Initial commit

author: David Flemström 2015-09-19 03:09:48 +0200
committer: David Flemström 2015-09-19 03:13:42 +0200
commit: c82800dd18bcb5523237b7fe7379479bd1e3c429 (patch)
tree: 64e5f99765ea8b522663a6da1b9b2d7a40e5f882 /fortigate.patch
download: aur-vpnc-fortigate.tar.gz
1 files changed, 22 insertions, 0 deletions
diff --git a/fortigate.patch b/fortigate.patch
new file mode 100644
index 000000000000..65f6305a8b4b
--- /dev/null
+++ b/fortigate.patch
@@ -0,0 +1,22 @@
+diff -Naur a/vpnc.c b/vpnc.c
+--- a/vpnc.c	2015-09-19 02:28:38.374444403 +0200
++++ b/vpnc.c	2015-09-19 02:30:36.951980484 +0200
+@@ -1203,7 +1203,17 @@
+ 	assert(a->af == isakmp_attr_16);
+ 	assert(a->u.attr_16 == IKE_LIFE_TYPE_SECONDS || a->u.attr_16 == IKE_LIFE_TYPE_K);
+ 	assert(a->next != NULL);
+-	assert(a->next->type == IKE_ATTRIB_LIFE_DURATION);
++
++	/*
++	 * Workaround for broken RESPONDER_LIFETIME payload from Fortigate
++	 * firewall. If the next attribute is not the LIFE_DURATION, then
++	 * just ignore this payload and move on.
++	 */
++	if (a->next->type != IKE_ATTRIB_LIFE_DURATION) {
++		DEBUG(2, printf("got bogus type %d instead of IKE_ATTRIB_LIFE_DURATION. Ignoring this payload.\n",
++				a->next->type));
++		return;
++	}
+ 
+ 	if (a->next->af == isakmp_attr_16)
+ 		value = a->next->u.attr_16;
author	David Flemström	2015-09-19 03:09:48 +0200
committer	David Flemström	2015-09-19 03:13:42 +0200
commit	c82800dd18bcb5523237b7fe7379479bd1e3c429 (patch)
tree	64e5f99765ea8b522663a6da1b9b2d7a40e5f882 /fortigate.patch
download	aur-vpnc-fortigate.tar.gz