diff options
| author |   Alon Bar-Lev <alonbl@gentoo.org> | 2008-02-09 16:20:57 +0000 |
|---|---|---|
| committer | Alon Bar-Lev <alonbl@gentoo.org> | 2008-02-09 16:20:57 +0000 |
| commit | 2ab74eae157e77c8043f98f10be6178af5876bf3 (patch) | |
| tree | 1fbee91dc4b8c5e164ef70655338a84b4400c0cb /net-misc/openvpn/files | |
| parent | Remove quoting for Xbootclasspath as it doesnt work with latest java-config. ... (diff) | |
| download | historical-2ab74eae157e77c8043f98f10be6178af5876bf3.tar.gz historical-2ab74eae157e77c8043f98f10be6178af5876bf3.tar.bz2 historical-2ab74eae157e77c8043f98f10be6178af5876bf3.zip | |
Version bump, fix bug#209055
Package-Manager: portage-2.1.4.1
Diffstat (limited to 'net-misc/openvpn/files')
| -rw-r--r-- | net-misc/openvpn/files/openvpn-2.1_rc4-ip6-mss.patch | 311 | ||||
| -rw-r--r-- | net-misc/openvpn/files/openvpn-2.1_rc6-iproute.patch | 38 | ||||
| -rw-r--r-- | net-misc/openvpn/files/openvpn-2.1_rc7-tap.patch | 57 |
3 files changed, 57 insertions, 349 deletions
diff --git a/net-misc/openvpn/files/openvpn-2.1_rc4-ip6-mss.patch b/net-misc/openvpn/files/openvpn-2.1_rc4-ip6-mss.patch deleted file mode 100644 index 596bacf84ee3..000000000000 --- a/net-misc/openvpn/files/openvpn-2.1_rc4-ip6-mss.patch +++ /dev/null @@ -1,311 +0,0 @@ -diff -ur a/forward.c b/forward.c ---- a/forward.c 2007-04-25 22:38:46 +0100 -+++ b/forward.c 2007-08-01 17:55:20 +0100 -@@ -942,7 +942,7 @@ - * The --passtos and --mssfix options require - * us to examine the IPv4 header. - */ -- process_ipv4_header (c, PIPV4_PASSTOS|PIPV4_MSSFIX, &c->c2.buf); -+ process_ip_header (c, PIPV4_PASSTOS|PIPV4_MSSFIX, &c->c2.buf); - - #ifdef PACKET_TRUNCATION_CHECK - /* if (c->c2.buf.len > 1) --c->c2.buf.len; */ -@@ -964,7 +964,7 @@ - } - - void --process_ipv4_header (struct context *c, unsigned int flags, struct buffer *buf) -+process_ip_header (struct context *c, unsigned int flags, struct buffer *buf) - { - if (!c->options.mssfix) - flags &= ~PIPV4_MSSFIX; -@@ -986,17 +986,22 @@ - #endif - { - struct buffer ipbuf = *buf; -- if (is_ipv4 (TUNNEL_TYPE (c->c1.tuntap), &ipbuf)) -+ switch (get_ipversion(TUNNEL_TYPE (c->c1.tuntap), &ipbuf)) - { -+ case OPENVPN_PROTO_IPV4: - #if PASSTOS_CAPABILITY -- /* extract TOS from IP header */ -- if (flags & PIPV4_PASSTOS) -- link_socket_extract_tos (c->c2.link_socket, &ipbuf); --#endif -- -- /* possibly alter the TCP MSS */ -- if (flags & PIPV4_MSSFIX) -- mss_fixup (&ipbuf, MTU_TO_MSS (TUN_MTU_SIZE_DYNAMIC (&c->c2.frame))); -+ /* extract TOS from IP header */ -+ if (flags & PIPV4_PASSTOS) -+ link_socket_extract_tos (c->c2.link_socket, &ipbuf); -+#endif -+ /* possibly alter the TCP MSS */ -+ if (flags & PIPV4_MSSFIX) -+ mss_fixup_ipv4 (&ipbuf, MTU_TO_MSS (TUN_MTU_SIZE_DYNAMIC (&c->c2.frame))); -+ break; -+ case OPENVPN_PROTO_IPV6: -+ if (flags & PIPV4_MSSFIX) -+ mss_fixup_ipv6 (&ipbuf, MTU_TO_MSS (TUN_MTU_SIZE_DYNAMIC (&c->c2.frame))); -+ - } - } - } -@@ -1145,7 +1150,7 @@ - * The --mssfix option requires - * us to examine the IPv4 header. - */ -- process_ipv4_header (c, PIPV4_MSSFIX|PIPV4_OUTGOING, &c->c2.to_tun); -+ process_ip_header (c, PIPV4_MSSFIX|PIPV4_OUTGOING, &c->c2.to_tun); - - if (c->c2.to_tun.len <= MAX_RW_SIZE_TUN (&c->c2.frame)) - { -diff -ur a/forward.h b/forward.h ---- a/forward.h 2007-04-25 22:38:46 +0100 -+++ b/forward.h 2007-08-01 17:54:10 +0100 -@@ -76,7 +76,7 @@ - #define PIPV4_MSSFIX (1<<1) - #define PIPV4_OUTGOING (1<<2) - --void process_ipv4_header (struct context *c, unsigned int flags, struct buffer *buf); -+void process_ip_header (struct context *c, unsigned int flags, struct buffer *buf); - - #if P2MP - void schedule_exit (struct context *c, const int n_seconds); -diff -ur a/mroute.c b/mroute.c ---- a/mroute.c 2007-08-01 17:57:36 +0100 -+++ b/mroute.c 2007-08-01 17:54:10 +0100 -@@ -101,9 +101,9 @@ - switch (OPENVPN_IPH_GET_VER (*BPTR(buf))) - { - case 4: -- if (BLEN (buf) >= (int) sizeof (struct openvpn_iphdr)) -+ if (BLEN (buf) >= (int) sizeof (struct openvpn_ip4hdr)) - { -- const struct openvpn_iphdr *ip = (const struct openvpn_iphdr *) BPTR (buf); -+ const struct openvpn_ip4hdr *ip = (const struct openvpn_ip4hdr *) BPTR (buf); - if (src) - { - src->type = MR_ADDR_IPV4; -diff -ur a/mss.c b/mss.c ---- a/mss.c 2007-04-25 22:38:46 +0100 -+++ b/mss.c 2007-08-01 17:54:10 +0100 -@@ -39,16 +39,16 @@ - * encapsulation. - */ - void --mss_fixup (struct buffer *buf, int maxmss) -+mss_fixup_ipv4 (struct buffer *buf, int maxmss) - { -- const struct openvpn_iphdr *pip; -+ const struct openvpn_ip4hdr *pip; - int hlen; - -- if (BLEN (buf) < (int) sizeof (struct openvpn_iphdr)) -+ if (BLEN (buf) < (int) sizeof (struct openvpn_ip4hdr)) - return; - - verify_align_4 (buf); -- pip = (struct openvpn_iphdr *) BPTR (buf); -+ pip = (struct openvpn_ip4hdr *) BPTR (buf); - - hlen = OPENVPN_IPH_GET_LEN (pip->version_len); - -@@ -70,6 +70,31 @@ - } - - void -+mss_fixup_ipv6 (struct buffer *buf, int maxmss) -+{ -+ const struct openvpn_ip6hdr *pip; -+ if (BLEN (buf) < (int) sizeof (struct openvpn_ip6hdr)) -+ return; -+ -+ verify_align_4 (buf); -+ pip = (struct openvpn_ip6hdr *) BPTR (buf); -+ if (pip->ip6_ctlun.ip6_un1.ip6_un1_nxt == OPENVPN_IPPROTO_TCP -+ && ntohs (pip->ip6_ctlun.ip6_un1.ip6_un1_plen) -+ == BLEN (buf) - sizeof(struct openvpn_ip6hdr) -+ && BLEN(buf) - sizeof(struct openvpn_ip6hdr) -+ >= (int) sizeof (struct openvpn_tcphdr)) -+ { -+ struct buffer newbuf = *buf; -+ if (buf_advance (&newbuf, sizeof(struct openvpn_ip6hdr))) -+ { -+ struct openvpn_tcphdr *tc = (struct openvpn_tcphdr *) BPTR (&newbuf); -+ if (tc->flags & OPENVPN_TCPH_SYN_MASK) -+ mss_fixup_dowork (&newbuf, (uint16_t) maxmss); -+ } -+ } -+} -+ -+void - mss_fixup_dowork (struct buffer *buf, uint16_t maxmss) - { - int hlen, olen, optlen; -@@ -118,3 +143,4 @@ - } - } - } -+ -diff -ur a/mss.h b/mss.h ---- a/mss.h 2007-04-25 22:38:46 +0100 -+++ b/mss.h 2007-08-01 17:54:10 +0100 -@@ -28,7 +28,8 @@ - #include "proto.h" - #include "error.h" - --void mss_fixup (struct buffer *buf, int maxmss); -+void mss_fixup_ipv4 (struct buffer *buf, int maxmss); -+void mss_fixup_ipv6 (struct buffer *buf, int maxmss); - void mss_fixup_dowork (struct buffer *buf, uint16_t maxmss); - - #endif -diff -ur a/multi.c b/multi.c ---- a/multi.c 2007-08-01 17:57:36 +0100 -+++ b/multi.c 2007-08-01 17:54:10 +0100 -@@ -1984,7 +1984,7 @@ - item.instance->context.c2.buf = item.buffer->buf; - if (item.buffer->flags & MF_UNICAST) /* --mssfix doesn't make sense for broadcast or multicast */ - pipv4_flags |= PIPV4_MSSFIX; -- process_ipv4_header (&item.instance->context, pipv4_flags, &item.instance->context.c2.buf); -+ process_ip_header (&item.instance->context, pipv4_flags, &item.instance->context.c2.buf); - encrypt_sign (&item.instance->context, true); - mbuf_free_buf (item.buffer); - -diff -ur a/proto.c b/proto.c ---- a/proto.c 2007-04-25 22:38:46 +0100 -+++ b/proto.c 2007-08-01 17:54:10 +0100 -@@ -39,39 +39,43 @@ - * If raw tunnel packet is IPv4, return true and increment - * buffer offset to start of IP header. - */ --bool --is_ipv4 (int tunnel_type, struct buffer *buf) -+int -+get_ipversion (int tunnel_type, struct buffer *buf) - { - int offset; -- const struct openvpn_iphdr *ih; -+ uint8_t version; - - verify_align_4 (buf); - if (tunnel_type == DEV_TYPE_TUN) - { -- if (BLEN (buf) < (int) sizeof (struct openvpn_iphdr)) -- return false; -+ if (BLEN (buf) < (int) sizeof (struct openvpn_ip4hdr)) -+ return OPENVPN_PROTO_UNK; - offset = 0; - } - else if (tunnel_type == DEV_TYPE_TAP) - { - const struct openvpn_ethhdr *eh; - if (BLEN (buf) < (int)(sizeof (struct openvpn_ethhdr) -- + sizeof (struct openvpn_iphdr))) -+ + sizeof (struct openvpn_ip4hdr))) - return false; - eh = (const struct openvpn_ethhdr *) BPTR (buf); -- if (ntohs (eh->proto) != OPENVPN_ETH_P_IPV4) -- return false; -+ if (!(ntohs (eh->proto) == OPENVPN_ETH_P_IPV4 || -+ ntohs (eh->proto) == OPENVPN_ETH_P_IPV6 )) -+ return OPENVPN_PROTO_UNK; - offset = sizeof (struct openvpn_ethhdr); - } - else -- return false; -- -- ih = (const struct openvpn_iphdr *) (BPTR (buf) + offset); -+ return OPENVPN_PROTO_UNK; - -- if (OPENVPN_IPH_GET_VER (ih->version_len) == 4) -- return buf_advance (buf, offset); -+ version = (*((uint8_t *)(BPTR (buf) + offset)) >> 4) & 0xf; -+ if (version == OPENVPN_PROTO_IPV4 || version == OPENVPN_PROTO_IPV6) -+ { -+ if (!buf_advance (buf, offset)) -+ return OPENVPN_PROTO_UNK; -+ return version; -+ } - else -- return false; -+ return OPENVPN_PROTO_UNK; - } - - #ifdef PACKET_TRUNCATION_CHECK -diff -ur a/proto.h b/proto.h ---- a/proto.h 2007-04-25 22:38:46 +0100 -+++ b/proto.h 2007-08-01 17:54:10 +0100 -@@ -62,7 +62,7 @@ - uint16_t proto; /* packet type ID field */ - }; - --struct openvpn_iphdr { -+struct openvpn_ip4hdr { - # define OPENVPN_IPH_GET_VER(v) (((v) >> 4) & 0x0F) - # define OPENVPN_IPH_GET_LEN(v) (((v) & 0x0F) << 2) - uint8_t version_len; -@@ -87,6 +87,27 @@ - /*The options start here. */ - }; - -+struct openvpn_in6_addr { -+ union { -+ uint8_t __u6_addr8[16]; -+ uint16_t __u6_addr16[8]; -+ uint32_t __u6_addr32[4]; -+ } __u6_addr; /* 128-bit IP6 address */ -+}; -+struct openvpn_ip6hdr { -+ union { -+ struct ip6_hdrctl { -+ uint32_t ip6_un1_flow; /* 20 bits of flow-ID */ -+ uint16_t ip6_un1_plen; /* payload length */ -+ uint8_t ip6_un1_nxt; /* next header */ -+ uint8_t ip6_un1_hlim; /* hop limit */ -+ } ip6_un1; -+ uint8_t ip6_un2_vfc; /* 4 bits version, top 4 bits class */ -+ } ip6_ctlun; -+ struct openvpn_in6_addr ip6_src; /* source address */ -+ struct openvpn_in6_addr ip6_dst; /* destination address */ -+}; -+ - /* - * UDP header - */ -@@ -159,14 +180,19 @@ - * - * (RFC 879, section 7). - */ --#define MTU_TO_MSS(mtu) (mtu - sizeof(struct openvpn_iphdr) \ -+#define MTU_TO_MSS(mtu) (mtu - sizeof(struct openvpn_ip4hdr) \ - - sizeof(struct openvpn_tcphdr)) - - /* -- * If raw tunnel packet is IPv4, return true and increment -+ * Check if raw tunnel packet is IPv4 or IPv6, -+ * return the version and increment - * buffer offset to start of IP header. - */ --bool is_ipv4 (int tunnel_type, struct buffer *buf); -+ -+#define OPENVPN_PROTO_IPV6 6 -+#define OPENVPN_PROTO_IPV4 4 -+#define OPENVPN_PROTO_UNK 0 -+int get_ipversion(int tunnel_type, struct buffer *buf); - - #ifdef PACKET_TRUNCATION_CHECK - void ipv4_packet_size_verify (const uint8_t *data, -diff -ur a/socket.h b/socket.h ---- a/socket.h 2007-08-01 17:57:36 +0100 -+++ b/socket.h 2007-08-01 17:54:10 +0100 -@@ -1009,7 +1009,7 @@ - { - if (ls && ipbuf) - { -- struct openvpn_iphdr *iph = (struct openvpn_iphdr *) BPTR (ipbuf); -+ struct openvpn_ip4hdr *iph = (struct openvpn_ip4hdr *) BPTR (ipbuf); - ls->ptos = iph->tos; - ls->ptos_defined = true; - } diff --git a/net-misc/openvpn/files/openvpn-2.1_rc6-iproute.patch b/net-misc/openvpn/files/openvpn-2.1_rc6-iproute.patch deleted file mode 100644 index 64cdab408c31..000000000000 --- a/net-misc/openvpn/files/openvpn-2.1_rc6-iproute.patch +++ /dev/null @@ -1,38 +0,0 @@ -Index: openvpn/tun.c -=================================================================== ---- openvpn/tun.c (revision 2677) -+++ openvpn/tun.c (revision 2682) -@@ -1221,17 +1221,24 @@ - if (tt) - { - #ifdef CONFIG_FEATURE_IPROUTE -- char command_line[256]; -- /* -- * Flush IP configuration for the device -- */ -- openvpn_snprintf (command_line, sizeof (command_line), -- "%s addr flush dev %s", -+ if (tt->type != DEV_TYPE_NULL && tt->did_ifconfig) -+ { -+ char command_line[256]; -+ struct gc_arena gc = gc_new (); -+ -+ openvpn_snprintf (command_line, sizeof (command_line), -+ "%s addr del dev %s local %s peer %s", - iproute_path, -- tt->actual_name -+ tt->actual_name, -+ print_in_addr_t (tt->local, 0, &gc), -+ print_in_addr_t (tt->remote_netmask, 0, &gc) - ); -- msg (M_INFO, "%s", command_line); -- system_check (command_line, NULL, S_FATAL, "Linux ip flush failed"); -+ -+ msg (M_INFO, "%s", command_line); -+ system_check (command_line, NULL, S_FATAL, "Linux ip addr del failed"); -+ -+ gc_free (&gc); -+ } - #endif - close_tun_generic (tt); - free (tt); diff --git a/net-misc/openvpn/files/openvpn-2.1_rc7-tap.patch b/net-misc/openvpn/files/openvpn-2.1_rc7-tap.patch new file mode 100644 index 000000000000..0220194a5bd6 --- /dev/null +++ b/net-misc/openvpn/files/openvpn-2.1_rc7-tap.patch @@ -0,0 +1,57 @@ +Index: tun.c +=================================================================== +--- tun.c (revision 2713) ++++ tun.c (revision 2715) +@@ -1220,26 +1220,44 @@ + { + if (tt) + { +-#ifdef CONFIG_FEATURE_IPROUTE + if (tt->type != DEV_TYPE_NULL && tt->did_ifconfig) + { + char command_line[256]; + struct gc_arena gc = gc_new (); + ++#ifdef CONFIG_FEATURE_IPROUTE ++ if (is_tun_p2p (tt)) ++ { ++ openvpn_snprintf (command_line, sizeof (command_line), ++ "%s addr del dev %s local %s peer %s", ++ iproute_path, ++ tt->actual_name, ++ print_in_addr_t (tt->local, 0, &gc), ++ print_in_addr_t (tt->remote_netmask, 0, &gc) ++ ); ++ } ++ else ++ { ++ openvpn_snprintf (command_line, sizeof (command_line), ++ "%s addr del dev %s %s/%d", ++ iproute_path, ++ tt->actual_name, ++ print_in_addr_t (tt->local, 0, &gc), ++ count_netmask_bits(print_in_addr_t (tt->remote_netmask, 0, &gc)) ++ ); ++ } ++#else + openvpn_snprintf (command_line, sizeof (command_line), +- "%s addr del dev %s local %s peer %s", +- iproute_path, +- tt->actual_name, +- print_in_addr_t (tt->local, 0, &gc), +- print_in_addr_t (tt->remote_netmask, 0, &gc) +- ); ++ IFCONFIG_PATH "%s addr 0.0.0.0", ++ tt->actual_name ++ ); ++#endif + + msg (M_INFO, "%s", command_line); + system_check (command_line, NULL, S_FATAL, "Linux ip addr del failed"); + + gc_free (&gc); + } +-#endif + close_tun_generic (tt); + free (tt); + } |