From 56fe41c68de3c0b85f7eee6b56cd261e9905045a Mon Sep 17 00:00:00 2001 From: Alberto Gonzalez Iniesta Date: Mon, 21 Nov 2016 10:13:53 +0100 Subject: Refresh patches for 2.4 --- debian/changelog | 6 ++++ debian/patches/accommodate_typo.patch | 15 -------- debian/patches/auth-pam_libpam_so_filename.patch | 6 ++-- debian/patches/close_socket_before_scripts.patch | 14 ++++---- .../patches/debian_nogroup_for_sample_files.patch | 30 ++++++++-------- debian/patches/manpage_fixes.patch | 40 ---------------------- debian/patches/openvpn-pkcs11warn.patch | 8 ++--- debian/patches/route_default_nil.patch | 6 ++-- debian/patches/series | 4 +-- debian/rules | 2 ++ 10 files changed, 41 insertions(+), 90 deletions(-) delete mode 100644 debian/patches/accommodate_typo.patch delete mode 100644 debian/patches/manpage_fixes.patch diff --git a/debian/changelog b/debian/changelog index f456c19..a3336a7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +openvpn (2.4~beta1-1) experimental; urgency=medium + + * New upstream release + + -- Alberto Gonzalez Iniesta Mon, 21 Nov 2016 10:15:40 +0100 + openvpn (2.3.11-2) unstable; urgency=medium * Remove dependency on initscripts. (Closes: #804968) diff --git a/debian/patches/accommodate_typo.patch b/debian/patches/accommodate_typo.patch deleted file mode 100644 index ac6be64..0000000 --- a/debian/patches/accommodate_typo.patch +++ /dev/null @@ -1,15 +0,0 @@ -Description: Simple spelling fix -Author: Alberto Gonzalez Iniesta -Index: openvpn/src/openvpn/occ.c -=================================================================== ---- openvpn.orig/src/openvpn/occ.c 2014-05-14 12:58:59.805184504 +0200 -+++ openvpn/src/openvpn/occ.c 2014-05-14 12:58:59.805184504 +0200 -@@ -379,7 +379,7 @@ - && c->c2.max_send_size_local > TUN_MTU_MIN - && (c->c2.max_recv_size_remote < c->c2.max_send_size_local - || c->c2.max_recv_size_local < c->c2.max_send_size_remote)) -- msg (M_INFO, "NOTE: This connection is unable to accomodate a UDP packet size of %d. Consider using --fragment or --mssfix options as a workaround.", -+ msg (M_INFO, "NOTE: This connection is unable to accommodate a UDP packet size of %d. Consider using --fragment or --mssfix options as a workaround.", - c->c2.max_send_size_local); - } - event_timeout_clear (&c->c2.occ_mtu_load_test_interval); diff --git a/debian/patches/auth-pam_libpam_so_filename.patch b/debian/patches/auth-pam_libpam_so_filename.patch index 479e111..f3f5f0c 100644 --- a/debian/patches/auth-pam_libpam_so_filename.patch +++ b/debian/patches/auth-pam_libpam_so_filename.patch @@ -3,9 +3,9 @@ Author: Alberto Gonzalez Iniesta Bug-Debian: http://bugs.debian.org/306335 Index: openvpn/src/plugins/auth-pam/auth-pam.c =================================================================== ---- openvpn.orig/src/plugins/auth-pam/auth-pam.c 2016-05-10 17:41:09.763626389 +0200 -+++ openvpn/src/plugins/auth-pam/auth-pam.c 2016-05-10 17:41:09.763626389 +0200 -@@ -721,7 +721,7 @@ +--- openvpn.orig/src/plugins/auth-pam/auth-pam.c 2016-11-21 09:53:25.512782138 +0100 ++++ openvpn/src/plugins/auth-pam/auth-pam.c 2016-11-21 09:53:25.512782138 +0100 +@@ -632,7 +632,7 @@ struct user_pass up; int command; #ifdef USE_PAM_DLOPEN diff --git a/debian/patches/close_socket_before_scripts.patch b/debian/patches/close_socket_before_scripts.patch index 3e53a68..0b848a0 100644 --- a/debian/patches/close_socket_before_scripts.patch +++ b/debian/patches/close_socket_before_scripts.patch @@ -6,10 +6,10 @@ Bug-Debian: http://bugs.debian.org/367716 Index: openvpn/src/openvpn/socket.c =================================================================== ---- openvpn.orig/src/openvpn/socket.c 2016-05-10 17:41:14.575583789 +0200 -+++ openvpn/src/openvpn/socket.c 2016-05-10 17:41:14.571583824 +0200 -@@ -1502,6 +1502,10 @@ - resolve_bind_local (sock); +--- openvpn.orig/src/openvpn/socket.c 2016-11-21 09:58:03.562096178 +0100 ++++ openvpn/src/openvpn/socket.c 2016-11-21 10:01:20.143091482 +0100 +@@ -1625,6 +1625,10 @@ + } resolve_remote (sock, 1, NULL, NULL); } + @@ -18,8 +18,8 @@ Index: openvpn/src/openvpn/socket.c + set_cloexec (sock->sd); } - /* finalize socket initialization */ -@@ -1732,10 +1736,6 @@ + static +@@ -1677,10 +1681,6 @@ /* set socket to non-blocking mode */ set_nonblock (sock->sd); @@ -27,6 +27,6 @@ Index: openvpn/src/openvpn/socket.c - scripts don't have access to it */ - set_cloexec (sock->sd); - - #ifdef ENABLE_SOCKS if (socket_defined (sock->ctrl_sd)) set_cloexec (sock->ctrl_sd); + diff --git a/debian/patches/debian_nogroup_for_sample_files.patch b/debian/patches/debian_nogroup_for_sample_files.patch index 2f1fe3d..f7dcaaa 100644 --- a/debian/patches/debian_nogroup_for_sample_files.patch +++ b/debian/patches/debian_nogroup_for_sample_files.patch @@ -3,9 +3,9 @@ Author: Alberto Gonzalez Iniesta Bug-Debian: http://bugs.debian.org/317987 Index: openvpn/sample/sample-config-files/server.conf =================================================================== ---- openvpn.orig/sample/sample-config-files/server.conf 2015-07-01 14:10:18.547999233 +0200 -+++ openvpn/sample/sample-config-files/server.conf 2015-07-01 14:10:18.543999276 +0200 -@@ -265,7 +265,7 @@ +--- openvpn.orig/sample/sample-config-files/server.conf 2016-11-21 09:53:43.608863207 +0100 ++++ openvpn/sample/sample-config-files/server.conf 2016-11-21 09:53:43.604863188 +0100 +@@ -272,7 +272,7 @@ # You can uncomment this out on # non-Windows systems. ;user nobody @@ -16,8 +16,8 @@ Index: openvpn/sample/sample-config-files/server.conf # accessing certain resources on restart Index: openvpn/sample/sample-config-files/tls-home.conf =================================================================== ---- openvpn.orig/sample/sample-config-files/tls-home.conf 2015-07-01 14:10:18.547999233 +0200 -+++ openvpn/sample/sample-config-files/tls-home.conf 2015-07-01 14:10:18.543999276 +0200 +--- openvpn.orig/sample/sample-config-files/tls-home.conf 2016-11-21 09:53:43.608863207 +0100 ++++ openvpn/sample/sample-config-files/tls-home.conf 2016-11-21 09:53:43.608863207 +0100 @@ -51,7 +51,7 @@ # "nobody" after initialization # for extra security. @@ -29,9 +29,9 @@ Index: openvpn/sample/sample-config-files/tls-home.conf # LZO compression, uncomment Index: openvpn/sample/sample-config-files/static-home.conf =================================================================== ---- openvpn.orig/sample/sample-config-files/static-home.conf 2015-07-01 14:10:18.547999233 +0200 -+++ openvpn/sample/sample-config-files/static-home.conf 2015-07-01 14:10:18.543999276 +0200 -@@ -40,7 +40,7 @@ +--- openvpn.orig/sample/sample-config-files/static-home.conf 2016-11-21 09:53:43.608863207 +0100 ++++ openvpn/sample/sample-config-files/static-home.conf 2016-11-21 09:53:43.608863207 +0100 +@@ -43,7 +43,7 @@ # "nobody" after initialization # for extra security. ; user nobody @@ -42,9 +42,9 @@ Index: openvpn/sample/sample-config-files/static-home.conf # LZO compression, uncomment Index: openvpn/sample/sample-config-files/static-office.conf =================================================================== ---- openvpn.orig/sample/sample-config-files/static-office.conf 2015-07-01 14:10:18.547999233 +0200 -+++ openvpn/sample/sample-config-files/static-office.conf 2015-07-01 14:10:18.543999276 +0200 -@@ -37,7 +37,7 @@ +--- openvpn.orig/sample/sample-config-files/static-office.conf 2016-11-21 09:53:43.608863207 +0100 ++++ openvpn/sample/sample-config-files/static-office.conf 2016-11-21 09:53:43.608863207 +0100 +@@ -40,7 +40,7 @@ # "nobody" after initialization # for extra security. ; user nobody @@ -55,8 +55,8 @@ Index: openvpn/sample/sample-config-files/static-office.conf # LZO compression, uncomment Index: openvpn/sample/sample-config-files/client.conf =================================================================== ---- openvpn.orig/sample/sample-config-files/client.conf 2015-07-01 14:10:18.547999233 +0200 -+++ openvpn/sample/sample-config-files/client.conf 2015-07-01 14:10:18.543999276 +0200 +--- openvpn.orig/sample/sample-config-files/client.conf 2016-11-21 09:53:43.608863207 +0100 ++++ openvpn/sample/sample-config-files/client.conf 2016-11-21 09:53:43.608863207 +0100 @@ -59,7 +59,7 @@ # Downgrade privileges after initialization (non-Windows only) @@ -68,8 +68,8 @@ Index: openvpn/sample/sample-config-files/client.conf persist-key Index: openvpn/sample/sample-config-files/tls-office.conf =================================================================== ---- openvpn.orig/sample/sample-config-files/tls-office.conf 2015-07-01 14:10:18.547999233 +0200 -+++ openvpn/sample/sample-config-files/tls-office.conf 2015-07-01 14:10:18.543999276 +0200 +--- openvpn.orig/sample/sample-config-files/tls-office.conf 2016-11-21 09:53:43.608863207 +0100 ++++ openvpn/sample/sample-config-files/tls-office.conf 2016-11-21 09:53:43.608863207 +0100 @@ -51,7 +51,7 @@ # "nobody" after initialization # for extra security. diff --git a/debian/patches/manpage_fixes.patch b/debian/patches/manpage_fixes.patch deleted file mode 100644 index 61f33b7..0000000 --- a/debian/patches/manpage_fixes.patch +++ /dev/null @@ -1,40 +0,0 @@ -Description: Man page fixes -Author: Alberto Gonzalez Iniesta -Index: openvpn/doc/openvpn.8 -=================================================================== ---- openvpn.orig/doc/openvpn.8 2016-05-10 17:41:23.135507996 +0200 -+++ openvpn/doc/openvpn.8 2016-05-10 17:41:23.131508031 +0200 -@@ -21,13 +21,13 @@ - .\" 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - .\" - .\" Manual page for openvpn --.\ -+.\" - .\" SH section heading - .\" SS subsection heading - .\" LP paragraph - .\" IP indented paragraph - .\" TP hanging label --.\ -+.\" - .\" .nf -- no formatting - .\" .fi -- resume formatting - .\" .ft 3 -- boldface -@@ -4006,7 +4006,7 @@ - This option is only relevant in UDP mode, i.e. - when either - .B \-\-proto udp --is specifed, or no -+is specified, or no - .B \-\-proto - option is specified. - -@@ -5279,7 +5279,7 @@ - .B \-\-dev tun - mode, OpenVPN will cause the DHCP server to masquerade as if it were - coming from the remote endpoint. The optional offset parameter is --an integer which is > -256 and < 256 and which defaults to 0. -+an integer which is > \-256 and < 256 and which defaults to 0. - If offset is positive, the DHCP server will masquerade as the IP - address at network address + offset. - If offset is negative, the DHCP server will masquerade as the IP diff --git a/debian/patches/openvpn-pkcs11warn.patch b/debian/patches/openvpn-pkcs11warn.patch index 2aaea75..eae8fe4 100644 --- a/debian/patches/openvpn-pkcs11warn.patch +++ b/debian/patches/openvpn-pkcs11warn.patch @@ -3,9 +3,9 @@ Author: Florian Kulzer Bug-Debian: http://bugs.debian.org/475353 Index: openvpn/src/openvpn/options.c =================================================================== ---- openvpn.orig/src/openvpn/options.c 2016-01-20 12:02:32.953360525 +0100 -+++ openvpn/src/openvpn/options.c 2016-01-20 12:02:32.949360569 +0100 -@@ -6346,6 +6346,20 @@ +--- openvpn.orig/src/openvpn/options.c 2016-11-21 09:53:53.100906016 +0100 ++++ openvpn/src/openvpn/options.c 2016-11-21 09:53:53.096905998 +0100 +@@ -6569,6 +6569,20 @@ { VERIFY_PERMISSION (OPT_P_ROUTE_EXTRAS); } @@ -25,4 +25,4 @@ Index: openvpn/src/openvpn/options.c + } #endif #if PASSTOS_CAPABILITY - else if (streq (p[0], "passtos")) + else if (streq (p[0], "passtos") && !p[1]) diff --git a/debian/patches/route_default_nil.patch b/debian/patches/route_default_nil.patch index cf17dec..adda9be 100644 --- a/debian/patches/route_default_nil.patch +++ b/debian/patches/route_default_nil.patch @@ -2,9 +2,9 @@ Description: Fix small wording in man page. Author: Alberto Gonzalez Iniesta Index: openvpn/doc/openvpn.8 =================================================================== ---- openvpn.orig/doc/openvpn.8 2015-07-01 14:10:31.563860364 +0200 -+++ openvpn/doc/openvpn.8 2015-07-01 14:10:31.559860407 +0200 -@@ -989,7 +989,7 @@ +--- openvpn.orig/doc/openvpn.8 2016-11-21 09:54:04.404957249 +0100 ++++ openvpn/doc/openvpn.8 2016-11-21 09:54:04.400957231 +0100 +@@ -973,7 +973,7 @@ otherwise 0. The default can be specified by leaving an option blank or setting diff --git a/debian/patches/series b/debian/patches/series index f37465a..e068c68 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -3,6 +3,4 @@ close_socket_before_scripts.patch debian_nogroup_for_sample_files.patch openvpn-pkcs11warn.patch route_default_nil.patch -kfreebsd_support.patch -accommodate_typo.patch -manpage_fixes.patch +#kfreebsd_support.patch diff --git a/debian/rules b/debian/rules index ada966e..4e7fd39 100755 --- a/debian/rules +++ b/debian/rules @@ -69,6 +69,8 @@ override_dh_installexamples: override_dh_installinit: dh_installinit --no-start -- defaults 16 80 + install -m 644 distro/systemd/openvpn-server@.service $(CURDIR)/debian/openvpn/lib/systemd/system + install -m 644 distro/systemd/openvpn-client@.service $(CURDIR)/debian/openvpn/lib/systemd/system override_dh_compress: dh_compress --exclude=.cnf --exclude=pkitool -- cgit v1.2.3