strongswan: Update to 5.6.0

Fixes CVE-2017-11185:

Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation
when verifying RSA signatures, which requires decryption with the operation m^e mod n,
where m is the signature, and e and n are the exponent and modulus of the public key.
The value m is an integer between 0 and n-1, however, the gmp plugin did not verify this.
So if m equals n the calculation results in 0, in which case mpz_export() returns NULL.
This result wasn't handled properly causing a null-pointer dereference.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/rootfiles/core/114/filelists/i586/strongswan-padlock

@@ -0,0 +1 @@
+../../../../common/i586/strongswan-padlock

config/rootfiles/core/114/filelists/strongswan

@@ -0,0 +1 @@
+../../../common/strongswan

config/rootfiles/core/114/update.sh

@@ -32,6 +32,7 @@ for (( i=1; i<=$core; i++ )); do
 done
 
 # Stop services
+ipsec stop
 /etc/init.d/squid stop
 /etc/init.d/unbound stop
 
@@ -50,6 +51,10 @@ ldconfig
 /etc/init.d/unbound start
 /etc/init.d/squid start
 
+if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
+	ipsec start
+fi
+
 # This update need a reboot...
 touch /var/run/need_reboot
 

lfs/strongswan

@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 5.5.3
+VER        = 5.6.0
 
 THISAPP    = strongswan-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 4afffe3c219bb2e04f09510905af836b
+$(DL_FILE)_MD5 = befb5e827d02433fea6669c20e11530a
 
 install : $(TARGET)