From 0163093730b49291cd4c6353cee05f4ca780e948 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Thu, 21 Nov 2013 21:46:53 +0100 Subject: Update openvpn source code --- openvpn/INSTALL | 4 + openvpn/compile | 347 +++++++++++++++++++++++++++++++++++++++ openvpn/doc/openvpn.8 | 2 +- openvpn/src/openvpn/buffer.c | 29 ++-- openvpn/src/openvpn/error.c | 9 +- openvpn/src/openvpn/init.c | 2 +- openvpn/src/openvpn/manage.h | 2 +- openvpn/src/openvpn/openvpn.c | 2 +- openvpn/src/openvpn/options.c | 8 +- openvpn/src/openvpn/options.h | 2 +- openvpn/src/openvpn/ssl.c | 4 - openvpn/tests/t_client.rc-sample | 8 +- openvpn/tests/t_client.sh.in | 25 +++ 13 files changed, 412 insertions(+), 32 deletions(-) create mode 100755 openvpn/compile (limited to 'openvpn') diff --git a/openvpn/INSTALL b/openvpn/INSTALL index 61dc9758..2ef7904b 100644 --- a/openvpn/INSTALL +++ b/openvpn/INSTALL @@ -87,6 +87,10 @@ OPTIONAL (for developers only): -- available from http://www.gnu.org/software/software.html (2) Dmalloc library -- available from http://dmalloc.com/ + (3) If using t_client.sh test framework, fping/fping6 is needed + -- Available from http://www.fping.org/ + Note: t_client.sh needs an external configured OpenVPN server. + See t_client.rc-sample for more info. ************************************************************************* diff --git a/openvpn/compile b/openvpn/compile new file mode 100755 index 00000000..531136b0 --- /dev/null +++ b/openvpn/compile @@ -0,0 +1,347 @@ +#! /bin/sh +# Wrapper for compilers which do not understand '-c -o'. + +scriptversion=2012-10-14.11; # UTC + +# Copyright (C) 1999-2013 Free Software Foundation, Inc. +# Written by Tom Tromey . +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +nl=' +' + +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent tools from complaining about whitespace usage. +IFS=" "" $nl" + +file_conv= + +# func_file_conv build_file lazy +# Convert a $build file to $host form and store it in $file +# Currently only supports Windows hosts. If the determined conversion +# type is listed in (the comma separated) LAZY, no conversion will +# take place. +func_file_conv () +{ + file=$1 + case $file in + / | /[!/]*) # absolute file, and not a UNC file + if test -z "$file_conv"; then + # lazily determine how to convert abs files + case `uname -s` in + MINGW*) + file_conv=mingw + ;; + CYGWIN*) + file_conv=cygwin + ;; + *) + file_conv=wine + ;; + esac + fi + case $file_conv/,$2, in + *,$file_conv,*) + ;; + mingw/*) + file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` + ;; + cygwin/*) + file=`cygpath -m "$file" || echo "$file"` + ;; + wine/*) + file=`winepath -w "$file" || echo "$file"` + ;; + esac + ;; + esac +} + +# func_cl_dashL linkdir +# Make cl look for libraries in LINKDIR +func_cl_dashL () +{ + func_file_conv "$1" + if test -z "$lib_path"; then + lib_path=$file + else + lib_path="$lib_path;$file" + fi + linker_opts="$linker_opts -LIBPATH:$file" +} + +# func_cl_dashl library +# Do a library search-path lookup for cl +func_cl_dashl () +{ + lib=$1 + found=no + save_IFS=$IFS + IFS=';' + for dir in $lib_path $LIB + do + IFS=$save_IFS + if $shared && test -f "$dir/$lib.dll.lib"; then + found=yes + lib=$dir/$lib.dll.lib + break + fi + if test -f "$dir/$lib.lib"; then + found=yes + lib=$dir/$lib.lib + break + fi + if test -f "$dir/lib$lib.a"; then + found=yes + lib=$dir/lib$lib.a + break + fi + done + IFS=$save_IFS + + if test "$found" != yes; then + lib=$lib.lib + fi +} + +# func_cl_wrapper cl arg... +# Adjust compile command to suit cl +func_cl_wrapper () +{ + # Assume a capable shell + lib_path= + shared=: + linker_opts= + for arg + do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + eat=1 + case $2 in + *.o | *.[oO][bB][jJ]) + func_file_conv "$2" + set x "$@" -Fo"$file" + shift + ;; + *) + func_file_conv "$2" + set x "$@" -Fe"$file" + shift + ;; + esac + ;; + -I) + eat=1 + func_file_conv "$2" mingw + set x "$@" -I"$file" + shift + ;; + -I*) + func_file_conv "${1#-I}" mingw + set x "$@" -I"$file" + shift + ;; + -l) + eat=1 + func_cl_dashl "$2" + set x "$@" "$lib" + shift + ;; + -l*) + func_cl_dashl "${1#-l}" + set x "$@" "$lib" + shift + ;; + -L) + eat=1 + func_cl_dashL "$2" + ;; + -L*) + func_cl_dashL "${1#-L}" + ;; + -static) + shared=false + ;; + -Wl,*) + arg=${1#-Wl,} + save_ifs="$IFS"; IFS=',' + for flag in $arg; do + IFS="$save_ifs" + linker_opts="$linker_opts $flag" + done + IFS="$save_ifs" + ;; + -Xlinker) + eat=1 + linker_opts="$linker_opts $2" + ;; + -*) + set x "$@" "$1" + shift + ;; + *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) + func_file_conv "$1" + set x "$@" -Tp"$file" + shift + ;; + *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) + func_file_conv "$1" mingw + set x "$@" "$file" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift + done + if test -n "$linker_opts"; then + linker_opts="-link$linker_opts" + fi + exec "$@" $linker_opts + exit 1 +} + +eat= + +case $1 in + '') + echo "$0: No command. Try '$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: compile [--help] [--version] PROGRAM [ARGS] + +Wrapper for compilers which do not understand '-c -o'. +Remove '-o dest.o' from ARGS, run PROGRAM with the remaining +arguments, and rename the output as expected. + +If you are trying to build a whole package this is not the +right script to run: please start by reading the file 'INSTALL'. + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "compile $scriptversion" + exit $? + ;; + cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) + func_cl_wrapper "$@" # Doesn't return... + ;; +esac + +ofile= +cfile= + +for arg +do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + # So we strip '-o arg' only if arg is an object. + eat=1 + case $2 in + *.o | *.obj) + ofile=$2 + ;; + *) + set x "$@" -o "$2" + shift + ;; + esac + ;; + *.c) + cfile=$1 + set x "$@" "$1" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift +done + +if test -z "$ofile" || test -z "$cfile"; then + # If no '-o' option was seen then we might have been invoked from a + # pattern rule where we don't need one. That is ok -- this is a + # normal compilation that the losing compiler can handle. If no + # '.c' file was seen then we are probably linking. That is also + # ok. + exec "$@" +fi + +# Name of file we expect compiler to create. +cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` + +# Create the lock directory. +# Note: use '[/\\:.-]' here to ensure that we don't use the same name +# that we are using for the .o file. Also, base the name on the expected +# object file name, since that is what matters with a parallel build. +lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d +while true; do + if mkdir "$lockdir" >/dev/null 2>&1; then + break + fi + sleep 1 +done +# FIXME: race condition here if user kills between mkdir and trap. +trap "rmdir '$lockdir'; exit 1" 1 2 15 + +# Run the compile. +"$@" +ret=$? + +if test -f "$cofile"; then + test "$cofile" = "$ofile" || mv "$cofile" "$ofile" +elif test -f "${cofile}bj"; then + test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" +fi + +rmdir "$lockdir" +exit $ret + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/openvpn/doc/openvpn.8 b/openvpn/doc/openvpn.8 index fba477ba..e351fff0 100644 --- a/openvpn/doc/openvpn.8 +++ b/openvpn/doc/openvpn.8 @@ -2273,7 +2273,7 @@ otherwise would be prepended. In particular, this applies to log messages sent to stdout. .\"********************************************************* .TP -.B \-\-parsable-output +.B \-\-machine-readable-output Always write timestamps and message flags to log messages, even when they otherwise would not be prefixed. In particular, this applies to log messages sent to stdout. diff --git a/openvpn/src/openvpn/buffer.c b/openvpn/src/openvpn/buffer.c index 56d14b1a..fb3b52d1 100644 --- a/openvpn/src/openvpn/buffer.c +++ b/openvpn/src/openvpn/buffer.c @@ -327,19 +327,28 @@ gc_malloc (size_t size, bool clear, struct gc_arena *a) #endif { void *ret; - struct gc_entry *e; - ASSERT (NULL != a); - + if (a) + { + struct gc_entry *e; #ifdef DMALLOC - e = (struct gc_entry *) openvpn_dmalloc (file, line, size + sizeof (struct gc_entry)); + e = (struct gc_entry *) openvpn_dmalloc (file, line, size + sizeof (struct gc_entry)); #else - e = (struct gc_entry *) malloc (size + sizeof (struct gc_entry)); + e = (struct gc_entry *) malloc (size + sizeof (struct gc_entry)); #endif - check_malloc_return (e); - ret = (char *) e + sizeof (struct gc_entry); - e->next = a->list; - a->list = e; - + check_malloc_return (e); + ret = (char *) e + sizeof (struct gc_entry); + e->next = a->list; + a->list = e; + } + else + { +#ifdef DMALLOC + ret = openvpn_dmalloc (file, line, size); +#else + ret = malloc (size); +#endif + check_malloc_return (ret); + } #ifndef ZERO_BUFFER_ON_ALLOC if (clear) #endif diff --git a/openvpn/src/openvpn/error.c b/openvpn/src/openvpn/error.c index 106213db..9fdd78b2 100644 --- a/openvpn/src/openvpn/error.c +++ b/openvpn/src/openvpn/error.c @@ -163,18 +163,17 @@ set_suppress_timestamps (bool suppressed) } void -set_parsable_output (bool parsable) +set_machine_readable_output (bool parsable) { - parsable_output = parsable; + machine_readable_output = parsable; } - void error_reset () { use_syslog = std_redir = false; suppress_timestamps = false; - parsable_output = false; + machine_readable_output = false; x_debug_level = 1; mute_cutoff = 0; mute_count = 0; @@ -346,7 +345,7 @@ void x_msg_va (const unsigned int flags, const char *format, va_list arglist) FILE *fp = msg_fp(flags); const bool show_usec = check_debug_level (DEBUG_LEVEL_USEC_TIME); - if (parsable_output) + if (machine_readable_output) { struct timeval tv; gettimeofday (&tv, NULL); diff --git a/openvpn/src/openvpn/init.c b/openvpn/src/openvpn/init.c index 7c9bf048..1beca959 100644 --- a/openvpn/src/openvpn/init.c +++ b/openvpn/src/openvpn/init.c @@ -3054,7 +3054,7 @@ do_close_ifconfig_pool_persist (struct context *c) static void do_inherit_env (struct context *c, const struct env_set *src) { - c->c2.es = env_set_create (&c->c2.gc); + c->c2.es = env_set_create (NULL); c->c2.es_owned = true; env_set_inherit (c->c2.es, src); } diff --git a/openvpn/src/openvpn/manage.h b/openvpn/src/openvpn/manage.h index f5a621b7..1c8dda69 100644 --- a/openvpn/src/openvpn/manage.h +++ b/openvpn/src/openvpn/manage.h @@ -34,7 +34,7 @@ #define MANAGEMENT_VERSION 1 #define MANAGEMENT_N_PASSWORD_RETRIES 3 -#define MANAGEMENT_LOG_HISTORY_INITIAL_SIZE 200 +#define MANAGEMENT_LOG_HISTORY_INITIAL_SIZE 100 #define MANAGEMENT_ECHO_BUFFER_SIZE 100 #define MANAGEMENT_STATE_BUFFER_SIZE 100 diff --git a/openvpn/src/openvpn/openvpn.c b/openvpn/src/openvpn/openvpn.c index a177d9e8..c0f2a9a2 100644 --- a/openvpn/src/openvpn/openvpn.c +++ b/openvpn/src/openvpn/openvpn.c @@ -175,7 +175,7 @@ openvpn_main (int argc, char *argv[]) gc_init (&c.gc); /* initialize environmental variable store */ - c.es = env_set_create (&c.gc); + c.es = env_set_create (NULL); #ifdef WIN32 set_win_sys_path_via_env (c.es); #endif diff --git a/openvpn/src/openvpn/options.c b/openvpn/src/openvpn/options.c index 89a5888d..77ccf107 100644 --- a/openvpn/src/openvpn/options.c +++ b/openvpn/src/openvpn/options.c @@ -342,7 +342,7 @@ static const char usage_message[] = "--log file : Output log to file which is created/truncated on open.\n" "--log-append file : Append log to file, or create file if nonexistent.\n" "--suppress-timestamps : Don't log timestamps to stdout/stderr.\n" - "--parsable-output : Always log timestamp, message flags to stdout/stderr.\n" + "--machine-readable-output : Always log timestamp, message flags to stdout/stderr.\n" "--writepid file : Write main process ID to file.\n" "--nice n : Change process priority (>0 = lower, <0 = higher).\n" "--echo [parms ...] : Echo parameters to log output.\n" @@ -4665,11 +4665,11 @@ add_option (struct options *options, options->suppress_timestamps = true; set_suppress_timestamps(true); } - else if (streq (p[0], "parsable-output")) + else if (streq (p[0], "machine-readable-output")) { VERIFY_PERMISSION (OPT_P_GENERAL); - options->parsable_output = true; - set_parsable_output(true); + options->machine_readable_output = true; + set_machine_readable_output(true); } else if (streq (p[0], "log-append") && p[1]) { diff --git a/openvpn/src/openvpn/options.h b/openvpn/src/openvpn/options.h index 4e97a192..dda9658a 100644 --- a/openvpn/src/openvpn/options.h +++ b/openvpn/src/openvpn/options.h @@ -305,7 +305,7 @@ struct options bool log; bool suppress_timestamps; - bool parsable_output; + bool machine_readable_output; int nice; int verbosity; int mute; diff --git a/openvpn/src/openvpn/ssl.c b/openvpn/src/openvpn/ssl.c index 58ba2384..4203fc5c 100644 --- a/openvpn/src/openvpn/ssl.c +++ b/openvpn/src/openvpn/ssl.c @@ -138,8 +138,6 @@ static const tls_cipher_name_pair tls_cipher_name_translation_table[] = { {"DHE-DSS-CAMELLIA128-SHA", "TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA"}, {"DHE-DSS-CAMELLIA256-SHA256", "TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256"}, {"DHE-DSS-CAMELLIA256-SHA", "TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA"}, - {"DHE-DSS-DES-CBC3-SHA", "TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA"}, - {"DHE-DSS-DES-CBC-SHA", "TLS-DHE-DSS-WITH-DES-CBC-SHA"}, {"DHE-DSS-SEED-SHA", "TLS-DHE-DSS-WITH-SEED-CBC-SHA"}, {"DHE-RSA-AES128-GCM-SHA256", "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256"}, {"DHE-RSA-AES128-SHA256", "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256"}, @@ -151,8 +149,6 @@ static const tls_cipher_name_pair tls_cipher_name_translation_table[] = { {"DHE-RSA-CAMELLIA128-SHA", "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA"}, {"DHE-RSA-CAMELLIA256-SHA256", "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256"}, {"DHE-RSA-CAMELLIA256-SHA", "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA"}, - {"DHE-RSA-DES-CBC3-SHA", "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA"}, - {"DHE-RSA-DES-CBC-SHA", "TLS-DHE-RSA-WITH-DES-CBC-SHA"}, {"DHE-RSA-SEED-SHA", "TLS-DHE-RSA-WITH-SEED-CBC-SHA"}, {"DH-RSA-SEED-SHA", "TLS-DH-RSA-WITH-SEED-CBC-SHA"}, {"ECDH-ECDSA-AES128-GCM-SHA256", "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256"}, diff --git a/openvpn/tests/t_client.rc-sample b/openvpn/tests/t_client.rc-sample index dcb3e4ae..6e666077 100644 --- a/openvpn/tests/t_client.rc-sample +++ b/openvpn/tests/t_client.rc-sample @@ -59,18 +59,18 @@ OPENVPN_BASE_P2P="..." RUN_TITLE_1="testing tun/udp/ipv4+ipv6" OPENVPN_CONF_1="$OPENVPN_BASE_P2MP --dev tun --proto udp --remote $REMOTE --port 51194" EXPECT_IFCONFIG4_1="10.100.50.6" -EXPECT_IFCONFIG6_1="2001:dba:a050::1:0" +EXPECT_IFCONFIG6_1="2001:db8:a050::1:0" PING4_HOSTS_1="10.100.50.1 10.100.0.1" -PING6_HOSTS_1="2001:dba::1 2001:dba:a050::1" +PING6_HOSTS_1="2001:db8::1 2001:db8:a050::1" # Test 2: TCP / p2mp tun # RUN_TITLE_2="testing tun/tcp/ipv4+ipv6" OPENVPN_CONF_2="$OPENVPN_BASE_P2MP --dev tun --proto tcp --remote $REMOTE --port 51194" EXPECT_IFCONFIG4_2="10.100.51.6" -EXPECT_IFCONFIG6_2="2001:dba:a051::1:0" +EXPECT_IFCONFIG6_2="2001:db8:a051::1:0" PING4_HOSTS_2="10.100.51.1 10.100.0.1" -PING6_HOSTS_1="2001:dba::1 2001:dba:a051::1" +PING6_HOSTS_2="2001:db8::1 2001:db8:a051::1" # Test 3: UDP / p2p tun # ... diff --git a/openvpn/tests/t_client.sh.in b/openvpn/tests/t_client.sh.in index 189eecce..9b83e148 100755 --- a/openvpn/tests/t_client.sh.in +++ b/openvpn/tests/t_client.sh.in @@ -24,6 +24,18 @@ else exit 77 fi +# Check for external dependencies +which fping > /dev/null +if [ $? -ne 0 ]; then + echo "$0: fping is not available in \$PATH" >&2 + exit 77 +fi +which fping6 > /dev/null +if [ $? -ne 0 ]; then + echo "$0: fping6 is not available in \$PATH" >&2 + exit 77 +fi + if [ ! -x "${top_builddir}/src/openvpn/openvpn" ] then echo "no (executable) openvpn binary in current build tree. FAIL." >&2 @@ -209,6 +221,8 @@ SUMMARY_FAIL= for SUF in $TEST_RUN_LIST do # get config variables + eval test_prep=\"\$PREPARE_$SUF\" + eval test_cleanup=\"\$CLEANUP_$SUF\" eval test_run_title=\"\$RUN_TITLE_$SUF\" eval openvpn_conf=\"\$OPENVPN_CONF_$SUF\" eval expect_ifconfig4=\"\$EXPECT_IFCONFIG4_$SUF\" @@ -219,6 +233,11 @@ do echo -e "\n### test run $SUF: '$test_run_title' ###\n" fail_count=0 + if [ -n "$test_prep" ]; then + echo -e "running preparation: '$test_prep'" + eval $test_prep + fi + echo "save pre-openvpn ifconfig + route" get_ifconfig_route >$LOGDIR/$SUF:ifconfig_route_pre.txt @@ -304,6 +323,12 @@ do SUMMARY_FAIL="$SUMMARY_FAIL $SUF" exit_code=30 fi + + if [ -n "$test_cleanup" ]; then + echo -e "cleaning up: '$test_cleanup'" + eval $test_cleanup + fi + done if [ -z "$SUMMARY_OK" ] ; then SUMMARY_OK=" none"; fi -- cgit v1.2.3