diff options
| author | Martin Wilke <miwi@FreeBSD.org> | 2006-07-29 20:41:30 +0000 |
|---|---|---|
| committer | Martin Wilke <miwi@FreeBSD.org> | 2006-07-29 20:41:30 +0000 |
| commit | e38b37dc03c094b5a4334b69fd29ed0c65486fb2 (patch) | |
| tree | a07df8230925af4728fa7142b581c958dd0667d1 /security/vpnc | |
| parent | c344530da10b00ee7d9f65f5a01bc6543b8b9ff4 (diff) | |
| download | ports-e38b37dc03c094b5a4334b69fd29ed0c65486fb2.tar.gz ports-e38b37dc03c094b5a4334b69fd29ed0c65486fb2.zip | |
- Add NAT keepalive capability as per RFC 3947
- Bump PORTREVISION
PR: ports/100814
Submitted by: Daniel Roethlisberger <daniel(at)roe.ch>
Approved by: krion (mentor), maintainer
Notes
Notes:
svn path=/head/; revision=169083
Diffstat (limited to 'security/vpnc')
| -rw-r--r-- | security/vpnc/Makefile | 2 | ||||
| -rw-r--r-- | security/vpnc/files/patch-tunip.c | 48 |
2 files changed, 49 insertions, 1 deletions
diff --git a/security/vpnc/Makefile b/security/vpnc/Makefile index 4d0c6c60fb3b..5dda87bbd806 100644 --- a/security/vpnc/Makefile +++ b/security/vpnc/Makefile @@ -7,7 +7,7 @@ PORTNAME= vpnc PORTVERSION= 0.3.3 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security MASTER_SITES= http://www.unix-ag.uni-kl.de/~massar/vpnc/ diff --git a/security/vpnc/files/patch-tunip.c b/security/vpnc/files/patch-tunip.c new file mode 100644 index 000000000000..98a647cd8c74 --- /dev/null +++ b/security/vpnc/files/patch-tunip.c @@ -0,0 +1,48 @@ +Index: tunip.c +=================================================================== +--- tunip.c (revision 67) ++++ tunip.c (working copy) +@@ -3,6 +3,7 @@ + Copyright (C) 2002 Geoffrey Keating + Copyright (C) 2003-2005 Maurice Massar + Copyright (C) 2004 Tomas Mraz ++ Copyright (C) 2006 Daniel Roethlisberger + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -776,7 +777,16 @@ + { + int sock; + struct pollfd pollfds[2]; ++ int enable_keepalives; ++ int poll_timeout; + ++ /* non-esp marker, nat keepalive payload (0xFF) */ ++ char keepalive[5] = { 0x00, 0x00, 0x00, 0x00, 0xFF }; ++ ++ /* send keepalives if UDP encapsulation is enabled */ ++ enable_keepalives = !strcmp(meth->name, "udpesp"); ++ poll_timeout = enable_keepalives ? 20000 : -1; ++ + pollfds[0].fd = tun_fd; + pollfds[0].events = POLLIN; + pollfds[1].fd = encap_get_fd(meth); +@@ -786,8 +796,16 @@ + int presult; + + do { +- presult = poll(pollfds, sizeof(pollfds) / sizeof(pollfds[0]), -1); +- } while (presult == -1 && errno == EINTR && !do_kill); ++ presult = poll(pollfds, sizeof(pollfds) / sizeof(pollfds[0]), poll_timeout); ++ if (presult == 0 && enable_keepalives) { ++ /* send nat keepalive packet */ ++ if(sendto(meth->fd, keepalive, sizeof(keepalive), 0, ++ (struct sockaddr*)&peer->remote_sa->dest, ++ sizeof(peer->remote_sa->dest)) == -1) { ++ syslog(LOG_ERR, "sendto: %m"); ++ } ++ } ++ } while ((presult == 0 || (presult == -1 && errno == EINTR)) && !do_kill); + if (presult == -1) { + syslog(LOG_ERR, "poll: %m"); + continue; |