~ubuntu-branches/ubuntu/oneiric/openvpn/oneiric

Viewing changes to debian/patches/lladdr-is-not-ip.patch

Committer: Bazaar Package Importer
Author(s): Thierry Carrez
Date: 2008-10-07 16:30:44 UTC
mfrom: (1.1.11 upstream) (10.1.1 lenny)
Revision ID: james.westby@ubuntu.com-20081007163044-ixx04wg588z1972e

Tags: 2.1~rc11-1ubuntu1

* Merge with Debian (LP: #279655), remaining diffs:
  - debian/openvpn.init.d: Added 'status' action to init script, show
    per-VPN result messages and add "--script-security 2" by default for
    backwards compatibility
  - debian/control: Added lsb-base>=3.2-14 depend to allow status_of_proc()
* Fixes regression when calling commands with arguments (LP: #277447)

files added:
debian/patches/lladdr-is-not-ip.patch

dhcp.c

dhcp.h

files modified:
ChangeLog

Makefile.am

Makefile.in

buffer.c

buffer.h

config-win32.h

config.h.in

configure

configure.ac

crypto.h

cryptoapi.c

debian/changelog

debian/openvpn.init.d

debian/patches/manpage_dash_escaping.patch

debian/patches/series

debug/valgrind-suppress

errlevel.h

forward.c

forward.h

gremlin.h

helper.c

init.c

lzo.c

misc.c

misc.h

multi.c

ntlm.c

openvpn.8

openvpn.spec

options.c

options.h

reliable.c

route.c

route.h

sample-config-files/client.conf

sample-config-files/server.conf

socket.c

socket.h

ssl.c

t_cltsrv.sh

tun.c

tun.h

version.m4

Show diffs side-by-side

added added

removed removed

debian/patches/lladdr-is-not-ip.patch

Index: openvpn-2.1_rc11/options.c

===================================================================

--- openvpn-2.1_rc11.orig/options.c 2008-09-18 00:28:30.813005586 +0200

+++ openvpn-2.1_rc11/options.c 2008-09-18 00:29:16.041367039 +0200

@@ -3436,11 +3436,11 @@

else if (streq (p[0], "lladdr") && p[1])

{

VERIFY_PERMISSION (OPT_P_UP);

- if (ip_addr_dotted_quad_safe (p[1])) /* FQDN -- IP address only */

+ if (mac_addr_safe (p[1])) /* MAC address only */

options->lladdr = p[1];

else

{

- msg (msglevel, "lladdr parm '%s' must be an IP address", p[1]);

+ msg (msglevel, "lladdr parm '%s' must be an MAC address", p[1]);

goto err;

}

Index: openvpn-2.1_rc11/socket.c

===================================================================

--- openvpn-2.1_rc11.orig/socket.c 2008-09-18 00:28:36.304471508 +0200

+++ openvpn-2.1_rc11/socket.c 2008-09-18 00:29:16.044367597 +0200

@@ -294,6 +294,47 @@

}

+bool

+mac_addr_safe (const char *mac_addr)

+ /* verify non-NULL */

+ if (!mac_addr)

+ return false;

+ /* verify length is within limits */

+ if (strlen (mac_addr) > 17)

+ return false;

+ /* verify that all chars are either alphanumeric or ':' and that no

+ alphanumeric substring is greater than 2 chars */

+ {

+ int nnum = 0;

+ const char *p = mac_addr;

+ int c;

+ while ((c = *p++))

+ {

+ if ( (c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F') )

+ {

+ ++nnum;

+ if (nnum > 2)

+ return false;

+ }

+ else if (c == ':')

+ {

+ nnum = 0;

+ }

+ else

+ return false;

+ }

+ /* error-checking is left to script invoked in lladdr.c */

+ return true;

static bool

dns_addr_safe (const char *addr)

{

Index: openvpn-2.1_rc11/socket.h

===================================================================

--- openvpn-2.1_rc11.orig/socket.h 2008-09-18 00:28:41.083135754 +0200

+++ openvpn-2.1_rc11/socket.h 2008-09-18 00:29:16.046367039 +0200

@@ -399,6 +399,7 @@

/* integrity validation on pulled options */

bool ip_addr_dotted_quad_safe (const char *dotted_quad);

+bool mac_addr_safe (const char *mac_addr);

bool ip_or_dns_addr_safe (const char *addr, const bool allow_fqdn);

socket_descriptor_t create_socket_tcp (void);

Older »