packages/libreswan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to 4.1

Browse Source
This commit is contained in:
lingsheng 2020-12-09 11:09:26 +08:00
parent 49b6561715
commit dbbee2cee5
12 changed files with 136 additions and 294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
0001-fix-libselinux-deprecated.patch
View File

@ -1,86 +0,0 @@
From 54b0f3bf7c87ccd8e9f7c74872371d571f0c118c Mon Sep 17 00:00:00 2001
From: si-gui <245140120@qq.com>
Date: Tue, 15 Sep 2020 19:57:58 +0800
Subject: [PATCH] fix libselinux deprecated
Signed-off-by: si-gui <245140120@qq.com>
---
contrib/labeled-ipsec/getpeercon_server.c | 4 ++--
programs/pluto/security_selinux.c | 7 ++-----
programs/pluto/security_selinux.h | 2 +-
3 files changed, 5 insertions(+), 8 deletions(-)
diff --git a/contrib/labeled-ipsec/getpeercon_server.c b/contrib/labeled-ipsec/getpeercon_server.c
index 57a24d0..aa2e2b4 100644
--- a/contrib/labeled-ipsec/getpeercon_server.c
+++ b/contrib/labeled-ipsec/getpeercon_server.c
@@ -64,7 +64,7 @@ int main(int argc, char *argv[])
srv_sock_path = argv[1];
{
- security_context_t ctx;
+ char *ctx;
int rc = getcon(&ctx);
fprintf(stderr, "-> running as %s\n",
@@ -136,7 +136,7 @@ int main(int argc, char *argv[])
struct sockaddr_in6 *const cli_sock_6addr = (struct sockaddr_in6 *)&cli_sock_saddr;
socklen_t cli_sock_addr_len;
char cli_sock_addr_str[INET6_ADDRSTRLEN + 1];
- security_context_t ctx;
+ char *ctx;
char *ctx_str;
//fflush(stdout);
diff --git a/programs/pluto/security_selinux.c b/programs/pluto/security_selinux.c
index ac5028e..c09a2d0 100644
--- a/programs/pluto/security_selinux.c
+++ b/programs/pluto/security_selinux.c
@@ -27,13 +27,13 @@ void init_avc(void)
DBG_log("selinux support is enabled.");
}
- if (avc_init("libreswan", NULL, NULL, NULL, NULL) == 0)
+ if (avc_open(NULL, 0) == 0)
selinux_ready = 1;
else
DBG_log("selinux: could not initialize avc.");
}
-int within_range(security_context_t sl, security_context_t range)
+int within_range(char *sl, char *range)
{
int rtn = 1;
security_id_t slsid;
@@ -61,7 +61,6 @@ int within_range(security_context_t sl, security_context_t range)
if (rtn != 0) {
DBG_log("within_range: Unable to retrieve sid for range context (%s)",
range);
- sidput(slsid);
return 0;
}
@@ -74,8 +73,6 @@ int within_range(security_context_t sl, security_context_t range)
if (rtn != 0) {
DBG_log("within_range: The sl (%s) is not within range of (%s)", sl,
range);
- sidput(slsid);
- sidput(rangesid);
return 0;
}
DBG_log("within_range: The sl (%s) is within range of (%s)", sl,
diff --git a/programs/pluto/security_selinux.h b/programs/pluto/security_selinux.h
index cccd60f..7c07bd8 100644
--- a/programs/pluto/security_selinux.h
+++ b/programs/pluto/security_selinux.h
@@ -20,6 +20,6 @@
#include <selinux/context.h>
void init_avc(void);
-int within_range(security_context_t sl, security_context_t range);
+int within_range(char *sl, char *range);
#endif /* _SECURITY_SELINUX_H */
--
2.23.0

31
0002-fix-pluto-abort.patch
View File

@ -1,31 +0,0 @@
From 4c08ae4152c6dbd9ecc7126c2e32468dcf1a6589 Mon Sep 17 00:00:00 2001
From: si-gui <245140120@qq.com>
Date: Tue, 15 Sep 2020 20:19:26 +0800
Subject: [PATCH] fix libselinux deprecated
Signed-off-by: si-gui <245140120@qq.com>
---
programs/pluto/ike_alg_encrypt_nss_gcm_ops.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/programs/pluto/ike_alg_encrypt_nss_gcm_ops.c b/programs/pluto/ike_alg_encrypt_nss_gcm_ops.c
index 4352645..4143186 100644
--- a/programs/pluto/ike_alg_encrypt_nss_gcm_ops.c
+++ b/programs/pluto/ike_alg_encrypt_nss_gcm_ops.c
@@ -17,6 +17,13 @@
#include <libreswan.h>
+/*
+ *Special advise from Bob Relyea - needs to go before any nss include
+ *
+ */
+
+#define NSS_PKCS11_2_0_COMPAT 1
+
#include "lswlog.h"
#include "lswnss.h"
#include "prmem.h"
--
2.23.0

BIN
ikev1_dsa.fax.bz2 Normal file
View File

Binary file not shown.

BIN
ikev1_psk.fax.bz2 Normal file
View File

Binary file not shown.

BIN
ikev2.fax.bz2 Normal file
View File

Binary file not shown.

62
libreswan-3.25-relax-delete.patch
View File

@ -1,62 +0,0 @@
diff --git a/programs/pluto/state.c b/programs/pluto/state.c
index 7b33145..a3bcc3c 100644
--- a/programs/pluto/state.c
+++ b/programs/pluto/state.c
@@ -3155,27 +3155,40 @@ void ISAKMP_SA_established(const struct state *pst)
d = next;
}
- if (c->newest_isakmp_sa != SOS_NOBODY &&
- c->newest_isakmp_sa != pst->st_serialno) {
- struct state *old_p1 = state_by_serialno(c->newest_isakmp_sa);
+ /*
+ * This only affects IKEv2, since we don't store any
+ * received INITIAL_CONTACT for IKEv1.
+ * We don't do this on IKEv1, because it seems to
+ * confuse various third parties (Windows, Cisco VPN 300,
+ * and juniper
+ * likely because this would be called before the IPsec SA
+ * of QuickMode is installed, so the remote endpoints view
+ * this IKE SA still as the active one?
+ */
+ if (pst->st_seen_initialc) {
- DBG(DBG_CONTROL, DBG_log("deleting replaced IKE state for %s",
- old_p1->st_connection->name));
- old_p1->st_suppress_del_notify = TRUE;
- event_force(EVENT_SA_EXPIRE, old_p1);
- }
+ if (c->newest_isakmp_sa != SOS_NOBODY &&
+ c->newest_isakmp_sa != pst->st_serialno) {
+ struct state *old_p1 = state_by_serialno(c->newest_isakmp_sa);
- if (pst->st_seen_initialc && (c->newest_ipsec_sa != SOS_NOBODY))
- {
- struct state *old_p2 = state_by_serialno(c->newest_ipsec_sa);
- struct connection *d = old_p2 == NULL ? NULL : old_p2->st_connection;
+ DBG(DBG_CONTROL, DBG_log("deleting replaced IKE state for %s",
+ old_p1->st_connection->name));
+ old_p1->st_suppress_del_notify = TRUE;
+ event_force(EVENT_SA_EXPIRE, old_p1);
+ }
- if (c == d && same_id(&c->spd.that.id, &d->spd.that.id))
+ if (c->newest_ipsec_sa != SOS_NOBODY)
{
- DBG(DBG_CONTROL, DBG_log("Initial Contact received, deleting old state #%lu from connection '%s'",
- c->newest_ipsec_sa, c->name));
- old_p2->st_suppress_del_notify = TRUE;
- event_force(EVENT_SA_EXPIRE, old_p2);
+ struct state *old_p2 = state_by_serialno(c->newest_ipsec_sa);
+ struct connection *d = old_p2 == NULL ? NULL : old_p2->st_connection;
+
+ if (c == d && same_id(&c->spd.that.id, &d->spd.that.id))
+ {
+ DBG(DBG_CONTROL, DBG_log("Initial Contact received, deleting old state #%lu from connection '%s'",
+ c->newest_ipsec_sa, c->name));
+ old_p2->st_suppress_del_notify = TRUE;
+ event_force(EVENT_SA_EXPIRE, old_p2);
+ }
}
}

35
libreswan-3.25-unbound-hook.patch
View File

@ -1,35 +0,0 @@
commit 9dce290a0d2df5c278ed9442b10954d65cc238e4
Author: Paul Wouters <pwouters@redhat.com>
Date: Sun Jul 8 22:29:52 2018 -0400
_unbound-hook: Fixup adding IPv4 pubkey into pluto. Expect unbound to quote argument as 1
diff --git a/programs/_unbound-hook/_unbound-hook.in b/programs/_unbound-hook/_unbound-hook.in
index 0d266d5..38279de 100755
--- a/programs/_unbound-hook/_unbound-hook.in
+++ b/programs/_unbound-hook/_unbound-hook.in
@@ -29,14 +29,17 @@ try:
except:
sys.exit("Bad arguments to ipsec _unbound")
-while (argv != []):
+# unbound now quotes the entire RRDATAs, so it counts as 1 argument in the list
+data = argv.pop(0).split(" ")
+
+while (data != []):
try:
- gwprec = argv.pop(0)
- gwtype = argv.pop(0)
- gwalg = argv.pop(0)
- gwid = argv.pop(0)
- pubkey = argv.pop(0)
- addkeyip = "ipsec whack --keyid @%s --addkey --pubkeyrsa 0s%s"%(ip, pubkey)
+ gwprec = data.pop(0)
+ gwtype = data.pop(0)
+ gwalg = data.pop(0)
+ gwid = data.pop(0)
+ pubkey = data.pop(0)
+ addkeyip = "ipsec whack --keyid %s --addkey --pubkeyrsa 0s%s"%(ip, pubkey)
addkeyhostname = "ipsec whack --keyid @%s --addkey --pubkeyrsa 0s%s"%(qname, pubkey)
print("processing an IPSECKEY record for Opportunistic IPsec to %s(%s)"%(qname,ip))
print(subprocess.call(addkeyip, shell=True))

BIN
libreswan-4.1.tar.gz Normal file
View File

Binary file not shown.

201
libreswan.spec
View File

@ -1,13 +1,16 @@
%global nss_version 3.44.0-8
%global unbound_version 1.6.6
%global libreswan_config \\\ %global libreswan_config \\\
FINALMANDIR=%{_mandir} \\\ SHELL_BINARY=/usr/bin/sh \\\
INC_USRLOCAL=%{_prefix} \\\
INC_RCDEFAULT=%{_initrddir} \\\
FINALLIBEXECDIR=%{_libexecdir}/ipsec \\\ FINALLIBEXECDIR=%{_libexecdir}/ipsec \\\
FIPSPRODUCTCHECK=%{_sysconfdir}/system-fips \\\ FINALMANDIR=%{_mandir} \\\
PREFIX=%{_prefix} \\\
INITSYSTEM=systemd \\\ INITSYSTEM=systemd \\\
NSS_REQ_AVA_COPY=false \\\ NSS_REQ_AVA_COPY=false \\\
NSS_HAS_IPSEC_PROFILE=true \\\
PYTHON_BINARY=%{__python3} \\\
USE_DNSSEC=true \\\ USE_DNSSEC=true \\\
USE_FIPSCHECK=true \\\ USE_FIPSCHECK=false \\\
USE_LABELED_IPSEC=true \\\ USE_LABELED_IPSEC=true \\\
USE_LDAP=true \\\ USE_LDAP=true \\\
USE_LIBCAP_NG=true \\\ USE_LIBCAP_NG=true \\\
@ -16,90 +19,142 @@
USE_NM=true \\\ USE_NM=true \\\
USE_SECCOMP=true \\\ USE_SECCOMP=true \\\
USE_XAUTHPAM=true \\\ USE_XAUTHPAM=true \\\
USE_NSS_KDF=true \\\
%{nil} %{nil}
Name: libreswan Name: libreswan
Version: 3.25 Summary: IKE implementation for IPsec with IKEv1 and IKEv2 support
Release: 10 Version: 4.1
Summary: A free implementation of IPsec & IKE for Linux Release: 1
License: GPLv2 License: GPLv2
Url: https://github.com/libreswan/libreswan Url: https://libreswan.org/
Source0: https://github.com/libreswan/libreswan/archive/v%{version}.tar.gz Source0: https://download.libreswan.org/%{name}-%{version}.tar.gz
Source1: openeuler-libreswan-sysctl.conf Source1: https://download.libreswan.org/cavs/ikev1_dsa.fax.bz2
Source2: openeuler-libreswan-tmpfiles.conf Source2: https://download.libreswan.org/cavs/ikev1_psk.fax.bz2
Source3: https://download.libreswan.org/cavs/ikev2.fax.bz2
Source4: openeuler-libreswan-sysctl.conf
Patch0001: libreswan-3.25-relax-delete.patch BuildRequires: audit-libs-devel
Patch0002: libreswan-3.25-unbound-hook.patch BuildRequires: bison
Patch0003: 0001-fix-libselinux-deprecated.patch BuildRequires: curl-devel
Patch0004: 0002-fix-pluto-abort.patch BuildRequires: flex
BuildRequires: gcc make
BuildRequires: ldns-devel
BuildRequires: libcap-ng-devel
BuildRequires: libevent-devel
BuildRequires: libseccomp-devel
BuildRequires: libselinux-devel
BuildRequires: nspr-devel
BuildRequires: nss-devel >= %{nss_version}
BuildRequires: nss-tools
BuildRequires: openldap-devel
BuildRequires: pam-devel
BuildRequires: pkgconfig
BuildRequires: hostname
BuildRequires: systemd-devel
BuildRequires: unbound-devel >= %{unbound_version}
BuildRequires: xmlto
BuildRequires: gcc pkgconfig hostname bison flex systemd-devel nss-devel >= 3.16.1 Requires: %{name}-help = %{version}-%{release}
BuildRequires: nspr-devel pam-devel libevent-devel unbound-devel >= 1.6.0-6 ldns-devel Requires: iproute >= 2.6.8
BuildRequires: libseccomp-devel libselinux-devel fipscheck-devel audit-libs-devel Requires: nss >= %{nss_version}
BuildRequires: libcap-ng-devel openldap-devel curl-devel xmlto Requires: nss-softokn
Requires: nss-tools
Requires: fipscheck nss-tools nss-softokn iproute >= 2.6.8 unbound-libs >= 1.6.6 Requires: unbound-libs >= %{unbound_version}
Requires(post): bash coreutils systemd Requires(post): bash
Requires(post): coreutils
Requires(post): systemd
Requires(preun): systemd Requires(preun): systemd
Requires(postun): systemd Requires(postun): systemd
Provides: openswan = %{version}-%{release} openswan-doc = %{version}-%{release}
Obsoletes: openswan < %{version}-%{release}
Conflicts: openswan < %{version}-%{release}
%description %description
Libreswan is an Internet Key Exchange (IKE) implementation for Linux. Libreswan is an implementation of IKEv1 and IKEv2 for IPsec. IPsec is
It supports IKEv1 and IKEv2 and has support for most of the extensions the Internet Protocol Security and uses strong cryptography to provide
(RFC + IETF drafts) related to IPsec, including IKEv2, X.509 Digital both authentication and encryption services. These services allow you
Certificates, NAT Traversal, and many others. Libreswan uses the native to build secure tunnels through untrusted networks. Everything passing
Linux IPsec stack (NETKEY/XFRM) per default. through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel. The resulting
tunnel is a virtual private network or VPN.
This package contains the daemons and userland tools for setting up
Libreswan.
Libreswan also supports IKEv2 (RFC7296) and Secure Labeling
Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04
%package help %package help
Summary: Help documents for libreswan Summary: Help documents for libreswan
Requires: %{name} = %{version}-%{release}
%description help %description help
Man pages and other related help documents for libreswan. Man pages and other related help documents for libreswan.
%prep %prep
%autosetup -n %{name}-%{version} -p1 %setup -q -n libreswan-%{version}%{?prever}
sed -i "s:/usr/bin/python:/usr/bin/python3:" programs/show/show.in
sed -i "s:/usr/bin/python:/usr/bin/python3:" programs/verify/verify.in sed -i "s/-lfreebl //" mk/config.mk
sed -i "s:/usr/bin/python:/usr/bin/python3:" testing/x509/dist_certs.py
sed -i "s:/usr/bin/python:/usr/bin/python3:" testing/cert_verify/usage_test sed -i "s:#[ ]*include \(.*\)\(/crypto-policies/back-ends/libreswan.config\)$:include \1\2:" configs/ipsec.conf.in
sed -i "s:/usr/bin/python:/usr/bin/python3:" testing/pluto/ikev1-01-fuzzer/cve-2015-3204.py
sed -i "s:/usr/bin/python:/usr/bin/python3:" testing/pluto/ikev2-15-fuzzer/send_bad_packets.py sed -i "s/-pthread$/-DALLOW_MICROSOFT_BAD_PROPOSAL -pthread/" mk/config.mk
sed -i "s:#[ ]*include \(.*\)\(/crypto-policies/back-ends/libreswan.config\)$:include \1\2:" programs/configs/ipsec.conf.in
sed -i '/config setup/a\\t# Specifies a directory forNSS database files\n\tnssdir=/etc/ipsec.d' configs/ipsec.conf.in
sed -i '/ipsec --checknss/s/$/ --nssdir \/etc\/ipsec.d/' ./initsystems/systemd/ipsec.service.in
%build %build
%make_build \ make %{?_smp_mflags} \
USERCOMPILE="-g -DGCC_LINT %{optflags} %{?efence} -fPIE -pie -fno-strict-aliasing -Wformat-nonliteral -Wformat-security" \ OPTIMIZE_CFLAGS="%{optflags}" \
USERLINK="-g -pie -Wl,-z,relro,-z,now %{?efence}" %{libreswan_config} programs WERROR_CFLAGS="-Werror -Wno-missing-field-initializers -Wno-lto-type-mismatch -Wno-maybe-uninitialized" \
USERLINK="-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -flto --no-lto" \
%{libreswan_config} \
programs
FS=$(pwd) FS=$(pwd)
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \
%{__os_install_post} \
fipshmac -d %{buildroot}%{_libdir}/fipscheck %{buildroot}%{_libexecdir}/ipsec/pluto \
%{nil}
%install %install
%make_install %{libreswan_config} make \
DESTDIR=%{buildroot} \
%{libreswan_config} \
install
FS=$(pwd) FS=$(pwd)
rm -rf %{buildroot}/usr/share/doc/libreswan
rm -rf %{buildroot}%{_libexecdir}/ipsec/*check
install -d -m 0700 %{buildroot}{%{_rundir}/pluto,%{_localstatedir}/log/pluto/peer} install -d -m 0755 %{buildroot}%{_rundir}/pluto
install -d %{buildroot}{%{_sbindir},%{_tmpfilesdir},%{_libdir}/fipscheck,%{_sysconfdir}/sysctl.d} install -d %{buildroot}%{_sbindir}
install -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysctl.d/50-libreswan.conf install -d %{buildroot}%{_sysconfdir}/sysctl.d
install -m 0644 %{SOURCE4} \
%{buildroot}%{_sysconfdir}/sysctl.d/50-libreswan.conf
install -m 0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/libreswan.conf echo "include %{_sysconfdir}/ipsec.d/*.secrets" \
> %{buildroot}%{_sysconfdir}/ipsec.secrets
echo "include %{_sysconfdir}/ipsec.d/*.secrets" > %{buildroot}%{_sysconfdir}/ipsec.secrets rm -fr %{buildroot}%{_sysconfdir}/rc.d/rc*
%check %check
cp %{SOURCE1} %{SOURCE2} %{SOURCE3} .
bunzip2 *.fax.bz2
: starting CAVS test for IKEv2
%{buildroot}%{_libexecdir}/ipsec/cavp -v2 ikev2.fax | \
diff -u ikev2.fax - > /dev/null
: starting CAVS test for IKEv1 RSASIG
%{buildroot}%{_libexecdir}/ipsec/cavp -v1dsa ikev1_dsa.fax | \
diff -u ikev1_dsa.fax - > /dev/null
: starting CAVS test for IKEv1 PSK
%{buildroot}%{_libexecdir}/ipsec/cavp -v1psk ikev1_psk.fax | \
diff -u ikev1_psk.fax - > /dev/null
: CAVS tests passed
%{buildroot}%{_libexecdir}/ipsec/algparse -tp || { echo prooposal test failed; exit 1; }
%{buildroot}%{_libexecdir}/ipsec/algparse -ta || { echo algorithm test failed; exit 1; }
tmpdir=$(mktemp -d /tmp/libreswan-XXXXX)
certutil -N -d sql:$tmpdir --empty-password
%{buildroot}%{_libexecdir}/ipsec/pluto --selftest --nssdir $tmpdir --rundir $tmpdir
: pluto self-test passed - verify FIPS algorithms allowed is still compliant with NIST
export NSS_DISABLE_HW_GCM=1
%post %post
%systemd_post ipsec.service %systemd_post ipsec.service
@ -111,27 +166,29 @@ export NSS_DISABLE_HW_GCM=1
%systemd_postun_with_restart ipsec.service %systemd_postun_with_restart ipsec.service
%files %files
%doc COPYING CREDITS %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.conf
%{_sbindir}/ipsec
%{_libexecdir}/ipsec
%{_libdir}/fipscheck/pluto.hmac
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ipsec.secrets %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ipsec.secrets
%attr(0644,root,root) %{_unitdir}/ipsec.service %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d
%attr(0644,root,root) %{_tmpfilesdir}/libreswan.conf %attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/policies
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.d/policies/* %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.d/policies/*
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysctl.d/50-libreswan.conf %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysctl.d/50-libreswan.conf
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/{ipsec.conf,pam.d/pluto}
%attr(0700,root,root) %dir %{_sysconfdir}/{ipsec.d,ipsec.d/policies}
%attr(0700,root,root) %dir %{_localstatedir}/log/{pluto,pluto/peer}
%attr(0755,root,root) %dir %{_rundir}/pluto %attr(0755,root,root) %dir %{_rundir}/pluto
%exclude /usr/share/doc/libreswan %attr(0644,root,root) %{_tmpfilesdir}/libreswan.conf
%exclude %{_sysconfdir}/rc.d/rc* %attr(0644,root,root) %{_unitdir}/ipsec.service
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/pluto
%attr(0700,root,root) %dir %{_sharedstatedir}/ipsec/nss
%{_sbindir}/ipsec
%{_libexecdir}/ipsec
%files help %files help
%doc README* CHANGES docs/*.* docs/examples %doc CHANGES COPYING CREDITS README* LICENSE
%doc %{_mandir}/*/* %doc docs/*.* docs/examples
%attr(0644,root,root) %doc %{_mandir}/*/*
%changelog %changelog
* Fri Dec 04 2020 lingsheng <lingsheng@huawei.com> - 4.1-1
- Update to 4.1
* Tue Sep 15 2020 Guoshuai Sun <sunguoshuai@huawei.com> - 3.25-10 * Tue Sep 15 2020 Guoshuai Sun <sunguoshuai@huawei.com> - 3.25-10
- Fix pluto abort - Fix pluto abort

4
libreswan.yaml
View File

@ -1,4 +1,4 @@
version_control: github version_control: github
src_repo: libreswan/libreswan src_repo: libreswan/libreswan
tag_prefix: ^v tag_prefix: "^v"
seperator: . separator: "."

1
openeuler-libreswan-tmpfiles.conf
View File

@ -1 +0,0 @@
d /run/pluto 755 root root -

BIN
v3.25.tar.gz
View File

Binary file not shown.