[strongSwan-dev] IPv6 address with :: replacing a single 16bit null word

Martin Willi martin at strongswan.org
Thu Jun 19 09:36:21 CEST 2014


> I think if there is an upstream patch fixing the issue

There isn't an explicit fix for this issue. And as we won't release any
4.x update anymore, it's unlikely that we'll create one.

> it should be possible to back port if necessary (I don't expect
> affected files to change much).

Back-porting the changes that removed all the ttosubnet() functions is
not an option, these are used by pluto, which is gone completely in the
5.x series. 4.x and 5.x are just too different.

If you need a fix for this issue and can't update to 5.x, you either:
      * try to fix ttosubnet/ttoaddr() in the 4.x libfreeswan, maybe by
        using inet_pton()
      * replace all ttosubnet/ttoaddr() uses in the whole 4.x codebase

Sorry, for us it is not worth the effort, given that these releases are
deprecated for some time now, and the issue does not exist in 5.x.


More information about the Dev mailing list