diff options
author | Bernhard Schmidt <berni@debian.org> | 2019-03-07 21:38:56 +0100 |
---|---|---|
committer | Bernhard Schmidt <berni@debian.org> | 2019-03-07 21:38:56 +0100 |
commit | cfcec33bd88faeb354a33bd5f8052486ac848f9a (patch) | |
tree | 8e1ace9a34f5ee12b34416b02d514da67d54c907 /debian/patches | |
parent | 7486cf05cdeb6996fdf249e5a2f15d93a47dbac1 (diff) | |
parent | a351f71e82badcc71a2ce881bbb97eccfcebc06b (diff) |
Merge tag 'debian/2.4.7-1' into stretch-backports
openvpn Debian release 2.4.7-1
Diffstat (limited to 'debian/patches')
-rw-r--r-- | debian/patches/auth-pam_libpam_so_filename.patch | 8 | ||||
-rw-r--r-- | debian/patches/fix-pkcs11-helper-hang.patch | 13 | ||||
-rw-r--r-- | debian/patches/kfreebsd_support.patch | 56 | ||||
-rw-r--r-- | debian/patches/openvpn-pkcs11warn.patch | 8 | ||||
-rw-r--r-- | debian/patches/series | 3 | ||||
-rw-r--r-- | debian/patches/spelling_errors.patch | 53 | ||||
-rw-r--r-- | debian/patches/systemd.patch | 29 |
7 files changed, 129 insertions, 41 deletions
diff --git a/debian/patches/auth-pam_libpam_so_filename.patch b/debian/patches/auth-pam_libpam_so_filename.patch index cfa9047..2e7e5c4 100644 --- a/debian/patches/auth-pam_libpam_so_filename.patch +++ b/debian/patches/auth-pam_libpam_so_filename.patch @@ -1,11 +1,11 @@ Description: Fix libpam.so filename to /lib/libpam.so.0 in pam plugin Author: Alberto Gonzalez Iniesta <agi@inittab.org> Bug-Debian: http://bugs.debian.org/306335 -Index: openvpn/src/plugins/auth-pam/auth-pam.c +Index: trunk/src/plugins/auth-pam/auth-pam.c =================================================================== ---- openvpn.orig/src/plugins/auth-pam/auth-pam.c 2016-12-27 18:45:37.638198402 +0100 -+++ openvpn/src/plugins/auth-pam/auth-pam.c 2016-12-27 18:45:37.638198402 +0100 -@@ -698,7 +698,7 @@ +--- trunk.orig/src/plugins/auth-pam/auth-pam.c ++++ trunk/src/plugins/auth-pam/auth-pam.c +@@ -716,7 +716,7 @@ pam_server(int fd, const char *service, struct user_pass up; int command; #ifdef USE_PAM_DLOPEN diff --git a/debian/patches/fix-pkcs11-helper-hang.patch b/debian/patches/fix-pkcs11-helper-hang.patch new file mode 100644 index 0000000..41d9be1 --- /dev/null +++ b/debian/patches/fix-pkcs11-helper-hang.patch @@ -0,0 +1,13 @@ +Index: openvpn/src/openvpn/pkcs11.c +=================================================================== +--- openvpn.orig/src/openvpn/pkcs11.c ++++ openvpn/src/openvpn/pkcs11.c +@@ -312,7 +312,7 @@ pkcs11_initialize( + + pkcs11h_setLogLevel(_pkcs11_msg_openvpn2pkcs11(get_debug_level())); + +- if ((rv = pkcs11h_setForkMode(TRUE)) != CKR_OK) ++ if ((rv = pkcs11h_setForkMode(FALSE)) != CKR_OK) + { + msg(M_FATAL, "PKCS#11: Cannot set fork mode %ld-'%s'", rv, pkcs11h_getMessage(rv)); + goto cleanup; diff --git a/debian/patches/kfreebsd_support.patch b/debian/patches/kfreebsd_support.patch index 4445e0d..4e89f32 100644 --- a/debian/patches/kfreebsd_support.patch +++ b/debian/patches/kfreebsd_support.patch @@ -1,11 +1,9 @@ Description: Improve kFreeBSD support Author: Gonéri Le Bouder <goneri@rulezlan.org> Bug-Debian: http://bugs.debian.org/626062 -Index: openvpn/src/openvpn/route.c -=================================================================== ---- openvpn.orig/src/openvpn/route.c 2017-06-22 13:17:05.754630908 +0200 -+++ openvpn/src/openvpn/route.c 2017-06-22 13:17:05.750630880 +0200 -@@ -1689,7 +1689,7 @@ +--- a/src/openvpn/route.c ++++ b/src/openvpn/route.c +@@ -1693,7 +1693,7 @@ argv_msg(D_ROUTE, &argv); status = openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route add command failed"); @@ -14,7 +12,7 @@ Index: openvpn/src/openvpn/route.c argv_printf(&argv, "%s add", ROUTE_PATH); -@@ -1875,7 +1875,7 @@ +@@ -1879,7 +1879,7 @@ network = print_in6_addr( r6->network, 0, &gc); gateway = print_in6_addr( r6->gateway, 0, &gc); @@ -23,7 +21,7 @@ Index: openvpn/src/openvpn/route.c || defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ || defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) -@@ -2043,7 +2043,7 @@ +@@ -2047,7 +2047,7 @@ argv_msg(D_ROUTE, &argv); status = openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route add -inet6 command failed"); @@ -32,7 +30,7 @@ Index: openvpn/src/openvpn/route.c argv_printf(&argv, "%s add -inet6 %s/%d", ROUTE_PATH, -@@ -2227,7 +2227,7 @@ +@@ -2239,7 +2239,7 @@ argv_msg(D_ROUTE, &argv); openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route delete command failed"); @@ -41,7 +39,7 @@ Index: openvpn/src/openvpn/route.c argv_printf(&argv, "%s delete -net %s %s %s", ROUTE_PATH, -@@ -2334,7 +2334,7 @@ +@@ -2346,7 +2346,7 @@ network = print_in6_addr( r6->network, 0, &gc); gateway = print_in6_addr( r6->gateway, 0, &gc); @@ -50,7 +48,7 @@ Index: openvpn/src/openvpn/route.c || defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ || defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) -@@ -2469,7 +2469,7 @@ +@@ -2481,7 +2481,7 @@ argv_msg(D_ROUTE, &argv); openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route delete -inet6 command failed"); @@ -59,7 +57,7 @@ Index: openvpn/src/openvpn/route.c argv_printf(&argv, "%s delete -inet6 %s/%d", ROUTE_PATH, -@@ -3514,7 +3514,8 @@ +@@ -3532,7 +3532,8 @@ #elif defined(TARGET_DARWIN) || defined(TARGET_SOLARIS) \ || defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ @@ -69,20 +67,18 @@ Index: openvpn/src/openvpn/route.c #include <sys/types.h> #include <sys/socket.h> -Index: openvpn/src/openvpn/tun.c -=================================================================== ---- openvpn.orig/src/openvpn/tun.c 2017-06-22 13:17:05.754630908 +0200 -+++ openvpn/src/openvpn/tun.c 2017-06-22 13:17:05.750630880 +0200 -@@ -843,7 +843,7 @@ +--- a/src/openvpn/tun.c ++++ b/src/openvpn/tun.c +@@ -845,7 +845,7 @@ #endif /* if defined(_WIN32) || defined(TARGET_DARWIN) || defined(TARGET_NETBSD) || defined(TARGET_OPENBSD) */ #if defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ -- || defined(TARGET_OPENBSD) -+ || defined(TARGET_OPENBSD) || defined(__FreeBSD_kernel__) +- || defined(TARGET_NETBSD) || defined(TARGET_OPENBSD) ++ || defined(TARGET_NETBSD) || defined(TARGET_OPENBSD) || defined(__FreeBSD_kernel__) /* we can't use true subnet mode on tun on all platforms, as that * conflicts with IPv6 (wants to use ND then, which we don't do), * but the OSes want "a remote address that is different from ours" -@@ -1412,7 +1412,7 @@ +@@ -1429,7 +1429,7 @@ add_route_connected_v6_net(tt, es); } @@ -91,7 +87,7 @@ Index: openvpn/src/openvpn/tun.c in_addr_t remote_end; /* for "virtual" subnet topology */ -@@ -2770,7 +2770,7 @@ +@@ -2785,7 +2785,7 @@ } } @@ -100,10 +96,8 @@ Index: openvpn/src/openvpn/tun.c static inline int freebsd_modify_read_write_return(int len) -Index: openvpn/src/openvpn/lladdr.c -=================================================================== ---- openvpn.orig/src/openvpn/lladdr.c 2017-06-22 13:17:05.754630908 +0200 -+++ openvpn/src/openvpn/lladdr.c 2017-06-22 13:17:05.750630880 +0200 +--- a/src/openvpn/lladdr.c ++++ b/src/openvpn/lladdr.c @@ -50,7 +50,7 @@ "%s %s lladdr %s", IFCONFIG_PATH, @@ -113,10 +107,8 @@ Index: openvpn/src/openvpn/lladdr.c argv_printf(&argv, "%s %s ether %s", IFCONFIG_PATH, -Index: openvpn/src/openvpn/syshead.h -=================================================================== ---- openvpn.orig/src/openvpn/syshead.h 2017-06-22 13:17:05.754630908 +0200 -+++ openvpn/src/openvpn/syshead.h 2017-06-22 13:17:05.750630880 +0200 +--- a/src/openvpn/syshead.h ++++ b/src/openvpn/syshead.h @@ -297,7 +297,7 @@ #endif /* TARGET_OPENBSD */ @@ -126,11 +118,9 @@ Index: openvpn/src/openvpn/syshead.h #ifdef HAVE_SYS_UIO_H #include <sys/uio.h> -Index: openvpn/src/openvpn/ssl.c -=================================================================== ---- openvpn.orig/src/openvpn/ssl.c 2017-06-22 13:17:05.754630908 +0200 -+++ openvpn/src/openvpn/ssl.c 2017-06-22 13:17:05.750630880 +0200 -@@ -2269,7 +2269,7 @@ +--- a/src/openvpn/ssl.c ++++ b/src/openvpn/ssl.c +@@ -2270,7 +2270,7 @@ buf_printf(&out, "IV_PLAT=mac\n"); #elif defined(TARGET_NETBSD) buf_printf(&out, "IV_PLAT=netbsd\n"); diff --git a/debian/patches/openvpn-pkcs11warn.patch b/debian/patches/openvpn-pkcs11warn.patch index 1fabddd..71b2ac8 100644 --- a/debian/patches/openvpn-pkcs11warn.patch +++ b/debian/patches/openvpn-pkcs11warn.patch @@ -1,11 +1,11 @@ Description: Warn users about deprecated pkcs11 options Author: Florian Kulzer <florian.kulzer+debian@icfo.es> Bug-Debian: http://bugs.debian.org/475353 -Index: openvpn/src/openvpn/options.c +Index: trunk/src/openvpn/options.c =================================================================== ---- openvpn.orig/src/openvpn/options.c 2017-06-22 13:16:58.862582114 +0200 -+++ openvpn/src/openvpn/options.c 2017-06-22 13:16:58.862582114 +0200 -@@ -6818,6 +6818,20 @@ +--- trunk.orig/src/openvpn/options.c ++++ trunk/src/openvpn/options.c +@@ -6861,6 +6861,20 @@ add_option(struct options *options, options->port_share_port = p[2]; options->port_share_journal_dir = p[3]; } diff --git a/debian/patches/series b/debian/patches/series index 156ff6f..8b19c3d 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -4,3 +4,6 @@ debian_nogroup_for_sample_files.patch openvpn-pkcs11warn.patch kfreebsd_support.patch match-manpage-and-command-help.patch +spelling_errors.patch +systemd.patch +fix-pkcs11-helper-hang.patch diff --git a/debian/patches/spelling_errors.patch b/debian/patches/spelling_errors.patch new file mode 100644 index 0000000..cac36d3 --- /dev/null +++ b/debian/patches/spelling_errors.patch @@ -0,0 +1,53 @@ +Description: correct tspelling errors +Author: Jörg Frings-Fürst <debian@jff.email> +Last-Update: 2018-07-29 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/src/openvpn/buffer.c +=================================================================== +--- trunk.orig/src/openvpn/buffer.c ++++ trunk/src/openvpn/buffer.c +@@ -44,7 +44,7 @@ array_mult_safe(const size_t m1, const s + unsigned long long res = (unsigned long long)m1 * (unsigned long long)m2 + (unsigned long long)extra; + if (unlikely(m1 > limit) || unlikely(m2 > limit) || unlikely(extra > limit) || unlikely(res > (unsigned long long)limit)) + { +- msg(M_FATAL, "attemped allocation of excessively large array"); ++ msg(M_FATAL, "attempted allocation of excessively large array"); + } + return (size_t) res; + } +Index: trunk/src/openvpn/options.c +=================================================================== +--- trunk.orig/src/openvpn/options.c ++++ trunk/src/openvpn/options.c +@@ -448,7 +448,7 @@ static const char usage_message[] = + " user/pass via environment, if method='via-file', pass\n" + " user/pass via temporary file.\n" + "--auth-gen-token [lifetime] Generate a random authentication token which is pushed\n" +- " to each client, replacing the password. Usefull when\n" ++ " to each client, replacing the password. Useful when\n" + " OTP based two-factor auth mechanisms are in use and\n" + " --reneg-* options are enabled. Optionally a lifetime in seconds\n" + " for generated tokens can be set.\n" +Index: trunk/doc/openvpn.8 +=================================================================== +--- trunk.orig/doc/openvpn.8 ++++ trunk/doc/openvpn.8 +@@ -2181,7 +2181,7 @@ that + is parsed on the command line even though + the daemonization point occurs later. If one of the + .B \-\-log +-options is present, it will supercede syslog ++options is present, it will supersede syslog + redirection. + + The optional +@@ -2292,7 +2292,7 @@ If + already exists it will be truncated. + This option takes effect + immediately when it is parsed in the command line +-and will supercede syslog output if ++and will supersede syslog output if + .B \-\-daemon + or + .B \-\-inetd diff --git a/debian/patches/systemd.patch b/debian/patches/systemd.patch new file mode 100644 index 0000000..ccbecfd --- /dev/null +++ b/debian/patches/systemd.patch @@ -0,0 +1,29 @@ +Description: remove syslog.target +Author: Jörg Frings-Fürst <debian@jff.email> +Last-Update: 2018-07-29 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/distro/systemd/openvpn-client@.service.in +=================================================================== +--- trunk.orig/distro/systemd/openvpn-client@.service.in ++++ trunk/distro/systemd/openvpn-client@.service.in +@@ -1,6 +1,6 @@ + [Unit] + Description=OpenVPN tunnel for %I +-After=syslog.target network-online.target ++After=network-online.target + Wants=network-online.target + Documentation=man:openvpn(8) + Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage +Index: trunk/distro/systemd/openvpn-server@.service.in +=================================================================== +--- trunk.orig/distro/systemd/openvpn-server@.service.in ++++ trunk/distro/systemd/openvpn-server@.service.in +@@ -1,6 +1,6 @@ + [Unit] + Description=OpenVPN service for %I +-After=syslog.target network-online.target ++After=network-online.target + Wants=network-online.target + Documentation=man:openvpn(8) + Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage |