ocserv: updated to 0.10.3

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2024-06-20 07:38:40 +02:00 · 2015-04-26 02:19:44 +02:00 · 2015-04-26 02:19:44 +02:00 · 899724bd35
commit 899724bd35
parent f5cc8c27d7
3 changed files with 2 additions and 140 deletions
--- a/net/ocserv/Makefile
+++ b/net/ocserv/Makefile
@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=ocserv
-PKG_VERSION:=0.10.2
+PKG_VERSION:=0.10.3
 PKG_RELEASE:=1

 PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/ocserv/
-PKG_MD5SUM:=32ce2c2a00a97ab7c27e571aae207b2d
+PKG_MD5SUM:=36c947a4e37484487844dc1c977ca870

 PKG_LICENSE:=GPLv2
 PKG_LICENSE_FILES:=COPYING
--- a/net/ocserv/patches/001-sec-mod-do-not-impose-timeouts-on-reads-from-main.patch
+++ b/net/ocserv/patches/001-sec-mod-do-not-impose-timeouts-on-reads-from-main.patch
@ -1,104 +0,0 @@
-From 0967f05f8d7665a67f3cb0fbed46c48dc7ec74cb Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Tue, 31 Mar 2015 10:13:08 +0200
-Subject: [PATCH] sec-mod: do not impose timeouts on reads from main
-
---
- src/sec-mod.c | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++-------
- 1 file changed, 53 insertions(+), 7 deletions(-)
-
-diff --git a/src/sec-mod.c b/src/sec-mod.c
-index b824e87..5a0763d 100644
--- a/src/sec-mod.c
-+++ b/src/sec-mod.c
-@@ -404,7 +404,56 @@ static void check_other_work(sec_mod_st *sec)
- }
- 
- static
-int serve_request(sec_mod_st *sec, int cfd, unsigned is_main, uint8_t *buffer, unsigned buffer_size)
-+int serve_request_main(sec_mod_st *sec, int cfd, uint8_t *buffer, unsigned buffer_size)
-+{
-+	int ret, e;
-+	unsigned cmd, length;
-+	uint16_t l16;
-+	void *pool = buffer;
-+
-+	/* read request */
-+	ret = force_read(cfd, buffer, 3);
-+	if (ret == 0)
-+		goto leave;
-+	else if (ret < 3) {
-+		e = errno;
-+		seclog(sec, LOG_INFO, "error receiving msg head: %s",
-+		       strerror(e));
-+		ret = ERR_BAD_COMMAND;
-+		goto leave;
-+	}
-+
-+	cmd = buffer[0];
-+	memcpy(&l16, &buffer[1], 2);
-+	length = l16;
-+
-+	if (length > buffer_size - 4) {
-+		seclog(sec, LOG_INFO, "too big message (%d)", length);
-+		ret = ERR_BAD_COMMAND;
-+		goto leave;
-+	}
-+
-+	/* read the body */
-+	ret = force_read(cfd, buffer, length);
-+	if (ret < 0) {
-+		e = errno;
-+		seclog(sec, LOG_INFO, "error receiving msg body: %s",
-+		       strerror(e));
-+		ret = ERR_BAD_COMMAND;
-+		goto leave;
-+	}
-+
-+	ret = process_packet_from_main(pool, cfd, sec, cmd, buffer, ret);
-+	if (ret < 0) {
-+		seclog(sec, LOG_INFO, "error processing data for '%s' command (%d)", cmd_request_to_str(cmd), ret);
-+	}
-+	
-+ leave:
-+	return ret;
-+}
-+
-+static
-+int serve_request(sec_mod_st *sec, int cfd, uint8_t *buffer, unsigned buffer_size)
- {
- 	int ret, e;
- 	unsigned cmd, length;
-@@ -443,10 +492,7 @@ int serve_request(sec_mod_st *sec, int cfd, unsigned is_main, uint8_t *buffer, u
- 		goto leave;
- 	}
- 
-	if (is_main)
-		ret = process_packet_from_main(pool, cfd, sec, cmd, buffer, ret);
-	else
-		ret = process_packet(pool, cfd, sec, cmd, buffer, ret);
-+	ret = process_packet(pool, cfd, sec, cmd, buffer, ret);
- 	if (ret < 0) {
- 		seclog(sec, LOG_INFO, "error processing data for '%s' command (%d)", cmd_request_to_str(cmd), ret);
- 	}
-@@ -677,7 +723,7 @@ void sec_mod_server(void *main_pool, struct perm_cfg_st *perm_config, const char
- 			if (buffer == NULL) {
- 				seclog(sec, LOG_ERR, "error in memory allocation");
- 			} else {
-				ret = serve_request(sec, cmd_fd, 1, buffer, buffer_size);
-+				ret = serve_request_main(sec, cmd_fd, buffer, buffer_size);
- 				if (ret < 0 && ret == ERR_BAD_COMMAND) {
- 					seclog(sec, LOG_ERR, "error processing command from main");
- 					exit(1);
-@@ -710,7 +756,7 @@ void sec_mod_server(void *main_pool, struct perm_cfg_st *perm_config, const char
- 				if (buffer == NULL) {
- 					seclog(sec, LOG_ERR, "error in memory allocation");
- 				} else {
-					serve_request(sec, cfd, 0, buffer, buffer_size);
-+					serve_request(sec, cfd, buffer, buffer_size);
- 					talloc_free(buffer);
- 				}
- 			}
-- 
-2.1.4
-
--- a/net/ocserv/patches/002-reject-bad-commands-from-main.patch
+++ b/net/ocserv/patches/002-reject-bad-commands-from-main.patch
@ -1,34 +0,0 @@
-From 99dd4a6e03b669a5b5fe234fa665b75bbd95c593 Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Tue, 7 Apr 2015 17:13:29 +0200
-Subject: [PATCH] reject bad commands from main
-
---
- src/sec-mod.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/sec-mod.c b/src/sec-mod.c
-index 5a0763d..7783264 100644
--- a/src/sec-mod.c
-+++ b/src/sec-mod.c
-@@ -325,7 +325,7 @@ int process_packet_from_main(void *pool, int cfd, sec_mod_st * sec, cmd_request_
- 					     data.data);
- 		if (msg == NULL) {
- 			seclog(sec, LOG_INFO, "error unpacking auth ban ip reply\n");
-			return -1;
-+			return ERR_BAD_COMMAND;
- 		}
- 
- 		handle_sec_auth_ban_ip_reply(cfd, sec, msg);
-@@ -342,7 +342,7 @@ int process_packet_from_main(void *pool, int cfd, sec_mod_st * sec, cmd_request_
- 						      data.data);
- 			if (msg == NULL) {
- 				seclog(sec, LOG_INFO, "error unpacking session close\n");
-				return -1;
-+				return ERR_BAD_COMMAND;
- 			}
- 
- 			ret = handle_sec_auth_session_cmd(cfd, sec, msg, cmd);
-- 
-2.1.4
-