +1,4 @@
-/* $OpenBSD: nat_traversal.h,v 1.2 2004/06/21 23:27:10 ho Exp $ */
+/* $OpenBSD: nat_traversal.h,v 1.4 2005/07/25 15:03:47 hshoexer Exp $ */
@@ -874,8 +900,10 @@
void nat_t_init(void);
int nat_t_add_vendor_payloads(struct message *);
void nat_t_check_vendor_payload(struct message *, struct payload *);
---- isakmpd-20041012.orig/message.c
-+++ isakmpd-20041012/message.c
+Index: isakmpd-20041012.orig/message.c
+===================================================================
+--- isakmpd-20041012.orig.orig/message.c 2007-06-04 13:22:39.160901920 +0200
++++ isakmpd-20041012.orig/message.c 2007-06-04 13:22:39.288882464 +0200
@@ -112,6 +112,7 @@
message_validate_hash, message_validate_sig, message_validate_nonce,
message_validate_notify, message_validate_delete,
@@ -925,8 +953,10 @@
return ISAKMP_NAT_OA_SZ;
#endif
/* Not yet supported and any other unknown payloads. */
---- isakmpd-20041012.orig/policy.c
-+++ isakmpd-20041012/policy.c
+Index: isakmpd-20041012.orig/policy.c
+===================================================================
+--- isakmpd-20041012.orig.orig/policy.c 2007-06-04 13:22:39.165901160 +0200
++++ isakmpd-20041012.orig/policy.c 2007-06-04 13:22:39.289882312 +0200
@@ -511,7 +511,10 @@
break;
}
@@ -964,8 +994,10 @@
/* Get policy file from configuration. */
policy_file = conf_get_str("General", "Policy-file");
if (!policy_file)
---- isakmpd-20041012.orig/ike_phase_1.c
-+++ isakmpd-20041012/ike_phase_1.c
+Index: isakmpd-20041012.orig/ike_phase_1.c
+===================================================================
+--- isakmpd-20041012.orig.orig/ike_phase_1.c 2007-06-04 13:22:39.170900400 +0200
++++ isakmpd-20041012.orig/ike_phase_1.c 2007-06-04 13:22:39.290882160 +0200
@@ -1040,9 +1040,9 @@
/* Compare expected/desired and received remote ID */
@@ -978,8 +1010,10 @@
return -1;
}
free(rid);
---- isakmpd-20041012.orig/x509.c
-+++ isakmpd-20041012/x509.c
+Index: isakmpd-20041012.orig/x509.c
+===================================================================
+--- isakmpd-20041012.orig.orig/x509.c 2007-06-04 13:22:39.176899488 +0200
++++ isakmpd-20041012.orig/x509.c 2007-06-04 13:22:39.290882160 +0200
@@ -910,7 +910,11 @@
X509_STORE_CTX_init(&csc, x509_cas, cert, NULL);
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
@@ -992,8 +1026,10 @@
X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK);
X509_STORE_CTX_set_flags(&csc, X509_V_FLAG_CRL_CHECK_ALL);
}
---- isakmpd-20041012.orig/sysdep/linux/sysdep.c
-+++ isakmpd-20041012/sysdep/linux/sysdep.c
+Index: isakmpd-20041012.orig/sysdep/linux/sysdep.c
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/linux/sysdep.c 2007-06-04 13:22:39.182898576 +0200
++++ isakmpd-20041012.orig/sysdep/linux/sysdep.c 2007-06-04 13:22:39.291882008 +0200
@@ -169,22 +169,22 @@
return 0;
@@ -1026,8 +1062,10 @@
return -1;
}
return 0;
---- isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep
-+++ isakmpd-20041012/sysdep/linux/GNUmakefile.sysdep
+Index: isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.187897816 +0200
++++ isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.291882008 +0200
@@ -33,13 +33,13 @@
LDADD+= -lgmp ${LIBSYSDEP} ${LIBCRYPTO}
DPADD+= ${LIBGMP} ${LIBSYSDEP}
@@ -1055,8 +1093,10 @@
CFLAGS="${CFLAGS}" MKDEP="${MKDEP}" ${MAKECMDGOALS}
ifeq ($(findstring clean,$(MAKECMDGOALS)),clean)
---- isakmpd-20041012.orig/sysdep/linux/include/bitstring.h
-+++ isakmpd-20041012/sysdep/linux/include/bitstring.h
+Index: isakmpd-20041012.orig/sysdep/linux/include/bitstring.h
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ isakmpd-20041012.orig/sysdep/linux/include/bitstring.h 2007-06-04 13:22:39.291882008 +0200
@@ -0,0 +1,132 @@
+/* $OpenBSD: bitstring.h,v 1.4 2002/06/19 02:50:10 millert Exp $ */
+/* $NetBSD: bitstring.h,v 1.5 1997/05/14 15:49:55 pk Exp $ */
@@ -1190,8 +1230,10 @@
+} while(0)
+
+#endif /* !_BITSTRING_H_ */
---- isakmpd-20041012.orig/sysdep/linux/include/sys/queue.h
-+++ isakmpd-20041012/sysdep/linux/include/sys/queue.h
+Index: isakmpd-20041012.orig/sysdep/linux/include/sys/queue.h
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ isakmpd-20041012.orig/sysdep/linux/include/sys/queue.h 2007-06-04 13:22:39.292881856 +0200
@@ -0,0 +1,453 @@
+/*
+ * Copyright (c) 1991, 1993
@@ -1646,8 +1688,10 @@
+#endif /* _KERNEL */
+
+#endif /* !_SYS_QUEUE_H_ */
---- isakmpd-20041012.orig/sysdep/common/pcap.h
-+++ isakmpd-20041012/sysdep/common/pcap.h
+Index: isakmpd-20041012.orig/sysdep/common/pcap.h
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/common/pcap.h 2007-06-04 13:22:39.203895384 +0200
++++ isakmpd-20041012.orig/sysdep/common/pcap.h 2007-06-04 13:22:39.292881856 +0200
@@ -55,8 +55,13 @@
u_int32_t linktype; /* data link type (DLT_*) */
};
@@ -1663,8 +1707,10 @@
u_int32_t caplen; /* length of portion present */
u_int32_t len; /* length this packet (off wire) */
};
---- isakmpd-20041012.orig/sysdep/common/libsysdep/arc4random.c
-+++ isakmpd-20041012/sysdep/common/libsysdep/arc4random.c
+Index: isakmpd-20041012.orig/sysdep/common/libsysdep/arc4random.c
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/arc4random.c 2007-06-04 13:22:39.211894168 +0200
++++ isakmpd-20041012.orig/sysdep/common/libsysdep/arc4random.c 2007-06-04 13:22:39.292881856 +0200
@@ -78,7 +78,7 @@
static void
arc4_stir(struct arc4_stream *as)
@@ -1674,8 +1720,10 @@
struct {
struct timeval tv;
u_int8_t rnd[128 - sizeof(struct timeval)];
---- isakmpd-20041012.orig/x509v3.cnf
-+++ isakmpd-20041012/x509v3.cnf
+Index: isakmpd-20041012.orig/x509v3.cnf
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ isakmpd-20041012.orig/x509v3.cnf 2007-06-04 13:22:39.293881704 +0200
@@ -0,0 +1,26 @@
+# default settings
+CERTPATHLEN = 1
@@ -1703,4 +1751,3 @@
+# The address must be provided in the CERTFQDN environment variable
+[x509v3_FQDN]
+subjectAltName=DNS:$ENV::CERTFQDN
-
diff --git a/package/isakmpd/patches/020-standardize.patch b/package/isakmpd/patches/020-standardize.patch
index d6c5e87b5..435782b63 100644
--- a/package/isakmpd/patches/020-standardize.patch
+++ b/package/isakmpd/patches/020-standardize.patch
@@ -1,7 +1,16 @@
-diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile
---- isakmpd/GNUmakefile 2004-01-16 13:36:32.000000000 +0100
-+++ isakmpd.new/GNUmakefile 2006-09-03 17:33:03.000000000 +0200
-@@ -238,3 +238,16 @@
+Index: isakmpd-20041012.orig/GNUmakefile
+===================================================================
+--- isakmpd-20041012.orig.orig/GNUmakefile 2007-06-04 13:22:39.283883224 +0200
++++ isakmpd-20041012.orig/GNUmakefile 2007-06-04 13:22:39.722816496 +0200
+@@ -168,7 +168,6 @@
+ X509= x509.c
+ CFLAGS+= -DUSE_LIBCRYPTO
+ LDADD+= -lcrypto
+-DPADD+= ${LIBCRYPTO}
+ endif
+
+ ifdef USE_RAWKEY
+@@ -242,3 +241,16 @@
realcleandepend:
rm -f .depend tags
@@ -18,9 +27,10 @@ diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile
+ $(INSTALL) $(INSTALL_OPTS) -m 444 isakmpd.8 $(DESTDIR)$(MANDIR)/man8
+ -mkdir -p $(DESTDIR)$(MANDIR)/man5
+ $(INSTALL) $(INSTALL_OPTS) -m 444 isakmpd.conf.5 isakmpd.policy.5 $(DESTDIR)$(MANDIR)/man5
-diff -urN isakmpd/samples/Makefile isakmpd.new/samples/Makefile
---- isakmpd/samples/Makefile 2003-06-03 16:39:50.000000000 +0200
-+++ isakmpd.new/samples/Makefile 2006-09-03 17:07:24.000000000 +0200
+Index: isakmpd-20041012.orig/samples/Makefile
+===================================================================
+--- isakmpd-20041012.orig.orig/samples/Makefile 2007-06-04 13:22:39.015923960 +0200
++++ isakmpd-20041012.orig/samples/Makefile 2007-06-04 13:22:39.722816496 +0200
@@ -26,7 +26,7 @@
#
@@ -30,10 +40,10 @@ diff -urN isakmpd/samples/Makefile isakmpd.new/samples/Makefile
# The mkdir below is for installation on OpenBSD pre 2.7
install:
-
-diff -urN isakmp.old/sysdep/linux/GNUmakefile.sysdep isakmp.dev/sysdep/linux/GNUmakefile.sysdep
---- isakmp.old/sysdep/linux/GNUmakefile.sysdep 2006-09-07 13:49:20.000000000 +0200
-+++ isakmp.dev/sysdep/linux/GNUmakefile.sysdep 2006-09-07 13:51:41.000000000 +0200
+Index: isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.291882008 +0200
++++ isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.722816496 +0200
@@ -25,18 +25,18 @@
# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
@@ -57,20 +67,10 @@ diff -urN isakmp.old/sysdep/linux/GNUmakefile.sysdep isakmp.dev/sysdep/linux/GNU
FEATURES= debug tripledes blowfish cast ec aggressive x509 policy
FEATURES+= dpd nat_traversal isakmp_cfg des aes
-diff -ruN isakmpd-20041012.orig/GNUmakefile isakmpd-20041012.new/GNUmakefile
---- isakmpd-20041012.orig/GNUmakefile 2006-12-16 22:41:26.000000000 +0100
-+++ isakmpd-20041012.new/GNUmakefile 2006-12-16 22:48:27.000000000 +0100
-@@ -169,7 +169,6 @@
- X509= x509.c
- CFLAGS+= -DUSE_LIBCRYPTO
- LDADD+= -lcrypto
--DPADD+= ${LIBCRYPTO}
- endif
-
- ifdef USE_RAWKEY
-diff -ruN isakmpd-20041012.orig/Makefile isakmpd-20041012.new/Makefile
---- isakmpd-20041012.orig/Makefile 2004-10-12 23:25:52.000000000 +0200
-+++ isakmpd-20041012.new/Makefile 2006-12-16 22:46:48.000000000 +0100
+Index: isakmpd-20041012.orig/Makefile
+===================================================================
+--- isakmpd-20041012.orig.orig/Makefile 2007-06-04 13:22:39.028921984 +0200
++++ isakmpd-20041012.orig/Makefile 2007-06-04 13:22:39.723816344 +0200
@@ -147,7 +147,6 @@
.ifdef USE_LIBCRYPTO
CFLAGS+= -DUSE_LIBCRYPTO
@@ -79,9 +79,10 @@ diff -ruN isakmpd-20041012.orig/Makefile isakmpd-20041012.new/Makefile
.endif
.ifdef USE_LIBDES
-diff -ruN isakmpd-20041012.orig/apps/certpatch/Makefile isakmpd-20041012.new/apps/certpatch/Makefile
---- isakmpd-20041012.orig/apps/certpatch/Makefile 2004-10-12 23:25:52.000000000 +0200
-+++ isakmpd-20041012.new/apps/certpatch/Makefile 2006-12-16 22:48:58.000000000 +0100
+Index: isakmpd-20041012.orig/apps/certpatch/Makefile
+===================================================================
+--- isakmpd-20041012.orig.orig/apps/certpatch/Makefile 2007-06-04 13:22:39.035920920 +0200
++++ isakmpd-20041012.orig/apps/certpatch/Makefile 2007-06-04 13:22:39.723816344 +0200
@@ -40,7 +40,6 @@
.PATH: ${TOPSRC} ${TOPSRC}/sysdep/${OS} ${TOPOBJ}
CFLAGS+= -I${TOPSRC} -I${TOPSRC}/sysdep/${OS} -I${TOPOBJ} -Wall
@@ -90,9 +91,10 @@ diff -ruN isakmpd-20041012.orig/apps/certpatch/Makefile isakmpd-20041012.new/app
MAN= certpatch.8
.if ${FEATURES:Mgmp} == "gmp"
-diff -ruN isakmpd-20041012.orig/regress/crypto/Makefile isakmpd-20041012.new/regress/crypto/Makefile
---- isakmpd-20041012.orig/regress/crypto/Makefile 2004-10-12 23:25:52.000000000 +0200
-+++ isakmpd-20041012.new/regress/crypto/Makefile 2006-12-16 22:50:02.000000000 +0100
+Index: isakmpd-20041012.orig/regress/crypto/Makefile
+===================================================================
+--- isakmpd-20041012.orig.orig/regress/crypto/Makefile 2007-06-04 13:22:39.041920008 +0200
++++ isakmpd-20041012.orig/regress/crypto/Makefile 2007-06-04 13:22:39.723816344 +0200
@@ -13,7 +13,7 @@
-DUSE_TRIPLEDES -DUSE_CAST -DUSE_BLOWFISH -DUSE_DES \
-DUSE_AES
@@ -102,9 +104,10 @@ diff -ruN isakmpd-20041012.orig/regress/crypto/Makefile isakmpd-20041012.new/reg
NOMAN=
DEBUG= -g
-diff -ruN isakmpd-20041012.orig/regress/dh/Makefile isakmpd-20041012.new/regress/dh/Makefile
---- isakmpd-20041012.orig/regress/dh/Makefile 2004-10-12 23:25:52.000000000 +0200
-+++ isakmpd-20041012.new/regress/dh/Makefile 2006-12-16 22:49:25.000000000 +0100
+Index: isakmpd-20041012.orig/regress/dh/Makefile
+===================================================================
+--- isakmpd-20041012.orig.orig/regress/dh/Makefile 2007-06-04 13:22:39.048918944 +0200
++++ isakmpd-20041012.orig/regress/dh/Makefile 2007-06-04 13:22:39.726815888 +0200
@@ -15,7 +15,6 @@
-DUSE_EC
NOMAN=
@@ -113,9 +116,10 @@ diff -ruN isakmpd-20041012.orig/regress/dh/Makefile isakmpd-20041012.new/regress
DEBUG= -g
.if ${FEATURES:Mgmp} == "gmp"
-diff -ruN isakmpd-20041012.orig/regress/group/Makefile isakmpd-20041012.new/regress/group/Makefile
---- isakmpd-20041012.orig/regress/group/Makefile 2004-10-12 23:25:52.000000000 +0200
-+++ isakmpd-20041012.new/regress/group/Makefile 2006-12-16 22:49:30.000000000 +0100
+Index: isakmpd-20041012.orig/regress/group/Makefile
+===================================================================
+--- isakmpd-20041012.orig.orig/regress/group/Makefile 2007-06-04 13:22:39.054918032 +0200
++++ isakmpd-20041012.orig/regress/group/Makefile 2007-06-04 13:22:39.727815736 +0200
@@ -15,7 +15,6 @@
-DUSE_EC
NOMAN=
@@ -124,9 +128,10 @@ diff -ruN isakmpd-20041012.orig/regress/group/Makefile isakmpd-20041012.new/regr
DEBUG= -g
.if ${FEATURES:Mgmp} == "gmp"
-diff -ruN isakmpd-20041012.orig/regress/rsakeygen/Makefile isakmpd-20041012.new/regress/rsakeygen/Makefile
---- isakmpd-20041012.orig/regress/rsakeygen/Makefile 2004-10-12 23:25:52.000000000 +0200
-+++ isakmpd-20041012.new/regress/rsakeygen/Makefile 2006-12-16 22:49:41.000000000 +0100
+Index: isakmpd-20041012.orig/regress/rsakeygen/Makefile
+===================================================================
+--- isakmpd-20041012.orig.orig/regress/rsakeygen/Makefile 2007-06-04 13:22:39.060917120 +0200
++++ isakmpd-20041012.orig/regress/rsakeygen/Makefile 2007-06-04 13:22:39.727815736 +0200
@@ -62,7 +62,6 @@
.ifdef USE_LIBCRYPTO
CFLAGS+= -DUSE_LIBCRYPTO
@@ -135,9 +140,10 @@ diff -ruN isakmpd-20041012.orig/regress/rsakeygen/Makefile isakmpd-20041012.new/
.endif
.if !defined (HAVE_DLOPEN) && !defined (USE_LIBCRYPTO)
-diff -ruN isakmpd-20041012.orig/regress/x509/Makefile isakmpd-20041012.new/regress/x509/Makefile
---- isakmpd-20041012.orig/regress/x509/Makefile 2004-10-12 23:25:52.000000000 +0200
-+++ isakmpd-20041012.new/regress/x509/Makefile 2006-12-16 22:49:49.000000000 +0100
+Index: isakmpd-20041012.orig/regress/x509/Makefile
+===================================================================
+--- isakmpd-20041012.orig.orig/regress/x509/Makefile 2007-06-04 13:22:39.068915904 +0200
++++ isakmpd-20041012.orig/regress/x509/Makefile 2007-06-04 13:22:39.727815736 +0200
@@ -78,7 +78,6 @@
X509= x509.c
CFLAGS+= -DUSE_LIBCRYPTO
diff --git a/package/isakmpd/patches/030-openssl_hashes.patch b/package/isakmpd/patches/030-openssl_hashes.patch
index 680db86a3..f50afc598 100644
--- a/package/isakmpd/patches/030-openssl_hashes.patch
+++ b/package/isakmpd/patches/030-openssl_hashes.patch
@@ -1,7 +1,8 @@
-diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile
---- isakmpd/GNUmakefile 2006-09-01 19:29:05.000000000 +0200
-+++ isakmpd.new/GNUmakefile 2006-09-01 19:29:28.000000000 +0200
-@@ -75,13 +75,14 @@
+Index: isakmpd-20041012.orig/GNUmakefile
+===================================================================
+--- isakmpd-20041012.orig.orig/GNUmakefile 2007-06-04 13:22:39.722816496 +0200
++++ isakmpd-20041012.orig/GNUmakefile 2007-06-04 13:22:40.000774240 +0200
+@@ -76,13 +76,14 @@
isakmp_fld.c isakmp_fld.h
MAN= isakmpd.8 isakmpd.conf.5 isakmpd.policy.5
@@ -17,7 +18,7 @@ diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile
# Do execution time profiles
#CFLAGS+= -pg
-@@ -172,6 +173,14 @@
+@@ -175,6 +176,14 @@
CFLAGS+= -DUSE_RAWKEY
endif
@@ -30,11 +31,12 @@ diff -urN isakmpd/GNUmakefile isakmpd.new/GNUmakefile
+endif
+
SRCS+= ${IPSEC_SRCS} ${X509} ${POLICY} ${EC} ${AGGRESSIVE} ${DNSSEC} \
- $(ISAKMP_CFG)
+ $(ISAKMP_CFG) ${DPD} ${NAT_TRAVERSAL}
CFLAGS+= ${IPSEC_CFLAGS}
-diff -urN isakmpd/sysdep/common/libsysdep/GNUmakefile isakmpd.new/sysdep/common/libsysdep/GNUmakefile
---- isakmpd/sysdep/common/libsysdep/GNUmakefile 2003-06-03 16:52:06.000000000 +0200
-+++ isakmpd.new/sysdep/common/libsysdep/GNUmakefile 2006-09-01 19:29:28.000000000 +0200
+Index: isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/GNUmakefile 2007-06-04 13:22:38.959932472 +0200
++++ isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile 2007-06-04 13:22:40.000774240 +0200
@@ -31,10 +31,18 @@
.CURDIR:= $(shell pwd)
@@ -55,9 +57,10 @@ diff -urN isakmpd/sysdep/common/libsysdep/GNUmakefile isakmpd.new/sysdep/common/
lib${LIB}.a: ${SRCS:%.c=%.o}
ar cq $@ ${SRCS:%.c=%.o}
-diff -urN isakmpd/sysdep/common/libsysdep/md5.c isakmpd.new/sysdep/common/libsysdep/md5.c
---- isakmpd/sysdep/common/libsysdep/md5.c 2002-06-14 23:34:58.000000000 +0200
-+++ isakmpd.new/sysdep/common/libsysdep/md5.c 2006-09-01 19:29:28.000000000 +0200
+Index: isakmpd-20041012.orig/sysdep/common/libsysdep/md5.c
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/md5.c 2007-06-04 13:22:38.964931712 +0200
++++ isakmpd-20041012.orig/sysdep/common/libsysdep/md5.c 2007-06-04 13:22:40.000774240 +0200
@@ -5,6 +5,8 @@
* changes to accommodate it in the kernel by ji.
*/
@@ -72,9 +75,10 @@ diff -urN isakmpd/sysdep/common/libsysdep/md5.c isakmpd.new/sysdep/common/libsys
#endif
+#endif /* USE_OPENSSL_MD5 */
-diff -urN isakmpd/sysdep/common/libsysdep/sha1.c isakmpd.new/sysdep/common/libsysdep/sha1.c
---- isakmpd/sysdep/common/libsysdep/sha1.c 2001-01-28 23:38:48.000000000 +0100
-+++ isakmpd.new/sysdep/common/libsysdep/sha1.c 2006-09-01 19:29:28.000000000 +0200
+Index: isakmpd-20041012.orig/sysdep/common/libsysdep/sha1.c
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/sha1.c 2007-06-04 13:22:38.970930800 +0200
++++ isakmpd-20041012.orig/sysdep/common/libsysdep/sha1.c 2007-06-04 13:22:40.001774088 +0200
@@ -1,5 +1,7 @@
/* $OpenBSD: sha1.c,v 1.2 2001/01/28 22:38:48 niklas Exp $ */
@@ -89,9 +93,10 @@ diff -urN isakmpd/sysdep/common/libsysdep/sha1.c isakmpd.new/sysdep/common/libsy
}
+
+#endif /* USE_OPENSSL_SHA1 */
-diff -urN isakmpd/sysdep/common/md5.h isakmpd.new/sysdep/common/md5.h
---- isakmpd/sysdep/common/md5.h 2001-01-28 23:38:47.000000000 +0100
-+++ isakmpd.new/sysdep/common/md5.h 2006-09-01 19:29:28.000000000 +0200
+Index: isakmpd-20041012.orig/sysdep/common/md5.h
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/common/md5.h 2007-06-04 13:22:38.976929888 +0200
++++ isakmpd-20041012.orig/sysdep/common/md5.h 2007-06-04 13:22:40.001774088 +0200
@@ -1,5 +1,15 @@
/* $OpenBSD: md5.h,v 1.2 2001/01/28 22:38:47 niklas Exp $ */
@@ -114,9 +119,10 @@ diff -urN isakmpd/sysdep/common/md5.h isakmpd.new/sysdep/common/md5.h
#define _MD5_H_
+
+#endif /* USE_OPENSSL_MD5 */
-diff -urN isakmpd/sysdep/common/sha1.h isakmpd.new/sysdep/common/sha1.h
---- isakmpd/sysdep/common/sha1.h 2001-01-28 23:38:47.000000000 +0100
-+++ isakmpd.new/sysdep/common/sha1.h 2006-09-01 19:29:28.000000000 +0200
+Index: isakmpd-20041012.orig/sysdep/common/sha1.h
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/common/sha1.h 2007-06-04 13:22:38.982928976 +0200
++++ isakmpd-20041012.orig/sysdep/common/sha1.h 2007-06-04 13:22:40.001774088 +0200
@@ -1,5 +1,16 @@
/* $OpenBSD: sha1.h,v 1.2 2001/01/28 22:38:47 niklas Exp $ */
@@ -140,10 +146,11 @@ diff -urN isakmpd/sysdep/common/sha1.h isakmpd.new/sysdep/common/sha1.h
void SHA1Final(unsigned char digest[20], SHA1_CTX* context);
+
+#endif /* USE_OPENSSL_SHA1 */
-diff -urN isakmpd/sysdep/linux/GNUmakefile.sysdep isakmpd.new/sysdep/linux/GNUmakefile.sysdep
---- isakmpd/sysdep/linux/GNUmakefile.sysdep 2006-09-01 19:29:05.000000000 +0200
-+++ isakmpd.new/sysdep/linux/GNUmakefile.sysdep 2006-09-01 19:29:29.000000000 +0200
-@@ -48,6 +48,8 @@
+Index: isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:39.722816496 +0200
++++ isakmpd-20041012.orig/sysdep/linux/GNUmakefile.sysdep 2007-06-04 13:22:40.001774088 +0200
+@@ -47,6 +47,8 @@
USE_LIBCRYPO= defined
HAVE_DLOPEN= defined
USE_KEYNOTE= defined
diff --git a/package/isakmpd/patches/040-security_fix.patch b/package/isakmpd/patches/040-security_fix.patch
index 912888010..d70a72245 100644
--- a/package/isakmpd/patches/040-security_fix.patch
+++ b/package/isakmpd/patches/040-security_fix.patch
@@ -1,12 +1,8 @@
-Index: sbin/isakmpd/ipsec.c
+Index: isakmpd-20041012.orig/ipsec.c
===================================================================
-RCS file: /cvs/src/sbin/isakmpd/ipsec.c,v
-retrieving revision 1.122
-retrieving revision 1.122.2.1
-diff -u -p -r1.122 -r1.122.2.1
---- isakmpd/ipsec.c 23 Sep 2005 14:44:03 -0000 1.122
-+++ isakmpd/ipsec.c 19 Aug 2006 20:23:28 -0000 1.122.2.1
-@@ -2076,9 +2076,10 @@ ipsec_proto_init(struct proto *proto, ch
+--- isakmpd-20041012.orig.orig/ipsec.c 2007-06-04 13:22:39.283883224 +0200
++++ isakmpd-20041012.orig/ipsec.c 2007-06-04 13:22:40.247736696 +0200
+@@ -2176,9 +2176,10 @@
{
struct ipsec_proto *iproto = proto->data;
diff --git a/package/isakmpd/patches/050-ar_cross.patch b/package/isakmpd/patches/050-ar_cross.patch
index 775e94d90..2bac048db 100644
--- a/package/isakmpd/patches/050-ar_cross.patch
+++ b/package/isakmpd/patches/050-ar_cross.patch
@@ -1,6 +1,7 @@
-diff -ruN isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile isakmpd-20041012.new/sysdep/common/libsysdep/GNUmakefile
---- isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile 2007-01-08 03:16:16.000000000 +0100
-+++ isakmpd-20041012.new/sysdep/common/libsysdep/GNUmakefile 2007-01-08 03:23:24.000000000 +0100
+Index: isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile
+===================================================================
+--- isakmpd-20041012.orig.orig/sysdep/common/libsysdep/GNUmakefile 2007-06-04 13:22:40.000774240 +0200
++++ isakmpd-20041012.orig/sysdep/common/libsysdep/GNUmakefile 2007-06-04 13:22:40.431708728 +0200
@@ -44,7 +44,7 @@
endif