From: Luka Perkov Date: Fri, 17 May 2013 11:25:28 +0000 (+0000) Subject: strongswan: upgrade to 5.0.4 X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=d2c10bc3f136af6d5012964f7f6563a866ca787b;p=openwrt%2Fsvn-archive%2Fpackages.git strongswan: upgrade to 5.0.4 SVN-Revision: 36649 --- diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index 8d1d3bc4a..07253be7b 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan -PKG_VERSION:=5.0.2 -PKG_RELEASE:=2 +PKG_VERSION:=5.0.4 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=http://download.strongswan.org/ -PKG_MD5SUM:=77dc16443fd141f46183d3a4f60986ef +PKG_MD5SUM:=0ab0397b44b197febfd0f89148344035 PKG_MOD_AVAILABLE:= \ addrblock \ diff --git a/net/strongswan/patches/001-upstream-runtime-fix.patch b/net/strongswan/patches/001-upstream-runtime-fix.patch new file mode 100644 index 000000000..b11c9e3ae --- /dev/null +++ b/net/strongswan/patches/001-upstream-runtime-fix.patch @@ -0,0 +1,39 @@ +From: Martin Willi +Date: Fri, 3 May 2013 12:17:37 +0000 (+0200) +Subject: In memwipe_check(), don't put magic on stack when calling do_magic() +X-Git-Url: http://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=9312fbc7 + +In memwipe_check(), don't put magic on stack when calling do_magic() + +Otherwise the magic might be on the stack while checking it. +--- + +--- a/src/libstrongswan/library.c ++++ b/src/libstrongswan/library.c +@@ -154,7 +154,7 @@ static bool equals(char *a, char *b) + * Write magic to memory, and try to clear it with memwipe() + */ + __attribute__((noinline)) +-static void do_magic(int magic, int **stack) ++static void do_magic(int *magic, int **stack) + { + int buf[32], i; + +@@ -162,7 +162,7 @@ static void do_magic(int magic, int **st + *stack = &i; + for (i = 0; i < countof(buf); i++) + { +- buf[i] = magic; ++ buf[i] = *magic; + } + /* passing buf to dbg should make sure the compiler can't optimize out buf. + * we use directly dbg(3), as DBG3() might be stripped with DEBUG_LEVEL. */ +@@ -177,7 +177,7 @@ static bool check_memwipe() + { + int magic = 0xCAFEBABE, *ptr, *deeper, i, stackdir = 1; + +- do_magic(magic, &deeper); ++ do_magic(&magic, &deeper); + + ptr = &magic; + if (deeper < ptr)