NetBSD Problem Report #52044

From www@NetBSD.org  Tue Mar  7 07:40:16 2017
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id D6A287A168
	for <gnats-bugs@gnats.NetBSD.org>; Tue,  7 Mar 2017 07:40:15 +0000 (UTC)
Message-Id: <20170307074014.9CAD67A276@mollari.NetBSD.org>
Date: Tue,  7 Mar 2017 07:40:14 +0000 (UTC)
From: gert@greenie.muc.de
Reply-To: gert@greenie.muc.de
To: gnats-bugs@NetBSD.org
Subject: please bump net/openvpn port to new version
X-Send-Pr-Version: www-1.0

>Number:         52044
>Category:       pkg
>Synopsis:       please bump net/openvpn port to new version
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    manu
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue Mar 07 07:45:00 +0000 2017
>Last-Modified:  Wed Mar 08 07:00:00 +0000 2017
>Originator:     Gert Doering
>Release:        HEAD, 2017/03/07
>Organization:
>Environment:
NetBSD nbsd70.ov.greenie.net 7.0.1 NetBSD 7.0.1 (GENERIC.201605221355Z) i386

>Description:
net/openvpn is at 2.3.11 right now.

Current upstream version is 2.3.14 in the "old stable" branch, or 2.4.0 in the "new stable" branch.  

FreeBSD moved to 2.4.0 (plus added an net/openvpn23), but which version you choose depends a bit on how conservative NetBSD's pkgsrc regime is.  2.4.0 has lots of important enhancements, like AEAD crypto.

In any case, when working on that port, please remove patches/patch-ac - this adds code that already exists in upstream sources (since years ago), just a few lines earlier in tun.c - so it's a complicated way to do a no-op.

When going to 2.4.0, patches/patch-ad, patch-ae, patch-af and patch-src_openvpn_socket.[ch] can be dropped as well as the necessary adjustments have been made to upstream source - so it won't apply, and is not needed anymore.  2.4.0 compiles and passes all tests on NetBSD "out of the box", no patches needed :-)


>How-To-Repeat:
"checkout pkgsrc"
>Fix:
bump OPENVPN_DISTNAME to openvpn-2.3.14 or openvpn-2.4.0

(since this is coming from "Makefile.common", used by openvpn-nagios and openvpn-acct-wtmx, double-checking sounds like a good idea when going to 2.4.0 - 2.3.14 should be a drop-in replacement)

>Release-Note:

>Audit-Trail:

Responsible-Changed-From-To: pkg-manager->manu
Responsible-Changed-By: spz@NetBSD.org
Responsible-Changed-When: Wed, 08 Mar 2017 06:58:53 +0000
Responsible-Changed-Why:
manu@ is maintainer of two of the impacted packages


From: "S.P.Zeidler" <spz@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc: manu@NetBSD.org
Subject: Re: pkg/52044: please bump net/openvpn port to new version
Date: Wed, 8 Mar 2017 06:57:28 +0000

 Hi Gert! Hi Manu! :)

 Thus wrote gert@greenie.muc.de (gert@greenie.muc.de):

 > >Fix:
 > bump OPENVPN_DISTNAME to openvpn-2.3.14 or openvpn-2.4.0

 for 2.4.0:
 ----- snip -----
 ===================================================================
 RCS file: /cvsroot/pkgsrc/net/openvpn/Makefile,v
 retrieving revision 1.60
 diff -u -u -r1.60 Makefile
 --- openvpn/Makefile    19 Sep 2016 13:04:25 -0000      1.60
 +++ openvpn/Makefile    8 Mar 2017 06:48:39 -0000
 @@ -1,7 +1,6 @@
  # $NetBSD: Makefile,v 1.60 2016/09/19 13:04:25 wiz Exp $

  DISTNAME=      ${OPENVPN_DISTNAME}
 -PKGREVISION=   1
  CATEGORIES=    net
  MASTER_SITES=  ${OPENVPN_MASTER_SITES}
  EXTRACT_SUFX=  .tar.xz
 @@ -31,6 +30,7 @@

  INSTALLATION_DIRS+=    ${EGDIR}/config
  INSTALLATION_DIRS+=    ${EGDIR}/keys
 +INSTALLATION_DIRS+=    ${EGDIR}/keys/ca
  INSTALLATION_DIRS+=    ${EGDIR}/scripts

  SMF_METHODS+=  openvpn
 @@ -51,7 +51,10 @@
                 ${INSTALL_DATA} $$file ${DESTDIR}${EGDIR}/scripts;         \
         done
         set -e; cd ${WRKSRC}/sample/sample-keys; for file in *; do         \
 -               ${INSTALL_DATA} $$file ${DESTDIR}${EGDIR}/keys;            \
 +               if [ -f $$file ] ; then ${INSTALL_DATA} $$file ${DESTDIR}${EGDIR}/keys; fi         \
 +       done
 +       set -e; cd ${WRKSRC}/sample/sample-keys/sample-ca; for file in *; do       \
 +               ${INSTALL_DATA} $$file ${DESTDIR}${EGDIR}/keys/ca;         \
         done

  .include "options.mk"
 Index: openvpn/Makefile.common
 ===================================================================
 RCS file: /cvsroot/pkgsrc/net/openvpn/Makefile.common,v
 retrieving revision 1.5
 :cvs diff: Diffing openvpn/patches
 cvs diff: Diffing openvpn-acct-wtmpx
 cvs diff: Diffing openvpn-acct-wtmpx/patches
 diff -u -u -r1.5 Makefile.common
 --- openvpn/Makefile.common     8 Jul 2016 08:49:41 -0000       1.5
 +++ openvpn/Makefile.common     8 Mar 2017 06:48:39 -0000
 @@ -4,7 +4,7 @@
  # used by net/openvpn-acct-wtmpx/Makefile
  # used by net/openvpn-nagios/Makefile

 -OPENVPN_DISTNAME=      openvpn-2.3.11
 +OPENVPN_DISTNAME=      openvpn-2.4.0
  OPENVPN_DISTFILE=      ${OPENVPN_DISTNAME}.tar.xz
  OPENVPN_MASTER_SITES=  http://swupdate.openvpn.net/community/releases/
  SITES.${OPENVPN_DISTFILE}=     ${OPENVPN_MASTER_SITES}
 Index: openvpn/PLIST
 ===================================================================
 RCS file: /cvsroot/pkgsrc/net/openvpn/PLIST,v
 retrieving revision 1.18
 diff -u -u -r1.18 PLIST
 --- openvpn/PLIST       3 Dec 2014 10:09:01 -0000       1.18
 +++ openvpn/PLIST       8 Mar 2017 06:48:39 -0000
 @@ -1,4 +1,5 @@
  @comment $NetBSD: PLIST,v 1.18 2014/12/03 10:09:01 wiz Exp $
 +include/openvpn-msg.h
  include/openvpn-plugin.h
  ${PLIST.pam}lib/openvpn/plugins/openvpn-plugin-auth-pam.la
  lib/openvpn/plugins/openvpn-plugin-down-root.la
 @@ -6,6 +7,7 @@
  sbin/openvpn
  share/doc/openvpn/COPYING
  share/doc/openvpn/COPYRIGHT.GPL
 +share/doc/openvpn/Changes.rst
  share/doc/openvpn/README
  share/doc/openvpn/README.IPv6
  ${PLIST.pam}share/doc/openvpn/README.auth-pam
 @@ -31,6 +33,30 @@
  share/examples/openvpn/keys/README
  share/examples/openvpn/keys/ca.crt
  share/examples/openvpn/keys/ca.key
 +share/examples/openvpn/keys/ca/01.pem
 +share/examples/openvpn/keys/ca/02.pem
 +share/examples/openvpn/keys/ca/03.pem
 +share/examples/openvpn/keys/ca/ca.crl
 +share/examples/openvpn/keys/ca/ca.crt
 +share/examples/openvpn/keys/ca/ca.key
 +share/examples/openvpn/keys/ca/client-pass.key
 +share/examples/openvpn/keys/ca/client-revoked.crt
 +share/examples/openvpn/keys/ca/client-revoked.csr
 +share/examples/openvpn/keys/ca/client-revoked.key
 +share/examples/openvpn/keys/ca/client.crt
 +share/examples/openvpn/keys/ca/client.csr
 +share/examples/openvpn/keys/ca/client.key
 +share/examples/openvpn/keys/ca/client.p12
 +share/examples/openvpn/keys/ca/index.txt
 +share/examples/openvpn/keys/ca/index.txt.attr
 +share/examples/openvpn/keys/ca/index.txt.attr.old
 +share/examples/openvpn/keys/ca/index.txt.old
 +share/examples/openvpn/keys/ca/secp256k1.pem
 +share/examples/openvpn/keys/ca/serial
 +share/examples/openvpn/keys/ca/serial.old
 +share/examples/openvpn/keys/ca/server.crt
 +share/examples/openvpn/keys/ca/server.csr
 +share/examples/openvpn/keys/ca/server.key
  share/examples/openvpn/keys/client-ec.crt
  share/examples/openvpn/keys/client-ec.key
  share/examples/openvpn/keys/client-pass.key
 @@ -44,6 +70,7 @@
  share/examples/openvpn/keys/server-ec.key
  share/examples/openvpn/keys/server.crt
  share/examples/openvpn/keys/server.key
 +share/examples/openvpn/keys/ta.key
  share/examples/openvpn/scripts/auth-pam.pl
  share/examples/openvpn/scripts/bridge-start
  share/examples/openvpn/scripts/bridge-stop
 Index: openvpn/distinfo
 ===================================================================
 RCS file: /cvsroot/pkgsrc/net/openvpn/distinfo,v
 retrieving revision 1.33
 diff -u -u -r1.33 distinfo
 --- openvpn/distinfo    8 Jul 2016 08:49:41 -0000       1.33
 +++ openvpn/distinfo    8 Mar 2017 06:48:39 -0000
 @@ -1,13 +1,7 @@
  $NetBSD: distinfo,v 1.33 2016/07/08 08:49:41 jperkin Exp $

 -SHA1 (openvpn-2.3.11.tar.xz) = 48ba3ada2da84be4cf66ffbd35a66d4ce30e0e5b
 -RMD160 (openvpn-2.3.11.tar.xz) = cfaf087bfb9d562b6028a225c43000fbe96041ce
 -SHA512 (openvpn-2.3.11.tar.xz) = 1fd2798beca074f0a094efbd4a9260f8a62d488afacb023b3f867698e6177bfc02702209e8c7f300ba8c662d292c65dc05d3f2cf615ebb91b90d4798fd3b99cd
 -Size (openvpn-2.3.11.tar.xz) = 833496 bytes
 -SHA1 (patch-ac) = 3071423ae978dd7d1d79cb140325bde96ba8d21b
 -SHA1 (patch-ad) = 1e2c34a37157ff9c091e0120817a8c8bae9aef4e
 -SHA1 (patch-ae) = fce5d2b7c8ef830cba3df4408af79301f347cafd
 -SHA1 (patch-af) = 8d728c36a6eccdebf6c7e5a02d457903b255f4fb
 +SHA1 (openvpn-2.4.0.tar.xz) = 704658db39e95ae8d63bb7847e9eb7f638e76631
 +RMD160 (openvpn-2.4.0.tar.xz) = d74c5aa854a65d97034023fe8daba1d765e39234
 +SHA512 (openvpn-2.4.0.tar.xz) = a6dcd9eb04f9ddd8bb2700fbcb1e532b3fff779fa11b1cb84c3e00d3e25b1011ff0670065d39bbcb0b57160887cce5e136865462b3cc6f673c5d365facbe8d64
 +Size (openvpn-2.4.0.tar.xz) = 930948 bytes
  SHA1 (patch-src_compat_compat-basename.c) = 45a58ef2e05f6e0265f229da8540760e60e65143
 -SHA1 (patch-src_openvpn_socket.c) = 74668d39f5e6fdab64825d38d4b287c8004f5af3
 -SHA1 (patch-src_openvpn_socket.h) = b4b952af347e0f2d0aff307a5025b3d27a2e6ee5
 Index: openvpn/patches/patch-ac
 ===================================================================
 RCS file: openvpn/patches/patch-ac
 diff -N openvpn/patches/patch-ac
 --- openvpn/patches/patch-ac    8 Jul 2016 08:49:41 -0000       1.11
 +++ /dev/null   1 Jan 1970 00:00:00 -0000
 @@ -1,64 +0,0 @@
 -$NetBSD: patch-ac,v 1.11 2016/07/08 08:49:41 jperkin Exp $
 -
 -Support clone devices.
 -
 ---- src/openvpn/tun.c.orig     2011-04-06 16:05:52.000000000 +0000
 -+++ src/openvpn/tun.c
 -@@ -805,15 +805,15 @@ do_ifconfig (struct tuntap *tt,
 -        * NetBSD has distinct tun and tap devices
 -        * so we don't need the "link0" extra parameter to specify we want to do 
 -        * tunneling at the ethernet level
 -+       * NB: The tun driver has no broadcast capability.
 -        */
 -               argv_printf (&argv,
 --                        "%s %s %s netmask %s mtu %d broadcast %s",
 -+                        "%s %s %s netmask %s mtu %d",
 -                         IFCONFIG_PATH,
 -                         actual,
 -                         ifconfig_local,
 -                         ifconfig_remote_netmask,
 --                        tun_mtu,
 --                        ifconfig_broadcast
 -+                        tun_mtu
 -                         );
 -       argv_msg (M_INFO, &argv);
 -       openvpn_execve_check (&argv, es, S_FATAL, "NetBSD ifconfig failed");
 -@@ -1023,7 +1023,37 @@ open_tun_generic (const char *dev, const
 -         if (dynamic && !has_digit((unsigned char *)dev))
 -           {
 -             int i;
 --            for (i = 0; i < 256; ++i)
 -+#if defined(TAPGIFNAME)
 -+            /*
 -+             * Perhaps we have a cloning device.  Try opening
 -+             * the device without any appended digits,
 -+             * and use ioctl(,TAPGIFNAME,) to get the resulting
 -+             * interface name.
 -+             */
 -+            openvpn_snprintf (tunname, sizeof (tunname), "/dev/%s", dev);
 -+            if ((tt->fd = open (tunname, O_RDWR)) > 0)
 -+              {
 -+                struct ifreq ifr;
 -+                if (ioctl (tt->fd, TAPGIFNAME, (void*)&ifr) < 0)
 -+                  {
 -+                    msg (D_READ_WRITE | M_ERRNO,
 -+                         "ioctl(,TAPGIFNAME,) failed for %s", tunname);
 -+                    close(tt->fd);
 -+                  }
 -+                else
 -+                  {
 -+                    strlcpy (dynamic_name, ifr.ifr_name,
 -+                             sizeof (dynamic_name));
 -+                    dynamic_opened = true;
 -+                    msg (M_INFO, "TUN/TAP dynamic interface %s opened",
 -+                         dynamic_name);
 -+                  }
 -+              }
 -+            if (!dynamic_opened)
 -+              msg (D_READ_WRITE | M_ERRNO, "Tried opening %s (failed)",
 -+                   tunname);
 -+#endif /* TAPGIFNAME */
 -+            for (i = 0; i < 256 && !dynamic_opened; ++i)
 -               {
 -                 openvpn_snprintf (tunname, sizeof (tunname),
 -                                   "/dev/%s%d", dev, i);
 Index: openvpn/patches/patch-ad
 ===================================================================
 RCS file: openvpn/patches/patch-ad
 diff -N openvpn/patches/patch-ad
 --- openvpn/patches/patch-ad    8 Jul 2016 08:49:41 -0000       1.6
 +++ /dev/null   1 Jan 1970 00:00:00 -0000
 @@ -1,26 +0,0 @@
 -$NetBSD: patch-ad,v 1.6 2016/07/08 08:49:41 jperkin Exp $
 -
 -Support IP_PKTINFO and net/if_tap.h
 -
 ---- config.h.in.orig   2016-05-10 06:02:53.000000000 +0000
 -+++ config.h.in
 -@@ -286,6 +286,9 @@
 - /* struct iphdr needed for IPv6 support */
 - #undef HAVE_IPHDR
 - 
 -+/* struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support */
 -+#undef HAVE_IPI_SPEC_DST
 -+
 - /* Define to 1 if you have the <libgen.h> header file. */
 - #undef HAVE_LIBGEN_H
 - 
 -@@ -349,6 +352,9 @@
 - /* Define to 1 if you have the <net/if.h> header file. */
 - #undef HAVE_NET_IF_H
 - 
 -+/* Define to 1 if you have the <net/if_tap.h> header file. */
 -+#undef HAVE_NET_IF_TAP_H
 -+
 - /* Define to 1 if you have the <net/if_tun.h> header file. */
 - #undef HAVE_NET_IF_TUN_H
 - 
 Index: openvpn/patches/patch-ae
 ===================================================================
 RCS file: openvpn/patches/patch-ae
 diff -N openvpn/patches/patch-ae
 --- openvpn/patches/patch-ae    8 Jul 2016 08:49:41 -0000       1.8
 +++ /dev/null   1 Jan 1970 00:00:00 -0000
 @@ -1,37 +0,0 @@
 -$NetBSD: patch-ae,v 1.8 2016/07/08 08:49:41 jperkin Exp $
 -
 -Support IP_PKTINFO and net/if_tap.h
 -
 ---- configure.ac.orig  2013-05-31 12:00:25.000000000 +0000
 -+++ configure.ac
 -@@ -419,6 +419,7 @@ AC_CHECK_HEADERS([ \
 -       sys/mman.h sys/file.h sys/wait.h \
 -       unistd.h signal.h libgen.h stropts.h \
 -       syslog.h pwd.h grp.h \
 -+      net/if_tap.h \
 -       sys/sockio.h sys/uio.h linux/sockios.h \
 -       linux/types.h sys/poll.h sys/epoll.h err.h \
 - ])
 -@@ -433,6 +434,9 @@ SOCKET_INCLUDES="
 - #ifdef HAVE_SYS_SOCKET_H
 - #include <sys/socket.h>
 - #endif
 -+#ifdef HAVE_NET_IF_H
 -+#include <net/if.h>
 -+#endif
 - #ifdef HAVE_NETINET_IN_H
 - #include <netinet/in.h>
 - #endif
 -@@ -496,6 +500,12 @@ AC_CHECK_TYPE(
 -       ,
 -       [[${SOCKET_INCLUDES}]]
 - )
 -+AC_CHECK_MEMBER(
 -+      [struct in_pktinfo.ipi_spec_dst],
 -+      [AC_DEFINE([HAVE_IPI_SPEC_DST], [1], [struct in_pktinfo.ipi_spec_dst needed for IP_PKTINFO support])],
 -+      ,
 -+      [[${SOCKET_INCLUDES}]]
 -+)
 - AC_CHECK_TYPE(
 -       [struct sockaddr_in6],
 -       ,
 Index: openvpn/patches/patch-af
 ===================================================================
 RCS file: openvpn/patches/patch-af
 diff -N openvpn/patches/patch-af
 --- openvpn/patches/patch-af    8 Jul 2016 08:49:41 -0000       1.9
 +++ /dev/null   1 Jan 1970 00:00:00 -0000
 @@ -1,104 +0,0 @@
 -$NetBSD: patch-af,v 1.9 2016/07/08 08:49:41 jperkin Exp $
 -
 -Support IP_PKTINFO and net/if_tap.h
 -
 ---- configure.orig     2013-05-31 12:00:58.000000000 +0000
 -+++ configure
 -@@ -2405,6 +2405,63 @@ rm -f conftest.val
 - 
 - } # ac_fn_c_compute_int
 - 
 -+# ac_fn_c_check_member LINENO AGGR MEMBER ax_cv_socklen_t_equiv INCLUDES
 -+# ----------------------------------------------------------------------
 -+# Tries to find if the field MEMBER exists in type AGGR, after including
 -+# INCLUDES, setting cache variable VAR accordingly.
 -+ac_fn_c_check_member ()
 -+{
 -+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
 -+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5
 -+$as_echo_n "checking for $2.$3... " >&6; }
 -+if eval \${$4+:} false; then :
 -+  $as_echo_n "(cached) " >&6
 -+else
 -+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 -+/* end confdefs.h.  */
 -+$5
 -+int
 -+main ()
 -+{
 -+static $2 ac_aggr;
 -+if (ac_aggr.$3)
 -+return 0;
 -+  ;
 -+  return 0;
 -+}
 -+_ACEOF
 -+if ac_fn_c_try_compile "$LINENO"; then :
 -+  eval "$4=yes"
 -+else
 -+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 -+/* end confdefs.h.  */
 -+$5
 -+int
 -+main ()
 -+{
 -+static $2 ac_aggr;
 -+if (sizeof ac_aggr.$3)
 -+return 0;
 -+  ;
 -+  return 0;
 -+}
 -+_ACEOF
 -+if ac_fn_c_try_compile "$LINENO"; then :
 -+  eval "$4=yes"
 -+else
 -+  eval "$4=no"
 -+fi
 -+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
 -+fi
 -+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
 -+fi
 -+eval ac_res=\$$4
 -+             { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
 -+$as_echo "$ac_res" >&6; }
 -+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
 -+
 -+} # ac_fn_c_check_member
 -+
 - # ac_fn_c_check_decl LINENO SYMBOL ax_cv_socklen_t_equiv INCLUDES
 - # ---------------------------------------------------------------
 - # Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR
 -@@ -14182,6 +14239,7 @@ for ac_header in  \
 -       sys/mman.h sys/file.h sys/wait.h \
 -       unistd.h signal.h libgen.h stropts.h \
 -       syslog.h pwd.h grp.h \
 -+      net/if_tap.h \
 -       sys/sockio.h sys/uio.h linux/sockios.h \
 -       linux/types.h sys/poll.h sys/epoll.h err.h \
 - 
 -@@ -14208,6 +14266,9 @@ SOCKET_INCLUDES="
 - #ifdef HAVE_SYS_SOCKET_H
 - #include <sys/socket.h>
 - #endif
 -+#ifdef HAVE_NET_IF_H
 -+#include <net/if.h>
 -+#endif
 - #ifdef HAVE_NETINET_IN_H
 - #include <netinet/in.h>
 - #endif
 -@@ -14305,6 +14366,15 @@ $as_echo "#define HAVE_IN_PKTINFO 1" >>c
 - 
 - fi
 - 
 -+ac_fn_c_check_member "$LINENO" "struct in_pktinfo" "ipi_spec_dst" "ac_cv_member_struct_in_pktinfo_ipi_spec_dst" "${SOCKET_INCLUDES}
 -+
 -+"
 -+if test "x$ac_cv_member_struct_in_pktinfo_ipi_spec_dst" = xyes; then :
 -+
 -+$as_echo "#define HAVE_IPI_SPEC_DST 1" >>confdefs.h
 -+
 -+fi
 -+
 - ac_fn_c_check_type "$LINENO" "struct sockaddr_in6" "ac_cv_type_struct_sockaddr_in6" "${SOCKET_INCLUDES}
 - 
 - "
 Index: openvpn/patches/patch-src_openvpn_socket.c
 ===================================================================
 RCS file: openvpn/patches/patch-src_openvpn_socket.c
 diff -N openvpn/patches/patch-src_openvpn_socket.c
 --- openvpn/patches/patch-src_openvpn_socket.c  20 Jul 2014 17:43:29 -0000      1.2
 +++ /dev/null   1 Jan 1970 00:00:00 -0000
 @@ -1,60 +0,0 @@
 -$NetBSD: patch-src_openvpn_socket.c,v 1.2 2014/07/20 17:43:29 adam Exp $
 -
 -Fix for systems without ipi_spec_dst in struct in_pktinfo.
 -
 ---- src/openvpn/socket.c.orig  2014-05-01 11:12:22.000000000 +0000
 -+++ src/openvpn/socket.c
 -@@ -654,7 +654,7 @@ create_socket_udp (const unsigned int fl
 -   else if (flags & SF_USE_IP_PKTINFO)
 -     {
 -       int pad = 1;
 --#ifdef IP_PKTINFO
 -+#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
 -       if (setsockopt (sd, SOL_IP, IP_PKTINFO,
 -                     (void*)&pad, sizeof(pad)) < 0)
 -         msg(M_ERR, "UDP: failed setsockopt for IP_PKTINFO");
 -@@ -2254,7 +2254,7 @@ print_link_socket_actual_ex (const struc
 -                 struct openvpn_sockaddr sa;
 -                 CLEAR (sa);
 -                 sa.addr.in4.sin_family = AF_INET;
 --#ifdef IP_PKTINFO
 -+#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
 -                 sa.addr.in4.sin_addr = act->pi.in4.ipi_spec_dst;
 -                 if_indextoname(act->pi.in4.ipi_ifindex, ifname);
 - #elif defined(IP_RECVDSTADDR)
 -@@ -2651,7 +2651,7 @@ link_socket_read_tcp (struct link_socket
 - struct openvpn_in4_pktinfo
 - {
 -   struct cmsghdr cmsghdr;
 --#ifdef HAVE_IN_PKTINFO
 -+#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
 -   struct in_pktinfo pi4;
 - #elif defined(IP_RECVDSTADDR)
 -   struct in_addr pi4;
 -@@ -2696,7 +2696,7 @@ link_socket_read_udp_posix_recvmsg (stru
 -       cmsg = CMSG_FIRSTHDR (&mesg);
 -       if (cmsg != NULL
 -         && CMSG_NXTHDR (&mesg, cmsg) == NULL
 --#ifdef IP_PKTINFO
 -+#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
 -         && cmsg->cmsg_level == SOL_IP 
 -         && cmsg->cmsg_type == IP_PKTINFO
 - #elif defined(IP_RECVDSTADDR)
 -@@ -2707,7 +2707,7 @@ link_socket_read_udp_posix_recvmsg (stru
 - #endif
 -         && cmsg->cmsg_len >= sizeof (struct openvpn_in4_pktinfo))
 -       {
 --#ifdef IP_PKTINFO
 -+#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
 -         struct in_pktinfo *pkti = (struct in_pktinfo *) CMSG_DATA (cmsg);
 -         from->pi.in4.ipi_ifindex = pkti->ipi_ifindex;
 -         from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst;
 -@@ -2802,7 +2802,7 @@ link_socket_write_udp_posix_sendmsg (str
 -         mesg.msg_namelen = sizeof (struct sockaddr_in);
 -         mesg.msg_control = &opi;
 -         mesg.msg_flags = 0;
 --#ifdef HAVE_IN_PKTINFO
 -+#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
 -         mesg.msg_controllen = sizeof (struct openvpn_in4_pktinfo);
 -         cmsg = CMSG_FIRSTHDR (&mesg);
 -         cmsg->cmsg_len = sizeof (struct openvpn_in4_pktinfo);
 Index: openvpn/patches/patch-src_openvpn_socket.h
 ===================================================================
 RCS file: openvpn/patches/patch-src_openvpn_socket.h
 diff -N openvpn/patches/patch-src_openvpn_socket.h
 --- openvpn/patches/patch-src_openvpn_socket.h  31 Jul 2013 06:53:21 -0000      1.1
 +++ /dev/null   1 Jan 1970 00:00:00 -0000
 @@ -1,24 +0,0 @@
 -$NetBSD: patch-src_openvpn_socket.h,v 1.1 2013/07/31 06:53:21 adam Exp $
 -
 -Fix for systems without ipi_spec_dst in struct in_pktinfo.
 -
 ---- src/openvpn/socket.h.orig  2013-07-31 06:03:30.000000000 +0000
 -+++ src/openvpn/socket.h
 -@@ -84,7 +84,7 @@ struct link_socket_actual
 -   struct openvpn_sockaddr dest;
 - #if ENABLE_IP_PKTINFO
 -   union {
 --#ifdef HAVE_IN_PKTINFO
 -+#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
 -     struct in_pktinfo in4;
 - #elif defined(IP_RECVDSTADDR)
 -     struct in_addr in4;
 -@@ -580,7 +580,7 @@ addr_defined_ipi (const struct link_sock
 - #if ENABLE_IP_PKTINFO
 -   if (!lsa) return 0;
 -   switch (lsa->dest.addr.sa.sa_family) {
 --#ifdef HAVE_IN_PKTINFO
 -+#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
 -     case AF_INET: return lsa->pi.in4.ipi_spec_dst.s_addr != 0;
 - #elif defined(IP_RECVDSTADDR)
 -     case AF_INET: return lsa->pi.in4.s_addr != 0;
 Index: openvpn-acct-wtmpx/distinfo
 ===================================================================
 RCS file: /cvsroot/pkgsrc/net/openvpn-acct-wtmpx/distinfo,v
 retrieving revision 1.10
 diff -u -u -r1.10 distinfo
 --- openvpn-acct-wtmpx/distinfo 8 Jul 2016 08:50:25 -0000       1.10
 +++ openvpn-acct-wtmpx/distinfo 8 Mar 2017 06:48:39 -0000
 @@ -1,9 +1,9 @@
  $NetBSD: distinfo,v 1.10 2016/07/08 08:50:25 jperkin Exp $

 -SHA1 (openvpn-2.3.11.tar.xz) = 48ba3ada2da84be4cf66ffbd35a66d4ce30e0e5b
 -RMD160 (openvpn-2.3.11.tar.xz) = cfaf087bfb9d562b6028a225c43000fbe96041ce
 -SHA512 (openvpn-2.3.11.tar.xz) = 1fd2798beca074f0a094efbd4a9260f8a62d488afacb023b3f867698e6177bfc02702209e8c7f300ba8c662d292c65dc05d3f2cf615ebb91b90d4798fd3b99cd
 -Size (openvpn-2.3.11.tar.xz) = 833496 bytes
 +SHA1 (openvpn-2.4.0.tar.xz) = 704658db39e95ae8d63bb7847e9eb7f638e76631
 +RMD160 (openvpn-2.4.0.tar.xz) = d74c5aa854a65d97034023fe8daba1d765e39234
 +SHA512 (openvpn-2.4.0.tar.xz) = a6dcd9eb04f9ddd8bb2700fbcb1e532b3fff779fa11b1cb84c3e00d3e25b1011ff0670065d39bbcb0b57160887cce5e136865462b3cc6f673c5d365facbe8d64
 +Size (openvpn-2.4.0.tar.xz) = 930948 bytes
  SHA1 (openvpn-acct-wtmpx-20130210.tgz) = cf7bc26b12a65493cdf5db93b03bbb938a2f0f33
  RMD160 (openvpn-acct-wtmpx-20130210.tgz) = d9000789f04606bfa17db1597a45a4235b1119ea
  SHA512 (openvpn-acct-wtmpx-20130210.tgz) = 7b8fd4929e65d8d84158f62e5a17ff3adb3b4a6cff63b29038acfb368750719f2f593786ed9b02402824c19d872b188d2a46740a5c5f853e8873a71481b13aaf

 --- snap ---

 openvpn and openvpn-acct-wtmpx compile with that,
 openvpn-nagios doesn't since it wants struct members that don't exist
 in 2.4.0. I've done no function tests whatsoever.

 regards,
 	spz

>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.