[Pkg-swan-devel] [strongswan] 04/08: 0001-socket-default-Refactor-setting-source-address-when- dropped
Yves-Alexis Perez
corsac at moszumanska.debian.org
Fri Nov 20 07:09:53 UTC 2015
This is an automated email from the git hooks/post-receive script.
corsac pushed a commit to branch master
in repository strongswan.
commit d1b590c5e1dd1c743f2dcbbf7cb0298a85f69e5f
Author: Yves-Alexis Perez <corsac at debian.org>
Date: Wed Nov 18 15:26:05 2015 +0100
0001-socket-default-Refactor-setting-source-address-when- dropped
---
debian/changelog | 2 +
...ult-Refactor-setting-source-address-when-.patch | 204 ---------------------
debian/patches/series | 1 -
3 files changed, 2 insertions(+), 205 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 54f447c..b0359b0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,8 @@ strongswan (5.3.4-1) UNRELEASED; urgency=medium
* New upstream release.
* debian/patches:
- 03_systemd-service refreshed for new upstream release.
+ - 0001-socket-default-Refactor-setting-source-address-when- dropped,
+ included upstream.
-- Yves-Alexis Perez <corsac at debian.org> Wed, 18 Nov 2015 15:19:49 +0100
diff --git a/debian/patches/0001-socket-default-Refactor-setting-source-address-when-.patch b/debian/patches/0001-socket-default-Refactor-setting-source-address-when-.patch
deleted file mode 100644
index dd1c29a..0000000
--- a/debian/patches/0001-socket-default-Refactor-setting-source-address-when-.patch
+++ /dev/null
@@ -1,204 +0,0 @@
-From c761db5fa990ed2ccae96a180caef757f7e49833 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias at strongswan.org>
-Date: Mon, 2 Nov 2015 16:22:38 +0100
-Subject: [PATCH] socket-default: Refactor setting source address when sending
- messages
-
-This ensures we don't pass data (via msg_control) defined in a different
-scope to sendmsg(). Actually, some compilers (e.g. GCC 5.2.1) might
-optimize the memcpy() call away causing the packets not to get sent from
-the intended source address.
-
-It also makes the code clearer than with all these ifdefs.
-
- #1171
----
- .../plugins/socket_default/socket_default_socket.c | 153 ++++++++++++++-------
- 1 file changed, 107 insertions(+), 46 deletions(-)
-
-diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c
-index 421593c..13bf3e7 100644
---- a/src/libcharon/plugins/socket_default/socket_default_socket.c
-+++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
-@@ -355,6 +355,107 @@ METHOD(socket_t, receiver, status_t,
- return SUCCESS;
- }
-
-+/**
-+ * Generic function to send a message.
-+ */
-+static ssize_t send_msg_generic(int skt, struct msghdr *msg)
-+{
-+ return sendmsg(skt, msg, 0);
-+}
-+
-+/**
-+ * Send a message with the IPv4 source address set, if possible.
-+ */
-+#ifdef IP_PKTINFO
-+
-+static ssize_t send_msg_v4(int skt, struct msghdr *msg, host_t *src)
-+{
-+ char buf[CMSG_SPACE(sizeof(struct in_pktinfo))] = {};
-+ struct cmsghdr *cmsg;
-+ struct in_addr *addr;
-+ struct in_pktinfo *pktinfo;
-+ struct sockaddr_in *sin;
-+
-+ msg->msg_control = buf;
-+ msg->msg_controllen = sizeof(buf);
-+ cmsg = CMSG_FIRSTHDR(msg);
-+ cmsg->cmsg_level = SOL_IP;
-+ cmsg->cmsg_type = IP_PKTINFO;
-+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
-+
-+ pktinfo = (struct in_pktinfo*)CMSG_DATA(cmsg);
-+ addr = &pktinfo->ipi_spec_dst;
-+
-+ sin = (struct sockaddr_in*)src->get_sockaddr(src);
-+ memcpy(addr, &sin->sin_addr, sizeof(struct in_addr));
-+ return send_msg_generic(skt, msg);
-+}
-+
-+#elif defined(IP_SENDSRCADDR)
-+
-+static ssize_t send_msg_v4(int skt, struct msghdr *msg, host_t *src)
-+{
-+ char buf[CMSG_SPACE(sizeof(struct in_addr))] = {};
-+ struct cmsghdr *cmsg;
-+ struct in_addr *addr;
-+ struct sockaddr_in *sin;
-+
-+ msg->msg_control = buf;
-+ msg->msg_controllen = sizeof(buf);
-+ cmsg = CMSG_FIRSTHDR(msg);
-+ cmsg->cmsg_level = SOL_IP;
-+ cmsg->cmsg_type = IP_SENDSRCADDR;
-+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr));
-+
-+ addr = (struct in_addr*)CMSG_DATA(cmsg);
-+
-+ sin = (struct sockaddr_in*)src->get_sockaddr(src);
-+ memcpy(addr, &sin->sin_addr, sizeof(struct in_addr));
-+ return send_msg_generic(skt, msg);
-+}
-+
-+#else /* IP_PKTINFO || IP_RECVDSTADDR */
-+
-+static ssize_t send_msg_v4(int skt, struct msghdr *msg, host_t *src)
-+{
-+ return send_msg_generic(skt, msg);
-+}
-+
-+#endif /* IP_PKTINFO || IP_RECVDSTADDR */
-+
-+/**
-+ * Send a message with the IPv6 source address set, if possible.
-+ */
-+#ifdef HAVE_IN6_PKTINFO
-+
-+static ssize_t send_msg_v6(int skt, struct msghdr *msg, host_t *src)
-+{
-+ char buf[CMSG_SPACE(sizeof(struct in6_pktinfo))] = {};
-+ struct cmsghdr *cmsg;
-+ struct in6_pktinfo *pktinfo;
-+ struct sockaddr_in6 *sin;
-+
-+ msg->msg_control = buf;
-+ msg->msg_controllen = sizeof(buf);
-+ cmsg = CMSG_FIRSTHDR(msg);
-+ cmsg->cmsg_level = SOL_IPV6;
-+ cmsg->cmsg_type = IPV6_PKTINFO;
-+ cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
-+ pktinfo = (struct in6_pktinfo*)CMSG_DATA(cmsg);
-+ sin = (struct sockaddr_in6*)src->get_sockaddr(src);
-+ memcpy(&pktinfo->ipi6_addr, &sin->sin6_addr, sizeof(struct in6_addr));
-+ return send_msg_generic(skt, msg);
-+}
-+
-+#else /* HAVE_IN6_PKTINFO */
-+
-+static ssize_t send_msg_v6(int skt, struct msghdr *msg, host_t *src)
-+{
-+ return send_msg_generic(skt, msg);
-+}
-+
-+#endif /* HAVE_IN6_PKTINFO */
-+
- METHOD(socket_t, sender, status_t,
- private_socket_default_socket_t *this, packet_t *packet)
- {
-@@ -363,7 +464,6 @@ METHOD(socket_t, sender, status_t,
- chunk_t data;
- host_t *src, *dst;
- struct msghdr msg;
-- struct cmsghdr *cmsg;
- struct iovec iov;
- u_int8_t *dscp;
-
-@@ -465,56 +565,17 @@ METHOD(socket_t, sender, status_t,
- {
- if (family == AF_INET)
- {
--#if defined(IP_PKTINFO) || defined(IP_SENDSRCADDR)
-- struct in_addr *addr;
-- struct sockaddr_in *sin;
--#ifdef IP_PKTINFO
-- char buf[CMSG_SPACE(sizeof(struct in_pktinfo))];
-- struct in_pktinfo *pktinfo;
--#elif defined(IP_SENDSRCADDR)
-- char buf[CMSG_SPACE(sizeof(struct in_addr))];
--#endif
-- memset(buf, 0, sizeof(buf));
-- msg.msg_control = buf;
-- msg.msg_controllen = sizeof(buf);
-- cmsg = CMSG_FIRSTHDR(&msg);
-- cmsg->cmsg_level = SOL_IP;
--#ifdef IP_PKTINFO
-- cmsg->cmsg_type = IP_PKTINFO;
-- cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
-- pktinfo = (struct in_pktinfo*)CMSG_DATA(cmsg);
-- addr = &pktinfo->ipi_spec_dst;
--#elif defined(IP_SENDSRCADDR)
-- cmsg->cmsg_type = IP_SENDSRCADDR;
-- cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr));
-- addr = (struct in_addr*)CMSG_DATA(cmsg);
--#endif
-- sin = (struct sockaddr_in*)src->get_sockaddr(src);
-- memcpy(addr, &sin->sin_addr, sizeof(struct in_addr));
--#endif /* IP_PKTINFO || IP_SENDSRCADDR */
-+ bytes_sent = send_msg_v4(skt, &msg, src);
- }
--#ifdef HAVE_IN6_PKTINFO
- else
- {
-- char buf[CMSG_SPACE(sizeof(struct in6_pktinfo))];
-- struct in6_pktinfo *pktinfo;
-- struct sockaddr_in6 *sin;
--
-- memset(buf, 0, sizeof(buf));
-- msg.msg_control = buf;
-- msg.msg_controllen = sizeof(buf);
-- cmsg = CMSG_FIRSTHDR(&msg);
-- cmsg->cmsg_level = SOL_IPV6;
-- cmsg->cmsg_type = IPV6_PKTINFO;
-- cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
-- pktinfo = (struct in6_pktinfo*)CMSG_DATA(cmsg);
-- sin = (struct sockaddr_in6*)src->get_sockaddr(src);
-- memcpy(&pktinfo->ipi6_addr, &sin->sin6_addr, sizeof(struct in6_addr));
-+ bytes_sent = send_msg_v6(skt, &msg, src);
- }
--#endif /* HAVE_IN6_PKTINFO */
- }
--
-- bytes_sent = sendmsg(skt, &msg, 0);
-+ else
-+ {
-+ bytes_sent = send_msg_generic(skt, &msg);
-+ }
-
- if (bytes_sent != data.len)
- {
---
-2.6.2
-
diff --git a/debian/patches/series b/debian/patches/series
index aec9df6..89a951f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,6 +1,5 @@
01_fix-manpages.patch
03_systemd-service.patch
04_disable-libtls-tests.patch
-0001-socket-default-Refactor-setting-source-address-when-.patch
0001-socket-dynamic-Refactor-setting-source-address-when-.patch
CVE-2015-8023_eap_mschapv2_state.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-swan/strongswan.git
More information about the Pkg-swan-devel
mailing list