Refresh patches

8 files changed, 35 insertions, 124 deletions

diff --git a/debian/changelog b/debian/changelog
index 2b8cac8..b6afdf2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,9 @@ openvpn (2.3.7-1) unstable; urgency=medium
   * Add --no-block to if-up.d script to avoid hanging boot on
     interfaces with openvpn instances. (Closes: #787090, #785200)
   * Add ProtectSystem=yes to systemd's service file. (Closes: #771626)
+  * Removed upstream applied patches:
+     - 0001-Drop-too-short-control-channel-packets-instead-of-as.patch
+     - update_sample_certs.patch
 
  -- Alberto Gonzalez Iniesta <agi@inittab.org>  Wed, 01 Jul 2015 13:19:26 +0200
 
diff --git a/debian/patches/close_socket_before_scripts.patch b/debian/patches/close_socket_before_scripts.patch
index 8d84462..fa51dce 100644
--- a/debian/patches/close_socket_before_scripts.patch
+++ b/debian/patches/close_socket_before_scripts.patch
@@ -6,9 +6,9 @@ Bug-Debian: http://bugs.debian.org/367716
 
 Index: openvpn/src/openvpn/socket.c
 ===================================================================
---- openvpn.orig/src/openvpn/socket.c	2014-10-30 11:30:47.118658137 +0100
-+++ openvpn/src/openvpn/socket.c	2014-10-30 11:30:47.114658136 +0100
-@@ -1492,6 +1492,10 @@
+--- openvpn.orig/src/openvpn/socket.c	2015-07-01 14:10:06.116131868 +0200
++++ openvpn/src/openvpn/socket.c	2015-07-01 14:10:06.112131911 +0200
+@@ -1494,6 +1494,10 @@
        resolve_bind_local (sock);
        resolve_remote (sock, 1, NULL, NULL);
      }
@@ -19,7 +19,7 @@ Index: openvpn/src/openvpn/socket.c
  }
  
  /* finalize socket initialization */
-@@ -1722,10 +1726,6 @@
+@@ -1724,10 +1728,6 @@
    /* set socket to non-blocking mode */
    set_nonblock (sock->sd);
  
diff --git a/debian/patches/debian_nogroup_for_sample_files.patch b/debian/patches/debian_nogroup_for_sample_files.patch
index 920c77d..2f1fe3d 100644
--- a/debian/patches/debian_nogroup_for_sample_files.patch
+++ b/debian/patches/debian_nogroup_for_sample_files.patch
@@ -3,9 +3,9 @@ Author: Alberto Gonzalez Iniesta <agi@inittab.org>
 Bug-Debian: http://bugs.debian.org/317987
 Index: openvpn/sample/sample-config-files/server.conf
 ===================================================================
---- openvpn.orig/sample/sample-config-files/server.conf	2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/server.conf	2014-10-30 11:30:56.114658434 +0100
-@@ -267,7 +267,7 @@
+--- openvpn.orig/sample/sample-config-files/server.conf	2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/server.conf	2015-07-01 14:10:18.543999276 +0200
+@@ -265,7 +265,7 @@
  # You can uncomment this out on
  # non-Windows systems.
  ;user nobody
@@ -16,8 +16,8 @@ Index: openvpn/sample/sample-config-files/server.conf
  # accessing certain resources on restart
 Index: openvpn/sample/sample-config-files/tls-home.conf
 ===================================================================
---- openvpn.orig/sample/sample-config-files/tls-home.conf	2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/tls-home.conf	2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/tls-home.conf	2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/tls-home.conf	2015-07-01 14:10:18.543999276 +0200
 @@ -51,7 +51,7 @@
  # "nobody" after initialization
  # for extra security.
@@ -29,8 +29,8 @@ Index: openvpn/sample/sample-config-files/tls-home.conf
  # LZO compression, uncomment
 Index: openvpn/sample/sample-config-files/static-home.conf
 ===================================================================
---- openvpn.orig/sample/sample-config-files/static-home.conf	2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/static-home.conf	2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/static-home.conf	2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/static-home.conf	2015-07-01 14:10:18.543999276 +0200
 @@ -40,7 +40,7 @@
  # "nobody" after initialization
  # for extra security.
@@ -42,8 +42,8 @@ Index: openvpn/sample/sample-config-files/static-home.conf
  # LZO compression, uncomment
 Index: openvpn/sample/sample-config-files/static-office.conf
 ===================================================================
---- openvpn.orig/sample/sample-config-files/static-office.conf	2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/static-office.conf	2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/static-office.conf	2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/static-office.conf	2015-07-01 14:10:18.543999276 +0200
 @@ -37,7 +37,7 @@
  # "nobody" after initialization
  # for extra security.
@@ -55,8 +55,8 @@ Index: openvpn/sample/sample-config-files/static-office.conf
  # LZO compression, uncomment
 Index: openvpn/sample/sample-config-files/client.conf
 ===================================================================
---- openvpn.orig/sample/sample-config-files/client.conf	2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/client.conf	2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/client.conf	2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/client.conf	2015-07-01 14:10:18.543999276 +0200
 @@ -59,7 +59,7 @@
  
  # Downgrade privileges after initialization (non-Windows only)
@@ -68,8 +68,8 @@ Index: openvpn/sample/sample-config-files/client.conf
  persist-key
 Index: openvpn/sample/sample-config-files/tls-office.conf
 ===================================================================
---- openvpn.orig/sample/sample-config-files/tls-office.conf	2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/tls-office.conf	2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/tls-office.conf	2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/tls-office.conf	2015-07-01 14:10:18.543999276 +0200
 @@ -51,7 +51,7 @@
  # "nobody" after initialization
  # for extra security.
diff --git a/debian/patches/kfreebsd_support.patch b/debian/patches/kfreebsd_support.patch
index 94c6727..523eb43 100644
--- a/debian/patches/kfreebsd_support.patch
+++ b/debian/patches/kfreebsd_support.patch
@@ -3,8 +3,8 @@ Author: Gonéri Le Bouder <goneri@rulezlan.org>
 Bug-Debian: http://bugs.debian.org/626062
 Index: openvpn/src/openvpn/route.c
 ===================================================================
---- openvpn.orig/src/openvpn/route.c	2014-10-30 11:31:13.226659001 +0100
-+++ openvpn/src/openvpn/route.c	2014-10-30 11:31:13.222659000 +0100
+--- openvpn.orig/src/openvpn/route.c	2015-07-01 14:10:36.563807017 +0200
++++ openvpn/src/openvpn/route.c	2015-07-01 14:10:36.559807060 +0200
 @@ -1419,7 +1419,7 @@
    argv_msg (D_ROUTE, &argv);
    status = openvpn_execve_check (&argv, es, 0, "ERROR: Solaris route add command failed");
@@ -16,9 +16,9 @@ Index: openvpn/src/openvpn/route.c
  		ROUTE_PATH);
 Index: openvpn/src/openvpn/tun.c
 ===================================================================
---- openvpn.orig/src/openvpn/tun.c	2014-10-30 11:31:13.226659001 +0100
-+++ openvpn/src/openvpn/tun.c	2014-10-30 11:31:13.226659001 +0100
-@@ -1095,7 +1095,7 @@
+--- openvpn.orig/src/openvpn/tun.c	2015-07-01 14:10:36.563807017 +0200
++++ openvpn/src/openvpn/tun.c	2015-07-01 14:10:36.559807060 +0200
+@@ -1122,7 +1122,7 @@
  	  add_route_connected_v6_net(tt, es);
  	}
  
diff --git a/debian/patches/manpage_fixes.patch b/debian/patches/manpage_fixes.patch
index d3d2393..eb10655 100644
--- a/debian/patches/manpage_fixes.patch
+++ b/debian/patches/manpage_fixes.patch
@@ -2,8 +2,8 @@ Description: Man page fixes
 Author: Alberto Gonzalez Iniesta <agi@inittab.org>
 Index: openvpn/doc/openvpn.8
 ===================================================================
---- openvpn.orig/doc/openvpn.8	2014-10-30 11:31:18.398659172 +0100
-+++ openvpn/doc/openvpn.8	2014-10-30 11:31:18.394659172 +0100
+--- openvpn.orig/doc/openvpn.8	2015-07-01 14:11:08.987461064 +0200
++++ openvpn/doc/openvpn.8	2015-07-01 14:11:08.983461107 +0200
 @@ -21,13 +21,13 @@
  .\"  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  .\"
@@ -20,16 +20,7 @@ Index: openvpn/doc/openvpn.8
  .\" .nf -- no formatting
  .\" .fi -- resume formatting
  .\" .ft 3 -- boldface
-@@ -2573,7 +2573,7 @@
- .B \-\-management-signal
- Send SIGUSR1 signal to OpenVPN if management session disconnects.
- This is useful when you wish to disconnect an OpenVPN session on
--user logoff. For --management-client this option is not needed since
-+user logoff. For \-\-management-client this option is not needed since
- a disconnect will always generate a SIGTERM.
- .\"*********************************************************
- .TP
-@@ -3952,7 +3952,7 @@
+@@ -3991,7 +3991,7 @@
  This option is only relevant in UDP mode, i.e.
  when either
  .B \-\-proto udp
@@ -38,16 +29,7 @@ Index: openvpn/doc/openvpn.8
  .B \-\-proto
  option is specified.
  
-@@ -5122,7 +5122,7 @@
- 
- This option have changed behaviour in OpenVPN 2.3.  Earlier you had to
- define
--.B --win-sys env
-+.B \-\-win-sys env
- to use the SystemRoot environment variable, otherwise it defaulted to C:\\WINDOWS.
- It is not needed to use the
- .B env
-@@ -5165,7 +5165,7 @@
+@@ -5266,7 +5266,7 @@
  .B \-\-dev tun
  mode, OpenVPN will cause the DHCP server to masquerade as if it were
  coming from the remote endpoint.  The optional offset parameter is
@@ -56,75 +38,3 @@ Index: openvpn/doc/openvpn.8
  If offset is positive, the DHCP server will masquerade as the IP
  address at network address + offset.
  If offset is negative, the DHCP server will masquerade as the IP
-@@ -5461,26 +5461,26 @@
- .B \-\-topology
- , which has no effect on IPv6).
- .TP
--.B --ifconfig-ipv6 ipv6addr/bits ipv6remote
-+.B \-\-ifconfig-ipv6 ipv6addr/bits ipv6remote
- configure IPv6 address
- .B ipv6addr/bits
- on the ``tun'' device.  The second parameter is used as route target for
--.B --route-ipv6
-+.B \-\-route-ipv6
- if no gateway is specified.
- .TP
--.B --route-ipv6 ipv6addr/bits [gateway] [metric]
-+.B \-\-route-ipv6 ipv6addr/bits [gateway] [metric]
- setup IPv6 routing in the system to send the specified IPv6 network
- into OpenVPN's ``tun'' device
- .TP
--.B --server-ipv6 ipv6addr/bits
-+.B \-\-server-ipv6 ipv6addr/bits
- convenience-function to enable a number of IPv6 related options at
- once, namely
--.B --ifconfig-ipv6, --ifconfig-ipv6-pool, --tun-ipv6
-+.B \-\-ifconfig-ipv6, \-\-ifconfig-ipv6-pool, \-\-tun-ipv6
- and
--.B --push tun-ipv6
--Is only accepted if ``--mode server'' or ``--server'' is set.
-+.B \-\-push tun-ipv6
-+Is only accepted if ``\-\-mode server'' or ``\-\-server'' is set.
- .TP
--.B --ifconfig-ipv6-pool ipv6addr/bits
-+.B \-\-ifconfig-ipv6-pool ipv6addr/bits
- Specify an IPv6 address pool for dynamic assignment to clients.  The
- pool starts at
- .B ipv6addr
-@@ -5489,20 +5489,20 @@
- setting controls the size of the pool.  Due to implementation details,
- the pool size must be between /64 and /112.
- .TP
--.B --ifconfig-ipv6-push ipv6addr/bits ipv6remote
-+.B \-\-ifconfig-ipv6-push ipv6addr/bits ipv6remote
- for ccd/ per-client static IPv6 interface configuration, see
--.B --client-config-dir
-+.B \-\-client-config-dir
- and
--.B --ifconfig-push
-+.B \-\-ifconfig-push
- for more details.
- .TP
--.B --iroute-ipv6 ipv6addr/bits
-+.B \-\-iroute-ipv6 ipv6addr/bits
- for ccd/ per-client static IPv6 route configuration, see
--.B --iroute
-+.B \-\-iroute
- for more details how to setup and use this, and how
--.B --iroute
-+.B \-\-iroute
- and
--.B --route
-+.B \-\-route
- interact.
- 
- .\"*********************************************************
-@@ -5988,7 +5988,7 @@
- .TP
- .B peer_cert
- Temporary file name containing the client certificate upon
--connection.  Useful in conjunction with --tls-verify
-+connection.  Useful in conjunction with \-\-tls-verify
- .\"*********************************************************
- .TP
- .B script_context
diff --git a/debian/patches/openvpn-pkcs11warn.patch b/debian/patches/openvpn-pkcs11warn.patch
index 3d238cb..5b61f99 100644
--- a/debian/patches/openvpn-pkcs11warn.patch
+++ b/debian/patches/openvpn-pkcs11warn.patch
@@ -3,9 +3,9 @@ Author: Florian Kulzer <florian.kulzer+debian@icfo.es>
 Bug-Debian: http://bugs.debian.org/475353
 Index: openvpn/src/openvpn/options.c
 ===================================================================
---- openvpn.orig/src/openvpn/options.c	2014-10-30 11:31:06.334658772 +0100
-+++ openvpn/src/openvpn/options.c	2014-10-30 11:31:06.330658772 +0100
-@@ -6247,6 +6247,20 @@
+--- openvpn.orig/src/openvpn/options.c	2015-07-01 14:10:25.083929500 +0200
++++ openvpn/src/openvpn/options.c	2015-07-01 14:10:25.083929500 +0200
+@@ -6293,6 +6293,20 @@
      {
        VERIFY_PERMISSION (OPT_P_ROUTE_EXTRAS);
      }
diff --git a/debian/patches/route_default_nil.patch b/debian/patches/route_default_nil.patch
index e8572b5..cf17dec 100644
--- a/debian/patches/route_default_nil.patch
+++ b/debian/patches/route_default_nil.patch
@@ -2,9 +2,9 @@ Description: Fix small wording in man page.
 Author: Alberto Gonzalez Iniesta <agi@inittab.org>
 Index: openvpn/doc/openvpn.8
 ===================================================================
---- openvpn.orig/doc/openvpn.8	2014-05-14 12:58:55.637184441 +0200
-+++ openvpn/doc/openvpn.8	2014-05-14 12:58:55.633184441 +0200
-@@ -966,7 +966,7 @@
+--- openvpn.orig/doc/openvpn.8	2015-07-01 14:10:31.563860364 +0200
++++ openvpn/doc/openvpn.8	2015-07-01 14:10:31.559860407 +0200
+@@ -989,7 +989,7 @@
  otherwise 0.
  
  The default can be specified by leaving an option blank or setting
diff --git a/debian/patches/series b/debian/patches/series
index bbf753a..f37465a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,5 +6,3 @@ route_default_nil.patch
 kfreebsd_support.patch
 accommodate_typo.patch
 manpage_fixes.patch
-0001-Drop-too-short-control-channel-packets-instead-of-as.patch
-update_sample_certs.patch