From 1aff45d6fdfbc63a0256a831a8f8644a84708e9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Wed, 9 Feb 2022 16:30:31 +0100 Subject: some work on 2.5.4-1 --- debian/changelog | 2 +- debian/patches/auth-pam_libpam_so_filename.patch | 4 +- debian/patches/fix-openssl-error.patch | 32 +++++------ debian/patches/kfreebsd_support.patch | 64 +++++++++++++--------- .../patches/match-manpage-and-command-help.patch | 8 +-- debian/patches/openvpn-pkcs11warn.patch | 2 +- debian/patches/series | 4 +- 7 files changed, 62 insertions(+), 54 deletions(-) diff --git a/debian/changelog b/debian/changelog index 5718835..eab28f4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -openvpn (2.5.3-1) UNRELEASED; urgency=medium +openvpn (2.5.4-1) UNRELEASED; urgency=medium * New upstream release. diff --git a/debian/patches/auth-pam_libpam_so_filename.patch b/debian/patches/auth-pam_libpam_so_filename.patch index 2e7e5c4..db93b90 100644 --- a/debian/patches/auth-pam_libpam_so_filename.patch +++ b/debian/patches/auth-pam_libpam_so_filename.patch @@ -5,8 +5,8 @@ Index: trunk/src/plugins/auth-pam/auth-pam.c =================================================================== --- trunk.orig/src/plugins/auth-pam/auth-pam.c +++ trunk/src/plugins/auth-pam/auth-pam.c -@@ -716,7 +716,7 @@ pam_server(int fd, const char *service, - struct user_pass up; +@@ -894,7 +894,7 @@ pam_server(int fd, const char *service, + char ac_file_name[PATH_MAX]; int command; #ifdef USE_PAM_DLOPEN - static const char pam_so[] = "libpam.so"; diff --git a/debian/patches/fix-openssl-error.patch b/debian/patches/fix-openssl-error.patch index 566d7e6..db035ad 100644 --- a/debian/patches/fix-openssl-error.patch +++ b/debian/patches/fix-openssl-error.patch @@ -19,13 +19,13 @@ situation (this also clears the stack). src/openvpn/ssl_openssl.c | 10 ++++++++++ 1 file changed, 10 insertions(+) -diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c -index 5955c6bd..555cbbdf 100644 ---- a/src/openvpn/ssl_openssl.c -+++ b/src/openvpn/ssl_openssl.c -@@ -115,6 +115,11 @@ tls_ctx_server_new(struct tls_root_ctx *ctx) - { - crypto_msg(M_FATAL, "SSL_CTX_new SSLv23_server_method"); +Index: trunk/src/openvpn/ssl_openssl.c +=================================================================== +--- trunk.orig/src/openvpn/ssl_openssl.c ++++ trunk/src/openvpn/ssl_openssl.c +@@ -120,6 +120,11 @@ tls_ctx_server_new(struct tls_root_ctx * + crypto_msg(M_WARN, "Warning: TLS server context initialisation " + "has warnings."); } + if (ERR_peek_error() != 0) + { @@ -35,17 +35,15 @@ index 5955c6bd..555cbbdf 100644 } void -@@ -128,6 +133,11 @@ tls_ctx_client_new(struct tls_root_ctx *ctx) - { - crypto_msg(M_FATAL, "SSL_CTX_new SSLv23_client_method"); +@@ -135,6 +140,11 @@ tls_ctx_client_new(struct tls_root_ctx * } -+ if (ERR_peek_error() != 0) -+ { + if (ERR_peek_error() != 0) + { + crypto_msg(M_WARN, "Warning: TLS client context initialisation " + "has warnings."); + } - } - - void --- -2.26.0 ++ if (ERR_peek_error() != 0) ++ { + crypto_msg(M_WARN, "Warning: TLS client context initialisation " + "has warnings."); + } diff --git a/debian/patches/kfreebsd_support.patch b/debian/patches/kfreebsd_support.patch index 4e89f32..f189079 100644 --- a/debian/patches/kfreebsd_support.patch +++ b/debian/patches/kfreebsd_support.patch @@ -1,9 +1,11 @@ Description: Improve kFreeBSD support Author: Gonéri Le Bouder Bug-Debian: http://bugs.debian.org/626062 ---- a/src/openvpn/route.c -+++ b/src/openvpn/route.c -@@ -1693,7 +1693,7 @@ +Index: trunk/src/openvpn/route.c +=================================================================== +--- trunk.orig/src/openvpn/route.c ++++ trunk/src/openvpn/route.c +@@ -1721,7 +1721,7 @@ add_route(struct route_ipv4 *r, argv_msg(D_ROUTE, &argv); status = openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route add command failed"); @@ -12,7 +14,7 @@ Bug-Debian: http://bugs.debian.org/626062 argv_printf(&argv, "%s add", ROUTE_PATH); -@@ -1879,7 +1879,7 @@ +@@ -1914,7 +1914,7 @@ add_route_ipv6(struct route_ipv6 *r6, co network = print_in6_addr( r6->network, 0, &gc); gateway = print_in6_addr( r6->gateway, 0, &gc); @@ -21,7 +23,7 @@ Bug-Debian: http://bugs.debian.org/626062 || defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ || defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) -@@ -2047,7 +2047,7 @@ +@@ -2073,7 +2073,7 @@ add_route_ipv6(struct route_ipv6 *r6, co argv_msg(D_ROUTE, &argv); status = openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route add -inet6 command failed"); @@ -30,7 +32,7 @@ Bug-Debian: http://bugs.debian.org/626062 argv_printf(&argv, "%s add -inet6 %s/%d", ROUTE_PATH, -@@ -2239,7 +2239,7 @@ +@@ -2268,7 +2268,7 @@ delete_route(struct route_ipv4 *r, argv_msg(D_ROUTE, &argv); openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route delete command failed"); @@ -39,16 +41,16 @@ Bug-Debian: http://bugs.debian.org/626062 argv_printf(&argv, "%s delete -net %s %s %s", ROUTE_PATH, -@@ -2346,7 +2346,7 @@ - network = print_in6_addr( r6->network, 0, &gc); +@@ -2385,7 +2385,7 @@ delete_route_ipv6(const struct route_ipv gateway = print_in6_addr( r6->gateway, 0, &gc); + #endif -#if defined(TARGET_DARWIN) \ +#if defined(TARGET_DARWIN) || defined(__FreeBSD_kernel__) \ || defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ || defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) -@@ -2481,7 +2481,7 @@ +@@ -2503,7 +2503,7 @@ delete_route_ipv6(const struct route_ipv argv_msg(D_ROUTE, &argv); openvpn_execve_check(&argv, es, 0, "ERROR: Solaris route delete -inet6 command failed"); @@ -57,7 +59,7 @@ Bug-Debian: http://bugs.debian.org/626062 argv_printf(&argv, "%s delete -inet6 %s/%d", ROUTE_PATH, -@@ -3532,7 +3532,8 @@ +@@ -3405,7 +3405,8 @@ get_default_gateway_ipv6(struct route_ip #elif defined(TARGET_DARWIN) || defined(TARGET_SOLARIS) \ || defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ @@ -67,9 +69,11 @@ Bug-Debian: http://bugs.debian.org/626062 #include #include ---- a/src/openvpn/tun.c -+++ b/src/openvpn/tun.c -@@ -845,7 +845,7 @@ +Index: trunk/src/openvpn/tun.c +=================================================================== +--- trunk.orig/src/openvpn/tun.c ++++ trunk/src/openvpn/tun.c +@@ -972,7 +972,7 @@ delete_route_connected_v6_net(const stru #endif /* if defined(_WIN32) || defined(TARGET_DARWIN) || defined(TARGET_NETBSD) || defined(TARGET_OPENBSD) */ #if defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) \ @@ -78,16 +82,16 @@ Bug-Debian: http://bugs.debian.org/626062 /* we can't use true subnet mode on tun on all platforms, as that * conflicts with IPv6 (wants to use ND then, which we don't do), * but the OSes want "a remote address that is different from ours" -@@ -1429,7 +1429,7 @@ - add_route_connected_v6_net(tt, es); - } +@@ -1471,7 +1471,7 @@ do_ifconfig_ipv4(struct tuntap *tt, cons + add_route(&r, tt, 0, NULL, es, NULL); + } -#elif defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) +#elif defined(TARGET_FREEBSD) || defined(TARGET_DRAGONFLY) || defined(__FreeBSD_kernel__) - in_addr_t remote_end; /* for "virtual" subnet topology */ + in_addr_t remote_end; /* for "virtual" subnet topology */ -@@ -2785,7 +2785,7 @@ +@@ -2798,7 +2798,7 @@ read_tun(struct tuntap *tt, uint8_t *buf } } @@ -96,9 +100,11 @@ Bug-Debian: http://bugs.debian.org/626062 static inline int freebsd_modify_read_write_return(int len) ---- a/src/openvpn/lladdr.c -+++ b/src/openvpn/lladdr.c -@@ -50,7 +50,7 @@ +Index: trunk/src/openvpn/lladdr.c +=================================================================== +--- trunk.orig/src/openvpn/lladdr.c ++++ trunk/src/openvpn/lladdr.c +@@ -47,7 +47,7 @@ set_lladdr(openvpn_net_ctx_t *ctx, const "%s %s lladdr %s", IFCONFIG_PATH, ifname, lladdr); @@ -107,9 +113,11 @@ Bug-Debian: http://bugs.debian.org/626062 argv_printf(&argv, "%s %s ether %s", IFCONFIG_PATH, ---- a/src/openvpn/syshead.h -+++ b/src/openvpn/syshead.h -@@ -297,7 +297,7 @@ +Index: trunk/src/openvpn/syshead.h +=================================================================== +--- trunk.orig/src/openvpn/syshead.h ++++ trunk/src/openvpn/syshead.h +@@ -299,7 +299,7 @@ #endif /* TARGET_OPENBSD */ @@ -118,9 +126,11 @@ Bug-Debian: http://bugs.debian.org/626062 #ifdef HAVE_SYS_UIO_H #include ---- a/src/openvpn/ssl.c -+++ b/src/openvpn/ssl.c -@@ -2270,7 +2270,7 @@ +Index: trunk/src/openvpn/ssl.c +=================================================================== +--- trunk.orig/src/openvpn/ssl.c ++++ trunk/src/openvpn/ssl.c +@@ -2229,7 +2229,7 @@ push_peer_info(struct buffer *buf, struc buf_printf(&out, "IV_PLAT=mac\n"); #elif defined(TARGET_NETBSD) buf_printf(&out, "IV_PLAT=netbsd\n"); diff --git a/debian/patches/match-manpage-and-command-help.patch b/debian/patches/match-manpage-and-command-help.patch index 39b899c..79bc1c6 100644 --- a/debian/patches/match-manpage-and-command-help.patch +++ b/debian/patches/match-manpage-and-command-help.patch @@ -7,11 +7,11 @@ Subject: [PATCH] Change command help to match man page and implementation src/openvpn/options.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -Index: openvpn/src/openvpn/options.c +Index: trunk/src/openvpn/options.c =================================================================== ---- openvpn.orig/src/openvpn/options.c 2017-06-22 13:17:12.806680520 +0200 -+++ openvpn/src/openvpn/options.c 2017-06-22 13:17:12.802680492 +0200 -@@ -197,7 +197,7 @@ +--- trunk.orig/src/openvpn/options.c ++++ trunk/src/openvpn/options.c +@@ -196,7 +196,7 @@ static const char usage_message[] = " is established. Multiple routes can be specified.\n" " netmask default: 255.255.255.255\n" " gateway default: taken from --route-gateway or --ifconfig\n" diff --git a/debian/patches/openvpn-pkcs11warn.patch b/debian/patches/openvpn-pkcs11warn.patch index b5a255a..961d6d3 100644 --- a/debian/patches/openvpn-pkcs11warn.patch +++ b/debian/patches/openvpn-pkcs11warn.patch @@ -5,7 +5,7 @@ Index: trunk/src/openvpn/options.c =================================================================== --- trunk.orig/src/openvpn/options.c +++ trunk/src/openvpn/options.c -@@ -6824,6 +6824,20 @@ add_option(struct options *options, +@@ -7180,6 +7180,20 @@ add_option(struct options *options, options->port_share_port = p[2]; options->port_share_journal_dir = p[3]; } diff --git a/debian/patches/series b/debian/patches/series index 6ef394c..e431324 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,9 +1,9 @@ move_log_dir.patch auth-pam_libpam_so_filename.patch -debian_nogroup_for_sample_files.patch +#debian_nogroup_for_sample_files.patch openvpn-pkcs11warn.patch kfreebsd_support.patch match-manpage-and-command-help.patch -spelling_errors.patch +#spelling_errors.patch systemd.patch fix-openssl-error.patch -- cgit v1.2.3