updated ocserv to 0.8.0

11 years ago · 86abe99de5
parent aa81804b84
commit 86abe99de5
6 changed files with 98 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@ -8,3 +8,5 @@
 /ocserv-0.3.5.tar.xz
 /ocserv-0.8.0pre0.tar.xz
 /ocserv-0.8.0pre0.tar.xz.sig
+/ocserv-0.8.0.tar.xz
+/ocserv-0.8.0.tar.xz.sig
--- a/ocserv-0.8.0-cmp.patch
+++ b/ocserv-0.8.0-cmp.patch
@ -0,0 +1,13 @@
+diff --git a/src/auth/plain.c b/src/auth/plain.c
+index 1b66683..c8ed5bf 100644
+--- a/src/auth/plain.c
+++ b/src/auth/plain.c
+@@ -266,7 +266,7 @@ static size_t rehash(const void *_e, void *unused)
+ 
+ static bool str_cmp(const void* _c1, void* _c2)
+ {
+-	const char *c1 = _c1, *c2 = c2;
+	const char *c1 = _c1, *c2 = _c2;
+ 
+ 	if (strcmp(c1, c2) == 0)
+ 		return 1;
--- a/ocserv-0.8.0-endianness.patch
+++ b/ocserv-0.8.0-endianness.patch
@ -0,0 +1,70 @@
+diff --git a/src/main-ctl-unix.c b/src/main-ctl-unix.c
+index b4da5eb..90d604f 100644
+--- a/src/main-ctl-unix.c
+++ b/src/main-ctl-unix.c
+@@ -629,7 +629,7 @@ static void ctl_handle_commands(main_server_st * s)
+ 		}
+ 		goto cleanup;
+ 	}
+-	length = (buffer[2] << 8) | buffer[1];
+	memcpy(&length, &buffer[1], 2);
+ 	buffer_size = ret - 3;
+ 
+ 	if (length != buffer_size) {
+diff --git a/src/occtl-unix.c b/src/occtl-unix.c
+index 183825d..0c1b3e1 100644
+--- a/src/occtl-unix.c
+++ b/src/occtl-unix.c
+@@ -83,15 +83,14 @@ int send_cmd(struct unix_ctx *ctx, unsigned cmd, const void *data,
+ 	struct iovec iov[2];
+ 	unsigned iov_len = 1;
+ 	int e, ret;
+-	unsigned length = 0;
+	uint16_t length = 0;
+ 	void *packed = NULL;
+ 
+ 	if (get_size)
+ 		length = get_size(data);
+ 
+ 	header[0] = cmd;
+-	header[1] = length;
+-	header[2] = length >> 8;
+	memcpy(&header[1], &length, 2);
+ 
+ 	iov[0].iov_base = header;
+ 	iov[0].iov_len = 3;
+@@ -145,7 +144,7 @@ int send_cmd(struct unix_ctx *ctx, unsigned cmd, const void *data,
+ 			goto fail;
+ 		}
+ 
+-		length = (header[2] << 8) | header[1];
+		memcpy(&length, &header[1], 2);
+ 
+ 		rep->data_size = length;
+ 		rep->data = talloc_size(ctx, length);
+diff --git a/src/sec-mod.c b/src/sec-mod.c
+index 15ee32a..c3d4bad 100644
+--- a/src/sec-mod.c
+++ b/src/sec-mod.c
+@@ -354,6 +354,7 @@ void sec_mod_server(void *main_pool, struct cfg_st *config, const char *socket_f
+ 	unsigned cmd, length;
+ 	unsigned i, buffer_size;
+ 	uint8_t *buffer, *tpool;
+	uint16_t l16;
+ 	struct pin_st pins;
+ 	int sd;
+ 	sec_mod_st *sec;
+@@ -538,10 +539,11 @@ void sec_mod_server(void *main_pool, struct cfg_st *config, const char *socket_f
+ 		}
+ 
+ 		cmd = buffer[0];
+-		length = buffer[1] | buffer[2] << 8;
+		memcpy(&l16, &buffer[1], 2);
+		length = l16;
+ 
+ 		if (length > buffer_size - 4) {
+-			seclog(LOG_INFO, "too big message");
+			seclog(LOG_INFO, "too big message (%d)", length);
+ 			goto cont;
+ 		}
+ 
--- a/ocserv.conf
+++ b/ocserv.conf
@ -128,11 +128,8 @@ auth-timeout = 40
 # a failed authentication attempt.
 #min-reauth-time = 2

-# Cookie validity time (in seconds)
-# Once a client is authenticated he's provided a cookie with
-# which he can reconnect. This option sets the maximum lifetime
-# of that cookie.
-cookie-validity = 10800
+# Cookie timeout (in seconds)
+cookie-timeout = 360

 # ReKey time (in seconds)
 # ocserv will ask the client to refresh keys periodically once
--- a/ocserv.spec
+++ b/ocserv.spec
@ -1,5 +1,5 @@
 Name:		ocserv
-Version:	0.8.0pre0
+Version:	0.8.0
 Release:	1%{?dist}
 Summary:	OpenConnect SSL VPN server

@ -15,6 +15,9 @@ Source4:	PACKAGE-LICENSING
 Source5:	org.infradead.ocserv.conf
 Source6:	ftp://ftp.infradead.org/pub/ocserv/%{name}-%{version}.tar.xz.sig

+Patch1:		ocserv-0.8.0-endianness.patch
+Patch2:		ocserv-0.8.0-cmp.patch
+
 # Taken from upstream:
 # http://git.infradead.org/ocserv.git/commitdiff/7d70006a2dbddf783213f1856374bacc74217e09
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -72,6 +75,8 @@ sed -i 's/run-as-group = nogroup/run-as-group = nobody/g' tests/*.config
 # GPLv3 in headers is a gnulib bug: 
 # http://lists.gnu.org/archive/html/bug-gnulib/2013-11/msg00062.html
 sed -i 's/either version 3 of the License/either version 2 of the License/g' build-aux/snippet/*
+%patch1 -p1 -b .cmp
+%patch2 -p1 -b .endianness

 %build

@ -164,6 +169,9 @@ rm -rf %{buildroot}
 %{_localstatedir}/lib/ocserv/profile.xml

 %changelog
+* Mon Jun 02 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 0.8.0-1
+- New upstream release
+
 * Mon May 26 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 0.8.0pre0-1
 - New upstream release

--- a/4
+++ b/4
@ -1,2 +1,2 @@
-de476b85be78be000f33c912a076657a  ocserv-0.8.0pre0.tar.xz
-0f2c49c121883cd189f28126d8ff718f  ocserv-0.8.0pre0.tar.xz.sig
+6383535a21f8eecfb1bbb7f7ac99c41f  ocserv-0.8.0.tar.xz
+1336250a0db4923e6a597b960209b42d  ocserv-0.8.0.tar.xz.sig