diff options
| -rw-r--r-- | debian/changelog | 2 | ||||
| -rw-r--r-- | debian/patches/00list | 1 | ||||
| -rw-r--r-- | debian/patches/strongswan-openssl-conflict.dpatch | 29 |
3 files changed, 2 insertions, 30 deletions
diff --git a/debian/changelog b/debian/changelog index 577cf42db..7ef14e786 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,6 +5,8 @@ strongswan (4.2.4-1) unstable; urgency=low this version now supports AES-CCM (e.g. with esp=aes128ccm12) and AES-GCM (e.g. with esp=aes256gcm16) starting with kernel 2.6.25 and enables dead peer detection by default. + * Drop patch to rename AES_cbc_encrypt so as not to conflict with an + openssl method of the same name. This has been applied upstream. * Apply patch to ipsec init script to fix bashism. Closes: #473703: strongswan: bashism in /bin/sh script * Updated Czech debconf translation. diff --git a/debian/patches/00list b/debian/patches/00list index d59f0d038..e69de29bb 100644 --- a/debian/patches/00list +++ b/debian/patches/00list @@ -1 +0,0 @@ -strongswan-openssl-conflict.dpatch diff --git a/debian/patches/strongswan-openssl-conflict.dpatch b/debian/patches/strongswan-openssl-conflict.dpatch deleted file mode 100644 index a26e080bb..000000000 --- a/debian/patches/strongswan-openssl-conflict.dpatch +++ /dev/null @@ -1,29 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## strongswan-openssl-conflict.dpatch by David Smith <davidsmith@acm.org> -## adapted to dpatch format by Rene Mayrhofer -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Rename AES_cbc_encrypt to ss_AES_cbc_encrypt to not conflict -## DP: with OpenSSL's function when using opencryptoki's TPM token. - -@DPATCH@ - ---- a/src/libcrypto/libaes/aes_cbc.c -+++ b/src/libcrypto/libaes/aes_cbc.c -@@ -10,4 +10,4 @@ int AES_set_key(aes_context *aes_ctx, const u_int8_t *key, int keysize) { - aes_set_key(aes_ctx, key, keysize, 0); - return 1; - } --CBC_IMPL_BLK16(AES_cbc_encrypt, aes_context, u_int8_t *, aes_encrypt, aes_decrypt); -+CBC_IMPL_BLK16(ss_AES_cbc_encrypt, aes_context, u_int8_t *, aes_encrypt, aes_decrypt); ---- a/src/pluto/alg/ike_alg_aes.c -+++ b/src/pluto/alg/ike_alg_aes.c -@@ -34,7 +34,7 @@ do_aes(u_int8_t *buf, size_t buf_len, u_int8_t *key, size_t key_size, u_int8_t * - memcpy(new_iv=iv_bak, (char*) buf + buf_len - AES_CBC_BLOCK_SIZE - , AES_CBC_BLOCK_SIZE); - -- AES_cbc_encrypt(&aes_ctx, buf, buf, buf_len, iv, enc); -+ ss_AES_cbc_encrypt(&aes_ctx, buf, buf, buf_len, iv, enc); - - if (enc) - new_iv = (char*) buf + buf_len-AES_CBC_BLOCK_SIZE; |