Changes 2.1.4:

* Fix problem with special case route targets ('remote_host')
  The init_route() function will leave &netlist untouched for
  get_special_addr() routes ("remote_host" being one of them).
  netlist is on stack,  contains random garbage, and
  netlist.len will not be 0 - thus, random stack data is copied from
  netlist.data[] until the route_list is full.
This commit is contained in:
adam 2010-11-30 08:50:17 +00:00
parent 21964a9977
commit 571aacd5a9
10 changed files with 75 additions and 80 deletions

View file

@ -1,9 +1,8 @@
# $NetBSD: Makefile,v 1.38 2010/09/05 20:33:48 adam Exp $
# $NetBSD: Makefile,v 1.39 2010/11/30 08:50:17 adam Exp $
DISTNAME= openvpn-2.1.3
DISTNAME= openvpn-2.1.4
CATEGORIES= net
MASTER_SITES= http://openvpn.net/release/ \
http://openvpn.net/release/old/
MASTER_SITES= http://swupdate.openvpn.net/community/releases/
MAINTAINER= pkgsrc-users@NetBSD.org
HOMEPAGE= http://openvpn.net/

View file

@ -1,13 +1,12 @@
$NetBSD: distinfo,v 1.21 2010/09/05 20:33:48 adam Exp $
$NetBSD: distinfo,v 1.22 2010/11/30 08:50:17 adam Exp $
SHA1 (openvpn-2.1.3.tar.gz) = 91058e78c58c2e66298c7132bea1ddba52baaa82
RMD160 (openvpn-2.1.3.tar.gz) = ec0f63d63442eb3a26448747a5b0956e27b09809
Size (openvpn-2.1.3.tar.gz) = 860672 bytes
SHA1 (patch-aa) = e27e5a6411c9fb6545a1ad630f165200546b7213
SHA1 (patch-ab) = d26cdc9166a8813860f31cb5b11bc5b3643b8aa5
SHA1 (patch-ac) = f59615702208cae2a094306bc5fa7fb96234e55a
SHA1 (patch-ad) = 69f5fff5105131dc05ab38a1a717e1b363f88c1c
SHA1 (patch-ae) = 362c881da994608baad7b10667100c39143244b6
SHA1 (patch-af) = dc5dbca74ebbda081e4eaf9a9d5e11b6de11269f
SHA1 (patch-ag) = fe8e59cf177c99c2fd001e7893df86af961e8e4e
SHA1 (patch-ah) = c530376eb68ab8f21c9b3c73149d2c24742aa4c9
SHA1 (openvpn-2.1.4.tar.gz) = 07c59c5b89b762761bfe1a6997ec847279f5a2da
RMD160 (openvpn-2.1.4.tar.gz) = 3d4be2fe625883598370d74e8f7d9274eb40a636
Size (openvpn-2.1.4.tar.gz) = 863726 bytes
SHA1 (patch-aa) = df289c5ff2be22ff7cf54ce5f2e6a59f1cfa21dd
SHA1 (patch-ab) = 4d6010e938c53ea903f535a061e7794f7e6b5b9d
SHA1 (patch-ac) = 599b324cb67f80e99d18504a9bb17ef24aa601c8
SHA1 (patch-ad) = 09d5289c922a3d60e5193f9f6b7df1e738002972
SHA1 (patch-ae) = b6682c115d9d6fa894313416107ad275eab9e5ce
SHA1 (patch-af) = d7e516662a84e5bb653820efd4dc761f5592c724
SHA1 (patch-ag) = f8afd660bc5c52cc4a8986765857eef1f3c48402

View file

@ -1,8 +1,8 @@
$NetBSD: patch-aa,v 1.4 2008/12/05 08:13:35 hasso Exp $
$NetBSD: patch-aa,v 1.5 2010/11/30 08:50:17 adam Exp $
--- route.c.orig 2008-11-17 02:48:04 +0200
+++ route.c 2008-12-04 23:33:09 +0200
@@ -1557,7 +1557,11 @@ get_default_gateway (in_addr_t *gateway,
--- route.c.orig 2010-11-04 19:29:40.000000000 +0000
+++ route.c
@@ -1636,7 +1636,11 @@ get_default_gateway (in_addr_t *gateway,
#define RTA_NETMASK 0x4
#define RTM_GET 0x4

View file

@ -1,8 +1,8 @@
$NetBSD: patch-ab,v 1.5 2007/06/21 21:44:42 jlam Exp $
$NetBSD: patch-ab,v 1.6 2010/11/30 08:50:17 adam Exp $
--- syshead.h.orig 2007-04-25 17:38:46.000000000 -0400
--- syshead.h.orig 2010-11-04 19:29:02.000000000 +0000
+++ syshead.h
@@ -262,6 +262,10 @@
@@ -305,6 +305,10 @@
#ifdef TARGET_NETBSD

View file

@ -1,7 +1,8 @@
$NetBSD: patch-ac,v 1.7 2008/10/09 10:57:23 sborrill Exp $
--- tun.c.orig 2008-10-06 08:22:21.000000000 +0100
+++ tun.c 2008-10-09 10:06:50.000000000 +0100
@@ -63,6 +63,7 @@
$NetBSD: patch-ac,v 1.8 2010/11/30 08:50:17 adam Exp $
--- tun.c.orig 2010-11-04 19:29:02.000000000 +0000
+++ tun.c
@@ -63,6 +63,7 @@ static const char *netsh_get_id (const c
#ifdef TARGET_SOLARIS
static void solaris_error_close (struct tuntap *tt, const struct env_set *es, const char *actual);
@ -9,7 +10,7 @@ $NetBSD: patch-ac,v 1.7 2008/10/09 10:57:23 sborrill Exp $
#endif
bool
@@ -720,7 +721,12 @@
@@ -701,7 +702,12 @@ do_ifconfig (struct tuntap *tt,
);
}
else
@ -23,7 +24,26 @@ $NetBSD: patch-ac,v 1.7 2008/10/09 10:57:23 sborrill Exp $
argv_msg (M_INFO, &argv);
if (!openvpn_execve_check (&argv, es, 0, "Solaris ifconfig phase-2 failed"))
@@ -1020,7 +1026,37 @@
@@ -771,15 +777,15 @@ do_ifconfig (struct tuntap *tt,
* NetBSD has distinct tun and tap devices
* so we don't need the "link0" extra parameter to specify we want to do
* tunneling at the ethernet level
+ * NB: The tun driver has no broadcast capability.
*/
argv_printf (&argv,
- "%s %s %s netmask %s mtu %d broadcast %s",
+ "%s %s %s netmask %s mtu %d",
IFCONFIG_PATH,
actual,
ifconfig_local,
ifconfig_remote_netmask,
- tun_mtu,
- ifconfig_broadcast
+ tun_mtu
);
argv_msg (M_INFO, &argv);
openvpn_execve_check (&argv, es, S_FATAL, "NetBSD ifconfig failed");
@@ -1000,7 +1006,37 @@ open_tun_generic (const char *dev, const
if (dynamic && !has_digit((unsigned char *)dev))
{
int i;
@ -62,7 +82,7 @@ $NetBSD: patch-ac,v 1.7 2008/10/09 10:57:23 sborrill Exp $
{
openvpn_snprintf (tunname, sizeof (tunname),
"/dev/%s%d", dev, i);
@@ -1403,13 +1439,16 @@
@@ -1383,13 +1419,16 @@ read_tun (struct tuntap* tt, uint8_t *bu
void
open_tun (const char *dev, const char *dev_type, const char *dev_node, bool ipv6, struct tuntap *tt)
{
@ -82,7 +102,7 @@ $NetBSD: patch-ac,v 1.7 2008/10/09 10:57:23 sborrill Exp $
ipv6_support (ipv6, false, tt);
@@ -1430,9 +1469,10 @@
@@ -1410,9 +1449,10 @@ open_tun (const char *dev, const char *d
}
else if (tt->type == DEV_TYPE_TAP)
{
@ -94,7 +114,7 @@ $NetBSD: patch-ac,v 1.7 2008/10/09 10:57:23 sborrill Exp $
dev_tuntap_type = "tap";
link_type = I_PLINK; /* was: I_LINK */
is_tun = false;
@@ -1459,7 +1499,11 @@
@@ -1439,7 +1479,11 @@ open_tun (const char *dev, const char *d
msg (M_ERR, "Can't open %s", dev_node);
/* Assign a new PPA and get its unit number. */
@ -107,7 +127,7 @@ $NetBSD: patch-ac,v 1.7 2008/10/09 10:57:23 sborrill Exp $
msg (M_ERR, "Can't assign new interface");
if ((if_fd = open (dev_node, O_RDWR, 0)) < 0)
@@ -1468,27 +1512,81 @@
@@ -1448,27 +1492,81 @@ open_tun (const char *dev, const char *d
if (ioctl (if_fd, I_PUSH, "ip") < 0)
msg (M_ERR, "Can't push IP module");
@ -174,14 +194,14 @@ $NetBSD: patch-ac,v 1.7 2008/10/09 10:57:23 sborrill Exp $
+
+ if ((ip_muxid = ioctl (tt->ip_fd, link_type, if_fd)) < 0)
+ msg (M_ERR, "Can't link %s device to IP", dev_tuntap_type);
+
- if (ioctl (tt->ip_fd, SIOCSIFMUXID, &ifr) < 0)
+ if (tt->type == DEV_TYPE_TAP) {
+ if ((arp_muxid = ioctl (tt->ip_fd, link_type, arp_fd)) < 0)
+ msg (M_ERR, "Can't link %s device to ARP", dev_tuntap_type);
+ close (arp_fd);
+ }
- if (ioctl (tt->ip_fd, SIOCSIFMUXID, &ifr) < 0)
+
+ close (if_fd);
+
+ CLEAR (ifr);
@ -202,7 +222,7 @@ $NetBSD: patch-ac,v 1.7 2008/10/09 10:57:23 sborrill Exp $
msg (M_ERR, "Can't set multiplexor id");
}
@@ -1506,18 +1604,24 @@
@@ -1486,18 +1584,24 @@ solaris_close_tun (struct tuntap *tt)
{
if (tt->ip_fd >= 0)
{

View file

@ -1,8 +1,8 @@
$NetBSD: patch-ad,v 1.2 2007/06/21 21:44:42 jlam Exp $
$NetBSD: patch-ad,v 1.3 2010/11/30 08:50:17 adam Exp $
--- config.h.in.orig 2007-04-25 19:54:40.000000000 -0400
--- config.h.in.orig 2010-11-04 19:37:13.000000000 +0000
+++ config.h.in
@@ -216,6 +216,9 @@
@@ -228,6 +228,9 @@
/* Define to 1 if you have the <net/if.h> header file. */
#undef HAVE_NET_IF_H

View file

@ -1,7 +1,8 @@
$NetBSD: patch-ae,v 1.3 2008/10/09 10:57:23 sborrill Exp $
--- configure.ac.orig 2008-10-06 08:22:21.000000000 +0100
+++ configure.ac 2008-10-09 10:03:55.000000000 +0100
@@ -343,14 +343,17 @@
$NetBSD: patch-ae,v 1.4 2010/11/30 08:50:17 adam Exp $
--- configure.ac.orig 2010-11-04 19:29:02.000000000 +0000
+++ configure.ac
@@ -362,14 +362,17 @@ if test "${WIN32}" != "yes"; then
sys/mman.h fcntl.h sys/file.h stdlib.h stdint.h dnl
stdarg.h unistd.h signal.h stdio.h string.h dnl
strings.h ctype.h errno.h syslog.h pwd.h grp.h dnl
@ -21,7 +22,7 @@ $NetBSD: patch-ae,v 1.3 2008/10/09 10:57:23 sborrill Exp $
# include <sys/socket.h>
#endif
])
@@ -372,6 +375,9 @@
@@ -391,6 +394,9 @@ if test "${WIN32}" != "yes"; then
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif

View file

@ -1,16 +1,17 @@
$NetBSD: patch-af,v 1.4 2008/10/09 10:57:23 sborrill Exp $
--- configure.orig 2008-10-08 06:18:00.000000000 +0100
+++ configure 2008-10-09 10:04:56.000000000 +0100
@@ -5970,7 +5970,7 @@
$NetBSD: patch-af,v 1.5 2010/11/30 08:50:17 adam Exp $
--- configure.orig 2010-11-04 19:37:13.000000000 +0000
+++ configure
@@ -6814,7 +6814,7 @@ fi
-for ac_header in sys/time.h sys/socket.h sys/un.h sys/ioctl.h sys/stat.h sys/mman.h fcntl.h sys/file.h stdlib.h stdint.h stdarg.h unistd.h signal.h stdio.h string.h strings.h ctype.h errno.h syslog.h pwd.h grp.h net/if_tun.h net/tun/if_tun.h stropts.h sys/sockio.h netinet/in.h netinet/in_systm.h netinet/tcp.h arpa/inet.h netdb.h sys/uio.h linux/if_tun.h linux/sockios.h linux/types.h sys/poll.h sys/epoll.h err.h
+for ac_header in sys/time.h sys/socket.h sys/un.h sys/ioctl.h sys/stat.h sys/mman.h fcntl.h sys/file.h stdlib.h stdint.h stdarg.h unistd.h signal.h stdio.h string.h strings.h ctype.h errno.h syslog.h pwd.h grp.h net/if_tap.h net/if_tun.h net/tun/if_tun.h stropts.h sys/sockio.h netinet/in.h netinet/in_systm.h netinet/tcp.h arpa/inet.h netdb.h sys/uio.h linux/if_tun.h linux/sockios.h linux/types.h sys/poll.h sys/epoll.h err.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
@@ -6129,7 +6129,10 @@
@@ -6979,7 +6979,10 @@ _ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
@ -22,7 +23,7 @@ $NetBSD: patch-af,v 1.4 2008/10/09 10:57:23 sborrill Exp $
# include <sys/socket.h>
#endif
@@ -6263,6 +6266,9 @@
@@ -7121,6 +7124,9 @@ cat >>conftest.$ac_ext <<_ACEOF
#ifdef HAVE_SYS_SOCKET_H
# include <sys/socket.h>
#endif

View file

@ -1,8 +1,8 @@
$NetBSD: patch-ag,v 1.1 2007/06/21 21:44:42 jlam Exp $
$NetBSD: patch-ag,v 1.2 2010/11/30 08:50:17 adam Exp $
--- easy-rsa/2.0/pkitool.orig 2007-04-25 17:38:44.000000000 -0400
--- easy-rsa/2.0/pkitool.orig 2010-11-04 19:29:02.000000000 +0000
+++ easy-rsa/2.0/pkitool
@@ -134,6 +134,9 @@ CA="ca"
@@ -142,6 +142,9 @@ CA="ca"
PKCS11_MODULE_PATH="dummy"
PKCS11_PIN="dummy"

View file

@ -1,25 +0,0 @@
$NetBSD: patch-ah,v 1.2 2010/09/05 20:33:48 adam Exp $
--- tun.c.orig 2009-11-12 09:22:19.000000000 +0100
+++ tun.c 2009-11-12 09:23:00.000000000 +0100
@@ -789,17 +789,17 @@
/*
* NetBSD has distinct tun and tap devices
* so we don't need the "link0" extra parameter to specify we want to do
* tunneling at the ethernet level
+ * NB: The tun driver has no broadcast capability.
*/
argv_printf (&argv,
- "%s %s %s netmask %s mtu %d broadcast %s",
+ "%s %s %s netmask %s mtu %d",
IFCONFIG_PATH,
actual,
ifconfig_local,
ifconfig_remote_netmask,
- tun_mtu,
- ifconfig_broadcast
+ tun_mtu
);
argv_msg (M_INFO, &argv);
openvpn_execve_check (&argv, es, S_FATAL, "NetBSD ifconfig failed");
tt->did_ifconfig = true;