View | Details | Raw Unified | Return to bug 223664
Collapse All | Expand All

(-)Makefile (-1 / +1 lines)
Lines 3-9 Link Here
3
3
4
PORTNAME=	vpnc
4
PORTNAME=	vpnc
5
PORTVERSION=	0.5.3
5
PORTVERSION=	0.5.3
6
PORTREVISION=	12
6
PORTREVISION=	13
7
CATEGORIES=	security
7
CATEGORIES=	security
8
MASTER_SITES=	http://www.unix-ag.uni-kl.de/~massar/vpnc/ \
8
MASTER_SITES=	http://www.unix-ag.uni-kl.de/~massar/vpnc/ \
9
		LOCAL/ehaupt
9
		LOCAL/ehaupt
(-)files/patch-vpnc.c (-4 / +38 lines)
Lines 1-6 Link Here
1
--- ./vpnc.c.orig	2011-02-25 20:17:00.000000000 +0100
1
--- vpnc.c.orig	2008-11-19 21:55:51.000000000 +0100
2
+++ ./vpnc.c	2011-02-25 20:18:49.000000000 +0100
2
+++ vpnc.c	2017-11-10 13:09:32.996639000 +0100
3
@@ -2861,28 +2861,34 @@
3
@@ -1160,8 +1160,11 @@
4
 		value = a->next->u.attr_16;
5
 	else if (a->next->af == isakmp_attr_lots && a->next->u.lots.length == 4)
6
 		value = ntohl(*((uint32_t *) a->next->u.lots.data));
7
-	else
8
-		assert(0);
9
+	else {
10
+		DEBUG(2, printf("got unknown ike lifetime attributes af %d len %d\n",
11
+					a->next->af, a->next->u.lots.length));
12
+		return;
13
+	}
14
 	
15
 	DEBUG(2, printf("got ike lifetime attributes: %d %s\n", value,
16
 		(a->u.attr_16 == IKE_LIFE_TYPE_SECONDS) ? "seconds" : "kilobyte"));
17
@@ -1578,6 +1581,19 @@
18
 						seen_natd_them = 1;
19
 				}
20
 				break;
21
+			case ISAKMP_PAYLOAD_N:
22
+				if (rp->u.n.type == ISAKMP_N_IPSEC_RESPONDER_LIFETIME) {
23
+					if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_ISAKMP)
24
+						lifetime_ike_process(s, rp->u.n.attributes);
25
+					else if (rp->u.n.protocol == ISAKMP_IPSEC_PROTO_IPSEC_ESP)
26
+						lifetime_ipsec_process(s, rp->u.n.attributes);
27
+					else
28
+						DEBUG(2, printf("got unknown lifetime notice, ignoring..\n"));
29
+				} else {
30
+					DEBUG(1, printf("rejecting ISAKMP_PAYLOAD_N, type is not lifetime\n"));
31
+					reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
32
+				}
33
+				break;
34
 			default:
35
 				DEBUG(1, printf("rejecting invalid payload type %d\n", rp->type));
36
 				reject = ISAKMP_N_INVALID_PAYLOAD_TYPE;
37
@@ -2861,28 +2877,34 @@
4
 		free(dh_shared_secret);
38
 		free(dh_shared_secret);
5
 		free_isakmp_packet(r);
39
 		free_isakmp_packet(r);
6
 		
40
 		
Lines 52-58 Link Here
52
 		}
86
 		}
53
 		
87
 		
54
 		s->ipsec.rx.seq_id = s->ipsec.tx.seq_id = 1;
88
 		s->ipsec.rx.seq_id = s->ipsec.tx.seq_id = 1;
55
@@ -3224,9 +3230,14 @@
89
@@ -3224,9 +3246,14 @@
56
 			 */
90
 			 */
57
 			/* FIXME: any cleanup needed??? */
91
 			/* FIXME: any cleanup needed??? */
58
 
92
 

Return to bug 223664