diff options
author | itojun <itojun@pkgsrc.org> | 2000-09-12 12:51:27 +0000 |
---|---|---|
committer | itojun <itojun@pkgsrc.org> | 2000-09-12 12:51:27 +0000 |
commit | 42e22e4b7453e7096635c3b431d1ecc1e32afbe6 (patch) | |
tree | c21537c5ce2866ad36d6f1b4a2c1360f31ef48e3 /security | |
parent | 776b48992da938534aa9dc28232aed6f08295517 (diff) | |
download | pkgsrc-42e22e4b7453e7096635c3b431d1ecc1e32afbe6.tar.gz |
upgrade racoon to 2000/9/12.
certificate improvements. bug fix in policy matching. make pfs/policy
matching strictness configurable. other logs can be found at
http://www.kame.net/dev/cvsweb.cgi/kame/CHANGELOG.
Diffstat (limited to 'security')
-rw-r--r-- | security/racoon/Makefile | 4 | ||||
-rw-r--r-- | security/racoon/files/md5 | 4 | ||||
-rw-r--r-- | security/racoon/files/patch-sum | 5 | ||||
-rw-r--r-- | security/racoon/patches/patch-aa | 17 | ||||
-rw-r--r-- | security/racoon/patches/patch-ae | 37 |
5 files changed, 15 insertions, 52 deletions
diff --git a/security/racoon/Makefile b/security/racoon/Makefile index 0a1f774ffbb..e270fb9bec3 100644 --- a/security/racoon/Makefile +++ b/security/racoon/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.19 2000/09/09 19:40:22 fredb Exp $ +# $NetBSD: Makefile,v 1.20 2000/09/12 12:51:27 itojun Exp $ # -DISTNAME= racoon-20000731a +DISTNAME= racoon-20000912a CATEGORIES= security net MASTER_SITES= ftp://ftp.kame.net/pub/kame/misc/ diff --git a/security/racoon/files/md5 b/security/racoon/files/md5 index d8727523d4c..42ff1f1d5ea 100644 --- a/security/racoon/files/md5 +++ b/security/racoon/files/md5 @@ -1,3 +1,3 @@ -$NetBSD: md5,v 1.7 2000/07/30 16:56:37 itojun Exp $ +$NetBSD: md5,v 1.8 2000/09/12 12:51:27 itojun Exp $ -MD5 (racoon-20000731a.tar.gz) = b4234014916c9d655d44fae5319aca5c +MD5 (racoon-20000912a.tar.gz) = 9ecb457a724daebddd086a07704077c8 diff --git a/security/racoon/files/patch-sum b/security/racoon/files/patch-sum index 371025b1700..50ea8bebc4d 100644 --- a/security/racoon/files/patch-sum +++ b/security/racoon/files/patch-sum @@ -1,7 +1,6 @@ -$NetBSD: patch-sum,v 1.4 2000/08/04 00:25:04 thorpej Exp $ +$NetBSD: patch-sum,v 1.5 2000/09/12 12:51:27 itojun Exp $ -MD5 (patch-aa) = 09219a5e174dfd1af277d60c01e84a1d +MD5 (patch-aa) = d22da496fc39e0bc2c926c6ffbb758e1 MD5 (patch-ab) = 1a2944fbce4cee174eade2cc0726c0ef MD5 (patch-ac) = 148e0972689931384d1c55d4f99d3f66 MD5 (patch-ad) = 4a68eee8591dd85c8b17ba154b75c642 -MD5 (patch-ae) = d1c0c3ab86e0fd55f76520483f6559bd diff --git a/security/racoon/patches/patch-aa b/security/racoon/patches/patch-aa index 6fee80a43f2..5d021a4194a 100644 --- a/security/racoon/patches/patch-aa +++ b/security/racoon/patches/patch-aa @@ -1,9 +1,7 @@ -$NetBSD: patch-aa,v 1.2 2000/06/12 10:45:52 itojun Exp $ ---- ../libipsec/Makefile- Mon Jun 12 00:02:28 2000 -+++ ../libipsec/Makefile Mon Jun 12 00:02:49 2000 -@@ -25,9 +25,10 @@ - # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - # SUCH DAMAGE. +$NetBSD: patch-aa,v 1.3 2000/09/12 12:51:28 itojun Exp $ +--- ../libipsec/Makefile.orig Sun Jun 11 23:54:31 2000 ++++ ../libipsec/Makefile Tue Sep 12 16:11:57 2000 +@@ -27,5 +27,6 @@ -.if exists(${.CURDIR}/../Makefile.opsys) -.include "${.CURDIR}/../Makefile.opsys" @@ -13,5 +11,8 @@ $NetBSD: patch-aa,v 1.2 2000/06/12 10:45:52 itojun Exp $ +#.endif +OPSYS!= uname -s - LIB= ipsec - CFLAGS+=-g +@@ -36,3 +37,3 @@ + .else +-CPPFLAGS+=-DIPSEC_DEBUG -DIPSEC -DINET6 ++CPPFLAGS+=-DIPSEC_DEBUG -DIPSEC -DINET6 -I${.CURDIR} + .endif diff --git a/security/racoon/patches/patch-ae b/security/racoon/patches/patch-ae deleted file mode 100644 index cf2ab7f01a9..00000000000 --- a/security/racoon/patches/patch-ae +++ /dev/null @@ -1,37 +0,0 @@ -$NetBSD: patch-ae,v 1.1 2000/08/04 00:25:06 thorpej Exp $ ---- cfparse.y.orig Thu Aug 3 16:14:39 2000 -+++ cfparse.y Thu Aug 3 16:19:14 2000 -@@ -1107,6 +1107,7 @@ - | ALGORITHM_CLASS ALGORITHMTYPE keylength EOS - { - int doi; -+ int defklen; - - doi = algtype2doi($1, $2); - if (doi == -1) { -@@ -1116,9 +1117,22 @@ - switch ($1) { - case algclass_isakmp_enc: - prhead->spspec->algclass[algclass_isakmp_enc] = doi; -- if (check_keylen($1, $2, $3) == -1) -- return -1; -- prhead->spspec->encklen = $3; -+ defklen = default_keylen($1, $2); -+ if (defklen == 0) { -+ if ($3) { -+ yyerror("keylen not allowed"); -+ return -1; -+ } -+ } else { -+ if ($3 && check_keylen($1, $2, $3) < 0) { -+ yyerror("invalid keylen %d", $3); -+ return -1; -+ } -+ } -+ if ($3) -+ prhead->spspec->encklen = $3; -+ else -+ prhead->spspec->encklen = defklen; - break; - case algclass_isakmp_hash: - prhead->spspec->algclass[algclass_isakmp_hash] = doi; |