import libreswan-3.32-7.el8_3

This commit is contained in:
CentOS Sources 2020-11-03 19:58:55 -05:00 committed by Andrew Lukoshko
parent 5e46a8e789
commit 72e8f9ee83
2 changed files with 31 additions and 2 deletions

View File

@ -0,0 +1,25 @@
diff -Naur libreswan-3.32-orig/lib/libipsecconf/starterwhack.c libreswan-3.32/lib/libipsecconf/starterwhack.c
--- libreswan-3.32-orig/lib/libipsecconf/starterwhack.c 2020-05-11 10:13:41.000000000 -0400
+++ libreswan-3.32/lib/libipsecconf/starterwhack.c 2020-09-24 10:01:14.275131341 -0400
@@ -663,7 +663,7 @@
#endif
#ifdef HAVE_LABELED_IPSEC
- if (conn->options_set[KSCF_POLICY_LABEL]) {
+ if (conn->strings_set[KSCF_POLICY_LABEL]) {
msg.policy_label = conn->policy_label;
starter_log(LOG_LEVEL_DEBUG, "conn: \"%s\" policy_label=%s",
conn->name, msg.policy_label);
diff -Naur libreswan-3.32-orig/programs/pluto/ikev1_spdb_struct.c libreswan-3.32/programs/pluto/ikev1_spdb_struct.c
--- libreswan-3.32-orig/programs/pluto/ikev1_spdb_struct.c 2020-05-11 10:13:41.000000000 -0400
+++ libreswan-3.32/programs/pluto/ikev1_spdb_struct.c 2020-09-24 10:01:31.996278599 -0400
@@ -59,8 +59,7 @@
#include "nat_traversal.h"
-#ifndef USE_LABELED_IPSEC
-
+#ifndef HAVE_LABELED_IPSEC
static bool parse_secctx_attr(pb_stream *pbs UNUSED, struct state *st UNUSED)
{
/*

View File

@ -38,7 +38,7 @@ Name: libreswan
Summary: IPsec implementation with IKEv1 and IKEv2 keying protocols
# version is generated in the release script
Version: 3.32
Release: %{?prever:0.}6%{?prever:.%{prever}}%{?dist}
Release: %{?prever:0.}7%{?prever:.%{prever}}%{?dist}
License: GPLv2
Url: https://libreswan.org/
@ -56,7 +56,7 @@ Patch4: libreswan-3.32-1847766-xfrmi.patch
Patch5: libreswan-3.32-1840212-nss-gcm.patch
Patch6: libreswan-3.32-1544463-seccomp.patch
Patch7: libreswan-3.32-1861360-nodefault-rsa-pss.patch
Patch8: libreswan-3.32-1880466-labeled-ipsec.patch
BuildRequires: audit-libs-devel
BuildRequires: bison
@ -118,6 +118,7 @@ Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
pathfix.py -i %{__python3} -pn testing/cert_verify/usage_test \
testing/pluto/ikev1-01-fuzzer/cve-2015-3204.py \
@ -231,6 +232,9 @@ certutil -N -d sql:$tmpdir --empty-password
%attr(0644,root,root) %doc %{_mandir}/*/*
%changelog
* Thu Sep 24 10:03:36 EDT 2020 Paul Wouters <pwouters@redhat.com> - 3.32-7
- Resolves: rhbz#1882449 Labeled IPsec not working [rhel-8.3.0.z]
* Wed Jul 29 2020 Paul Wouters <pwouters@redhat.com> - 3.32-6
- Resolves: rhbz#1861360 authby=rsasig must not imply usage of rsa-pss