diff options
author | David Flemström | 2015-09-19 03:09:48 +0200 |
---|---|---|
committer | David Flemström | 2015-09-19 03:13:42 +0200 |
commit | c82800dd18bcb5523237b7fe7379479bd1e3c429 (patch) | |
tree | 64e5f99765ea8b522663a6da1b9b2d7a40e5f882 /fortigate.patch | |
download | aur-vpnc-fortigate.tar.gz |
Initial commit
Diffstat (limited to 'fortigate.patch')
-rw-r--r-- | fortigate.patch | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/fortigate.patch b/fortigate.patch new file mode 100644 index 000000000000..65f6305a8b4b --- /dev/null +++ b/fortigate.patch @@ -0,0 +1,22 @@ +diff -Naur a/vpnc.c b/vpnc.c +--- a/vpnc.c 2015-09-19 02:28:38.374444403 +0200 ++++ b/vpnc.c 2015-09-19 02:30:36.951980484 +0200 +@@ -1203,7 +1203,17 @@ + assert(a->af == isakmp_attr_16); + assert(a->u.attr_16 == IKE_LIFE_TYPE_SECONDS || a->u.attr_16 == IKE_LIFE_TYPE_K); + assert(a->next != NULL); +- assert(a->next->type == IKE_ATTRIB_LIFE_DURATION); ++ ++ /* ++ * Workaround for broken RESPONDER_LIFETIME payload from Fortigate ++ * firewall. If the next attribute is not the LIFE_DURATION, then ++ * just ignore this payload and move on. ++ */ ++ if (a->next->type != IKE_ATTRIB_LIFE_DURATION) { ++ DEBUG(2, printf("got bogus type %d instead of IKE_ATTRIB_LIFE_DURATION. Ignoring this payload.\n", ++ a->next->type)); ++ return; ++ } + + if (a->next->af == isakmp_attr_16) + value = a->next->u.attr_16; |