New upstream release

parent 19eab1fe
openvpn (2.3.10-1) unstable; urgency=medium
* New upstream release.
Drop password_prompt_in_systemd.patch. Applied upstream.
-- Alberto Gonzalez Iniesta <agi@inittab.org> Wed, 20 Jan 2016 12:01:36 +0100
openvpn (2.3.8-1) unstable; urgency=medium
* New upstream release. Drop patch from 2.3.7-2.
......
......@@ -3,9 +3,9 @@ Author: Alberto Gonzalez Iniesta <agi@inittab.org>
Bug-Debian: http://bugs.debian.org/306335
Index: openvpn/src/plugins/auth-pam/auth-pam.c
===================================================================
--- openvpn.orig/src/plugins/auth-pam/auth-pam.c 2012-11-05 16:29:30.000000000 +0100
+++ openvpn/src/plugins/auth-pam/auth-pam.c 2012-11-05 16:37:20.471136293 +0100
@@ -696,7 +696,7 @@
--- openvpn.orig/src/plugins/auth-pam/auth-pam.c 2016-01-20 12:02:15.161550568 +0100
+++ openvpn/src/plugins/auth-pam/auth-pam.c 2016-01-20 12:02:15.157550612 +0100
@@ -699,7 +699,7 @@
struct user_pass up;
int command;
#ifdef USE_PAM_DLOPEN
......
......@@ -6,9 +6,9 @@ Bug-Debian: http://bugs.debian.org/367716
Index: openvpn/src/openvpn/socket.c
===================================================================
--- openvpn.orig/src/openvpn/socket.c 2015-07-01 14:10:06.116131868 +0200
+++ openvpn/src/openvpn/socket.c 2015-07-01 14:10:06.112131911 +0200
@@ -1494,6 +1494,10 @@
--- openvpn.orig/src/openvpn/socket.c 2016-01-20 12:02:23.237464287 +0100
+++ openvpn/src/openvpn/socket.c 2016-01-20 12:02:23.233464331 +0100
@@ -1492,6 +1492,10 @@
resolve_bind_local (sock);
resolve_remote (sock, 1, NULL, NULL);
}
......@@ -19,7 +19,7 @@ Index: openvpn/src/openvpn/socket.c
}
/* finalize socket initialization */
@@ -1724,10 +1728,6 @@
@@ -1722,10 +1726,6 @@
/* set socket to non-blocking mode */
set_nonblock (sock->sd);
......
......@@ -3,9 +3,9 @@ Author: Gonéri Le Bouder <goneri@rulezlan.org>
Bug-Debian: http://bugs.debian.org/626062
Index: openvpn/src/openvpn/route.c
===================================================================
--- openvpn.orig/src/openvpn/route.c 2015-07-01 14:10:36.563807017 +0200
+++ openvpn/src/openvpn/route.c 2015-07-01 14:10:36.559807060 +0200
@@ -1419,7 +1419,7 @@
--- openvpn.orig/src/openvpn/route.c 2016-01-20 12:02:41.441269913 +0100
+++ openvpn/src/openvpn/route.c 2016-01-20 12:02:41.437269956 +0100
@@ -1421,7 +1421,7 @@
argv_msg (D_ROUTE, &argv);
status = openvpn_execve_check (&argv, es, 0, "ERROR: Solaris route add command failed");
......@@ -16,9 +16,9 @@ Index: openvpn/src/openvpn/route.c
ROUTE_PATH);
Index: openvpn/src/openvpn/tun.c
===================================================================
--- openvpn.orig/src/openvpn/tun.c 2015-07-01 14:10:36.563807017 +0200
+++ openvpn/src/openvpn/tun.c 2015-07-01 14:10:36.559807060 +0200
@@ -1122,7 +1122,7 @@
--- openvpn.orig/src/openvpn/tun.c 2016-01-20 12:02:41.441269913 +0100
+++ openvpn/src/openvpn/tun.c 2016-01-20 12:02:41.437269956 +0100
@@ -1124,7 +1124,7 @@
add_route_connected_v6_net(tt, es);
}
......
......@@ -2,8 +2,8 @@ Description: Man page fixes
Author: Alberto Gonzalez Iniesta <agi@inittab.org>
Index: openvpn/doc/openvpn.8
===================================================================
--- openvpn.orig/doc/openvpn.8 2015-09-04 13:13:36.785038213 +0200
+++ openvpn/doc/openvpn.8 2015-09-04 13:13:36.781038257 +0200
--- openvpn.orig/doc/openvpn.8 2016-01-20 12:02:48.997189277 +0100
+++ openvpn/doc/openvpn.8 2016-01-20 12:02:48.993189319 +0100
@@ -21,13 +21,13 @@
.\" 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
.\"
......@@ -20,7 +20,7 @@ Index: openvpn/doc/openvpn.8
.\" .nf -- no formatting
.\" .fi -- resume formatting
.\" .ft 3 -- boldface
@@ -4007,7 +4007,7 @@
@@ -4005,7 +4005,7 @@
This option is only relevant in UDP mode, i.e.
when either
.B \-\-proto udp
......@@ -29,7 +29,7 @@ Index: openvpn/doc/openvpn.8
.B \-\-proto
option is specified.
@@ -5282,7 +5282,7 @@
@@ -5277,7 +5277,7 @@
.B \-\-dev tun
mode, OpenVPN will cause the DHCP server to masquerade as if it were
coming from the remote endpoint. The optional offset parameter is
......
......@@ -3,9 +3,9 @@ Author: Florian Kulzer <florian.kulzer+debian@icfo.es>
Bug-Debian: http://bugs.debian.org/475353
Index: openvpn/src/openvpn/options.c
===================================================================
--- openvpn.orig/src/openvpn/options.c 2015-09-04 13:13:30.157111451 +0200
+++ openvpn/src/openvpn/options.c 2015-09-04 13:13:30.153111496 +0200
@@ -6300,6 +6300,20 @@
--- openvpn.orig/src/openvpn/options.c 2016-01-20 12:02:32.953360525 +0100
+++ openvpn/src/openvpn/options.c 2016-01-20 12:02:32.949360569 +0100
@@ -6346,6 +6346,20 @@
{
VERIFY_PERMISSION (OPT_P_ROUTE_EXTRAS);
}
......
Index: openvpn-2.3.8/src/openvpn/console.c
===================================================================
--- openvpn-2.3.8.orig/src/openvpn/console.c
+++ openvpn-2.3.8/src/openvpn/console.c
@@ -208,6 +208,19 @@ get_console_input (const char *prompt, c
#if defined(WIN32)
return get_console_input_win32 (prompt, echo, input, capacity);
#elif defined(HAVE_GETPASS)
+
+ /* did we --daemon'ize before asking for passwords?
+ * (in which case neither stdin or stderr are connected to a tty and
+ * /dev/tty can not be open()ed anymore)
+ */
+ if ( !isatty(0) && !isatty(2) )
+ {
+ int fd = open( "/dev/tty", O_RDWR );
+ if ( fd < 0 )
+ { msg(M_FATAL, "neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for '%s'. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.", prompt ); }
+ close(fd);
+ }
+
if (echo)
{
FILE *fp;
Index: openvpn-2.3.8/src/openvpn/misc.c
===================================================================
--- openvpn-2.3.8.orig/src/openvpn/misc.c
+++ openvpn-2.3.8/src/openvpn/misc.c
@@ -1088,12 +1088,6 @@ get_user_pass_cr (struct user_pass *up,
*/
else if (from_stdin)
{
-#ifndef WIN32
- /* did we --daemon'ize before asking for passwords? */
- if ( !isatty(0) && !isatty(2) )
- { msg(M_FATAL, "neither stdin nor stderr are a tty device, can't ask for %s password. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.", prefix ); }
-#endif
-
#ifdef ENABLE_CLIENT_CR
if (auth_challenge && (flags & GET_USER_PASS_DYNAMIC_CHALLENGE))
{
......@@ -6,4 +6,3 @@ route_default_nil.patch
kfreebsd_support.patch
accommodate_typo.patch
manpage_fixes.patch
password_prompt_in_systemd.patch
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment