diff options
author | Alberto Gonzalez Iniesta <agi@inittab.org> | 2016-01-20 12:08:56 +0100 |
---|---|---|
committer | Alberto Gonzalez Iniesta <agi@inittab.org> | 2016-01-20 12:08:56 +0100 |
commit | 9364f88c1602062e10fec008b7170d90a758cb2e (patch) | |
tree | 9680d712956e7485a8c963063a37cc5adbfe3446 | |
parent | 19eab1fe2df20e38ea64d7a642d3e21c957082b8 (diff) |
New upstream release
-rw-r--r-- | debian/changelog | 7 | ||||
-rw-r--r-- | debian/patches/auth-pam_libpam_so_filename.patch | 6 | ||||
-rw-r--r-- | debian/patches/close_socket_before_scripts.patch | 8 | ||||
-rw-r--r-- | debian/patches/kfreebsd_support.patch | 12 | ||||
-rw-r--r-- | debian/patches/manpage_fixes.patch | 8 | ||||
-rw-r--r-- | debian/patches/openvpn-pkcs11warn.patch | 6 | ||||
-rw-r--r-- | debian/patches/password_prompt_in_systemd.patch | 41 | ||||
-rw-r--r-- | debian/patches/series | 1 |
8 files changed, 27 insertions, 62 deletions
diff --git a/debian/changelog b/debian/changelog index ec1150e..4d98efd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +openvpn (2.3.10-1) unstable; urgency=medium + + * New upstream release. + Drop password_prompt_in_systemd.patch. Applied upstream. + + -- Alberto Gonzalez Iniesta <agi@inittab.org> Wed, 20 Jan 2016 12:01:36 +0100 + openvpn (2.3.8-1) unstable; urgency=medium * New upstream release. Drop patch from 2.3.7-2. diff --git a/debian/patches/auth-pam_libpam_so_filename.patch b/debian/patches/auth-pam_libpam_so_filename.patch index 7882ec5..cc37600 100644 --- a/debian/patches/auth-pam_libpam_so_filename.patch +++ b/debian/patches/auth-pam_libpam_so_filename.patch @@ -3,9 +3,9 @@ Author: Alberto Gonzalez Iniesta <agi@inittab.org> Bug-Debian: http://bugs.debian.org/306335 Index: openvpn/src/plugins/auth-pam/auth-pam.c =================================================================== ---- openvpn.orig/src/plugins/auth-pam/auth-pam.c 2012-11-05 16:29:30.000000000 +0100 -+++ openvpn/src/plugins/auth-pam/auth-pam.c 2012-11-05 16:37:20.471136293 +0100 -@@ -696,7 +696,7 @@ +--- openvpn.orig/src/plugins/auth-pam/auth-pam.c 2016-01-20 12:02:15.161550568 +0100 ++++ openvpn/src/plugins/auth-pam/auth-pam.c 2016-01-20 12:02:15.157550612 +0100 +@@ -699,7 +699,7 @@ struct user_pass up; int command; #ifdef USE_PAM_DLOPEN diff --git a/debian/patches/close_socket_before_scripts.patch b/debian/patches/close_socket_before_scripts.patch index fa51dce..02fa5cc 100644 --- a/debian/patches/close_socket_before_scripts.patch +++ b/debian/patches/close_socket_before_scripts.patch @@ -6,9 +6,9 @@ Bug-Debian: http://bugs.debian.org/367716 Index: openvpn/src/openvpn/socket.c =================================================================== ---- openvpn.orig/src/openvpn/socket.c 2015-07-01 14:10:06.116131868 +0200 -+++ openvpn/src/openvpn/socket.c 2015-07-01 14:10:06.112131911 +0200 -@@ -1494,6 +1494,10 @@ +--- openvpn.orig/src/openvpn/socket.c 2016-01-20 12:02:23.237464287 +0100 ++++ openvpn/src/openvpn/socket.c 2016-01-20 12:02:23.233464331 +0100 +@@ -1492,6 +1492,10 @@ resolve_bind_local (sock); resolve_remote (sock, 1, NULL, NULL); } @@ -19,7 +19,7 @@ Index: openvpn/src/openvpn/socket.c } /* finalize socket initialization */ -@@ -1724,10 +1728,6 @@ +@@ -1722,10 +1726,6 @@ /* set socket to non-blocking mode */ set_nonblock (sock->sd); diff --git a/debian/patches/kfreebsd_support.patch b/debian/patches/kfreebsd_support.patch index 523eb43..ba3665f 100644 --- a/debian/patches/kfreebsd_support.patch +++ b/debian/patches/kfreebsd_support.patch @@ -3,9 +3,9 @@ Author: Gonéri Le Bouder <goneri@rulezlan.org> Bug-Debian: http://bugs.debian.org/626062 Index: openvpn/src/openvpn/route.c =================================================================== ---- openvpn.orig/src/openvpn/route.c 2015-07-01 14:10:36.563807017 +0200 -+++ openvpn/src/openvpn/route.c 2015-07-01 14:10:36.559807060 +0200 -@@ -1419,7 +1419,7 @@ +--- openvpn.orig/src/openvpn/route.c 2016-01-20 12:02:41.441269913 +0100 ++++ openvpn/src/openvpn/route.c 2016-01-20 12:02:41.437269956 +0100 +@@ -1421,7 +1421,7 @@ argv_msg (D_ROUTE, &argv); status = openvpn_execve_check (&argv, es, 0, "ERROR: Solaris route add command failed"); @@ -16,9 +16,9 @@ Index: openvpn/src/openvpn/route.c ROUTE_PATH); Index: openvpn/src/openvpn/tun.c =================================================================== ---- openvpn.orig/src/openvpn/tun.c 2015-07-01 14:10:36.563807017 +0200 -+++ openvpn/src/openvpn/tun.c 2015-07-01 14:10:36.559807060 +0200 -@@ -1122,7 +1122,7 @@ +--- openvpn.orig/src/openvpn/tun.c 2016-01-20 12:02:41.441269913 +0100 ++++ openvpn/src/openvpn/tun.c 2016-01-20 12:02:41.437269956 +0100 +@@ -1124,7 +1124,7 @@ add_route_connected_v6_net(tt, es); } diff --git a/debian/patches/manpage_fixes.patch b/debian/patches/manpage_fixes.patch index 8bd5a8b..e3dbb78 100644 --- a/debian/patches/manpage_fixes.patch +++ b/debian/patches/manpage_fixes.patch @@ -2,8 +2,8 @@ Description: Man page fixes Author: Alberto Gonzalez Iniesta <agi@inittab.org> Index: openvpn/doc/openvpn.8 =================================================================== ---- openvpn.orig/doc/openvpn.8 2015-09-04 13:13:36.785038213 +0200 -+++ openvpn/doc/openvpn.8 2015-09-04 13:13:36.781038257 +0200 +--- openvpn.orig/doc/openvpn.8 2016-01-20 12:02:48.997189277 +0100 ++++ openvpn/doc/openvpn.8 2016-01-20 12:02:48.993189319 +0100 @@ -21,13 +21,13 @@ .\" 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA .\" @@ -20,7 +20,7 @@ Index: openvpn/doc/openvpn.8 .\" .nf -- no formatting .\" .fi -- resume formatting .\" .ft 3 -- boldface -@@ -4007,7 +4007,7 @@ +@@ -4005,7 +4005,7 @@ This option is only relevant in UDP mode, i.e. when either .B \-\-proto udp @@ -29,7 +29,7 @@ Index: openvpn/doc/openvpn.8 .B \-\-proto option is specified. -@@ -5282,7 +5282,7 @@ +@@ -5277,7 +5277,7 @@ .B \-\-dev tun mode, OpenVPN will cause the DHCP server to masquerade as if it were coming from the remote endpoint. The optional offset parameter is diff --git a/debian/patches/openvpn-pkcs11warn.patch b/debian/patches/openvpn-pkcs11warn.patch index f3fadc7..2aaea75 100644 --- a/debian/patches/openvpn-pkcs11warn.patch +++ b/debian/patches/openvpn-pkcs11warn.patch @@ -3,9 +3,9 @@ Author: Florian Kulzer <florian.kulzer+debian@icfo.es> Bug-Debian: http://bugs.debian.org/475353 Index: openvpn/src/openvpn/options.c =================================================================== ---- openvpn.orig/src/openvpn/options.c 2015-09-04 13:13:30.157111451 +0200 -+++ openvpn/src/openvpn/options.c 2015-09-04 13:13:30.153111496 +0200 -@@ -6300,6 +6300,20 @@ +--- openvpn.orig/src/openvpn/options.c 2016-01-20 12:02:32.953360525 +0100 ++++ openvpn/src/openvpn/options.c 2016-01-20 12:02:32.949360569 +0100 +@@ -6346,6 +6346,20 @@ { VERIFY_PERMISSION (OPT_P_ROUTE_EXTRAS); } diff --git a/debian/patches/password_prompt_in_systemd.patch b/debian/patches/password_prompt_in_systemd.patch deleted file mode 100644 index f245881..0000000 --- a/debian/patches/password_prompt_in_systemd.patch +++ /dev/null @@ -1,41 +0,0 @@ -Index: openvpn-2.3.8/src/openvpn/console.c -=================================================================== ---- openvpn-2.3.8.orig/src/openvpn/console.c -+++ openvpn-2.3.8/src/openvpn/console.c -@@ -208,6 +208,19 @@ get_console_input (const char *prompt, c - #if defined(WIN32) - return get_console_input_win32 (prompt, echo, input, capacity); - #elif defined(HAVE_GETPASS) -+ -+ /* did we --daemon'ize before asking for passwords? -+ * (in which case neither stdin or stderr are connected to a tty and -+ * /dev/tty can not be open()ed anymore) -+ */ -+ if ( !isatty(0) && !isatty(2) ) -+ { -+ int fd = open( "/dev/tty", O_RDWR ); -+ if ( fd < 0 ) -+ { msg(M_FATAL, "neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for '%s'. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.", prompt ); } -+ close(fd); -+ } -+ - if (echo) - { - FILE *fp; -Index: openvpn-2.3.8/src/openvpn/misc.c -=================================================================== ---- openvpn-2.3.8.orig/src/openvpn/misc.c -+++ openvpn-2.3.8/src/openvpn/misc.c -@@ -1088,12 +1088,6 @@ get_user_pass_cr (struct user_pass *up, - */ - else if (from_stdin) - { --#ifndef WIN32 -- /* did we --daemon'ize before asking for passwords? */ -- if ( !isatty(0) && !isatty(2) ) -- { msg(M_FATAL, "neither stdin nor stderr are a tty device, can't ask for %s password. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.", prefix ); } --#endif -- - #ifdef ENABLE_CLIENT_CR - if (auth_challenge && (flags & GET_USER_PASS_DYNAMIC_CHALLENGE)) - { diff --git a/debian/patches/series b/debian/patches/series index 64e73f4..f37465a 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -6,4 +6,3 @@ route_default_nil.patch kfreebsd_support.patch accommodate_typo.patch manpage_fixes.patch -password_prompt_in_systemd.patch |