summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/changelog3
-rw-r--r--debian/patches/close_socket_before_scripts.patch8
-rw-r--r--debian/patches/debian_nogroup_for_sample_files.patch26
-rw-r--r--debian/patches/kfreebsd_support.patch10
-rw-r--r--debian/patches/manpage_fixes.patch98
-rw-r--r--debian/patches/openvpn-pkcs11warn.patch6
-rw-r--r--debian/patches/route_default_nil.patch6
-rw-r--r--debian/patches/series2
8 files changed, 35 insertions, 124 deletions
diff --git a/debian/changelog b/debian/changelog
index 2b8cac8..b6afdf2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,9 @@ openvpn (2.3.7-1) unstable; urgency=medium
* Add --no-block to if-up.d script to avoid hanging boot on
interfaces with openvpn instances. (Closes: #787090, #785200)
* Add ProtectSystem=yes to systemd's service file. (Closes: #771626)
+ * Removed upstream applied patches:
+ - 0001-Drop-too-short-control-channel-packets-instead-of-as.patch
+ - update_sample_certs.patch
-- Alberto Gonzalez Iniesta <agi@inittab.org> Wed, 01 Jul 2015 13:19:26 +0200
diff --git a/debian/patches/close_socket_before_scripts.patch b/debian/patches/close_socket_before_scripts.patch
index 8d84462..fa51dce 100644
--- a/debian/patches/close_socket_before_scripts.patch
+++ b/debian/patches/close_socket_before_scripts.patch
@@ -6,9 +6,9 @@ Bug-Debian: http://bugs.debian.org/367716
Index: openvpn/src/openvpn/socket.c
===================================================================
---- openvpn.orig/src/openvpn/socket.c 2014-10-30 11:30:47.118658137 +0100
-+++ openvpn/src/openvpn/socket.c 2014-10-30 11:30:47.114658136 +0100
-@@ -1492,6 +1492,10 @@
+--- openvpn.orig/src/openvpn/socket.c 2015-07-01 14:10:06.116131868 +0200
++++ openvpn/src/openvpn/socket.c 2015-07-01 14:10:06.112131911 +0200
+@@ -1494,6 +1494,10 @@
resolve_bind_local (sock);
resolve_remote (sock, 1, NULL, NULL);
}
@@ -19,7 +19,7 @@ Index: openvpn/src/openvpn/socket.c
}
/* finalize socket initialization */
-@@ -1722,10 +1726,6 @@
+@@ -1724,10 +1728,6 @@
/* set socket to non-blocking mode */
set_nonblock (sock->sd);
diff --git a/debian/patches/debian_nogroup_for_sample_files.patch b/debian/patches/debian_nogroup_for_sample_files.patch
index 920c77d..2f1fe3d 100644
--- a/debian/patches/debian_nogroup_for_sample_files.patch
+++ b/debian/patches/debian_nogroup_for_sample_files.patch
@@ -3,9 +3,9 @@ Author: Alberto Gonzalez Iniesta <agi@inittab.org>
Bug-Debian: http://bugs.debian.org/317987
Index: openvpn/sample/sample-config-files/server.conf
===================================================================
---- openvpn.orig/sample/sample-config-files/server.conf 2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/server.conf 2014-10-30 11:30:56.114658434 +0100
-@@ -267,7 +267,7 @@
+--- openvpn.orig/sample/sample-config-files/server.conf 2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/server.conf 2015-07-01 14:10:18.543999276 +0200
+@@ -265,7 +265,7 @@
# You can uncomment this out on
# non-Windows systems.
;user nobody
@@ -16,8 +16,8 @@ Index: openvpn/sample/sample-config-files/server.conf
# accessing certain resources on restart
Index: openvpn/sample/sample-config-files/tls-home.conf
===================================================================
---- openvpn.orig/sample/sample-config-files/tls-home.conf 2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/tls-home.conf 2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/tls-home.conf 2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/tls-home.conf 2015-07-01 14:10:18.543999276 +0200
@@ -51,7 +51,7 @@
# "nobody" after initialization
# for extra security.
@@ -29,8 +29,8 @@ Index: openvpn/sample/sample-config-files/tls-home.conf
# LZO compression, uncomment
Index: openvpn/sample/sample-config-files/static-home.conf
===================================================================
---- openvpn.orig/sample/sample-config-files/static-home.conf 2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/static-home.conf 2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/static-home.conf 2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/static-home.conf 2015-07-01 14:10:18.543999276 +0200
@@ -40,7 +40,7 @@
# "nobody" after initialization
# for extra security.
@@ -42,8 +42,8 @@ Index: openvpn/sample/sample-config-files/static-home.conf
# LZO compression, uncomment
Index: openvpn/sample/sample-config-files/static-office.conf
===================================================================
---- openvpn.orig/sample/sample-config-files/static-office.conf 2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/static-office.conf 2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/static-office.conf 2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/static-office.conf 2015-07-01 14:10:18.543999276 +0200
@@ -37,7 +37,7 @@
# "nobody" after initialization
# for extra security.
@@ -55,8 +55,8 @@ Index: openvpn/sample/sample-config-files/static-office.conf
# LZO compression, uncomment
Index: openvpn/sample/sample-config-files/client.conf
===================================================================
---- openvpn.orig/sample/sample-config-files/client.conf 2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/client.conf 2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/client.conf 2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/client.conf 2015-07-01 14:10:18.543999276 +0200
@@ -59,7 +59,7 @@
# Downgrade privileges after initialization (non-Windows only)
@@ -68,8 +68,8 @@ Index: openvpn/sample/sample-config-files/client.conf
persist-key
Index: openvpn/sample/sample-config-files/tls-office.conf
===================================================================
---- openvpn.orig/sample/sample-config-files/tls-office.conf 2014-10-30 11:30:56.118658434 +0100
-+++ openvpn/sample/sample-config-files/tls-office.conf 2014-10-30 11:30:56.114658434 +0100
+--- openvpn.orig/sample/sample-config-files/tls-office.conf 2015-07-01 14:10:18.547999233 +0200
++++ openvpn/sample/sample-config-files/tls-office.conf 2015-07-01 14:10:18.543999276 +0200
@@ -51,7 +51,7 @@
# "nobody" after initialization
# for extra security.
diff --git a/debian/patches/kfreebsd_support.patch b/debian/patches/kfreebsd_support.patch
index 94c6727..523eb43 100644
--- a/debian/patches/kfreebsd_support.patch
+++ b/debian/patches/kfreebsd_support.patch
@@ -3,8 +3,8 @@ Author: Gonéri Le Bouder <goneri@rulezlan.org>
Bug-Debian: http://bugs.debian.org/626062
Index: openvpn/src/openvpn/route.c
===================================================================
---- openvpn.orig/src/openvpn/route.c 2014-10-30 11:31:13.226659001 +0100
-+++ openvpn/src/openvpn/route.c 2014-10-30 11:31:13.222659000 +0100
+--- openvpn.orig/src/openvpn/route.c 2015-07-01 14:10:36.563807017 +0200
++++ openvpn/src/openvpn/route.c 2015-07-01 14:10:36.559807060 +0200
@@ -1419,7 +1419,7 @@
argv_msg (D_ROUTE, &argv);
status = openvpn_execve_check (&argv, es, 0, "ERROR: Solaris route add command failed");
@@ -16,9 +16,9 @@ Index: openvpn/src/openvpn/route.c
ROUTE_PATH);
Index: openvpn/src/openvpn/tun.c
===================================================================
---- openvpn.orig/src/openvpn/tun.c 2014-10-30 11:31:13.226659001 +0100
-+++ openvpn/src/openvpn/tun.c 2014-10-30 11:31:13.226659001 +0100
-@@ -1095,7 +1095,7 @@
+--- openvpn.orig/src/openvpn/tun.c 2015-07-01 14:10:36.563807017 +0200
++++ openvpn/src/openvpn/tun.c 2015-07-01 14:10:36.559807060 +0200
+@@ -1122,7 +1122,7 @@
add_route_connected_v6_net(tt, es);
}
diff --git a/debian/patches/manpage_fixes.patch b/debian/patches/manpage_fixes.patch
index d3d2393..eb10655 100644
--- a/debian/patches/manpage_fixes.patch
+++ b/debian/patches/manpage_fixes.patch
@@ -2,8 +2,8 @@ Description: Man page fixes
Author: Alberto Gonzalez Iniesta <agi@inittab.org>
Index: openvpn/doc/openvpn.8
===================================================================
---- openvpn.orig/doc/openvpn.8 2014-10-30 11:31:18.398659172 +0100
-+++ openvpn/doc/openvpn.8 2014-10-30 11:31:18.394659172 +0100
+--- openvpn.orig/doc/openvpn.8 2015-07-01 14:11:08.987461064 +0200
++++ openvpn/doc/openvpn.8 2015-07-01 14:11:08.983461107 +0200
@@ -21,13 +21,13 @@
.\" 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
.\"
@@ -20,16 +20,7 @@ Index: openvpn/doc/openvpn.8
.\" .nf -- no formatting
.\" .fi -- resume formatting
.\" .ft 3 -- boldface
-@@ -2573,7 +2573,7 @@
- .B \-\-management-signal
- Send SIGUSR1 signal to OpenVPN if management session disconnects.
- This is useful when you wish to disconnect an OpenVPN session on
--user logoff. For --management-client this option is not needed since
-+user logoff. For \-\-management-client this option is not needed since
- a disconnect will always generate a SIGTERM.
- .\"*********************************************************
- .TP
-@@ -3952,7 +3952,7 @@
+@@ -3991,7 +3991,7 @@
This option is only relevant in UDP mode, i.e.
when either
.B \-\-proto udp
@@ -38,16 +29,7 @@ Index: openvpn/doc/openvpn.8
.B \-\-proto
option is specified.
-@@ -5122,7 +5122,7 @@
-
- This option have changed behaviour in OpenVPN 2.3. Earlier you had to
- define
--.B --win-sys env
-+.B \-\-win-sys env
- to use the SystemRoot environment variable, otherwise it defaulted to C:\\WINDOWS.
- It is not needed to use the
- .B env
-@@ -5165,7 +5165,7 @@
+@@ -5266,7 +5266,7 @@
.B \-\-dev tun
mode, OpenVPN will cause the DHCP server to masquerade as if it were
coming from the remote endpoint. The optional offset parameter is
@@ -56,75 +38,3 @@ Index: openvpn/doc/openvpn.8
If offset is positive, the DHCP server will masquerade as the IP
address at network address + offset.
If offset is negative, the DHCP server will masquerade as the IP
-@@ -5461,26 +5461,26 @@
- .B \-\-topology
- , which has no effect on IPv6).
- .TP
--.B --ifconfig-ipv6 ipv6addr/bits ipv6remote
-+.B \-\-ifconfig-ipv6 ipv6addr/bits ipv6remote
- configure IPv6 address
- .B ipv6addr/bits
- on the ``tun'' device. The second parameter is used as route target for
--.B --route-ipv6
-+.B \-\-route-ipv6
- if no gateway is specified.
- .TP
--.B --route-ipv6 ipv6addr/bits [gateway] [metric]
-+.B \-\-route-ipv6 ipv6addr/bits [gateway] [metric]
- setup IPv6 routing in the system to send the specified IPv6 network
- into OpenVPN's ``tun'' device
- .TP
--.B --server-ipv6 ipv6addr/bits
-+.B \-\-server-ipv6 ipv6addr/bits
- convenience-function to enable a number of IPv6 related options at
- once, namely
--.B --ifconfig-ipv6, --ifconfig-ipv6-pool, --tun-ipv6
-+.B \-\-ifconfig-ipv6, \-\-ifconfig-ipv6-pool, \-\-tun-ipv6
- and
--.B --push tun-ipv6
--Is only accepted if ``--mode server'' or ``--server'' is set.
-+.B \-\-push tun-ipv6
-+Is only accepted if ``\-\-mode server'' or ``\-\-server'' is set.
- .TP
--.B --ifconfig-ipv6-pool ipv6addr/bits
-+.B \-\-ifconfig-ipv6-pool ipv6addr/bits
- Specify an IPv6 address pool for dynamic assignment to clients. The
- pool starts at
- .B ipv6addr
-@@ -5489,20 +5489,20 @@
- setting controls the size of the pool. Due to implementation details,
- the pool size must be between /64 and /112.
- .TP
--.B --ifconfig-ipv6-push ipv6addr/bits ipv6remote
-+.B \-\-ifconfig-ipv6-push ipv6addr/bits ipv6remote
- for ccd/ per-client static IPv6 interface configuration, see
--.B --client-config-dir
-+.B \-\-client-config-dir
- and
--.B --ifconfig-push
-+.B \-\-ifconfig-push
- for more details.
- .TP
--.B --iroute-ipv6 ipv6addr/bits
-+.B \-\-iroute-ipv6 ipv6addr/bits
- for ccd/ per-client static IPv6 route configuration, see
--.B --iroute
-+.B \-\-iroute
- for more details how to setup and use this, and how
--.B --iroute
-+.B \-\-iroute
- and
--.B --route
-+.B \-\-route
- interact.
-
- .\"*********************************************************
-@@ -5988,7 +5988,7 @@
- .TP
- .B peer_cert
- Temporary file name containing the client certificate upon
--connection. Useful in conjunction with --tls-verify
-+connection. Useful in conjunction with \-\-tls-verify
- .\"*********************************************************
- .TP
- .B script_context
diff --git a/debian/patches/openvpn-pkcs11warn.patch b/debian/patches/openvpn-pkcs11warn.patch
index 3d238cb..5b61f99 100644
--- a/debian/patches/openvpn-pkcs11warn.patch
+++ b/debian/patches/openvpn-pkcs11warn.patch
@@ -3,9 +3,9 @@ Author: Florian Kulzer <florian.kulzer+debian@icfo.es>
Bug-Debian: http://bugs.debian.org/475353
Index: openvpn/src/openvpn/options.c
===================================================================
---- openvpn.orig/src/openvpn/options.c 2014-10-30 11:31:06.334658772 +0100
-+++ openvpn/src/openvpn/options.c 2014-10-30 11:31:06.330658772 +0100
-@@ -6247,6 +6247,20 @@
+--- openvpn.orig/src/openvpn/options.c 2015-07-01 14:10:25.083929500 +0200
++++ openvpn/src/openvpn/options.c 2015-07-01 14:10:25.083929500 +0200
+@@ -6293,6 +6293,20 @@
{
VERIFY_PERMISSION (OPT_P_ROUTE_EXTRAS);
}
diff --git a/debian/patches/route_default_nil.patch b/debian/patches/route_default_nil.patch
index e8572b5..cf17dec 100644
--- a/debian/patches/route_default_nil.patch
+++ b/debian/patches/route_default_nil.patch
@@ -2,9 +2,9 @@ Description: Fix small wording in man page.
Author: Alberto Gonzalez Iniesta <agi@inittab.org>
Index: openvpn/doc/openvpn.8
===================================================================
---- openvpn.orig/doc/openvpn.8 2014-05-14 12:58:55.637184441 +0200
-+++ openvpn/doc/openvpn.8 2014-05-14 12:58:55.633184441 +0200
-@@ -966,7 +966,7 @@
+--- openvpn.orig/doc/openvpn.8 2015-07-01 14:10:31.563860364 +0200
++++ openvpn/doc/openvpn.8 2015-07-01 14:10:31.559860407 +0200
+@@ -989,7 +989,7 @@
otherwise 0.
The default can be specified by leaving an option blank or setting
diff --git a/debian/patches/series b/debian/patches/series
index bbf753a..f37465a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,5 +6,3 @@ route_default_nil.patch
kfreebsd_support.patch
accommodate_typo.patch
manpage_fixes.patch
-0001-Drop-too-short-control-channel-packets-instead-of-as.patch
-update_sample_certs.patch