Hello community, here is the log from the commit of package novell-ipsec-tools checked in at Sat Nov 29 23:20:03 CET 2008. -------- --- novell-ipsec-tools/novell-ipsec-tools.changes 2008-11-22 04:58:06.000000000 +0100 +++ /mounts/work_src_done/STABLE/novell-ipsec-tools/novell-ipsec-tools.changes 2008-11-29 05:29:07.875709000 +0100 @@ -1,0 +2,5 @@ +Sat Nov 29 05:30:45 CET 2008 - bili@suse.de + +- Fixing the security policy finding bug(bnc#449513). + +------------------------------------------------------------------- calling whatdependson for head-i586 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ novell-ipsec-tools.spec ++++++ --- /var/tmp/diff_new_pack.iS5088/_old 2008-11-29 23:19:46.000000000 +0100 +++ /var/tmp/diff_new_pack.iS5088/_new 2008-11-29 23:19:46.000000000 +0100 @@ -21,7 +21,7 @@ Name: novell-ipsec-tools BuildRequires: bison flex kernel-source openssl-devel Version: 0.7.1 -Release: 1 +Release: 2 License: BSD 3-Clause Group: Productivity/Networking/Security PreReq: %insserv_prereq %fillup_prereq @@ -197,6 +197,8 @@ %{_libdir}/libracoon.la %changelog +* Sat Nov 29 2008 bili@suse.de +- Fixing the security policy finding bug(bnc#449513). * Sat Nov 22 2008 bili@suse.de - Upgrade to 0.7.1. * Wed Oct 08 2008 bili@suse.de ++++++ novell-ipsec-tools_plugins-support-core.patch ++++++ --- /var/tmp/diff_new_pack.iS5088/_old 2008-11-29 23:19:46.000000000 +0100 +++ /var/tmp/diff_new_pack.iS5088/_new 2008-11-29 23:19:46.000000000 +0100 @@ -2418,7 +2418,7 @@ sunaddr.sun_path, adminsock_mode, strerror(errno)); (void)close(lcconf->sock_admin); return -1; -@@ -622,5 +1265,150 @@ admin_close() +@@ -622,5 +1265,153 @@ admin_close() close(lcconf->sock_admin); return 0; } @@ -2526,6 +2526,9 @@ + char *policyout = NULL, *policyin = NULL; + char *local_ip_addr = NULL, *remote_ip_addr = NULL; + ++ plog(LLV_INFO, LOCATION, NULL, ++ "call add_default_policy_to_SPD(%08x).\n", src_addr); ++ + p = LIST_FIRST(&ph1tree); + + local_ip_addr = strdup(saddrwop2str(p->local)); @@ -2564,8 +2567,8 @@ + ((struct sockaddr_in *)(&dstaddr))->sin_family = AF_INET; + ((struct sockaddr_in *)(&dstaddr))->sin_addr.s_addr = INADDR_ANY; + -+ //pfkey_add_policy_to_SPD(&srcaddr, 32, &dstaddr, 0/*policy->dst_prefixlen*/, -+ // 0 , policyin, policyout,0); ++ pfkey_add_policy_to_SPD(&srcaddr, 32, &dstaddr, 0/*policy->dst_prefixlen*/, ++ 0 , policyin, policyout,0); + EVT_PUSH(0, 0, EVTT_ISAKMP_CFG_DONE, NULL); + return 0; +} ++++++ novell-ipsec-tools_plugins-support-nortel.patch ++++++ --- /var/tmp/diff_new_pack.iS5088/_old 2008-11-29 23:19:46.000000000 +0100 +++ /var/tmp/diff_new_pack.iS5088/_new 2008-11-29 23:19:46.000000000 +0100 @@ -1121,6 +1121,42 @@ plog(LLV_DEBUG, LOCATION, NULL, "===\n"); return 0; } +@@ -2218,6 +2348,8 @@ pk_recvspdupdate(mhp) + struct secpolicy *sp; + u_int64_t created; + ++ plog(LLV_DEBUG, LOCATION, NULL, "call pk_recvspdupdate\n"); ++ + /* sanity check */ + if (mhp[0] == NULL + || mhp[SADB_EXT_ADDRESS_SRC] == NULL +@@ -2340,6 +2472,8 @@ pk_recvspdadd(mhp) + struct secpolicy *sp; + u_int64_t created; + ++ plog(LLV_DEBUG, LOCATION, NULL, "call pk_recvspdadd\n"); ++ + /* sanity check */ + if (mhp[0] == NULL + || mhp[SADB_EXT_ADDRESS_SRC] == NULL +@@ -2624,6 +2758,8 @@ pk_recvspddump(mhp) + struct secpolicy *sp; + u_int64_t created; + ++ plog(LLV_DEBUG, LOCATION, NULL, "call pk_recvspddump\n"); ++ + /* sanity check */ + if (mhp[0] == NULL) { + plog(LLV_ERROR, LOCATION, NULL, +@@ -2872,6 +3008,8 @@ addnewsp(mhp) + struct sadb_lifetime *lt; + u_int64_t created; + ++ plog(LLV_DEBUG, LOCATION, NULL, "call addnewsp\n"); ++ + /* sanity check */ + if (mhp[SADB_EXT_ADDRESS_SRC] == NULL + || mhp[SADB_EXT_ADDRESS_DST] == NULL Index: ipsec-tools-0.7.1/src/racoon/pfkey.h =================================================================== --- ipsec-tools-0.7.1.orig/src/racoon/pfkey.h @@ -1545,7 +1581,7 @@ + char *keyval = NULL; + + /* Initialize spisiz and n for stopping gcc to crib */ -+ plog(LLV_ERROR,LOCATION,NULL,"iN ISAKMP_INFO_SEND_N1"); ++ plog(LLV_INFO, LOCATION, NULL, "iN ISAKMP_INFO_SEND_N1"); + + spisiz = 0; + n = NULL; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org