Date: Tuesday, September 25, 2018 @ 14:32:32 Author: shibumi Revision: 384809
cleaned up PKGBUILD and removed unnecessary files Modified: strongswan/trunk/PKGBUILD Deleted: strongswan/trunk/cve_2018_5388.patch strongswan/trunk/stdint.patch ---------------------+ PKGBUILD | 70 +++++++++++++++++++++++++++++++++++++------------- cve_2018_5388.patch | 25 ----------------- stdint.patch | 11 ------- 3 files changed, 52 insertions(+), 54 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2018-09-25 14:27:50 UTC (rev 384808) +++ PKGBUILD 2018-09-25 14:32:32 UTC (rev 384809) @@ -13,7 +13,7 @@ pkgver=5.7.0 pkgrel=1 pkgdesc="open source IPsec implementation" -url='http://www.strongswan.org' +url='https://www.strongswan.org' license=("GPL2") arch=('x86_64') makedepends=('curl' 'gmp' 'iproute2' 'openssl' 'sqlite' 'libcap' 'libsystemd' @@ -40,8 +40,7 @@ vici.conf,x509.conf,xauth-eap.conf,xauth-generic.conf,xcbc.conf,unity.conf,curve25519.conf,bypass-lan.conf} ) -source=("https://download.strongswan.org/strongswan-${pkgver}.tar.bz2"; - "https://download.strongswan.org/strongswan-${pkgver}.tar.bz2.sig"; +source=("https://download.strongswan.org/strongswan-${pkgver}.tar.bz2{,.sig}"; 'configure_ac.patch' ) @@ -72,21 +71,56 @@ --enable-integrity-test \ --enable-sqlite \ --enable-pkcs11 \ - --enable-openssl --enable-curl \ - --enable-sql --enable-attr-sql \ - --enable-farp --enable-dhcp \ - --enable-eap-sim --enable-eap-sim-file --enable-eap-simaka-pseudonym \ - --enable-eap-simaka-reauth --enable-eap-identity --enable-eap-md5 \ - --enable-eap-gtc --enable-eap-aka --enable-eap-aka-3gpp2 \ - --enable-eap-mschapv2 --enable-eap-radius --enable-xauth-eap \ - --enable-ha --enable-vici --enable-swanctl --enable-systemd --enable-ext-auth \ - --enable-mysql --enable-ldap --enable-cmd --enable-forecast --enable-connmark \ - --enable-aesni --enable-eap-ttls --enable-radattr --enable-xauth-pam --enable-xauth-noauth \ - --enable-eap-dynamic --enable-eap-peap --enable-eap-tls --enable-chapoly --enable-unity \ - --with-capabilities=libcap --enable-newhope --enable-ntru --enable-mgf1 --enable-sha3 \ - --enable-bliss --enable-dnscert \ - --enable-nm --enable-agent --enable-bypass-lan \ - --enable-ruby-gems --enable-python-eggs + --enable-openssl \ + --enable-curl \ + --enable-sql \ + --enable-attr-sql \ + --enable-farp \ + --enable-dhcp \ + --enable-eap-sim \ + --enable-eap-sim-file \ + --enable-eap-simaka-pseudonym \ + --enable-eap-simaka-reauth \ + --enable-eap-identity \ + --enable-eap-md5 \ + --enable-eap-gtc \ + --enable-eap-aka \ + --enable-eap-aka-3gpp2 \ + --enable-eap-mschapv2 \ + --enable-eap-radius \ + --enable-xauth-eap \ + --enable-ha \ + --enable-vici \ + --enable-swanctl \ + --enable-systemd \ + --enable-ext-auth \ + --enable-mysql \ + --enable-ldap \ + --enable-cmd \ + --enable-forecast \ + --enable-connmark \ + --enable-aesni \ + --enable-eap-ttls \ + --enable-radattr \ + --enable-xauth-pam \ + --enable-xauth-noauth \ + --enable-eap-dynamic \ + --enable-eap-peap \ + --enable-eap-tls \ + --enable-chapoly \ + --enable-unity \ + --with-capabilities=libcap \ + --enable-newhope \ + --enable-ntru \ + --enable-mgf1 \ + --enable-sha3 \ + --enable-bliss \ + --enable-dnscert \ + --enable-nm \ + --enable-agent \ + --enable-bypass-lan \ + --enable-ruby-gems \ + --enable-python-eggs make } Deleted: cve_2018_5388.patch =================================================================== --- cve_2018_5388.patch 2018-09-25 14:27:50 UTC (rev 384808) +++ cve_2018_5388.patch 2018-09-25 14:32:32 UTC (rev 384809) @@ -1,25 +0,0 @@ -From: Tobias Brunner <[email protected]> -Date: Tue, 13 Mar 2018 17:54:08 +0000 (+0100) -Subject: stroke: Ensure a minimum message length -X-Git-Tag: 5.6.3dr1~28 -X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=0acd1ab4 - -stroke: Ensure a minimum message length ---- - -diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c -index c568440..1e7f210 100644 ---- a/src/libcharon/plugins/stroke/stroke_socket.c -+++ b/src/libcharon/plugins/stroke/stroke_socket.c -@@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream) - } - return FALSE; - } -+ if (len < offsetof(stroke_msg_t, buffer)) -+ { -+ DBG1(DBG_CFG, "invalid stroke message length %d", len); -+ return FALSE; -+ } - - /* read message (we need an additional byte to terminate the buffer) */ - msg = malloc(len + 1); Deleted: stdint.patch =================================================================== --- stdint.patch 2018-09-25 14:27:50 UTC (rev 384808) +++ stdint.patch 2018-09-25 14:32:32 UTC (rev 384809) @@ -1,11 +0,0 @@ ---- strongswan-5.6.0-orig/src/libstrongswan/utils/utils/memory.h 2017-08-14 02:48:41.000000000 -0400 -+++ strongswan-5.6.0/src/libstrongswan/utils/utils/memory.h 2017-09-12 01:15:29.690527667 -0400 -@@ -14,6 +14,8 @@ - * for more details. - */ - -+#include <stdint.h> /* for uintptr_t */ -+ - /** - * @defgroup memory_i memory - * @{ @ingroup utils_i
