Sophie: openswan-2.6.32-9.el5 src

openswan-2.6.32-9.el5.src.rpm

diff -urNp openswan-2.6.32-cvs-patched/programs/pluto/connections.c openswan-2.6.32-current/programs/pluto/connections.c
--- openswan-2.6.32-cvs-patched/programs/pluto/connections.c	2011-06-14 10:53:22.150744087 -0400
+++ openswan-2.6.32-current/programs/pluto/connections.c	2011-06-16 22:33:24.610931322 -0400
@@ -1478,6 +1478,41 @@ add_connection(const struct whack_messag
 	    DBG_log("%s", topo);
 	);
 
+#ifdef HAVE_LABELED_IPSEC
+	if(c->loopback 
+	   && portof(&c->spd.this.client.addr)!=portof(&c->spd.that.client.addr) ) {
+	   struct spd_route *tmp_spd;
+	   u_int16_t tmp_this_port, tmp_that_port;
+
+	   tmp_spd = clone_thing(c->spd, "loopback asymmetrical policies");
+	   tmp_spd->this.id.name.ptr = NULL;
+	   tmp_spd->this.id.name.len = 0;
+	   tmp_spd->that.id.name.ptr = NULL;
+	   tmp_spd->that.id.name.len = 0;
+	   tmp_spd->this.host_addr_name = NULL;
+	   tmp_spd->that.host_addr_name = NULL;
+	   tmp_spd->this.updown = clone_str(tmp_spd->this.updown, "updown");
+	   tmp_spd->that.updown = clone_str(tmp_spd->that.updown, "updown");
+	   tmp_spd->this.cert_filename = NULL;
+	   tmp_spd->that.cert_filename = NULL;
+	   tmp_spd->this.cert.type = 0;
+	   tmp_spd->that.cert.type = 0;
+	   tmp_spd->this.ca.ptr = NULL;
+	   tmp_spd->that.ca.ptr = NULL;
+	   tmp_spd->this.groups = NULL;
+	   tmp_spd->that.groups = NULL;
+	   tmp_spd->this.virt = NULL;
+	   tmp_spd->that.virt = NULL;
+	   tmp_spd->next = NULL;
+	   c->spd.next=tmp_spd;
+	  
+	   tmp_this_port= portof(&tmp_spd->this.client.addr);
+	   tmp_that_port= portof(&tmp_spd->that.client.addr);
+	   setportof(tmp_this_port, &tmp_spd->that.client.addr);
+	   setportof(tmp_that_port, &tmp_spd->this.client.addr);
+	} 
+#endif
+
 #if 0
 	    /* Make sure that address families can be correctly inferred
 	     * from printed ends.
diff -urNp openswan-2.6.32-cvs-patched/programs/pluto/xauth.c openswan-2.6.32-current/programs/pluto/xauth.c
--- openswan-2.6.32-cvs-patched/programs/pluto/xauth.c	2011-06-14 10:53:22.131744931 -0400
+++ openswan-2.6.32-current/programs/pluto/xauth.c	2011-06-16 22:43:24.674909852 -0400
@@ -1935,13 +1935,13 @@ modecfg_inR1(struct msg_digest *md)
                     tmp_spd->that.cert.type = 0;
 
                     tmp_spd->this.ca.ptr = NULL;
-                    tmp_spd->this.ca.ptr = NULL;
+                    tmp_spd->that.ca.ptr = NULL;
 
                     tmp_spd->this.groups = NULL;
-                    tmp_spd->this.groups = NULL;
+                    tmp_spd->that.groups = NULL;
 
                     tmp_spd->this.virt = NULL;
-                    tmp_spd->this.virt = NULL;
+                    tmp_spd->that.virt = NULL;
 
                     tmp_spd->next = NULL;
                     tmp_spd2->next = tmp_spd;