Browse Source

ocserv: updated to 0.8.9

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
lilik-openwrt-22.03
Nikos Mavrogiannopoulos 10 years ago
parent
commit
6424128ae3
3 changed files with 3 additions and 160 deletions
  1. +3
    -3
      net/ocserv/Makefile
  2. +0
    -56
      net/ocserv/patches/001-use-define-_XOPEN_SOURCE-to-get-crypt.patch
  3. +0
    -101
      net/ocserv/patches/002-Notify-the-client-that-the-server-may-have-a-dynamic.patch

+ 3
- 3
net/ocserv/Makefile View File

@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=ocserv PKG_NAME:=ocserv
PKG_VERSION:=0.8.8
PKG_RELEASE:=2
PKG_VERSION:=0.8.9
PKG_RELEASE:=1
PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL :=ftp://ftp.infradead.org/pub/ocserv/ PKG_SOURCE_URL :=ftp://ftp.infradead.org/pub/ocserv/
PKG_MD5SUM:=d9b12a3fa976dfda3e4c0238173744e6
PKG_MD5SUM:=cd935cc89bffac75c825e66ef71f6a73
PKG_LICENSE:=GPLv2 PKG_LICENSE:=GPLv2
PKG_LICENSE_FILES:=COPYING PKG_LICENSE_FILES:=COPYING


+ 0
- 56
net/ocserv/patches/001-use-define-_XOPEN_SOURCE-to-get-crypt.patch View File

@ -1,56 +0,0 @@
From ef48fe731f8b43c58b9580a048d793a69bd5a903 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat, 29 Nov 2014 19:44:03 +0100
Subject: [PATCH] use define _XOPEN_SOURCE to get crypt()
---
configure.ac | 3 ++-
src/auth/plain.c | 3 +++
src/ocpasswd.c | 3 +++
3 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 8bb0044..622929d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -190,7 +190,8 @@ fi
gl_INIT
-AC_LIB_HAVE_LINKFLAGS(crypt,, [#include <unistd.h>], [crypt(0,0);])
+AC_LIB_HAVE_LINKFLAGS(crypt,, [#define _XOPEN_SOURCE
+#include <unistd.h>], [crypt(0,0);])
AC_ARG_WITH(utmp,
AS_HELP_STRING([--without-utmp], [do not use libutil for utmp support]),
diff --git a/src/auth/plain.c b/src/auth/plain.c
index f429ef4..0e13241 100644
--- a/src/auth/plain.c
+++ b/src/auth/plain.c
@@ -22,6 +22,9 @@
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
+#ifndef _XOPEN_SOURCE
+# define _XOPEN_SOURCE
+#endif
#include <unistd.h>
#include <vpn.h>
#include <c-ctype.h>
diff --git a/src/ocpasswd.c b/src/ocpasswd.c
index 8b33d76..aced94a 100644
--- a/src/ocpasswd.c
+++ b/src/ocpasswd.c
@@ -23,6 +23,9 @@
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
+#ifndef _XOPEN_SOURCE
+# define _XOPEN_SOURCE
+#endif
#include <unistd.h>
#include <gnutls/gnutls.h>
#include <gnutls/crypto.h> /* for random */
--
2.1.3

+ 0
- 101
net/ocserv/patches/002-Notify-the-client-that-the-server-may-have-a-dynamic.patch View File

@ -1,101 +0,0 @@
From cb9dcde3874441bf66d52b70ac8b0d6f6bb557d9 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun, 30 Nov 2014 11:30:08 +0100
Subject: [PATCH] Notify the client that the server may have a dynamic DNS
address
That is send "X-CSTP-DynDNS: true", in CSTP headers if the
server is configured as having a dynamic DNS address.
---
doc/sample.config | 5 +++++
src/config.c | 2 ++
src/ocserv-args.def | 5 +++++
src/vpn.h | 1 +
src/worker-vpn.c | 7 +++++++
5 files changed, 20 insertions(+)
diff --git a/doc/sample.config b/doc/sample.config
index a39e573..e07e36a 100644
--- a/doc/sample.config
+++ b/doc/sample.config
@@ -51,6 +51,11 @@ max-same-clients = 2
# hostname.
#listen-host = [IP|HOSTNAME]
+# When the server has a dynamic DNS address (that may change),
+# should set that to true to ask the client to resolve again on
+# reconnects.
+#listen-host-is-dyndns = true
+
# TCP and UDP port number
tcp-port = 443
udp-port = 443
diff --git a/src/config.c b/src/config.c
index 2721a45..0b7e029 100644
--- a/src/config.c
+++ b/src/config.c
@@ -60,6 +60,7 @@ static struct cfg_options available_options[] = {
{ .name = "custom-header", .type = OPTION_MULTI_LINE, .mandatory = 0 },
{ .name = "split-dns", .type = OPTION_MULTI_LINE, .mandatory = 0 },
{ .name = "listen-host", .type = OPTION_STRING, .mandatory = 0 },
+ { .name = "listen-host-is-dyndns", .type = OPTION_BOOLEAN, .mandatory = 0 },
{ .name = "tcp-port", .type = OPTION_NUMERIC, .mandatory = 0 },
{ .name = "udp-port", .type = OPTION_NUMERIC, .mandatory = 0 },
{ .name = "keepalive", .type = OPTION_NUMERIC, .mandatory = 0 },
@@ -403,6 +404,7 @@ unsigned force_cert_auth;
* reload_cfg_file();
*/
READ_STRING("listen-host", config->name);
+ READ_TF("listen-host-is-dyndns", config->is_dyndns, 0);
READ_NUMERIC("tcp-port", config->port);
READ_NUMERIC("udp-port", config->udp_port);
diff --git a/src/ocserv-args.def b/src/ocserv-args.def
index cdc60bd..146e59a 100644
--- a/src/ocserv-args.def
+++ b/src/ocserv-args.def
@@ -126,6 +126,11 @@ max-same-clients = 2
# hostname.
#listen-host = [IP|HOSTNAME]
+# When the server has a dynamic DNS address (that may change),
+# should set that to true to ask the client to resolve again on
+# reconnects.
+#listen-host-is-dyndns = true
+
# TCP and UDP port number
tcp-port = 3333
udp-port = 3333
diff --git a/src/vpn.h b/src/vpn.h
index a460370..03721e1 100644
--- a/src/vpn.h
+++ b/src/vpn.h
@@ -188,6 +188,7 @@ struct cfg_st {
char *name; /* server name */
unsigned int port;
unsigned int udp_port;
+ unsigned int is_dyndns;
char* unix_conn_file;
char *pin_file;
diff --git a/src/worker-vpn.c b/src/worker-vpn.c
index 364cbff..4cb5d99 100644
--- a/src/worker-vpn.c
+++ b/src/worker-vpn.c
@@ -1650,6 +1650,13 @@ static int connect_handler(worker_st * ws)
"X-CSTP-Smartcard-Removal-Disconnect: true\r\n");
SEND_ERR(ret);
+ if (ws->config->is_dyndns != 0) {
+ ret =
+ cstp_puts(ws,
+ "X-CSTP-DynDNS: true\r\n");
+ SEND_ERR(ret);
+ }
+
if (ws->config->rekey_time > 0) {
unsigned method;
--
2.1.3

Loading…
Cancel
Save