From 8e2718532a8d8ae637e974f5e9a7be9ac5f4abb8 Mon Sep 17 00:00:00 2001 From: Alberto Gonzalez Iniesta Date: Mon, 5 Nov 2012 17:02:20 +0100 Subject: Moving to 2.3 --- debian/patches/accommodate_typo.patch | 8 ++-- debian/patches/auth-pam_libpam_so_filename.patch | 10 ++--- debian/patches/close_socket_before_scripts.patch | 10 ++--- .../patches/debian_nogroup_for_sample_files.patch | 36 ++++++++--------- debian/patches/kfreebsd_support.patch | 16 ++++---- debian/patches/manpage_fixes.patch | 45 +++++++++++++--------- debian/patches/openvpn-pkcs11warn.patch | 16 ++++---- debian/patches/route_default_nil.patch | 8 ++-- debian/patches/series | 3 -- debian/patches/use-dpkg-buildflags.patch | 8 ++-- 10 files changed, 83 insertions(+), 77 deletions(-) (limited to 'debian/patches') diff --git a/debian/patches/accommodate_typo.patch b/debian/patches/accommodate_typo.patch index 1367d7a..f3ffeaa 100644 --- a/debian/patches/accommodate_typo.patch +++ b/debian/patches/accommodate_typo.patch @@ -1,10 +1,10 @@ Description: Simple spelling fix Author: Alberto Gonzalez Iniesta -Index: openvpn/occ.c +Index: openvpn/src/openvpn/occ.c =================================================================== ---- openvpn.orig/occ.c 2012-02-23 17:35:52.609808455 +0100 -+++ openvpn/occ.c 2012-02-23 17:37:34.086311649 +0100 -@@ -373,7 +373,7 @@ +--- openvpn.orig/src/openvpn/occ.c 2012-11-05 16:29:30.284804762 +0100 ++++ openvpn/src/openvpn/occ.c 2012-11-05 16:49:06.630637944 +0100 +@@ -379,7 +379,7 @@ && c->c2.max_send_size_local > TUN_MTU_MIN && (c->c2.max_recv_size_remote < c->c2.max_send_size_local || c->c2.max_recv_size_local < c->c2.max_send_size_remote)) diff --git a/debian/patches/auth-pam_libpam_so_filename.patch b/debian/patches/auth-pam_libpam_so_filename.patch index b76779d..7882ec5 100644 --- a/debian/patches/auth-pam_libpam_so_filename.patch +++ b/debian/patches/auth-pam_libpam_so_filename.patch @@ -1,14 +1,14 @@ Description: Fix libpam.so filename to /lib/libpam.so.0 in pam plugin Author: Alberto Gonzalez Iniesta Bug-Debian: http://bugs.debian.org/306335 -Index: openvpn-2.2.1/plugin/auth-pam/auth-pam.c +Index: openvpn/src/plugins/auth-pam/auth-pam.c =================================================================== ---- openvpn-2.2.1.orig/plugin/auth-pam/auth-pam.c 2011-12-13 12:41:58.693936739 +0100 -+++ openvpn-2.2.1/plugin/auth-pam/auth-pam.c 2011-12-13 12:42:00.146918574 +0100 -@@ -688,7 +688,7 @@ +--- openvpn.orig/src/plugins/auth-pam/auth-pam.c 2012-11-05 16:29:30.000000000 +0100 ++++ openvpn/src/plugins/auth-pam/auth-pam.c 2012-11-05 16:37:20.471136293 +0100 +@@ -696,7 +696,7 @@ struct user_pass up; int command; - #if DLOPEN_PAM + #ifdef USE_PAM_DLOPEN - static const char pam_so[] = "libpam.so"; + static const char pam_so[] = "libpam.so.0"; #endif diff --git a/debian/patches/close_socket_before_scripts.patch b/debian/patches/close_socket_before_scripts.patch index 011a8e7..dac7c91 100644 --- a/debian/patches/close_socket_before_scripts.patch +++ b/debian/patches/close_socket_before_scripts.patch @@ -4,11 +4,11 @@ Description: Set socket's FD_CLOEXEC flag before calling up script Author: Julien Cristau Bug-Debian: http://bugs.debian.org/367716 -Index: openvpn-2.2.0/socket.c +Index: openvpn/src/openvpn/socket.c =================================================================== ---- openvpn-2.2.0.orig/socket.c 2011-04-21 21:13:34.000000000 +0200 -+++ openvpn-2.2.0/socket.c 2011-05-10 16:18:35.300018716 +0200 -@@ -1327,6 +1327,10 @@ +--- openvpn.orig/src/openvpn/socket.c 2012-11-05 16:29:30.292804798 +0100 ++++ openvpn/src/openvpn/socket.c 2012-11-05 16:42:09.072567383 +0100 +@@ -1491,6 +1491,10 @@ resolve_bind_local (sock); resolve_remote (sock, 1, NULL, NULL); } @@ -19,7 +19,7 @@ Index: openvpn-2.2.0/socket.c } /* finalize socket initialization */ -@@ -1532,10 +1536,6 @@ +@@ -1721,10 +1725,6 @@ /* set socket to non-blocking mode */ set_nonblock (sock->sd); diff --git a/debian/patches/debian_nogroup_for_sample_files.patch b/debian/patches/debian_nogroup_for_sample_files.patch index 9325b4c..0517e2f 100644 --- a/debian/patches/debian_nogroup_for_sample_files.patch +++ b/debian/patches/debian_nogroup_for_sample_files.patch @@ -1,10 +1,10 @@ Description: Unpriviledged group in Debian is called nogroup instead of nobody Author: Alberto Gonzalez Iniesta Bug-Debian: http://bugs.debian.org/317987 -Index: openvpn-2.1_rc15/sample-config-files/server.conf +Index: openvpn/sample/sample-config-files/server.conf =================================================================== ---- openvpn-2.1_rc15.orig/sample-config-files/server.conf 2009-04-30 12:58:46.468752631 +0200 -+++ openvpn-2.1_rc15/sample-config-files/server.conf 2009-04-30 12:59:03.535984196 +0200 +--- openvpn.orig/sample/sample-config-files/server.conf 2012-11-05 16:29:30.264804667 +0100 ++++ openvpn/sample/sample-config-files/server.conf 2012-11-05 16:43:32.080979003 +0100 @@ -260,7 +260,7 @@ # You can uncomment this out on # non-Windows systems. @@ -14,10 +14,10 @@ Index: openvpn-2.1_rc15/sample-config-files/server.conf # The persist options will try to avoid # accessing certain resources on restart -Index: openvpn-2.1_rc15/sample-config-files/tls-home.conf +Index: openvpn/sample/sample-config-files/tls-home.conf =================================================================== ---- openvpn-2.1_rc15.orig/sample-config-files/tls-home.conf 2009-04-30 12:58:46.484747045 +0200 -+++ openvpn-2.1_rc15/sample-config-files/tls-home.conf 2009-04-30 12:59:03.536981682 +0200 +--- openvpn.orig/sample/sample-config-files/tls-home.conf 2012-11-05 16:29:30.264804667 +0100 ++++ openvpn/sample/sample-config-files/tls-home.conf 2012-11-05 16:43:32.080979003 +0100 @@ -51,7 +51,7 @@ # "nobody" after initialization # for extra security. @@ -27,10 +27,10 @@ Index: openvpn-2.1_rc15/sample-config-files/tls-home.conf # If you built OpenVPN with # LZO compression, uncomment -Index: openvpn-2.1_rc15/sample-config-files/static-home.conf +Index: openvpn/sample/sample-config-files/static-home.conf =================================================================== ---- openvpn-2.1_rc15.orig/sample-config-files/static-home.conf 2009-04-30 12:58:46.505740620 +0200 -+++ openvpn-2.1_rc15/sample-config-files/static-home.conf 2009-04-30 12:59:03.541035034 +0200 +--- openvpn.orig/sample/sample-config-files/static-home.conf 2012-11-05 16:29:30.264804667 +0100 ++++ openvpn/sample/sample-config-files/static-home.conf 2012-11-05 16:43:32.080979003 +0100 @@ -40,7 +40,7 @@ # "nobody" after initialization # for extra security. @@ -40,10 +40,10 @@ Index: openvpn-2.1_rc15/sample-config-files/static-home.conf # If you built OpenVPN with # LZO compression, uncomment -Index: openvpn-2.1_rc15/sample-config-files/static-office.conf +Index: openvpn/sample/sample-config-files/static-office.conf =================================================================== ---- openvpn-2.1_rc15.orig/sample-config-files/static-office.conf 2009-04-30 12:58:46.528733358 +0200 -+++ openvpn-2.1_rc15/sample-config-files/static-office.conf 2009-04-30 12:59:03.549976933 +0200 +--- openvpn.orig/sample/sample-config-files/static-office.conf 2012-11-05 16:29:30.264804667 +0100 ++++ openvpn/sample/sample-config-files/static-office.conf 2012-11-05 16:43:32.084979030 +0100 @@ -37,7 +37,7 @@ # "nobody" after initialization # for extra security. @@ -53,10 +53,10 @@ Index: openvpn-2.1_rc15/sample-config-files/static-office.conf # If you built OpenVPN with # LZO compression, uncomment -Index: openvpn-2.1_rc15/sample-config-files/client.conf +Index: openvpn/sample/sample-config-files/client.conf =================================================================== ---- openvpn-2.1_rc15.orig/sample-config-files/client.conf 2009-04-30 12:58:46.548728609 +0200 -+++ openvpn-2.1_rc15/sample-config-files/client.conf 2009-04-30 12:59:03.551976933 +0200 +--- openvpn.orig/sample/sample-config-files/client.conf 2012-11-05 16:29:30.264804667 +0100 ++++ openvpn/sample/sample-config-files/client.conf 2012-11-05 16:43:32.084979030 +0100 @@ -59,7 +59,7 @@ # Downgrade privileges after initialization (non-Windows only) @@ -66,10 +66,10 @@ Index: openvpn-2.1_rc15/sample-config-files/client.conf # Try to preserve some state across restarts. persist-key -Index: openvpn-2.1_rc15/sample-config-files/tls-office.conf +Index: openvpn/sample/sample-config-files/tls-office.conf =================================================================== ---- openvpn-2.1_rc15.orig/sample-config-files/tls-office.conf 2009-04-30 12:58:46.574722464 +0200 -+++ openvpn-2.1_rc15/sample-config-files/tls-office.conf 2009-04-30 12:59:03.553977212 +0200 +--- openvpn.orig/sample/sample-config-files/tls-office.conf 2012-11-05 16:29:30.264804667 +0100 ++++ openvpn/sample/sample-config-files/tls-office.conf 2012-11-05 16:43:32.084979030 +0100 @@ -51,7 +51,7 @@ # "nobody" after initialization # for extra security. diff --git a/debian/patches/kfreebsd_support.patch b/debian/patches/kfreebsd_support.patch index 38237f7..e070630 100644 --- a/debian/patches/kfreebsd_support.patch +++ b/debian/patches/kfreebsd_support.patch @@ -1,11 +1,11 @@ Description: Improve kFreeBSD support Author: Gonéri Le Bouder Bug-Debian: http://bugs.debian.org/626062 -Index: openvpn-2.2.1/route.c +Index: openvpn/src/openvpn/route.c =================================================================== ---- openvpn-2.2.1.orig/route.c 2011-12-13 12:24:54.641739154 +0100 -+++ openvpn-2.2.1/route.c 2011-12-13 12:41:46.990083056 +0100 -@@ -1192,7 +1192,7 @@ +--- openvpn.orig/src/openvpn/route.c 2012-11-05 16:29:30.292804798 +0100 ++++ openvpn/src/openvpn/route.c 2012-11-05 16:48:38.766499773 +0100 +@@ -1412,7 +1412,7 @@ argv_msg (D_ROUTE, &argv); status = openvpn_execve_check (&argv, es, 0, "ERROR: Solaris route add command failed"); @@ -14,11 +14,11 @@ Index: openvpn-2.2.1/route.c argv_printf (&argv, "%s add", ROUTE_PATH); -Index: openvpn-2.2.1/tun.c +Index: openvpn/src/openvpn/tun.c =================================================================== ---- openvpn-2.2.1.orig/tun.c 2011-12-13 12:41:30.078294479 +0100 -+++ openvpn-2.2.1/tun.c 2011-12-13 12:41:46.993083019 +0100 -@@ -1069,7 +1069,7 @@ +--- openvpn.orig/src/openvpn/tun.c 2012-11-05 16:29:30.296804820 +0100 ++++ openvpn/src/openvpn/tun.c 2012-11-05 16:48:38.770499790 +0100 +@@ -1097,7 +1097,7 @@ add_route_connected_v6_net(tt, es); } diff --git a/debian/patches/manpage_fixes.patch b/debian/patches/manpage_fixes.patch index e42e146..f228f4d 100644 --- a/debian/patches/manpage_fixes.patch +++ b/debian/patches/manpage_fixes.patch @@ -1,9 +1,9 @@ Description: Man page fixes Author: Alberto Gonzalez Iniesta -Index: openvpn/openvpn.8 +Index: openvpn/doc/openvpn.8 =================================================================== ---- openvpn.orig/openvpn.8 2012-02-23 18:21:36.731415822 +0100 -+++ openvpn/openvpn.8 2012-02-23 18:24:34.620297924 +0100 +--- openvpn.orig/doc/openvpn.8 2012-11-05 16:46:31.765870008 +0100 ++++ openvpn/doc/openvpn.8 2012-11-05 16:51:54.803471868 +0100 @@ -21,13 +21,13 @@ .\" 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA .\" @@ -20,7 +20,16 @@ Index: openvpn/openvpn.8 .\" .nf -- no formatting .\" .fi -- resume formatting .\" .ft 3 -- boldface -@@ -3620,7 +3620,7 @@ +@@ -2506,7 +2506,7 @@ + .B \-\-management-signal + Send SIGUSR1 signal to OpenVPN if management session disconnects. + This is useful when you wish to disconnect an OpenVPN session on +-user logoff. For --management-client this option is not needed since ++user logoff. For \-\-management-client this option is not needed since + a disconnect will always generate a SIGTERM. + .\"********************************************************* + .TP +@@ -3865,7 +3865,7 @@ This option is only relevant in UDP mode, i.e. when either .B \-\-proto udp @@ -29,16 +38,7 @@ Index: openvpn/openvpn.8 .B \-\-proto option is specified. -@@ -4352,7 +4352,7 @@ - .TP - .B \-\-tls-export-cert directory - Store the certificates the clients uses upon connection to this --directory. This will be done before --tls-verify is called. The -+directory. This will be done before \-\-tls-verify is called. The - certificates will use a temporary name and will be deleted when - the tls-verify script returns. The file name used for the certificate - is available via the peer_cert environment variable. -@@ -4362,7 +4362,7 @@ +@@ -4650,7 +4650,7 @@ Field in x509 certificate subject to be used as username (default=CN). .B Fieldname will be uppercased before matching. When this option is used, the @@ -47,7 +47,16 @@ Index: openvpn/openvpn.8 of the CN. .\"********************************************************* .TP -@@ -4664,7 +4664,7 @@ +@@ -4935,7 +4935,7 @@ + + This option have changed behaviour in OpenVPN 2.3. Earlier you had to + define +-.B --win-sys env ++.B \-\-win-sys env + to use the SystemRoot environment variable, otherwise it defaulted to C:\\WINDOWS. + It is not needed to use the + .B env +@@ -4978,7 +4978,7 @@ .B \-\-dev tun mode, OpenVPN will cause the DHCP server to masquerade as if it were coming from the remote endpoint. The optional offset parameter is @@ -56,7 +65,7 @@ Index: openvpn/openvpn.8 If offset is positive, the DHCP server will masquerade as the IP address at network address + offset. If offset is negative, the DHCP server will masquerade as the IP -@@ -4958,26 +4958,26 @@ +@@ -5272,26 +5272,26 @@ documentation of the IPv6-related options. More documentation can be found on http://www.greenie.net/ipv6/openvpn.html. .TP @@ -91,7 +100,7 @@ Index: openvpn/openvpn.8 Specify an IPv6 address pool for dynamic assignment to clients. The pool starts at .B ipv6addr -@@ -4985,20 +4985,20 @@ +@@ -5299,20 +5299,20 @@ .B /bits setting controls the size of the pool. .TP @@ -119,7 +128,7 @@ Index: openvpn/openvpn.8 interact. .\"********************************************************* -@@ -5417,7 +5417,7 @@ +@@ -5798,7 +5798,7 @@ .TP .B peer_cert Temporary file name containing the client certificate upon diff --git a/debian/patches/openvpn-pkcs11warn.patch b/debian/patches/openvpn-pkcs11warn.patch index e7900a4..04325f8 100644 --- a/debian/patches/openvpn-pkcs11warn.patch +++ b/debian/patches/openvpn-pkcs11warn.patch @@ -1,13 +1,13 @@ Description: Warn users about deprecated pkcs11 options Author: Florian Kulzer Bug-Debian: http://bugs.debian.org/475353 -Index: openvpn-2.2.1/options.c +Index: openvpn/src/openvpn/options.c =================================================================== ---- openvpn-2.2.1.orig/options.c 2011-12-13 12:41:58.510939026 +0100 -+++ openvpn-2.2.1/options.c 2011-12-13 12:42:07.882821863 +0100 -@@ -5993,6 +5993,20 @@ - VERIFY_PERMISSION (OPT_P_GENERAL); - options->pkcs11_id_management = true; +--- openvpn.orig/src/openvpn/options.c 2012-11-05 16:29:30.284804762 +0100 ++++ openvpn/src/openvpn/options.c 2012-11-05 16:44:12.873181274 +0100 +@@ -6098,6 +6098,20 @@ + { + VERIFY_PERMISSION (OPT_P_ROUTE_EXTRAS); } + else if (streq (p[0], "pkcs11-id-type") || + streq (p[0], "pkcs11-sign-mode") || @@ -24,5 +24,5 @@ Index: openvpn-2.2.1/options.c + p[0], PACKAGE_VERSION); + } #endif - #ifdef TUNSETPERSIST - else if (streq (p[0], "rmtun")) + #if PASSTOS_CAPABILITY + else if (streq (p[0], "passtos")) diff --git a/debian/patches/route_default_nil.patch b/debian/patches/route_default_nil.patch index 6d6705e..8b12c0e 100644 --- a/debian/patches/route_default_nil.patch +++ b/debian/patches/route_default_nil.patch @@ -1,10 +1,10 @@ Description: Fix small wording in man page. Author: Alberto Gonzalez Iniesta -Index: openvpn-2.2.1/openvpn.8 +Index: openvpn/doc/openvpn.8 =================================================================== ---- openvpn-2.2.1.orig/openvpn.8 2011-12-13 12:42:10.802785357 +0100 -+++ openvpn-2.2.1/openvpn.8 2011-12-13 12:42:12.899759141 +0100 -@@ -954,7 +954,7 @@ +--- openvpn.orig/doc/openvpn.8 2012-11-05 16:29:30.256804617 +0100 ++++ openvpn/doc/openvpn.8 2012-11-05 16:46:31.765870008 +0100 +@@ -945,7 +945,7 @@ otherwise 0. The default can be specified by leaving an option blank or setting diff --git a/debian/patches/series b/debian/patches/series index b85da2b..f37465a 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,10 +2,7 @@ auth-pam_libpam_so_filename.patch close_socket_before_scripts.patch debian_nogroup_for_sample_files.patch openvpn-pkcs11warn.patch -jjo-ipv6-support.patch route_default_nil.patch -ipv6-payload.patch kfreebsd_support.patch accommodate_typo.patch manpage_fixes.patch -use-dpkg-buildflags.patch diff --git a/debian/patches/use-dpkg-buildflags.patch b/debian/patches/use-dpkg-buildflags.patch index 72c0ec2..e1a7e46 100644 --- a/debian/patches/use-dpkg-buildflags.patch +++ b/debian/patches/use-dpkg-buildflags.patch @@ -3,8 +3,8 @@ Description: Use build flags from environment for plugins (dpkg-buildflags). Author: Simon Ruderich Last-Update: 2012-03-16 ---- openvpn-2.2.1.orig/plugin/auth-pam/Makefile -+++ openvpn-2.2.1/plugin/auth-pam/Makefile +--- openvpn-2.2.1.orig/src/plugins/auth-pam/Makefile ++++ openvpn-2.2.1/src/plugins/auth-pam/Makefile @@ -18,13 +18,13 @@ INCLUDE=-I../.. CC_FLAGS=-O2 -Wall -DDLOPEN_PAM=$(DLOPEN_PAM) @@ -22,8 +22,8 @@ Last-Update: 2012-03-16 clean : rm -f *.o *.so ---- openvpn-2.2.1.orig/plugin/down-root/Makefile -+++ openvpn-2.2.1/plugin/down-root/Makefile +--- openvpn-2.2.1.orig/src/plugins/down-root/Makefile ++++ openvpn-2.2.1/src/plugins/down-root/Makefile @@ -8,10 +8,10 @@ INCLUDE=-I../.. CC_FLAGS=-O2 -Wall -- cgit v1.2.3