2 files changed, 27 insertions, 1 deletions

diff --git a/debian/control b/debian/control
index 73ac43591..54309fcb2 100644
--- a/debian/control
+++ b/debian/control
@@ -78,7 +78,7 @@ Architecture: any
 Pre-Depends: debconf | debconf-2.0
 Depends: ${shlibs:Depends}, ${misc:Depends}, 
   libstrongswan (= ${binary:Version}), strongswan-starter | strongswan-nm,
-  bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute
+  bsdmainutils, debianutils (>=1.7), ipsec-tools, host, iproute [linux-any]
 Suggests: curl
 Provides: ike-server
 Conflicts: freeswan (<< 2.04-12), openswan, strongswan (<< 4.2.12-1)
diff --git a/debian/patches/0001-Check-return-value-of-ECDSA_Verify-correctly.patch b/debian/patches/0001-Check-return-value-of-ECDSA_Verify-correctly.patch
new file mode 100644
index 000000000..abd1f1921
--- /dev/null
+++ b/debian/patches/0001-Check-return-value-of-ECDSA_Verify-correctly.patch
@@ -0,0 +1,26 @@
+From 0faaab20cd9c4a519fb6269ab6c8be15d0b61864 Mon Sep 17 00:00:00 2001
+From: Martin Willi <martin@revosec.ch>
+Date: Tue, 9 Apr 2013 10:56:09 +0200
+Subject: Check return value of ECDSA_Verify() correctly
+
+---
+ src/libstrongswan/plugins/openssl/openssl_ec_public_key.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
+index c8a45f7..38cc8be 100644
+--- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
++++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
+@@ -124,7 +124,7 @@ static bool verify_der_signature(private_openssl_ec_public_key_t *this,
+ 	if (openssl_hash_chunk(nid_hash, data, &hash))
+ 	{
+ 		valid = ECDSA_verify(0, hash.ptr, hash.len,
+-							 signature.ptr, signature.len, this->ec);
++							 signature.ptr, signature.len, this->ec) == 1;
+ 		free(hash.ptr);
+ 	}
+ 	return valid;
+-- 
+1.7.10.4
+
+