[packages/aiccu] - add various fixes from debian - rel 3

baggins baggins at pld-linux.org
Fri Apr 14 11:33:08 CEST 2017


commit 3ed092f9270be58aec74c6042cac57c875713550
Author: Jan Rękorajski <baggins at pld-linux.org>
Date:   Fri Apr 14 11:32:51 2017 +0200

    - add various fixes from debian
    - rel 3

 02_skip-strip.patch           | 20 ++++++++++++++
 03_no-quiet-gcc.patch         | 16 ++++++++++++
 05_spelling-error.patch       | 46 ++++++++++++++++++++++++++++++++
 06_syslog_openlog.patch       | 20 ++++++++++++++
 07_allow_tunnels.patch        | 61 +++++++++++++++++++++++++++++++++++++++++++
 08_setup_script.patch         | 40 ++++++++++++++++++++++++++++
 09_binutils_gold.patch        | 15 +++++++++++
 10_gnutls34.patch             | 35 +++++++++++++++++++++++++
 11_gnutls-cleanup.patch       | 56 +++++++++++++++++++++++++++++++++++++++
 12_memset-sizeof.patch        | 31 ++++++++++++++++++++++
 13_autotest_description.patch | 16 ++++++++++++
 aiccu.spec                    | 24 ++++++++++++++++-
 12 files changed, 379 insertions(+), 1 deletion(-)
---
diff --git a/aiccu.spec b/aiccu.spec
index 234afa3..e511666 100644
--- a/aiccu.spec
+++ b/aiccu.spec
@@ -3,13 +3,24 @@ Summary(pl.UTF-8):	AICCU - Klient automatycznych połączeń IPv6 z SixXS
 Name:		aiccu
 Version:	2007.01.15
 %define		_fileversion	20070115
-Release:	2
+Release:	3
 License:	BSD
 Vendor:		SixXS
 Group:		Networking/Utilities
 Source0:	http://www.sixxs.net/archive/sixxs/aiccu/unix/%{name}_%{_fileversion}.tar.gz
 # Source0-md5:	c9bcc83644ed788e22a7c3f3d4021350
 Patch0:		%{name}-makefile.diff
+Patch1:		02_skip-strip.patch
+Patch2:		03_no-quiet-gcc.patch
+Patch3:		05_spelling-error.patch
+Patch4:		06_syslog_openlog.patch
+Patch5:		07_allow_tunnels.patch
+Patch6:		08_setup_script.patch
+Patch7:		09_binutils_gold.patch
+Patch8:		10_gnutls34.patch
+Patch9:		11_gnutls-cleanup.patch
+Patch10:	12_memset-sizeof.patch
+Patch11:	13_autotest_description.patch
 URL:		http://www.sixxs.net/tools/aiccu/
 Requires(post,preun):	/sbin/chkconfig
 Requires:	gnutls
@@ -34,6 +45,17 @@ więcej szczegółów.
 %prep
 %setup -q -n %{name}
 %patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
 
 %build
 %{__make} \
diff --git a/02_skip-strip.patch b/02_skip-strip.patch
new file mode 100644
index 0000000..1873057
--- /dev/null
+++ b/02_skip-strip.patch
@@ -0,0 +1,20 @@
+We handle stripping of the binary through dh_strip, thus remove the
+upstream code handling that, which does not care about our Debian
+build options.
+
+Index: aiccu-20070115/unix-console/Makefile
+===================================================================
+--- aiccu-20070115.orig/unix-console/Makefile	2009-10-25 22:31:57.000000000 +0100
++++ aiccu-20070115/unix-console/Makefile	2009-10-25 22:32:04.000000000 +0100
+@@ -145,11 +145,6 @@
+ 
+ aiccu:	$(OBJS) ${SRCS} ${INCS}
+ 	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS)
+-ifeq ($(shell echo $(CFLAGS) | grep -c "DEBUG"),0)
+-ifeq ($(shell echo "$(RPM_OPT_FLAGS)" | wc -c),1)
+-	strip $@
+-endif
+-endif
+ 
+ clean:
+ 	$(RM) -f $(OBJS) aiccu
diff --git a/03_no-quiet-gcc.patch b/03_no-quiet-gcc.patch
new file mode 100644
index 0000000..27d14ad
--- /dev/null
+++ b/03_no-quiet-gcc.patch
@@ -0,0 +1,16 @@
+It's better for us to see gcc output in the build log to ease debugging.
+Quiet builds make that much harder.
+
+Index: aiccu-20070115/unix-console/Makefile
+===================================================================
+--- aiccu-20070115.orig/unix-console/Makefile	2009-10-25 22:33:06.000000000 +0100
++++ aiccu-20070115/unix-console/Makefile	2009-10-25 22:33:12.000000000 +0100
+@@ -26,7 +26,7 @@
+ 
+ #CFLAGS	+= $(CWARNS) -D_GNU_SOURCE -D_DEBUG -g3 -O0
+ CFLAGS	+= $(CWARNS) -D_GNU_SOURCE
+-CC      = @gcc
++CC      = gcc
+ RM      = rm
+ 
+ # Add -O3 when nothing is specified yet
diff --git a/05_spelling-error.patch b/05_spelling-error.patch
new file mode 100644
index 0000000..832dbf9
--- /dev/null
+++ b/05_spelling-error.patch
@@ -0,0 +1,46 @@
+Fix some spelling errors to satisfy lintian
+
+--- aiccu.orig/common/aiccu_test.c
++++ aiccu/common/aiccu_test.c
+@@ -133,7 +133,7 @@
+ 	printf("### This confirms the reachability of the other side of the tunnel\n");
+ 	printf("### If it doesn't reply then check your interface and routing tables\n");
+ 	printf("### Don't forget to check your firewall of course\n");
+-	printf("### If the previous test was succesful then this could be both\n");
++	printf("### If the previous test was successful then this could be both\n");
+ 	printf("### a firewalling and a routing/interface problem\n");
+ 	printf("\n");
+ 	system_arg(PING6, PINGCOUNT, hTunnel->sIPv6_POP);
+--- aiccu.orig/common/common.c
++++ aiccu/common/common.c
+@@ -484,7 +484,7 @@
+ 		return false;
+ 	}
+ 
+-	dolog(LOG_DEBUG, "TLS Handshake completed succesfully\n");
++	dolog(LOG_DEBUG, "TLS Handshake completed successfully\n");
+ 
+ 	sock->tls_active = true;
+ 	return true;
+--- aiccu.orig/common/tic.c
++++ aiccu/common/tic.c
+@@ -517,8 +517,8 @@
+ 		struct in6_addr ipv6_ll, ipv6_local;
+ 		char ll[100];
+ 
+-		/* Log that the fetch was succesful */
+-		dolog(LOG_INFO, "Succesfully retrieved tunnel information for %s\n", sId);
++		/* Log that the fetch was successful */
++		dolog(LOG_INFO, "Successfully retrieved tunnel information for %s\n", sId);
+ 
+ 		/*
+ 		 * Some TUN/TAP devices don't have any
+@@ -652,7 +652,7 @@
+ 	/* All went okay? */
+ 	if (buf[0] == '2' && buf[1] == '0' && buf[2] == '2')
+ 	{
+-		dolog(LOG_INFO, "Succesfully retrieved POP information for %s\n", sId);
++		dolog(LOG_INFO, "Successfully retrieved POP information for %s\n", sId);
+ 		return pop;
+ 	}
+ 
diff --git a/06_syslog_openlog.patch b/06_syslog_openlog.patch
new file mode 100644
index 0000000..a3d1882
--- /dev/null
+++ b/06_syslog_openlog.patch
@@ -0,0 +1,20 @@
+commit 0f7db943bef0488644dce11c2ba2d19c180d8650
+Author: Norman Rasmussen <norman at rasmussen.co.za>
+Date:   Sun Jan 10 21:43:44 2010 +0000
+
+    Initialize syslog so that we log with our PID as DAEMON.
+
+diff --git a/common/aiccu.c b/common/aiccu.c
+index 9abb334..75aadc8 100755
+--- a/common/aiccu.c
++++ b/common/aiccu.c
+@@ -58,6 +58,9 @@ bool aiccu_InitConfig()
+ 	int ret;
+ #define CAFILE "ca.pem"
+ #endif
++#ifndef _WIN32
++	openlog(NULL, LOG_PID, LOG_DAEMON);
++#endif
+ 	/* Allocate & Initialize */
+ 	g_aiccu = (struct AICCU_conf *)malloc(sizeof(*g_aiccu));
+ 	if (!g_aiccu) return false;
diff --git a/07_allow_tunnels.patch b/07_allow_tunnels.patch
new file mode 100644
index 0000000..ec1c1da
--- /dev/null
+++ b/07_allow_tunnels.patch
@@ -0,0 +1,61 @@
+commit d7c4f7c0d34b80c188fa45228ca282fd8771a41d
+Author: Norman Rasmussen <norman at rasmussen.co.za>
+Date:   Sun Jan 10 21:45:55 2010 +0000
+
+    Allow 'tunnels' mode when there's an already running instance.
+
+diff --git a/unix-console/main.c b/unix-console/main.c
+index 8a4d9a9..388d988 100755
+--- a/unix-console/main.c
++++ b/unix-console/main.c
+@@ -50,7 +50,7 @@ int sigrunning(int sig)
+ 	/* Close the file again */
+ 	fclose(f);
+ 
+-	/* If we can HUP it, it still runs */
++	/* If we can signal it, it still runs */
+ 	return (pid > 0 && kill(pid, sig) == 0 ? 1 : 0);
+ }
+ 
+@@ -302,20 +302,6 @@ int main(int argc, char *argv[])
+ 		return -1;
+ 	}
+ 
+-#ifndef _WIN32
+-	/* start or stop? */
+-	if (	mode != A_TEST &&
+-		mode != A_AUTOTEST)
+-	{
+-		/* Already running? */
+-		if (sigrunning(mode == A_STOP ? SIGTERM : 0) == 1)
+-		{
+-			dolog(LOG_ERR, "Already running instance HUP'ed, exiting\n");
+-			return 0;
+-		}
+-	}
+-#endif
+-
+ 	/* Verify required parameters */
+ 	if (!g_aiccu->username || !g_aiccu->password)
+ 	{
+@@ -331,6 +317,20 @@ int main(int argc, char *argv[])
+ 		return ret == 0 ? -1 : 0;
+ 	}
+ 
++#ifndef _WIN32
++	/* start or stop? */
++	if (	mode != A_TEST &&
++		mode != A_AUTOTEST)
++	{
++		/* Already running? */
++		if (sigrunning(mode == A_STOP ? SIGTERM : 0) == 1)
++		{
++			dolog(LOG_ERR, "Already running instance signaled, exiting\n");
++			return 0;
++		}
++	}
++#endif
++
+ 	/* Get our tunnel */
+ 	hTunnel = get_tunnel();
+ 	
diff --git a/08_setup_script.patch b/08_setup_script.patch
new file mode 100644
index 0000000..26010f8
--- /dev/null
+++ b/08_setup_script.patch
@@ -0,0 +1,40 @@
+Author: Norman Rasmussen <norman at rasmussen.co.za>
+
+    Make setupscript work and add teardownscript setting.
+
+--- aiccu.orig/common/aiccu.c
++++ aiccu/common/aiccu.c
+@@ -212,9 +212,6 @@
+ 	fprintf(f, "# Try to automatically login and setup the tunnel?\n");
+ 	fprintf(f, "automatic %s\n", g_aiccu->automatic ? "true" : "false");
+ 	fprintf(f, "\n");
+-	fprintf(f, "# Script to run after setting up the interfaces (default: none)\n");
+-	fprintf(f, "%ssetupscript %s\n", g_aiccu->setupscript ? "" : "#", g_aiccu->setupscript ? g_aiccu->setupscript : "<path>");
+-	fprintf(f, "\n");
+ 	fprintf(f, "# TLS Required?\n");
+ 	fprintf(f, "requiretls %s\n", g_aiccu->requiretls ? "true" : "false");
+ 	fprintf(f, "\n");
+@@ -231,6 +228,9 @@
+ 	fprintf(f, "# PID File\n");
+ 	fprintf(f, "pidfile %s\n", g_aiccu->pidfile);
+ 	fprintf(f, "\n");
++	fprintf(f, "# Script to run after setting up the interfaces (default: none)\n");
++	fprintf(f, "%ssetupscript %s\n", g_aiccu->setupscript ? "" : "#", g_aiccu->setupscript ? g_aiccu->setupscript : "<path>");
++	fprintf(f, "\n");
+ 	fprintf(f, "# Make heartbeats (default true)\n");
+ 	fprintf(f, "# In general you don't want to turn this off\n");
+ 	fprintf(f, "# Of course only applies to AYIYA and heartbeat tunnels not to static ones\n");
+--- aiccu.orig/unix-console/main.c
++++ aiccu/unix-console/main.c
+@@ -471,6 +471,11 @@
+ 	 */
+ 	if (aiccu_setup(hTunnel, true))
+ 	{
++		if (g_aiccu->setupscript)
++		{
++			aiccu_exec("%s", g_aiccu->setupscript);
++		}
++
+ 		/* We need to stay running when doing Heartbeat or AYIYA */
+ 		if (	strcasecmp(hTunnel->sType, "6in4-heartbeat") == 0 ||
+ 			strcasecmp(hTunnel->sType, "ayiya") == 0)
diff --git a/09_binutils_gold.patch b/09_binutils_gold.patch
new file mode 100644
index 0000000..4e86fea
--- /dev/null
+++ b/09_binutils_gold.patch
@@ -0,0 +1,15 @@
+Make aiccu compile with ld.gold
+
+Index: aiccu-20070115/unix-console/Makefile
+===================================================================
+--- aiccu-20070115.orig/unix-console/Makefile	2011-02-27 17:43:53.872782002 +0000
++++ aiccu-20070115/unix-console/Makefile	2011-02-27 17:44:23.372782001 +0000
+@@ -150,7 +150,7 @@
+ all: aiccu
+ 
+ aiccu:	$(OBJS) ${SRCS} ${INCS}
+-	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS)
++	$(CC) $(CFLAGS) -o $@ $(OBJS) $(LDFLAGS)
+ 
+ clean:
+ 	$(RM) -f $(OBJS) aiccu
diff --git a/10_gnutls34.patch b/10_gnutls34.patch
new file mode 100644
index 0000000..e8768ea
--- /dev/null
+++ b/10_gnutls34.patch
@@ -0,0 +1,35 @@
+Description: GnuTLS 3.4 compat.
+ Use GnuTLS priority NORMAL:+CTYPE-OPENPGP instead of deprecated (and removed in GnuTLS 3.4) function gnutls_certificate_type_set_priority.
+Author: Andreas Metzler <ametzler at debian.org>
+Bug-Debian: https://bugs.debian.org/624056
+Origin: vendor
+Forwarded: no
+Last-Update: 2015-07-25
+
+--- aiccu-20070115.orig/common/common.c
++++ aiccu-20070115/common/common.c
+@@ -271,8 +271,6 @@ TLSSOCKET sock_alloc(void);
+ TLSSOCKET sock_alloc(void)
+ {
+ #ifdef AICCU_GNUTLS
+-	/* Allow connections to servers that have OpenPGP keys as well */
+-	const int	cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
+ 	int		ret;
+ #endif /* AICCU_GNUTLS*/
+ 
+@@ -297,11 +295,10 @@ TLSSOCKET sock_alloc(void)
+ 	}
+ 
+ 	/* Use default priorities */
+-	gnutls_set_default_priority(sock->session);
+-	/* XXX: Return value is not documented in GNUTLS documentation! */
+-
+-	gnutls_certificate_type_set_priority(sock->session, cert_type_priority);
+-	/* XXX: Return value is not documented in GNUTLS documentation! */
++	/* Allow connections to servers that have OpenPGP keys as well */
++	gnutls_priority_set_direct(sock->session, 
++			"NORMAL:+CTYPE-OPENPGP",
++			NULL);
+ 
+ 	/* Configure the x509 credentials for the current session */
+ 	gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred);
diff --git a/11_gnutls-cleanup.patch b/11_gnutls-cleanup.patch
new file mode 100644
index 0000000..eb2be95
--- /dev/null
+++ b/11_gnutls-cleanup.patch
@@ -0,0 +1,56 @@
+From: "Barak A. Pearlmutter" <barak+git at cs.nuim.ie>
+Date: Fri, 17 Aug 2012 12:23:06 +0200
+Subject: gnutls cleanup
+
+Stop ignoring some gnutls return codes.
+
+Rewrite call to depricated gnutls_set_default_priority() to use
+gnutls_priority_set_direct() instead.
+
+Remove call to deprecated routine
+gnutls_certificate_type_set_priority, no changes necessary.
+---
+ common/common.c |   27 +++++++++++++++++----------
+ 1 file changed, 17 insertions(+), 10 deletions(-)
+
+--- a/common/common.c
++++ b/common/common.c
+@@ -287,7 +287,7 @@
+ 
+ 	/* Initialize TLS session */
+ 	ret = gnutls_init(&sock->session, GNUTLS_CLIENT);
+-	if (ret != 0)
++	if (ret != GNUTLS_E_SUCCESS)
+ 	{
+ 		dolog(LOG_ERR, "TLS Init failed: %s (%d)\n", gnutls_strerror(ret), ret);
+ 		free(sock);
+@@ -296,13 +296,26 @@
+ 
+ 	/* Use default priorities */
+ 	/* Allow connections to servers that have OpenPGP keys as well */
+-	gnutls_priority_set_direct(sock->session, 
++	ret = gnutls_priority_set_direct(sock->session,
+ 			"NORMAL:+CTYPE-OPENPGP",
+ 			NULL);
++	if (ret != GNUTLS_E_SUCCESS)
++	{
++		dolog(LOG_ERR, "TLS set default priority failed: %s (%d)\n", gnutls_strerror(ret), ret);
++		gnutls_deinit(sock->session);
++		free(sock);
++		return NULL;
++	}
+ 
+ 	/* Configure the x509 credentials for the current session */
+-	gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred);
+-	/* XXX: Return value is not documented in GNUTLS documentation! */
++	ret = gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred);
++	if (ret != GNUTLS_E_SUCCESS)
++	{
++		dolog(LOG_ERR, "TLS credentials set failed: %s (%d)\n", gnutls_strerror(ret), ret);
++		gnutls_deinit(sock->session);
++		free(sock);
++		return NULL;
++	}
+ 
+ #endif /* AICCU_GNUTLS*/
+ 
diff --git a/12_memset-sizeof.patch b/12_memset-sizeof.patch
new file mode 100644
index 0000000..91082ef
--- /dev/null
+++ b/12_memset-sizeof.patch
@@ -0,0 +1,31 @@
+From: "Barak A. Pearlmutter" <barak+git at cs.nuim.ie>
+Date: Sat, 22 Feb 2014 15:49:24 +0000
+Subject: memset sizeof
+MIME-Version: 1.0
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
+
+Teeny little bug.
+
+../common/hash_md5.c: In function ‘MD5Final’:
+../common/hash_md5.c:134:23: warning: argument to ‘sizeof’ in ‘memset’ call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
+  memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
+
+Guess it isn't sensitive.  Lucky a pointer takes less space than a struct MD5Context!
+---
+ common/hash_md5.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/common/hash_md5.c b/common/hash_md5.c
+index 160b849..ca4c1b9 100755
+--- a/common/hash_md5.c
++++ b/common/hash_md5.c
+@@ -131,7 +131,7 @@ MD5Final(md5byte digest[16], struct MD5Context *ctx)
+ 
+ 	byteSwap(ctx->buf, 4);
+ 	memcpy(digest, ctx->buf, 16);
+-	memset(ctx, 0, sizeof(ctx));	/* In case it's sensitive */
++	memset(ctx, 0, sizeof(*ctx));	/* In case it's sensitive */
+ }
+ 
+ #ifndef ASM_MD5
diff --git a/13_autotest_description.patch b/13_autotest_description.patch
new file mode 100644
index 0000000..fbd560d
--- /dev/null
+++ b/13_autotest_description.patch
@@ -0,0 +1,16 @@
+Description: Add missing description for "aiccu autotest"
+Author: Axel Beckert <abe at debian.org>
+Forwarded: not-yet
+
+--- a/doc/aiccu.1
++++ b/doc/aiccu.1
+@@ -41,7 +41,8 @@
+ to report this back as it should show most obvious problems.
+ .TP
+ \fBautotest\fR
+-Decription here
++Same as \fBtest\fR but without interactive questions. Piping the
++output of "aiccu autotest" into a log file or "tee" is a good idea.
+ .TP
+ \fBlicense\fR
+ Shows the license aiccu is released under.
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/aiccu.git/commitdiff/3ed092f9270be58aec74c6042cac57c875713550



More information about the pld-cvs-commit mailing list