summaryrefslogtreecommitdiff
path: root/debian/patches
diff options
context:
space:
mode:
authorBernhard Schmidt <berni@debian.org>2019-03-07 21:38:56 +0100
committerBernhard Schmidt <berni@debian.org>2019-03-07 21:38:56 +0100
commitcfcec33bd88faeb354a33bd5f8052486ac848f9a (patch)
tree8e1ace9a34f5ee12b34416b02d514da67d54c907 /debian/patches
parent7486cf05cdeb6996fdf249e5a2f15d93a47dbac1 (diff)
parenta351f71e82badcc71a2ce881bbb97eccfcebc06b (diff)
Merge tag 'debian/2.4.7-1' into stretch-backports
openvpn Debian release 2.4.7-1
Diffstat (limited to 'debian/patches')
-rw-r--r--debian/patches/auth-pam_libpam_so_filename.patch8
-rw-r--r--debian/patches/fix-pkcs11-helper-hang.patch13
-rw-r--r--debian/patches/kfreebsd_support.patch56
-rw-r--r--debian/patches/openvpn-pkcs11warn.patch8
-rw-r--r--debian/patches/series3
-rw-r--r--debian/patches/spelling_errors.patch53
-rw-r--r--debian/patches/systemd.patch29
7 files changed, 129 insertions, 41 deletions
diff --git a/debian/patches/auth-pam_libpam_so_filename.patch b/debian/patches/auth-pam_libpam_so_filename.patch
index cfa9047..2e7e5c4 100644
--- a/debian/patches/auth-pam_libpam_so_filename.patch
+++ b/debian/patches/auth-pam_libpam_so_filename.patch
@@ -1,11 +1,11 @@
Description: Fix libpam.so filename to /lib/libpam.so.0 in pam plugin
Author: Alberto Gonzalez Iniesta <agi@inittab.org>
Bug-Debian: http://bugs.debian.org/306335
-Index: openvpn/src/plugins/auth-pam/auth-pam.c
+Index: trunk/src/plugins/auth-pam/auth-pam.c
===================================================================
---- openvpn.orig/src/plugins/auth-pam/auth-pam.c 2016-12-27 18:45:37.638198402 +0100
-+++ openvpn/src/plugins/auth-pam/auth-pam.c 2016-12-27 18:45:37.638198402 +0100
-@@ -698,7 +698,7 @@
+--- trunk.orig/src/plugins/auth-pam/auth-pam.c
++++ trunk/src/plugins/auth-pam/auth-pam.c
+@@ -716,7 +716,7 @@ pam_server(int fd, const char *service,
struct user_pass up;
int command;
#ifdef USE_PAM_DLOPEN
diff --git a/debian/patches/fix-pkcs11-helper-hang.patch b/debian/patches/fix-pkcs11-helper-hang.patch
new file mode 100644
index 0000000..41d9be1
--- /dev/null
+++ b/debian/patches/fix-pkcs11-helper-hang.patch
@@ -0,0 +1,13 @@
+Index: openvpn/src/openvpn/pkcs11.c
+===================================================================
+--- openvpn.orig/src/openvpn/pkcs11.c
++++ openvpn/src/openvpn/pkcs11.c
+@@ -312,7 +312,7 @@ pkcs11_initialize(
+
+ pkcs11h_setLogLevel(_pkcs11_msg_openvpn2pkcs11(get_debug_level()));
+
+- if ((rv = pkcs11h_setForkMode(TRUE)) != CKR_OK)
++ if ((rv = pkcs11h_setForkMode(FALSE)) != CKR_OK)
+ {
+ msg(M_FATAL, "PKCS#11: Cannot set fork mode %ld-'%s'", rv, pkcs11h_getMessage(rv));
+ goto cleanup;
diff --git a/debian/patches/kfreebsd_support.patch b/debian/patches/kfreebsd_support.patch
index 4445e0d..4e89f32 100644
--- a/debian/patches/kfreebsd_support.patch
+++ b/debian/patches/kfreebsd_support.patch
@@ -1,11 +1,9 @@
Description: Improve kFreeBSD support
Author: Gonéri Le Bouder <goneri@rulezlan.org>
Bug-Debian: http://bugs.debian.org/626062
-Index: openvpn/src/openvpn/route.c
-===================================================================
---- openvpn.orig/src/openvpn/route.c 2017-06-22 13:17:05.754630908 +0200
-+++ openvpn/src/openvpn/route.c 2017-06-22 13:17:05.750630880 +0200
-@@ -1689,7 +1689,7 @@
+--- a/src/openvpn/route.c
++++ b/src/openvpn/route.c
+@@ -1693,7 +1693,7 @@
argv_msg(D_ROUTE, &argv);
status = openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route add command failed");
@@ -14,7 +12,7 @@ Index: openvpn/src/openvpn/route.c
argv_printf(&argv, "%s add",
ROUTE_PATH);
-@@ -1875,7 +1875,7 @@
+@@ -1879,7 +1879,7 @@
network = print_in6_addr( r6->network, 0, &gc);
gateway = print_in6_addr( r6->gateway, 0, &gc);
@@ -23,7 +21,7 @@ Index: openvpn/src/openvpn/route.c
|| defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \
|| defined(TARGET_OPENBSD) || defined(TARGET_NETBSD)
-@@ -2043,7 +2043,7 @@
+@@ -2047,7 +2047,7 @@
argv_msg(D_ROUTE, &argv);
status = openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route add -inet6 command failed");
@@ -32,7 +30,7 @@ Index: openvpn/src/openvpn/route.c
argv_printf(&argv, "%s add -inet6 %s/%d",
ROUTE_PATH,
-@@ -2227,7 +2227,7 @@
+@@ -2239,7 +2239,7 @@
argv_msg(D_ROUTE, &argv);
openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route delete command failed");
@@ -41,7 +39,7 @@ Index: openvpn/src/openvpn/route.c
argv_printf(&argv, "%s delete -net %s %s %s",
ROUTE_PATH,
-@@ -2334,7 +2334,7 @@
+@@ -2346,7 +2346,7 @@
network = print_in6_addr( r6->network, 0, &gc);
gateway = print_in6_addr( r6->gateway, 0, &gc);
@@ -50,7 +48,7 @@ Index: openvpn/src/openvpn/route.c
|| defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \
|| defined(TARGET_OPENBSD) || defined(TARGET_NETBSD)
-@@ -2469,7 +2469,7 @@
+@@ -2481,7 +2481,7 @@
argv_msg(D_ROUTE, &argv);
openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route delete -inet6 command failed");
@@ -59,7 +57,7 @@ Index: openvpn/src/openvpn/route.c
argv_printf(&argv, "%s delete -inet6 %s/%d",
ROUTE_PATH,
-@@ -3514,7 +3514,8 @@
+@@ -3532,7 +3532,8 @@
#elif defined(TARGET_DARWIN) || defined(TARGET_SOLARIS) \
|| defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \
@@ -69,20 +67,18 @@ Index: openvpn/src/openvpn/route.c
#include <sys/types.h>
#include <sys/socket.h>
-Index: openvpn/src/openvpn/tun.c
-===================================================================
---- openvpn.orig/src/openvpn/tun.c 2017-06-22 13:17:05.754630908 +0200
-+++ openvpn/src/openvpn/tun.c 2017-06-22 13:17:05.750630880 +0200
-@@ -843,7 +843,7 @@
+--- a/src/openvpn/tun.c
++++ b/src/openvpn/tun.c
+@@ -845,7 +845,7 @@
#endif /* if defined(_WIN32) || defined(TARGET_DARWIN) || defined(TARGET_NETBSD) || defined(TARGET_OPENBSD) */
#if defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \
-- || defined(TARGET_OPENBSD)
-+ || defined(TARGET_OPENBSD) || defined(__FreeBSD_kernel__)
+- || defined(TARGET_NETBSD) || defined(TARGET_OPENBSD)
++ || defined(TARGET_NETBSD) || defined(TARGET_OPENBSD) || defined(__FreeBSD_kernel__)
/* we can't use true subnet mode on tun on all platforms, as that
* conflicts with IPv6 (wants to use ND then, which we don't do),
* but the OSes want "a remote address that is different from ours"
-@@ -1412,7 +1412,7 @@
+@@ -1429,7 +1429,7 @@
add_route_connected_v6_net(tt, es);
}
@@ -91,7 +87,7 @@ Index: openvpn/src/openvpn/tun.c
in_addr_t remote_end; /* for "virtual" subnet topology */
-@@ -2770,7 +2770,7 @@
+@@ -2785,7 +2785,7 @@
}
}
@@ -100,10 +96,8 @@ Index: openvpn/src/openvpn/tun.c
static inline int
freebsd_modify_read_write_return(int len)
-Index: openvpn/src/openvpn/lladdr.c
-===================================================================
---- openvpn.orig/src/openvpn/lladdr.c 2017-06-22 13:17:05.754630908 +0200
-+++ openvpn/src/openvpn/lladdr.c 2017-06-22 13:17:05.750630880 +0200
+--- a/src/openvpn/lladdr.c
++++ b/src/openvpn/lladdr.c
@@ -50,7 +50,7 @@
"%s %s lladdr %s",
IFCONFIG_PATH,
@@ -113,10 +107,8 @@ Index: openvpn/src/openvpn/lladdr.c
argv_printf(&argv,
"%s %s ether %s",
IFCONFIG_PATH,
-Index: openvpn/src/openvpn/syshead.h
-===================================================================
---- openvpn.orig/src/openvpn/syshead.h 2017-06-22 13:17:05.754630908 +0200
-+++ openvpn/src/openvpn/syshead.h 2017-06-22 13:17:05.750630880 +0200
+--- a/src/openvpn/syshead.h
++++ b/src/openvpn/syshead.h
@@ -297,7 +297,7 @@
#endif /* TARGET_OPENBSD */
@@ -126,11 +118,9 @@ Index: openvpn/src/openvpn/syshead.h
#ifdef HAVE_SYS_UIO_H
#include <sys/uio.h>
-Index: openvpn/src/openvpn/ssl.c
-===================================================================
---- openvpn.orig/src/openvpn/ssl.c 2017-06-22 13:17:05.754630908 +0200
-+++ openvpn/src/openvpn/ssl.c 2017-06-22 13:17:05.750630880 +0200
-@@ -2269,7 +2269,7 @@
+--- a/src/openvpn/ssl.c
++++ b/src/openvpn/ssl.c
+@@ -2270,7 +2270,7 @@
buf_printf(&out, "IV_PLAT=mac\n");
#elif defined(TARGET_NETBSD)
buf_printf(&out, "IV_PLAT=netbsd\n");
diff --git a/debian/patches/openvpn-pkcs11warn.patch b/debian/patches/openvpn-pkcs11warn.patch
index 1fabddd..71b2ac8 100644
--- a/debian/patches/openvpn-pkcs11warn.patch
+++ b/debian/patches/openvpn-pkcs11warn.patch
@@ -1,11 +1,11 @@
Description: Warn users about deprecated pkcs11 options
Author: Florian Kulzer <florian.kulzer+debian@icfo.es>
Bug-Debian: http://bugs.debian.org/475353
-Index: openvpn/src/openvpn/options.c
+Index: trunk/src/openvpn/options.c
===================================================================
---- openvpn.orig/src/openvpn/options.c 2017-06-22 13:16:58.862582114 +0200
-+++ openvpn/src/openvpn/options.c 2017-06-22 13:16:58.862582114 +0200
-@@ -6818,6 +6818,20 @@
+--- trunk.orig/src/openvpn/options.c
++++ trunk/src/openvpn/options.c
+@@ -6861,6 +6861,20 @@ add_option(struct options *options,
options->port_share_port = p[2];
options->port_share_journal_dir = p[3];
}
diff --git a/debian/patches/series b/debian/patches/series
index 156ff6f..8b19c3d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,6 @@ debian_nogroup_for_sample_files.patch
openvpn-pkcs11warn.patch
kfreebsd_support.patch
match-manpage-and-command-help.patch
+spelling_errors.patch
+systemd.patch
+fix-pkcs11-helper-hang.patch
diff --git a/debian/patches/spelling_errors.patch b/debian/patches/spelling_errors.patch
new file mode 100644
index 0000000..cac36d3
--- /dev/null
+++ b/debian/patches/spelling_errors.patch
@@ -0,0 +1,53 @@
+Description: correct tspelling errors
+Author: Jörg Frings-Fürst <debian@jff.email>
+Last-Update: 2018-07-29
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/src/openvpn/buffer.c
+===================================================================
+--- trunk.orig/src/openvpn/buffer.c
++++ trunk/src/openvpn/buffer.c
+@@ -44,7 +44,7 @@ array_mult_safe(const size_t m1, const s
+ unsigned long long res = (unsigned long long)m1 * (unsigned long long)m2 + (unsigned long long)extra;
+ if (unlikely(m1 > limit) || unlikely(m2 > limit) || unlikely(extra > limit) || unlikely(res > (unsigned long long)limit))
+ {
+- msg(M_FATAL, "attemped allocation of excessively large array");
++ msg(M_FATAL, "attempted allocation of excessively large array");
+ }
+ return (size_t) res;
+ }
+Index: trunk/src/openvpn/options.c
+===================================================================
+--- trunk.orig/src/openvpn/options.c
++++ trunk/src/openvpn/options.c
+@@ -448,7 +448,7 @@ static const char usage_message[] =
+ " user/pass via environment, if method='via-file', pass\n"
+ " user/pass via temporary file.\n"
+ "--auth-gen-token [lifetime] Generate a random authentication token which is pushed\n"
+- " to each client, replacing the password. Usefull when\n"
++ " to each client, replacing the password. Useful when\n"
+ " OTP based two-factor auth mechanisms are in use and\n"
+ " --reneg-* options are enabled. Optionally a lifetime in seconds\n"
+ " for generated tokens can be set.\n"
+Index: trunk/doc/openvpn.8
+===================================================================
+--- trunk.orig/doc/openvpn.8
++++ trunk/doc/openvpn.8
+@@ -2181,7 +2181,7 @@ that
+ is parsed on the command line even though
+ the daemonization point occurs later. If one of the
+ .B \-\-log
+-options is present, it will supercede syslog
++options is present, it will supersede syslog
+ redirection.
+
+ The optional
+@@ -2292,7 +2292,7 @@ If
+ already exists it will be truncated.
+ This option takes effect
+ immediately when it is parsed in the command line
+-and will supercede syslog output if
++and will supersede syslog output if
+ .B \-\-daemon
+ or
+ .B \-\-inetd
diff --git a/debian/patches/systemd.patch b/debian/patches/systemd.patch
new file mode 100644
index 0000000..ccbecfd
--- /dev/null
+++ b/debian/patches/systemd.patch
@@ -0,0 +1,29 @@
+Description: remove syslog.target
+Author: Jörg Frings-Fürst <debian@jff.email>
+Last-Update: 2018-07-29
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/distro/systemd/openvpn-client@.service.in
+===================================================================
+--- trunk.orig/distro/systemd/openvpn-client@.service.in
++++ trunk/distro/systemd/openvpn-client@.service.in
+@@ -1,6 +1,6 @@
+ [Unit]
+ Description=OpenVPN tunnel for %I
+-After=syslog.target network-online.target
++After=network-online.target
+ Wants=network-online.target
+ Documentation=man:openvpn(8)
+ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
+Index: trunk/distro/systemd/openvpn-server@.service.in
+===================================================================
+--- trunk.orig/distro/systemd/openvpn-server@.service.in
++++ trunk/distro/systemd/openvpn-server@.service.in
+@@ -1,6 +1,6 @@
+ [Unit]
+ Description=OpenVPN service for %I
+-After=syslog.target network-online.target
++After=network-online.target
+ Wants=network-online.target
+ Documentation=man:openvpn(8)
+ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage