From 899724bd35ea190c81710e06d22dc30b7981416b Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sun, 26 Apr 2015 02:19:44 +0200 Subject: [PATCH] ocserv: updated to 0.10.3 Signed-off-by: Nikos Mavrogiannopoulos --- net/ocserv/Makefile | 4 +- ...t-impose-timeouts-on-reads-from-main.patch | 104 ------------------ .../002-reject-bad-commands-from-main.patch | 34 ------ 3 files changed, 2 insertions(+), 140 deletions(-) delete mode 100644 net/ocserv/patches/001-sec-mod-do-not-impose-timeouts-on-reads-from-main.patch delete mode 100644 net/ocserv/patches/002-reject-bad-commands-from-main.patch diff --git a/net/ocserv/Makefile b/net/ocserv/Makefile index 050fdc74d..00bc39ae6 100644 --- a/net/ocserv/Makefile +++ b/net/ocserv/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ocserv -PKG_VERSION:=0.10.2 +PKG_VERSION:=0.10.3 PKG_RELEASE:=1 PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/ocserv/ -PKG_MD5SUM:=32ce2c2a00a97ab7c27e571aae207b2d +PKG_MD5SUM:=36c947a4e37484487844dc1c977ca870 PKG_LICENSE:=GPLv2 PKG_LICENSE_FILES:=COPYING diff --git a/net/ocserv/patches/001-sec-mod-do-not-impose-timeouts-on-reads-from-main.patch b/net/ocserv/patches/001-sec-mod-do-not-impose-timeouts-on-reads-from-main.patch deleted file mode 100644 index 0d3d2219d..000000000 --- a/net/ocserv/patches/001-sec-mod-do-not-impose-timeouts-on-reads-from-main.patch +++ /dev/null @@ -1,104 +0,0 @@ -From 0967f05f8d7665a67f3cb0fbed46c48dc7ec74cb Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos -Date: Tue, 31 Mar 2015 10:13:08 +0200 -Subject: [PATCH] sec-mod: do not impose timeouts on reads from main - ---- - src/sec-mod.c | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++------- - 1 file changed, 53 insertions(+), 7 deletions(-) - -diff --git a/src/sec-mod.c b/src/sec-mod.c -index b824e87..5a0763d 100644 ---- a/src/sec-mod.c -+++ b/src/sec-mod.c -@@ -404,7 +404,56 @@ static void check_other_work(sec_mod_st *sec) - } - - static --int serve_request(sec_mod_st *sec, int cfd, unsigned is_main, uint8_t *buffer, unsigned buffer_size) -+int serve_request_main(sec_mod_st *sec, int cfd, uint8_t *buffer, unsigned buffer_size) -+{ -+ int ret, e; -+ unsigned cmd, length; -+ uint16_t l16; -+ void *pool = buffer; -+ -+ /* read request */ -+ ret = force_read(cfd, buffer, 3); -+ if (ret == 0) -+ goto leave; -+ else if (ret < 3) { -+ e = errno; -+ seclog(sec, LOG_INFO, "error receiving msg head: %s", -+ strerror(e)); -+ ret = ERR_BAD_COMMAND; -+ goto leave; -+ } -+ -+ cmd = buffer[0]; -+ memcpy(&l16, &buffer[1], 2); -+ length = l16; -+ -+ if (length > buffer_size - 4) { -+ seclog(sec, LOG_INFO, "too big message (%d)", length); -+ ret = ERR_BAD_COMMAND; -+ goto leave; -+ } -+ -+ /* read the body */ -+ ret = force_read(cfd, buffer, length); -+ if (ret < 0) { -+ e = errno; -+ seclog(sec, LOG_INFO, "error receiving msg body: %s", -+ strerror(e)); -+ ret = ERR_BAD_COMMAND; -+ goto leave; -+ } -+ -+ ret = process_packet_from_main(pool, cfd, sec, cmd, buffer, ret); -+ if (ret < 0) { -+ seclog(sec, LOG_INFO, "error processing data for '%s' command (%d)", cmd_request_to_str(cmd), ret); -+ } -+ -+ leave: -+ return ret; -+} -+ -+static -+int serve_request(sec_mod_st *sec, int cfd, uint8_t *buffer, unsigned buffer_size) - { - int ret, e; - unsigned cmd, length; -@@ -443,10 +492,7 @@ int serve_request(sec_mod_st *sec, int cfd, unsigned is_main, uint8_t *buffer, u - goto leave; - } - -- if (is_main) -- ret = process_packet_from_main(pool, cfd, sec, cmd, buffer, ret); -- else -- ret = process_packet(pool, cfd, sec, cmd, buffer, ret); -+ ret = process_packet(pool, cfd, sec, cmd, buffer, ret); - if (ret < 0) { - seclog(sec, LOG_INFO, "error processing data for '%s' command (%d)", cmd_request_to_str(cmd), ret); - } -@@ -677,7 +723,7 @@ void sec_mod_server(void *main_pool, struct perm_cfg_st *perm_config, const char - if (buffer == NULL) { - seclog(sec, LOG_ERR, "error in memory allocation"); - } else { -- ret = serve_request(sec, cmd_fd, 1, buffer, buffer_size); -+ ret = serve_request_main(sec, cmd_fd, buffer, buffer_size); - if (ret < 0 && ret == ERR_BAD_COMMAND) { - seclog(sec, LOG_ERR, "error processing command from main"); - exit(1); -@@ -710,7 +756,7 @@ void sec_mod_server(void *main_pool, struct perm_cfg_st *perm_config, const char - if (buffer == NULL) { - seclog(sec, LOG_ERR, "error in memory allocation"); - } else { -- serve_request(sec, cfd, 0, buffer, buffer_size); -+ serve_request(sec, cfd, buffer, buffer_size); - talloc_free(buffer); - } - } --- -2.1.4 - diff --git a/net/ocserv/patches/002-reject-bad-commands-from-main.patch b/net/ocserv/patches/002-reject-bad-commands-from-main.patch deleted file mode 100644 index b3e72d3dc..000000000 --- a/net/ocserv/patches/002-reject-bad-commands-from-main.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 99dd4a6e03b669a5b5fe234fa665b75bbd95c593 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos -Date: Tue, 7 Apr 2015 17:13:29 +0200 -Subject: [PATCH] reject bad commands from main - ---- - src/sec-mod.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/sec-mod.c b/src/sec-mod.c -index 5a0763d..7783264 100644 ---- a/src/sec-mod.c -+++ b/src/sec-mod.c -@@ -325,7 +325,7 @@ int process_packet_from_main(void *pool, int cfd, sec_mod_st * sec, cmd_request_ - data.data); - if (msg == NULL) { - seclog(sec, LOG_INFO, "error unpacking auth ban ip reply\n"); -- return -1; -+ return ERR_BAD_COMMAND; - } - - handle_sec_auth_ban_ip_reply(cfd, sec, msg); -@@ -342,7 +342,7 @@ int process_packet_from_main(void *pool, int cfd, sec_mod_st * sec, cmd_request_ - data.data); - if (msg == NULL) { - seclog(sec, LOG_INFO, "error unpacking session close\n"); -- return -1; -+ return ERR_BAD_COMMAND; - } - - ret = handle_sec_auth_session_cmd(cfd, sec, msg, cmd); --- -2.1.4 -