ocserv: updated to 0.8.4

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/net/ocserv/Makefile b/net/ocserv/Makefile
index 4a30551757206652090e1a43a99375d022c69807..2cbf69ef4f71a2abe66a65d5ab3effa75af7cb29 100644 (file)
--- a/net/ocserv/Makefile
+++ b/net/ocserv/Makefile
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ocserv
-PKG_VERSION:=0.8.2
-PKG_RELEASE:=2
+PKG_VERSION:=0.8.4
+PKG_RELEASE:=1
 
 PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL :=ftp://ftp.infradead.org/pub/ocserv/
-PKG_MD5SUM:=fd890e121445dfe8bb514da67c91c675
+PKG_MD5SUM:=3eb452fddebda887eaa5f6412dab634c
 
 PKG_LICENSE:=GPLv3
 PKG_LICENSE_FILES:=COPYING

diff --git a/net/ocserv/patches/0001-worker-call-sigprocmask-prior-to-entering-main-loop.patch b/net/ocserv/patches/0001-worker-call-sigprocmask-prior-to-entering-main-loop.patch
deleted file mode 100644 (file)
index 783aa2b..0000000
--- a/net/ocserv/patches/0001-worker-call-sigprocmask-prior-to-entering-main-loop.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From 9be381859d7c9077ed652a82ec06ef01494d413d Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Fri, 8 Aug 2014 12:27:08 +0200
-Subject: [PATCH 01/10] worker: call sigprocmask() prior to entering main loop
-
----
- src/worker-vpn.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/worker-vpn.c b/src/worker-vpn.c
-index 1c30f14..55ab375 100644
---- a/src/worker-vpn.c
-+++ b/src/worker-vpn.c
-@@ -1856,6 +1856,7 @@ static int connect_handler(worker_st * ws)
-       bandwidth_init(&ws->b_tx, ws->config->tx_per_sec);
- 
-       session_info_send(ws);
-+      sigprocmask(SIG_BLOCK, &blockset, NULL);
- 
-       /* worker main loop  */
-       for (;;) {
--- 
-2.0.0
-

diff --git a/net/ocserv/patches/0002-worker-when-the-UDP-socket-is-updated-update-the-DTL.patch b/net/ocserv/patches/0002-worker-when-the-UDP-socket-is-updated-update-the-DTL.patch
deleted file mode 100644 (file)
index 0c5ea02..0000000
--- a/net/ocserv/patches/0002-worker-when-the-UDP-socket-is-updated-update-the-DTL.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From c567a129f4dac88d1b3c4508484a2dffd78e1e5a Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Fri, 22 Aug 2014 11:57:15 +0200
-Subject: [PATCH 06/10] worker: when the UDP socket is updated, update the DTLS
- session
-
----
- src/worker-misc.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/worker-misc.c b/src/worker-misc.c
-index 52be346..bde24d7 100644
---- a/src/worker-misc.c
-+++ b/src/worker-misc.c
-@@ -139,6 +139,8 @@ int handle_worker_commands(struct worker_st *ws)
-                                               close(fd);
-                                               return 0;
-                                       }
-+                                      if (ws->dtls_session != NULL)
-+                                              gnutls_transport_set_ptr(ws->dtls_session, (gnutls_transport_ptr_t)(long)fd);
-                               } else { /* received client hello */
-                                       ws->udp_state = UP_SETUP;
-                               }
--- 
-2.0.0
-

diff --git a/net/ocserv/patches/0003-after-fork-restore-the-default-signal-mask.patch b/net/ocserv/patches/0003-after-fork-restore-the-default-signal-mask.patch
deleted file mode 100644 (file)
index c16228a..0000000
--- a/net/ocserv/patches/0003-after-fork-restore-the-default-signal-mask.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 817f757577ef78bcc19aecf73d6ecf1b11258c82 Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Fri, 22 Aug 2014 15:23:16 +0200
-Subject: [PATCH 07/10] after fork restore the default signal mask
-
----
- src/main-user.c | 2 ++
- src/main.c      | 5 +++--
- src/main.h      | 1 +
- 3 files changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/src/main-user.c b/src/main-user.c
-index bc16e3a..9b57e00 100644
---- a/src/main-user.c
-+++ b/src/main-user.c
-@@ -66,6 +66,8 @@ const char* script;
-               char local[64] = "";
-               char remote[64] = "";
- 
-+              sigprocmask(SIG_SETMASK, &sig_default_set, NULL);
-+
-               snprintf(real, sizeof(real), "%u", (unsigned)proc->pid);
-               setenv("ID", real, 1);
- 
-diff --git a/src/main.c b/src/main.c
-index 8bb3061..a71bde6 100644
---- a/src/main.c
-+++ b/src/main.c
-@@ -64,6 +64,7 @@ static unsigned int terminate = 0;
- static unsigned int reload_conf = 0;
- unsigned int need_maintenance = 0;
- static unsigned int need_children_cleanup = 0;
-+sigset_t sig_default_set;
- 
- static void ms_sleep(unsigned ms)
- {
-@@ -974,7 +975,7 @@ int main(int argc, char** argv)
-               exit(1);
-       }
- 
--      sigprocmask(SIG_BLOCK, &blockset, NULL);
-+      sigprocmask(SIG_BLOCK, &blockset, &sig_default_set);
-       alarm(MAINTAINANCE_TIME(s));
- 
-       for (;;) {
-@@ -1061,6 +1062,7 @@ int main(int argc, char** argv)
-                                       /* close any open descriptors, and erase
-                                        * sensitive data before running the worker
-                                        */
-+                                      sigprocmask(SIG_SETMASK, &sig_default_set, NULL);
-                                       close(cmd_fd[0]);
-                                       clear_lists(s);
- 
-@@ -1096,7 +1098,6 @@ int main(int argc, char** argv)
-                                        * sensitive data have to be overwritten anyway. */
-                                       malloc_trim(0);
- #endif
--                                      sigprocmask(SIG_UNBLOCK, &blockset, NULL);
-                                       vpn_server(ws);
-                                       exit(0);
-                               } else if (pid == -1) {
-diff --git a/src/main.h b/src/main.h
-index de3d00c..cf5a0b1 100644
---- a/src/main.h
-+++ b/src/main.h
-@@ -39,6 +39,7 @@
- 
- #define COOKIE_KEY_SIZE 16
- 
-+extern sigset_t sig_default_set;
- int cmd_parser (void *pool, int argc, char **argv, struct cfg_st** config);
- void reload_cfg_file(void *pool, struct cfg_st* config);
- void clear_cfg_file(struct cfg_st* config);
--- 
-2.0.0
-

diff --git a/net/ocserv/patches/0004-added-work-around-for-infinite-loop-if-the-UDP-descr.patch b/net/ocserv/patches/0004-added-work-around-for-infinite-loop-if-the-UDP-descr.patch
deleted file mode 100644 (file)
index 33f03c6..0000000
--- a/net/ocserv/patches/0004-added-work-around-for-infinite-loop-if-the-UDP-descr.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-diff --git a/src/worker-vpn.c b/src/worker-vpn.c
-index 55ab375..12cd3c8 100644
---- a/src/worker-vpn.c
-+++ b/src/worker-vpn.c
-@@ -1071,9 +1071,20 @@ static int dtls_mainloop(worker_st * ws, struct timespec *tnow)
- {
-       int ret, l;
- 
-+#if GNUTLS_VERSION_NUMBER <= 0x030210
-+      /* work-around an infinite loop caused by gnutls_record_recv()
-+       * always succeeding by counting every error as a discarded packet.
-+       */
-+      ret = gnutls_record_get_discarded(ws->dtls_session);
-+      if (ret > 1000) {
-+              ws->udp_state = UP_DISABLED;
-+              return 0;
-+      }
-+#endif
-       switch (ws->udp_state) {
-       case UP_ACTIVE:
-       case UP_INACTIVE:
-+
-               ret =
-                   tls_recv_nb(ws->dtls_session, ws->buffer, ws->buffer_size);
-               oclog(ws, LOG_TRANSFER_DEBUG,