diff --git a/security/strongswan/files/patch-conf_Makefile.in b/security/strongswan/files/patch-conf_Makefile.in index 0d8969f38a06..0f9f1851c691 100644 --- a/security/strongswan/files/patch-conf_Makefile.in +++ b/security/strongswan/files/patch-conf_Makefile.in @@ -1,21 +1,21 @@ ---- conf/Makefile.in.orig 2019-03-29 18:18:48 UTC +--- conf/Makefile.in.orig 2024-03-19 10:57:29 UTC +++ conf/Makefile.in -@@ -899,15 +899,15 @@ install-data-local: $(plugins_install_src) +@@ -917,15 +917,15 @@ install-data-local: $(plugins_install_src) test -e "$(DESTDIR)${strongswanconfdir}" || $(INSTALL) -d "$(DESTDIR)$(strongswanconfdir)" || true test -e "$(DESTDIR)${strongswanddir}" || $(INSTALL) -d "$(DESTDIR)$(strongswanddir)" || true test -e "$(DESTDIR)${charonconfdir}" || $(INSTALL) -d "$(DESTDIR)$(charonconfdir)" || true - test -e "$(DESTDIR)$(strongswan_conf)" || $(INSTALL) -m 644 $(srcdir)/strongswan.conf $(DESTDIR)$(strongswan_conf) || true + test -e "$(DESTDIR)$(strongswan_conf)" || $(INSTALL) -m 644 $(srcdir)/strongswan.conf $(DESTDIR)$(strongswan_conf).sample || true for f in $(options_install_src); do \ name=`basename $$f`; \ - test -f "$(DESTDIR)$(strongswanddir)/$$name" || $(INSTALL) -m 644 "$(srcdir)/$$f" "$(DESTDIR)$(strongswanddir)/$$name" || true; \ + test -f "$(DESTDIR)$(strongswanddir)/$$name" || $(INSTALL) -m 644 "$(srcdir)/$$f" "$(DESTDIR)$(strongswanddir)/$${name}.sample" || true; \ done for f in $(plugins_install_src); do \ name=`basename $$f`; \ if test -f "$$f"; then dir=; else dir="$(srcdir)/"; fi; \ - test -f "$(DESTDIR)$(charonconfdir)/$$name" || $(INSTALL) -m 644 "$$dir$$f" "$(DESTDIR)$(charonconfdir)/$$name" || true; \ + test -f "$(DESTDIR)$(charonconfdir)/$$name" || $(INSTALL) -m 644 "$$dir$$f" "$(DESTDIR)$(charonconfdir)/$${name}.sample" || true; \ done # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/security/strongswan/files/patch-src_libcharon_plugins_kernel__pfkey_kernel__pfkey__ipsec.c b/security/strongswan/files/patch-src_libcharon_plugins_kernel__pfkey_kernel__pfkey__ipsec.c new file mode 100644 index 000000000000..e06cde2380a5 --- /dev/null +++ b/security/strongswan/files/patch-src_libcharon_plugins_kernel__pfkey_kernel__pfkey__ipsec.c @@ -0,0 +1,14 @@ +--- src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c.orig 2023-06-08 10:35:17 UTC ++++ src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +@@ -765,6 +765,11 @@ ENUM(sadb_ext_type_names, SADB_EXT_RESERVED, SADB_EXT_ + "SADB_X_EXT_SA_REPLAY", + "SADB_X_EXT_NEW_ADDRESS_SRC", + "SADB_X_EXT_NEW_ADDRESS_DST", ++#ifdef SADB_X_EXT_IF_HW_OFFL ++ "SADB_X_EXT_LFT_CUR_SW_OFFL", ++ "SADB_X_EXT_LFT_CUR_HW_OFFL", ++ "SADB_X_EXT_IF_HW_OFFL", ++#endif + #endif /* __linux__ */ + #endif /* __APPLE__ */ + ); diff --git a/security/strongswan/files/patch-src_libcharon_plugins_smp_smp.c b/security/strongswan/files/patch-src_libcharon_plugins_smp_smp.c index 43b0b51b8dba..c2dd9fcd8388 100644 --- a/security/strongswan/files/patch-src_libcharon_plugins_smp_smp.c +++ b/security/strongswan/files/patch-src_libcharon_plugins_smp_smp.c @@ -1,23 +1,23 @@ ---- src/libcharon/plugins/smp/smp.c.orig 2018-10-23 17:03:28 UTC +--- src/libcharon/plugins/smp/smp.c.orig 2024-03-19 10:25:55 UTC +++ src/libcharon/plugins/smp/smp.c -@@ -740,7 +740,7 @@ METHOD(plugin_t, destroy, void, +@@ -745,7 +745,7 @@ plugin_t *smp_plugin_create() */ plugin_t *smp_plugin_create() { - struct sockaddr_un unix_addr = { AF_UNIX, IPSEC_PIDDIR "/charon.xml"}; + struct sockaddr_un unix_addr; private_smp_t *this; mode_t old; -@@ -768,6 +768,11 @@ plugin_t *smp_plugin_create() +@@ -773,6 +773,11 @@ plugin_t *smp_plugin_create() free(this); return NULL; } + + strlcpy(unix_addr.sun_path, IPSEC_PIDDIR "/charon.xml", + sizeof(unix_addr.sun_path)); + unix_addr.sun_len = sizeof(unix_addr); + unix_addr.sun_family = PF_LOCAL; unlink(unix_addr.sun_path); old = umask(S_IRWXO); diff --git a/security/strongswan/files/patch-src_libstrongswan_plugins_openssl_openssl__plugin.c b/security/strongswan/files/patch-src_libstrongswan_plugins_openssl_openssl__plugin.c index 9d02e2adf22b..07ff587133e4 100644 --- a/security/strongswan/files/patch-src_libstrongswan_plugins_openssl_openssl__plugin.c +++ b/security/strongswan/files/patch-src_libstrongswan_plugins_openssl_openssl__plugin.c @@ -1,11 +1,11 @@ ---- src/libstrongswan/plugins/openssl/openssl_plugin.c.orig 2018-12-14 15:48:24 UTC +--- src/libstrongswan/plugins/openssl/openssl_plugin.c.orig 2024-02-21 15:54:00 UTC +++ src/libstrongswan/plugins/openssl/openssl_plugin.c -@@ -810,7 +810,7 @@ plugin_t *openssl_plugin_create() +@@ -814,7 +814,7 @@ plugin_t *openssl_plugin_create() }, ); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) /* note that we can't call OPENSSL_cleanup() when the plugin is destroyed * as we couldn't initialize the library again afterwards */ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG | diff --git a/security/strongswan/files/patch-src_libstrongswan_utils_utils_byteorder.h b/security/strongswan/files/patch-src_libstrongswan_utils_utils_byteorder.h index 5bb0c2cbd46d..ed9d35d3b1b1 100644 --- a/security/strongswan/files/patch-src_libstrongswan_utils_utils_byteorder.h +++ b/security/strongswan/files/patch-src_libstrongswan_utils_utils_byteorder.h @@ -1,13 +1,13 @@ ---- src/libstrongswan/utils/utils/byteorder.h.orig 2018-10-03 21:35:17 UTC +--- src/libstrongswan/utils/utils/byteorder.h.orig 2023-03-27 21:00:49 UTC +++ src/libstrongswan/utils/utils/byteorder.h -@@ -22,6 +22,10 @@ +@@ -23,6 +23,10 @@ #ifndef BYTEORDER_H_ #define BYTEORDER_H_ +#if defined(__FreeBSD__) +#include +#endif + /** * Architecture independent bitfield definition helpers (at least with GCC). * diff --git a/security/strongswan/files/patch-src_starter_Makefile.in b/security/strongswan/files/patch-src_starter_Makefile.in index 57e674a1b8c5..400d3693f839 100644 --- a/security/strongswan/files/patch-src_starter_Makefile.in +++ b/security/strongswan/files/patch-src_starter_Makefile.in @@ -1,13 +1,13 @@ ---- src/starter/Makefile.in.orig 2018-12-27 09:46:22 UTC +--- src/starter/Makefile.in.orig 2024-03-19 10:57:37 UTC +++ src/starter/Makefile.in -@@ -1018,8 +1018,8 @@ install-exec-local : +@@ -1057,8 +1057,8 @@ install-exec-local : test -e "$(DESTDIR)${sysconfdir}/ipsec.d/crls" || $(INSTALL) -d "$(DESTDIR)$(sysconfdir)/ipsec.d/crls" || true test -e "$(DESTDIR)${sysconfdir}/ipsec.d/reqs" || $(INSTALL) -d "$(DESTDIR)$(sysconfdir)/ipsec.d/reqs" || true test -e "$(DESTDIR)${sysconfdir}/ipsec.d/private" || $(INSTALL) -d -m 750 "$(DESTDIR)$(sysconfdir)/ipsec.d/private" || true - test -e "$(DESTDIR)$(sysconfdir)/ipsec.conf" || $(INSTALL) -m 644 $(srcdir)/ipsec.conf $(DESTDIR)$(sysconfdir)/ipsec.conf || true - test -e "$(DESTDIR)$(sysconfdir)/ipsec.secrets" || $(INSTALL) -m 600 $(srcdir)/ipsec.secrets $(DESTDIR)$(sysconfdir)/ipsec.secrets || true + test -e "$(DESTDIR)$(sysconfdir)/ipsec.conf" || $(INSTALL) -m 644 $(srcdir)/ipsec.conf $(DESTDIR)$(sysconfdir)/ipsec.conf.sample || true + test -e "$(DESTDIR)$(sysconfdir)/ipsec.secrets" || $(INSTALL) -m 600 $(srcdir)/ipsec.secrets $(DESTDIR)$(sysconfdir)/ipsec.secrets.sample || true # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/security/strongswan/files/patch-src_swanctl_Makefile.in b/security/strongswan/files/patch-src_swanctl_Makefile.in index c667b0cc4445..2e6eaecbf6de 100644 --- a/security/strongswan/files/patch-src_swanctl_Makefile.in +++ b/security/strongswan/files/patch-src_swanctl_Makefile.in @@ -1,11 +1,11 @@ ---- src/swanctl/Makefile.in.orig 2019-01-18 17:24:51 UTC +--- src/swanctl/Makefile.in.orig 2024-03-19 10:57:37 UTC +++ src/swanctl/Makefile.in -@@ -1065,7 +1065,7 @@ install-data-local: swanctl.conf +@@ -1151,7 +1151,7 @@ install-data-local: swanctl.conf test -e "$(DESTDIR)$(swanctldir)/bliss" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/bliss" || true test -e "$(DESTDIR)$(swanctldir)/pkcs8" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/pkcs8" || true test -e "$(DESTDIR)$(swanctldir)/pkcs12" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/pkcs12" || true - test -e "$(DESTDIR)$(swanctldir)/swanctl.conf" || $(INSTALL) -m 640 $(srcdir)/swanctl.conf $(DESTDIR)$(swanctldir)/swanctl.conf || true + test -e "$(DESTDIR)$(swanctldir)/swanctl.conf" || $(INSTALL) -m 640 $(srcdir)/swanctl.conf $(DESTDIR)$(swanctldir)/swanctl.conf.sample || true # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded.