[packages/aiccu] - add various fixes from debian - rel 3
baggins
baggins at pld-linux.org
Fri Apr 14 11:33:08 CEST 2017
commit 3ed092f9270be58aec74c6042cac57c875713550
Author: Jan Rękorajski <baggins at pld-linux.org>
Date: Fri Apr 14 11:32:51 2017 +0200
- add various fixes from debian
- rel 3
02_skip-strip.patch | 20 ++++++++++++++
03_no-quiet-gcc.patch | 16 ++++++++++++
05_spelling-error.patch | 46 ++++++++++++++++++++++++++++++++
06_syslog_openlog.patch | 20 ++++++++++++++
07_allow_tunnels.patch | 61 +++++++++++++++++++++++++++++++++++++++++++
08_setup_script.patch | 40 ++++++++++++++++++++++++++++
09_binutils_gold.patch | 15 +++++++++++
10_gnutls34.patch | 35 +++++++++++++++++++++++++
11_gnutls-cleanup.patch | 56 +++++++++++++++++++++++++++++++++++++++
12_memset-sizeof.patch | 31 ++++++++++++++++++++++
13_autotest_description.patch | 16 ++++++++++++
aiccu.spec | 24 ++++++++++++++++-
12 files changed, 379 insertions(+), 1 deletion(-)
---
diff --git a/aiccu.spec b/aiccu.spec
index 234afa3..e511666 100644
--- a/aiccu.spec
+++ b/aiccu.spec
@@ -3,13 +3,24 @@ Summary(pl.UTF-8): AICCU - Klient automatycznych połączeń IPv6 z SixXS
Name: aiccu
Version: 2007.01.15
%define _fileversion 20070115
-Release: 2
+Release: 3
License: BSD
Vendor: SixXS
Group: Networking/Utilities
Source0: http://www.sixxs.net/archive/sixxs/aiccu/unix/%{name}_%{_fileversion}.tar.gz
# Source0-md5: c9bcc83644ed788e22a7c3f3d4021350
Patch0: %{name}-makefile.diff
+Patch1: 02_skip-strip.patch
+Patch2: 03_no-quiet-gcc.patch
+Patch3: 05_spelling-error.patch
+Patch4: 06_syslog_openlog.patch
+Patch5: 07_allow_tunnels.patch
+Patch6: 08_setup_script.patch
+Patch7: 09_binutils_gold.patch
+Patch8: 10_gnutls34.patch
+Patch9: 11_gnutls-cleanup.patch
+Patch10: 12_memset-sizeof.patch
+Patch11: 13_autotest_description.patch
URL: http://www.sixxs.net/tools/aiccu/
Requires(post,preun): /sbin/chkconfig
Requires: gnutls
@@ -34,6 +45,17 @@ więcej szczegółów.
%prep
%setup -q -n %{name}
%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
%build
%{__make} \
diff --git a/02_skip-strip.patch b/02_skip-strip.patch
new file mode 100644
index 0000000..1873057
--- /dev/null
+++ b/02_skip-strip.patch
@@ -0,0 +1,20 @@
+We handle stripping of the binary through dh_strip, thus remove the
+upstream code handling that, which does not care about our Debian
+build options.
+
+Index: aiccu-20070115/unix-console/Makefile
+===================================================================
+--- aiccu-20070115.orig/unix-console/Makefile 2009-10-25 22:31:57.000000000 +0100
++++ aiccu-20070115/unix-console/Makefile 2009-10-25 22:32:04.000000000 +0100
+@@ -145,11 +145,6 @@
+
+ aiccu: $(OBJS) ${SRCS} ${INCS}
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS)
+-ifeq ($(shell echo $(CFLAGS) | grep -c "DEBUG"),0)
+-ifeq ($(shell echo "$(RPM_OPT_FLAGS)" | wc -c),1)
+- strip $@
+-endif
+-endif
+
+ clean:
+ $(RM) -f $(OBJS) aiccu
diff --git a/03_no-quiet-gcc.patch b/03_no-quiet-gcc.patch
new file mode 100644
index 0000000..27d14ad
--- /dev/null
+++ b/03_no-quiet-gcc.patch
@@ -0,0 +1,16 @@
+It's better for us to see gcc output in the build log to ease debugging.
+Quiet builds make that much harder.
+
+Index: aiccu-20070115/unix-console/Makefile
+===================================================================
+--- aiccu-20070115.orig/unix-console/Makefile 2009-10-25 22:33:06.000000000 +0100
++++ aiccu-20070115/unix-console/Makefile 2009-10-25 22:33:12.000000000 +0100
+@@ -26,7 +26,7 @@
+
+ #CFLAGS += $(CWARNS) -D_GNU_SOURCE -D_DEBUG -g3 -O0
+ CFLAGS += $(CWARNS) -D_GNU_SOURCE
+-CC = @gcc
++CC = gcc
+ RM = rm
+
+ # Add -O3 when nothing is specified yet
diff --git a/05_spelling-error.patch b/05_spelling-error.patch
new file mode 100644
index 0000000..832dbf9
--- /dev/null
+++ b/05_spelling-error.patch
@@ -0,0 +1,46 @@
+Fix some spelling errors to satisfy lintian
+
+--- aiccu.orig/common/aiccu_test.c
++++ aiccu/common/aiccu_test.c
+@@ -133,7 +133,7 @@
+ printf("### This confirms the reachability of the other side of the tunnel\n");
+ printf("### If it doesn't reply then check your interface and routing tables\n");
+ printf("### Don't forget to check your firewall of course\n");
+- printf("### If the previous test was succesful then this could be both\n");
++ printf("### If the previous test was successful then this could be both\n");
+ printf("### a firewalling and a routing/interface problem\n");
+ printf("\n");
+ system_arg(PING6, PINGCOUNT, hTunnel->sIPv6_POP);
+--- aiccu.orig/common/common.c
++++ aiccu/common/common.c
+@@ -484,7 +484,7 @@
+ return false;
+ }
+
+- dolog(LOG_DEBUG, "TLS Handshake completed succesfully\n");
++ dolog(LOG_DEBUG, "TLS Handshake completed successfully\n");
+
+ sock->tls_active = true;
+ return true;
+--- aiccu.orig/common/tic.c
++++ aiccu/common/tic.c
+@@ -517,8 +517,8 @@
+ struct in6_addr ipv6_ll, ipv6_local;
+ char ll[100];
+
+- /* Log that the fetch was succesful */
+- dolog(LOG_INFO, "Succesfully retrieved tunnel information for %s\n", sId);
++ /* Log that the fetch was successful */
++ dolog(LOG_INFO, "Successfully retrieved tunnel information for %s\n", sId);
+
+ /*
+ * Some TUN/TAP devices don't have any
+@@ -652,7 +652,7 @@
+ /* All went okay? */
+ if (buf[0] == '2' && buf[1] == '0' && buf[2] == '2')
+ {
+- dolog(LOG_INFO, "Succesfully retrieved POP information for %s\n", sId);
++ dolog(LOG_INFO, "Successfully retrieved POP information for %s\n", sId);
+ return pop;
+ }
+
diff --git a/06_syslog_openlog.patch b/06_syslog_openlog.patch
new file mode 100644
index 0000000..a3d1882
--- /dev/null
+++ b/06_syslog_openlog.patch
@@ -0,0 +1,20 @@
+commit 0f7db943bef0488644dce11c2ba2d19c180d8650
+Author: Norman Rasmussen <norman at rasmussen.co.za>
+Date: Sun Jan 10 21:43:44 2010 +0000
+
+ Initialize syslog so that we log with our PID as DAEMON.
+
+diff --git a/common/aiccu.c b/common/aiccu.c
+index 9abb334..75aadc8 100755
+--- a/common/aiccu.c
++++ b/common/aiccu.c
+@@ -58,6 +58,9 @@ bool aiccu_InitConfig()
+ int ret;
+ #define CAFILE "ca.pem"
+ #endif
++#ifndef _WIN32
++ openlog(NULL, LOG_PID, LOG_DAEMON);
++#endif
+ /* Allocate & Initialize */
+ g_aiccu = (struct AICCU_conf *)malloc(sizeof(*g_aiccu));
+ if (!g_aiccu) return false;
diff --git a/07_allow_tunnels.patch b/07_allow_tunnels.patch
new file mode 100644
index 0000000..ec1c1da
--- /dev/null
+++ b/07_allow_tunnels.patch
@@ -0,0 +1,61 @@
+commit d7c4f7c0d34b80c188fa45228ca282fd8771a41d
+Author: Norman Rasmussen <norman at rasmussen.co.za>
+Date: Sun Jan 10 21:45:55 2010 +0000
+
+ Allow 'tunnels' mode when there's an already running instance.
+
+diff --git a/unix-console/main.c b/unix-console/main.c
+index 8a4d9a9..388d988 100755
+--- a/unix-console/main.c
++++ b/unix-console/main.c
+@@ -50,7 +50,7 @@ int sigrunning(int sig)
+ /* Close the file again */
+ fclose(f);
+
+- /* If we can HUP it, it still runs */
++ /* If we can signal it, it still runs */
+ return (pid > 0 && kill(pid, sig) == 0 ? 1 : 0);
+ }
+
+@@ -302,20 +302,6 @@ int main(int argc, char *argv[])
+ return -1;
+ }
+
+-#ifndef _WIN32
+- /* start or stop? */
+- if ( mode != A_TEST &&
+- mode != A_AUTOTEST)
+- {
+- /* Already running? */
+- if (sigrunning(mode == A_STOP ? SIGTERM : 0) == 1)
+- {
+- dolog(LOG_ERR, "Already running instance HUP'ed, exiting\n");
+- return 0;
+- }
+- }
+-#endif
+-
+ /* Verify required parameters */
+ if (!g_aiccu->username || !g_aiccu->password)
+ {
+@@ -331,6 +317,20 @@ int main(int argc, char *argv[])
+ return ret == 0 ? -1 : 0;
+ }
+
++#ifndef _WIN32
++ /* start or stop? */
++ if ( mode != A_TEST &&
++ mode != A_AUTOTEST)
++ {
++ /* Already running? */
++ if (sigrunning(mode == A_STOP ? SIGTERM : 0) == 1)
++ {
++ dolog(LOG_ERR, "Already running instance signaled, exiting\n");
++ return 0;
++ }
++ }
++#endif
++
+ /* Get our tunnel */
+ hTunnel = get_tunnel();
+
diff --git a/08_setup_script.patch b/08_setup_script.patch
new file mode 100644
index 0000000..26010f8
--- /dev/null
+++ b/08_setup_script.patch
@@ -0,0 +1,40 @@
+Author: Norman Rasmussen <norman at rasmussen.co.za>
+
+ Make setupscript work and add teardownscript setting.
+
+--- aiccu.orig/common/aiccu.c
++++ aiccu/common/aiccu.c
+@@ -212,9 +212,6 @@
+ fprintf(f, "# Try to automatically login and setup the tunnel?\n");
+ fprintf(f, "automatic %s\n", g_aiccu->automatic ? "true" : "false");
+ fprintf(f, "\n");
+- fprintf(f, "# Script to run after setting up the interfaces (default: none)\n");
+- fprintf(f, "%ssetupscript %s\n", g_aiccu->setupscript ? "" : "#", g_aiccu->setupscript ? g_aiccu->setupscript : "<path>");
+- fprintf(f, "\n");
+ fprintf(f, "# TLS Required?\n");
+ fprintf(f, "requiretls %s\n", g_aiccu->requiretls ? "true" : "false");
+ fprintf(f, "\n");
+@@ -231,6 +228,9 @@
+ fprintf(f, "# PID File\n");
+ fprintf(f, "pidfile %s\n", g_aiccu->pidfile);
+ fprintf(f, "\n");
++ fprintf(f, "# Script to run after setting up the interfaces (default: none)\n");
++ fprintf(f, "%ssetupscript %s\n", g_aiccu->setupscript ? "" : "#", g_aiccu->setupscript ? g_aiccu->setupscript : "<path>");
++ fprintf(f, "\n");
+ fprintf(f, "# Make heartbeats (default true)\n");
+ fprintf(f, "# In general you don't want to turn this off\n");
+ fprintf(f, "# Of course only applies to AYIYA and heartbeat tunnels not to static ones\n");
+--- aiccu.orig/unix-console/main.c
++++ aiccu/unix-console/main.c
+@@ -471,6 +471,11 @@
+ */
+ if (aiccu_setup(hTunnel, true))
+ {
++ if (g_aiccu->setupscript)
++ {
++ aiccu_exec("%s", g_aiccu->setupscript);
++ }
++
+ /* We need to stay running when doing Heartbeat or AYIYA */
+ if ( strcasecmp(hTunnel->sType, "6in4-heartbeat") == 0 ||
+ strcasecmp(hTunnel->sType, "ayiya") == 0)
diff --git a/09_binutils_gold.patch b/09_binutils_gold.patch
new file mode 100644
index 0000000..4e86fea
--- /dev/null
+++ b/09_binutils_gold.patch
@@ -0,0 +1,15 @@
+Make aiccu compile with ld.gold
+
+Index: aiccu-20070115/unix-console/Makefile
+===================================================================
+--- aiccu-20070115.orig/unix-console/Makefile 2011-02-27 17:43:53.872782002 +0000
++++ aiccu-20070115/unix-console/Makefile 2011-02-27 17:44:23.372782001 +0000
+@@ -150,7 +150,7 @@
+ all: aiccu
+
+ aiccu: $(OBJS) ${SRCS} ${INCS}
+- $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS)
++ $(CC) $(CFLAGS) -o $@ $(OBJS) $(LDFLAGS)
+
+ clean:
+ $(RM) -f $(OBJS) aiccu
diff --git a/10_gnutls34.patch b/10_gnutls34.patch
new file mode 100644
index 0000000..e8768ea
--- /dev/null
+++ b/10_gnutls34.patch
@@ -0,0 +1,35 @@
+Description: GnuTLS 3.4 compat.
+ Use GnuTLS priority NORMAL:+CTYPE-OPENPGP instead of deprecated (and removed in GnuTLS 3.4) function gnutls_certificate_type_set_priority.
+Author: Andreas Metzler <ametzler at debian.org>
+Bug-Debian: https://bugs.debian.org/624056
+Origin: vendor
+Forwarded: no
+Last-Update: 2015-07-25
+
+--- aiccu-20070115.orig/common/common.c
++++ aiccu-20070115/common/common.c
+@@ -271,8 +271,6 @@ TLSSOCKET sock_alloc(void);
+ TLSSOCKET sock_alloc(void)
+ {
+ #ifdef AICCU_GNUTLS
+- /* Allow connections to servers that have OpenPGP keys as well */
+- const int cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
+ int ret;
+ #endif /* AICCU_GNUTLS*/
+
+@@ -297,11 +295,10 @@ TLSSOCKET sock_alloc(void)
+ }
+
+ /* Use default priorities */
+- gnutls_set_default_priority(sock->session);
+- /* XXX: Return value is not documented in GNUTLS documentation! */
+-
+- gnutls_certificate_type_set_priority(sock->session, cert_type_priority);
+- /* XXX: Return value is not documented in GNUTLS documentation! */
++ /* Allow connections to servers that have OpenPGP keys as well */
++ gnutls_priority_set_direct(sock->session,
++ "NORMAL:+CTYPE-OPENPGP",
++ NULL);
+
+ /* Configure the x509 credentials for the current session */
+ gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred);
diff --git a/11_gnutls-cleanup.patch b/11_gnutls-cleanup.patch
new file mode 100644
index 0000000..eb2be95
--- /dev/null
+++ b/11_gnutls-cleanup.patch
@@ -0,0 +1,56 @@
+From: "Barak A. Pearlmutter" <barak+git at cs.nuim.ie>
+Date: Fri, 17 Aug 2012 12:23:06 +0200
+Subject: gnutls cleanup
+
+Stop ignoring some gnutls return codes.
+
+Rewrite call to depricated gnutls_set_default_priority() to use
+gnutls_priority_set_direct() instead.
+
+Remove call to deprecated routine
+gnutls_certificate_type_set_priority, no changes necessary.
+---
+ common/common.c | 27 +++++++++++++++++----------
+ 1 file changed, 17 insertions(+), 10 deletions(-)
+
+--- a/common/common.c
++++ b/common/common.c
+@@ -287,7 +287,7 @@
+
+ /* Initialize TLS session */
+ ret = gnutls_init(&sock->session, GNUTLS_CLIENT);
+- if (ret != 0)
++ if (ret != GNUTLS_E_SUCCESS)
+ {
+ dolog(LOG_ERR, "TLS Init failed: %s (%d)\n", gnutls_strerror(ret), ret);
+ free(sock);
+@@ -296,13 +296,26 @@
+
+ /* Use default priorities */
+ /* Allow connections to servers that have OpenPGP keys as well */
+- gnutls_priority_set_direct(sock->session,
++ ret = gnutls_priority_set_direct(sock->session,
+ "NORMAL:+CTYPE-OPENPGP",
+ NULL);
++ if (ret != GNUTLS_E_SUCCESS)
++ {
++ dolog(LOG_ERR, "TLS set default priority failed: %s (%d)\n", gnutls_strerror(ret), ret);
++ gnutls_deinit(sock->session);
++ free(sock);
++ return NULL;
++ }
+
+ /* Configure the x509 credentials for the current session */
+- gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred);
+- /* XXX: Return value is not documented in GNUTLS documentation! */
++ ret = gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred);
++ if (ret != GNUTLS_E_SUCCESS)
++ {
++ dolog(LOG_ERR, "TLS credentials set failed: %s (%d)\n", gnutls_strerror(ret), ret);
++ gnutls_deinit(sock->session);
++ free(sock);
++ return NULL;
++ }
+
+ #endif /* AICCU_GNUTLS*/
+
diff --git a/12_memset-sizeof.patch b/12_memset-sizeof.patch
new file mode 100644
index 0000000..91082ef
--- /dev/null
+++ b/12_memset-sizeof.patch
@@ -0,0 +1,31 @@
+From: "Barak A. Pearlmutter" <barak+git at cs.nuim.ie>
+Date: Sat, 22 Feb 2014 15:49:24 +0000
+Subject: memset sizeof
+MIME-Version: 1.0
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
+
+Teeny little bug.
+
+../common/hash_md5.c: In function ‘MD5Final’:
+../common/hash_md5.c:134:23: warning: argument to ‘sizeof’ in ‘memset’ call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
+ memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
+
+Guess it isn't sensitive. Lucky a pointer takes less space than a struct MD5Context!
+---
+ common/hash_md5.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/common/hash_md5.c b/common/hash_md5.c
+index 160b849..ca4c1b9 100755
+--- a/common/hash_md5.c
++++ b/common/hash_md5.c
+@@ -131,7 +131,7 @@ MD5Final(md5byte digest[16], struct MD5Context *ctx)
+
+ byteSwap(ctx->buf, 4);
+ memcpy(digest, ctx->buf, 16);
+- memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
++ memset(ctx, 0, sizeof(*ctx)); /* In case it's sensitive */
+ }
+
+ #ifndef ASM_MD5
diff --git a/13_autotest_description.patch b/13_autotest_description.patch
new file mode 100644
index 0000000..fbd560d
--- /dev/null
+++ b/13_autotest_description.patch
@@ -0,0 +1,16 @@
+Description: Add missing description for "aiccu autotest"
+Author: Axel Beckert <abe at debian.org>
+Forwarded: not-yet
+
+--- a/doc/aiccu.1
++++ b/doc/aiccu.1
+@@ -41,7 +41,8 @@
+ to report this back as it should show most obvious problems.
+ .TP
+ \fBautotest\fR
+-Decription here
++Same as \fBtest\fR but without interactive questions. Piping the
++output of "aiccu autotest" into a log file or "tee" is a good idea.
+ .TP
+ \fBlicense\fR
+ Shows the license aiccu is released under.
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/aiccu.git/commitdiff/3ed092f9270be58aec74c6042cac57c875713550
More information about the pld-cvs-commit
mailing list