- Resolves rhbz#1109470 l2tpd/ipsec breaks when "ipsec saref" not set

epel9
Paul Wouters 11 years ago
parent 0781e90c84
commit 9f28c44f17

@ -0,0 +1,36 @@
diff -Naur xl2tpd-5619e1771048e74b729804e8602f409af0f3faea-orig/file.c xl2tpd-5619e1771048e74b729804e8602f409af0f3faea/file.c
--- xl2tpd-5619e1771048e74b729804e8602f409af0f3faea-orig/file.c 2014-01-15 15:58:37.000000000 -0500
+++ xl2tpd-5619e1771048e74b729804e8602f409af0f3faea/file.c 2014-06-14 12:34:06.422355636 -0400
@@ -42,6 +42,8 @@
gconfig.port = UDP_LISTEN_PORT;
gconfig.sarefnum = IP_IPSEC_REFINFO; /* default use the latest we know */
+ gconfig.ipsecsaref = 0; /* default off - requires patched KLIPS kernel module */
+ gconfig.forceuserspace = 0; /* default off - allow kernel decap of data packets */
gconfig.listenaddr = htonl(INADDR_ANY); /* Default is to bind (listen) to all interfaces */
gconfig.debug_avp = 0;
gconfig.debug_network = 0;
diff -Naur xl2tpd-5619e1771048e74b729804e8602f409af0f3faea-orig/network.c xl2tpd-5619e1771048e74b729804e8602f409af0f3faea/network.c
--- xl2tpd-5619e1771048e74b729804e8602f409af0f3faea-orig/network.c 2014-01-15 15:58:37.000000000 -0500
+++ xl2tpd-5619e1771048e74b729804e8602f409af0f3faea/network.c 2014-06-14 12:37:06.953574143 -0400
@@ -78,6 +78,12 @@
* For L2TP/IPsec with KLIPSng, set the socket to receive IPsec REFINFO
* values.
*/
+ if (!gconfig.ipsecsaref)
+ {
+ l2tp_log (LOG_INFO, "Not looking for kernel SAref support.\n");
+ }
+ else
+ {
arg=1;
if(setsockopt(server_socket, IPPROTO_IP, gconfig.sarefnum,
&arg, sizeof(arg)) != 0) {
@@ -85,6 +91,7 @@
gconfig.ipsecsaref=0;
}
+ }
arg=1;
if(setsockopt(server_socket, IPPROTO_IP, IP_PKTINFO, (char*)&arg, sizeof(arg)) != 0) {

@ -3,7 +3,7 @@
Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661) Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661)
Name: xl2tpd Name: xl2tpd
Version: 1.3.6 Version: 1.3.6
Release: 3%{?dist} Release: 4%{?dist}
License: GPL+ License: GPL+
Url: https://github.com/xelerance/%{name}/ Url: https://github.com/xelerance/%{name}/
Group: System Environment/Daemons Group: System Environment/Daemons
@ -12,6 +12,7 @@ Source1: xl2tpd.service
Source2: tmpfiles-xl2tpd.conf Source2: tmpfiles-xl2tpd.conf
Patch1: xl2tpd-1.3.6-conf.patch Patch1: xl2tpd-1.3.6-conf.patch
Patch2: xl2tpd-1.3.6-md5-fips.patch Patch2: xl2tpd-1.3.6-md5-fips.patch
Patch3: xl2tpd-1.3.6-saref.patch
Requires: ppp >= 2.4.5-18, kmod(l2tp_ppp.ko) Requires: ppp >= 2.4.5-18, kmod(l2tp_ppp.ko)
# If you want to authenticate against a Microsoft PDC/Active Directory # If you want to authenticate against a Microsoft PDC/Active Directory
@ -52,6 +53,7 @@ It was de-facto maintained by Jacco de Leeuw <jacco2@dds.nl> in 2002 and 2003.
%setup -qn %{name}-%{commit} %setup -qn %{name}-%{commit}
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1
%build %build
#make DFLAGS="$RPM_OPT_FLAGS -g -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_FLOW -DDEBUG_PAYLOAD -DDEBUG_CONTROL -DDEBUG_CONTROL_XMIT -DDEBUG_FLOW_MORE -DDEBUG_MAGIC -DDEBUG_ENTROPY -DDEBUG_HIDDEN -DDEBUG_PPPD -DDEBUG_AAA -DDEBUG_FILE -DDEBUG_FLOW -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_ZLB -DDEBUG_AUTH" #make DFLAGS="$RPM_OPT_FLAGS -g -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_FLOW -DDEBUG_PAYLOAD -DDEBUG_CONTROL -DDEBUG_CONTROL_XMIT -DDEBUG_FLOW_MORE -DDEBUG_MAGIC -DDEBUG_ENTROPY -DDEBUG_HIDDEN -DDEBUG_PPPD -DDEBUG_AAA -DDEBUG_FILE -DDEBUG_FLOW -DDEBUG_HELLO -DDEBUG_CLOSE -DDEBUG_ZLB -DDEBUG_AUTH"
@ -109,6 +111,9 @@ install -p -D -m755 -d %{buildroot}%{_localstatedir}/run/xl2tpd
%ghost %attr(0600,root,root) %{_localstatedir}/run/xl2tpd/l2tp-control %ghost %attr(0600,root,root) %{_localstatedir}/run/xl2tpd/l2tp-control
%changelog %changelog
* Sat Jun 14 2014 Paul Wouters <pwouters@redhat.com> - 1.3.6-4
- Resolves rhbz#1109470 l2tpd/ipsec breaks when "ipsec saref" not set
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.6-3 * Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

Loading…
Cancel
Save