diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /net-vpn/peervpn/files |
reinit the tree, so we can have metadata
Diffstat (limited to 'net-vpn/peervpn/files')
-rw-r--r-- | net-vpn/peervpn/files/peervpn-0.044-strncpy-null-terminator.patch | 91 | ||||
-rw-r--r-- | net-vpn/peervpn/files/peervpn.initd | 21 | ||||
-rw-r--r-- | net-vpn/peervpn/files/peervpn.logrotated | 7 | ||||
-rw-r--r-- | net-vpn/peervpn/files/peervpn.service | 12 |
4 files changed, 131 insertions, 0 deletions
diff --git a/net-vpn/peervpn/files/peervpn-0.044-strncpy-null-terminator.patch b/net-vpn/peervpn/files/peervpn-0.044-strncpy-null-terminator.patch new file mode 100644 index 000000000000..e16d0ef80239 --- /dev/null +++ b/net-vpn/peervpn/files/peervpn-0.044-strncpy-null-terminator.patch @@ -0,0 +1,91 @@ +From 5dda3477ed31888b86792ed05c17d80a77fe0b03 Mon Sep 17 00:00:00 2001 +From: Zac Medico <zmedico@gentoo.org> +Date: Thu, 30 Mar 2017 16:03:27 -0700 +Subject: [PATCH] config.ic: fix strncpy calls to copy null terminator for 512 + byte strings + +This problem caused a 512 byte psk setting to trigger authentication +failure, since the strlen call used to set password_len would return +an unpredictable result on each peer. + +https://github.com/peervpn/peervpn/pull/20 +--- + config.ic | 26 +++++++++++++------------- + 1 file changed, 13 insertions(+), 13 deletions(-) + +diff --git a/config.ic b/config.ic +index e0eba35..405e9de 100644 +--- a/config.ic ++++ b/config.ic +@@ -147,55 +147,55 @@ static int parseConfigLine(char *line, int len, struct s_initconfig *cs) { + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"local",&vpos)) { +- strncpy(cs->sourceip,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->sourceip,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"port",&vpos)) { +- strncpy(cs->sourceport,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->sourceport,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"user",&vpos)) { +- strncpy(cs->userstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->userstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"group",&vpos)) { +- strncpy(cs->groupstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->groupstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"chroot",&vpos)) { +- strncpy(cs->chrootstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->chrootstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"networkname",&vpos)) { +- strncpy(cs->networkname,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->networkname,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"interface",&vpos)) { +- strncpy(cs->tapname,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->tapname,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"ifconfig4",&vpos)) { +- strncpy(cs->ifconfig4,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->ifconfig4,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"ifconfig6",&vpos)) { +- strncpy(cs->ifconfig6,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->ifconfig6,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"upcmd",&vpos)) { +- strncpy(cs->upcmd,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->upcmd,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"initpeers",&vpos)) { +- strncpy(cs->initpeers,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->initpeers,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"engine",&vpos)) { +- strncpy(cs->engines,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->engines,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"psk",&vpos)) { +- strncpy(cs->password,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->password,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + cs->password_len = strlen(cs->password); + return 1; + } +-- +2.10.2 + diff --git a/net-vpn/peervpn/files/peervpn.initd b/net-vpn/peervpn/files/peervpn.initd new file mode 100644 index 000000000000..77d98a9558b0 --- /dev/null +++ b/net-vpn/peervpn/files/peervpn.initd @@ -0,0 +1,21 @@ +#!/sbin/openrc-run +# Copyright 2016-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="peervpn server" +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +logfile=${logfile:-"/var/log/${RC_SVCNAME}/${RC_SVCNAME}.log"} +user=${RC_SVCNAME} +group=${RC_SVCNAME} + +command="/usr/sbin/${RC_SVCNAME}" +command_args="${command_args:-/etc/peervpn/peervpn.conf}" +command_background="true" +# peervpn will drop privileges based on user and group config file settings +start_stop_daemon_args=" + --stdout ${logfile} + --stderr ${logfile}" + +depend() { + need net +} diff --git a/net-vpn/peervpn/files/peervpn.logrotated b/net-vpn/peervpn/files/peervpn.logrotated new file mode 100644 index 000000000000..e99669c91358 --- /dev/null +++ b/net-vpn/peervpn/files/peervpn.logrotated @@ -0,0 +1,7 @@ +/var/log/peervpn/peervpn.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/net-vpn/peervpn/files/peervpn.service b/net-vpn/peervpn/files/peervpn.service new file mode 100644 index 000000000000..13c5310f517b --- /dev/null +++ b/net-vpn/peervpn/files/peervpn.service @@ -0,0 +1,12 @@ +[Unit] +Description=peervpn server +Requires=network-online.target +After=network-online.target + +[Service] +Environment=PEERVPN_OPTS="/etc/peervpn/peervpn.conf" +ExecStart=/usr/sbin/peervpn $PEERVPN_OPTS +Restart=on-failure + +[Install] +WantedBy=multi-user.target |