Bug#292921: racoon does not update generated policy

Kaz Sasayama Sun, 30 Jan 2005 23:08:11 -0800

Package: racoon
Version: 0.3.3-5
Severity: normal

racoon does not update the policy that is generated by the 
generate_policy option on renegotiation.  Please update ipsec-tools to 
0.5rc or apply the attached change.


-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-cs56
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages racoon depends on:
ii  debconf                     1.4.30.11    Debian configuration management sy
ii  ipsec-tools                 0.3.3-5.0.1  IPsec tools for Linux
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an

-- debconf information:
* racoon/config_mode: direct

Only in ipsec-tools-0.3.3/src/racoon: Makefile
Only in ipsec-tools-0.3.3/src/racoon: config.h
Only in ipsec-tools-0.3.3/src/racoon: config.log
Only in ipsec-tools-0.3.3/src/racoon: config.status
Only in ipsec-tools-0.3.3/src/racoon: eaytest
diff -ur -x '*.o' ipsec-tools-0.3.3.dist/src/racoon/isakmp_quick.c ipsec-tools-0.3.3/src/racoon/isakmp_quick.c
--- ipsec-tools-0.3.3.dist/src/racoon/isakmp_quick.c	2004-06-15 22:36:44.000000000 +0900
+++ ipsec-tools-0.3.3/src/racoon/isakmp_quick.c	2005-01-11 21:13:43.000000000 +0900
@@ -2032,6 +2032,20 @@
 			"no policy found: %s\n", spidx2str(&spidx));
 		return ISAKMP_INTERNAL_ERROR;
 	}
+	/* Refresh existing generated policies
+	 */
+	if (iph2->ph1->rmconf->gen_policy) {
+		plog(LLV_INFO, LOCATION, NULL,
+			 "Update the generated policy : %s\n",
+			 spidx2str(&spidx));
+		iph2->spidx_gen = racoon_malloc(sizeof(spidx));
+		if (!iph2->spidx_gen) {
+			plog(LLV_ERROR, LOCATION, NULL,
+				 "buffer allocation failed.\n");
+			return ISAKMP_INTERNAL_ERROR;
+		}
+		memcpy(iph2->spidx_gen, &spidx, sizeof(spidx));
+	}
 
 	/* get outbound policy */
     {
Only in ipsec-tools-0.3.3/src/racoon: isakmp_quick.c.~1~
Only in ipsec-tools-0.3.3/src/racoon: isakmp_quick.c.~2~
Only in ipsec-tools-0.3.3/src/racoon: isakmp_quick.c.~3~
Only in ipsec-tools-0.3.3/src/racoon: racoon
Only in ipsec-tools-0.3.3/src/racoon: racoonctl
Only in ipsec-tools-0.3.3/src/racoon/samples: psk.txt
Only in ipsec-tools-0.3.3/src/racoon/samples: racoon.conf

Bug#292921: racoon does not update generated policy

Reply via email to