Hello community, here is the log from the commit of package openfortivpn for openSUSE:Factory checked in at 2018-07-12 09:19:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openfortivpn (Old) and /work/SRC/openSUSE:Factory/.openfortivpn.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openfortivpn" Thu Jul 12 09:19:49 2018 rev:4 rq:622040 version:1.7.1 Changes: -------- --- /work/SRC/openSUSE:Factory/openfortivpn/openfortivpn.changes 2018-05-06 15:01:57.699939905 +0200 +++ /work/SRC/openSUSE:Factory/.openfortivpn.new/openfortivpn.changes 2018-07-12 09:21:39.170627314 +0200 @@ -1,0 +2,32 @@ +Mon Jun 18 06:24:41 UTC 2018 - [email protected] + +- Update to version 1.7.1 + * openfortivpn version 1.7.1 + * remove iswhitespace_like in favorite of isspace + * treat carriage returns as white space (might solve #129) (#334) + * update README.md for MacOS X (#333) + * Ooops... Fix --help output. + * Revert 6772c53 + * Let pppd handle DNS servers + * Manual page fixes + * Documentation: we -> openfortivpn + * Ooops... Partial revert of 30a4e0b + * Temporarily change recipient of Coverity reports + * Simplify ofv_append_varr() + * Use the ARRAY_SIZE macro + * Automated Coverity analysis with Travis CI + * Fix pylint warnings + * Restore configure options removed in ac5c083 + * Shell indentation: avoid mixing tabs and spaces + * Use PKG_CHECK_MODULES compiler/linker flags + * Quote shell variables + * bash -> sh + * Balance directory tree + * Build openfortivpn against OpenSSL 1.0.2 + * Refactor Travis CI integration + * Revert 79f52ef + * Rework OpenSSL library detection + * Reworked array of pppd args (#295) + * Build with missing pthread_mutexattr_setrobust() (#298) + +------------------------------------------------------------------- Old: ---- openfortivpn-1.7.0.tar.gz New: ---- openfortivpn-1.7.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openfortivpn.spec ++++++ --- /var/tmp/diff_new_pack.6iEGiR/_old 2018-07-12 09:21:39.658627996 +0200 +++ /var/tmp/diff_new_pack.6iEGiR/_new 2018-07-12 09:21:39.658627996 +0200 @@ -17,7 +17,7 @@ Name: openfortivpn -Version: 1.7.0 +Version: 1.7.1 Release: 0 Summary: Client for PPP+SSL VPN tunnel services License: GPL-3.0-or-later ++++++ openfortivpn-1.7.0.tar.gz -> openfortivpn-1.7.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/.travis.yml new/openfortivpn-1.7.1/.travis.yml --- old/openfortivpn-1.7.0/.travis.yml 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/.travis.yml 2018-06-16 20:36:59.000000000 +0200 @@ -2,22 +2,33 @@ sudo: false -install: - - > - [ -f $HOME/astyle/build/gcc/bin/astyle ] || { - wget -O astyle_2.05.1_linux.tar.gz http://sourceforge.net/projects/astyle/files/astyle/astyle%202.05.1/astyle_2.05.1_linux.tar.gz/download; - tar -xf astyle_2.05.1_linux.tar.gz -C $HOME; - make -C $HOME/astyle/build/gcc; - } - - make -C $HOME/astyle/build/gcc prefix=$HOME install - cache: directories: - - $HOME/astyle + - $HOME/.openfortivpn-deps + +before_install: + - tests/ci/install_astyle.sh $HOME/.openfortivpn-deps + - tests/ci/install_openssl.sh $HOME/.openfortivpn-deps + +install: + - ./autogen.sh + - PKG_CONFIG_PATH=$HOME/.openfortivpn-deps/lib/pkgconfig ./configure --prefix=/usr --sysconfdir=/etc + - make script: - ./tests/lint/run.sh - - > - ./autogen.sh - && ./configure --prefix=/usr --sysconfdir=/etc - && make + +env: + global: + # COVERITY_SCAN_TOKEN + - secure: "HuYAk43itUiq0YJjmyvCyOM3mnRo8bFqSwksOmQ5fjvQscVWqZg6M9h8Abb+lKAc9L9avrwObjhu3EmOqoZ9Cjtp4WS4IdESK/UNe/jHpODFknsKefPgP67Z/yEFNVU1+5pS0+r+gTWQcZMyJrWrDde0lWpWHR/W7rTtqIbZH8Bp/T7oUN5q10x8PBcOZi/yVqNNicyuERIvUkobro5k+e4rY1N1HkptKs4wVY8M4WZUHwokNtuVfs0yoGQtrpi1KVRWq8sDkb8DNTeNv0MMEoQYUmNlEWxPaKJ9DBr65ajGLHzwUkWaNJGYw7mXwXoBwn5uKOyoytRA6Tj1wbVj4ggqqq6P6tbIcZ4YUW6N72gRaqvCnm6mRnbDHQtvzpqqxtr585mD11mh0DNmB15rvjNcZU/4wHHNQBsFcYEr+fN2/2ef/T3n0dymnnv2uZ05d11V5uSC6XYt3h0VxMDwarOVvOcWKYIQqzs4Bhigd2982v3OlIi5tbOSzHkbiCSP1msOKd6/XpCiCFpqed2UtSGZukisp3wQNfPnUOWoguOJ38nNe2o2G/l6HNOLd6u3sFlhzzthnJ6LPFD1CD9LPaOVYIVrRr90l0B2j1vPQM03eiiw7P6XvI6hPdqAM3VSEyjyrzUJRCUXAA8tovRwKTFlc506FWiFlGBFXFFI3zs=" + +addons: + coverity_scan: + project: + name: adrienverge/openfortivpn + description: Client for PPP+SSL VPN tunnel services + notification_email: [email protected] + build_command_prepend: ./configure --prefix=/usr --sysconfdir=/etc; make clean + build_command: make + branch_pattern: coverity_scan diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/Makefile.am new/openfortivpn-1.7.1/Makefile.am --- old/openfortivpn-1.7.0/Makefile.am 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/Makefile.am 2018-06-16 20:36:59.000000000 +0200 @@ -9,7 +9,7 @@ openfortivpn_CFLAGS = -Wall --pedantic -std=gnu99 openfortivpn_CPPFLAGS = -DSYSCONFDIR=\"$(sysconfdir)\" -openfortivpn_CFLAGS += $(OPENSSL_CFLAGS) +openfortivpn_CPPFLAGS += $(OPENSSL_CFLAGS) openfortivpn_LDADD = $(OPENSSL_LIBS) DISTCHECK_CONFIGURE_FLAGS = CFLAGS=-Werror diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/README.md new/openfortivpn-1.7.1/README.md --- old/openfortivpn-1.7.0/README.md 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/README.md 2018-06-16 20:36:59.000000000 +0200 @@ -38,8 +38,9 @@ port = 8443 username = foo password = bar - set-dns = 0 set-routes = 0 + set-dns = 0 + pppd-use-peerdns = 0 # X509 certificate sha256 sum, trust only this one! trusted-cert = e46d4aff08ba6914e64daa85bc6112a422fa7ce16631bff0b592a28556f993db ``` @@ -75,7 +76,11 @@ /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" # Install Dependencies - brew install automake autoconf [email protected] + brew install automake autoconf [email protected] pkg-config + + # You may need to make this openssl available to compilers + export LDFLAGS="-L/usr/local/opt/openssl/lib $LDFLAGS" + export CPPFLAGS="-I/usr/local/opt/openssl/include $CPPFLAGS" ``` On macOS, install 'openfortivpn'... diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/configure.ac new/openfortivpn-1.7.1/configure.ac --- old/openfortivpn-1.7.0/configure.ac 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/configure.ac 2018-06-16 20:36:59.000000000 +0200 @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ([2.63]) -AC_INIT([openfortivpn], [1.7.0]) +AC_INIT([openfortivpn], [1.7.1]) AC_CONFIG_SRCDIR([src/main.c]) AM_INIT_AUTOMAKE([foreign subdir-objects]) @@ -18,7 +18,7 @@ AM_SILENT_RULES([yes]) # Checks for libraries. -PKG_CHECK_MODULES(OPENSSL, [libcrypto libssl]) +PKG_CHECK_MODULES(OPENSSL, [libcrypto >= 0.9.8 libssl >= 0.9.8], [], [AC_MSG_ERROR([Cannot find OpenSSL 0.9.8 or higher.])]) AC_CHECK_LIB([pthread], [pthread_create], [], [AC_MSG_ERROR([Cannot find libpthread.])]) AC_CHECK_LIB([util], [forkpty], [], [AC_MSG_ERROR([Cannot find libutil.])]) @@ -38,7 +38,15 @@ # Checks for library functions. AC_FUNC_MALLOC AC_FUNC_REALLOC -AC_CHECK_FUNCS([atoi close connect execv exit _exit fclose fcntl fflush fopen forkpty fprintf fputs free freeaddrinfo freeifaddrs freopen fwrite getaddrinfo getchar getenv getopt_long htons index inet_addr inet_ntoa isatty malloc memcpy memmem memmove memset ntohs open openlog pclose popen printf pthread_cancel pthread_cond_init pthread_cond_signal pthread_cond_wait pthread_join pthread_mutexattr_init pthread_mutexattr_setrobust pthread_mutex_destroy pthread_mutex_init pthread_mutex_lock pthread_mutex_unlock pthread_sigmask puts read realloc rewind select setenv sigaddset sigemptyset signal snprintf socket sprintf strcasestr strcat strchr strcmp strcpy strdup strerror strlen strncasecmp strncat strncpy strsignal strstr strtok strtok_r strtol syslog system tcsetattr usleep vprintf vsnprintf vsyslog write], [], AC_MSG_ERROR([Required function not present])) +AC_CHECK_FUNCS([atoi close connect execv exit _exit fclose fcntl fflush fopen forkpty fprintf fputs free freeaddrinfo freeifaddrs freopen fwrite getaddrinfo getchar getenv getopt_long htons index inet_addr inet_ntoa isatty isdigit isspace malloc memcpy memmem memmove memset ntohs open openlog pclose popen printf pthread_cancel pthread_cond_init pthread_cond_signal pthread_cond_wait pthread_join pthread_mutexattr_init pthread_mutex_destroy pthread_mutex_init pthread_mutex_lock pthread_mutex_unlock pthread_sigmask puts read realloc rewind select setenv sigaddset sigemptyset signal snprintf socket sprintf strcasestr strcat strchr strcmp strcpy strdup strerror strlen strncasecmp strncat strncpy strsignal strstr strtok strtok_r strtol syslog system tcsetattr usleep vprintf vsnprintf vsyslog write], [], AC_MSG_ERROR([Required function not present])) +AC_CHECK_FUNCS([pthread_mutexattr_setrobust]) +# Use PKG_CHECK_MODULES compiler/linker flags +save_openssl_CPPFLAGS="${CPPFLAGS}" +save_openssl_LIBS="${LIBS}" +CPPFLAGS="${OPENSSL_CFLAGS} ${CPPFLAGS}" +LIBS="${OPENSSL_LIBS} ${LIBS}" AC_CHECK_FUNCS([X509_check_host]) +CPPFLAGS="${save_openssl_CPPFLAGS}" +LIBS="${save_openssl_LIBS}" AC_OUTPUT(Makefile) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/doc/openfortivpn.1.in new/openfortivpn-1.7.1/doc/openfortivpn.1.in --- old/openfortivpn-1.7.0/doc/openfortivpn.1.in 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/doc/openfortivpn.1.in 2018-06-16 20:36:59.000000000 +0200 @@ -12,8 +12,8 @@ [\fB\-\-set-routes=<bool>\fR] [\fB\-\-no-routes\fR] [\fB\-\-set-dns=<bool>\fR] -[\fB\-\-half-internet-routes=<bool>\fR] [\fB\-\-no-dns\fR] +[\fB\-\-half-internet-routes=<bool>\fR] [\fB\-\-ca-file=\fI<file>\fR] [\fB\-\-user-cert=\fI<file>\fR] [\fB\-\-user-key=\fI<file>\fR] @@ -64,16 +64,18 @@ is usually what you want. .TP \fB\-\-set-routes=\fI<bool>\fR, \fB\-\-no-routes\fR -Set if we should try to configure IP routes through the VPN when tunnel is up. If used multiple times, the last one takes priority. +Set if openfortivpn should try to configure IP routes through the VPN when +tunnel is up. If used multiple times, the last one takes priority. \fB\-\-no-routes\fR is the same as \fB\-\-set-routes=\fI0\fR. .TP -\fB\-\-half-internet-routes=\fI<bool>\fR, if set to 1, tells openfortivpn not -to replace the default route by a different one, but to set up two 0.0.0.0/1 -and 128.0.0.0/1 routes with higher priority instead. +\fB\-\-half-internet-routes=\fI<bool>\fR +Set if openfortivpn should add two 0.0.0.0/1 and 128.0.0.0/1 routes with +higher priority instead of replacing the default route. .TP \fB\-\-set-dns=\fI<bool>\fR, \fB\-\-no-dns\fR -Set if we should add VPN nameservers in /etc/resolv.conf when tunnel is up. If used multiple times, the last one takes priority. +Set if openfortivpn should add VPN nameservers in /etc/resolv.conf when +tunnel is up. If used multiple times, the last one takes priority. \fB\-\-no-dns\fR is the same as \fB\-\-set-dns=\fI0\fR. .TP @@ -224,7 +226,7 @@ .br # ca-file = @SYSCONFDIR@/openfortivpn/ca-bundle.pem .br -set-dns = 1 +set-dns = 0 .br set-routes = 1 .br diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/etc/ppp/ip-down.local.example new/openfortivpn-1.7.1/etc/ppp/ip-down.local.example --- old/openfortivpn-1.7.0/etc/ppp/ip-down.local.example 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/etc/ppp/ip-down.local.example 2018-06-16 20:36:59.000000000 +0200 @@ -2,10 +2,10 @@ case "$PPP_IPPARAM" in openfortivpn*) - rconf=/etc/resolv.conf - [[ -f $rconf.openfortivpn ]] && cp -pv $rconf.openfortivpn $rconf - exit 0 - ;; + rconf=/etc/resolv.conf + [[ -f $rconf.openfortivpn ]] && cp -pv $rconf.openfortivpn $rconf + exit 0 + ;; esac 2>&1 | logger -p daemon.debug -i -t "$0" true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/etc/ppp/ip-up.local.example new/openfortivpn-1.7.1/etc/ppp/ip-up.local.example --- old/openfortivpn-1.7.0/etc/ppp/ip-up.local.example 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/etc/ppp/ip-up.local.example 2018-06-16 20:36:59.000000000 +0200 @@ -2,21 +2,21 @@ case "$PPP_IPPARAM" in openfortivpn*) - rconf=/etc/resolv.conf - routes=$(echo $PPP_IPPARAM | tr , ' ') - for r in $routes; do - [[ $r = "openfortivpn" ]] && continue - com="ip route add ${r%/*} via ${r##*/}" - echo $com - $com - done - cp -pv $rconf $rconf.openfortivpn - if [[ "$DNS1" ]]; then - echo nameserver $DNS1 > $rconf - [[ "$DNS2" ]] && [[ "$DNS1" != "$DNS2" ]] && echo nameserver $DNS2 >> $rconf - fi - exit 0 - ;; + rconf=/etc/resolv.conf + routes=$(echo $PPP_IPPARAM | tr , ' ') + for r in $routes; do + [[ $r = "openfortivpn" ]] && continue + com="ip route add ${r%/*} via ${r##*/}" + echo $com + $com + done + cp -pv $rconf $rconf.openfortivpn + if [[ "$DNS1" ]]; then + echo nameserver $DNS1 > $rconf + [[ "$DNS2" ]] && [[ "$DNS1" != "$DNS2" ]] && echo nameserver $DNS2 >> $rconf + fi + exit 0 + ;; esac 2>&1 | logger -p daemon.debug -i -t "$0" true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/src/config.c new/openfortivpn-1.7.1/src/config.c --- old/openfortivpn-1.7.0/src/config.c 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/src/config.c 2018-06-16 20:36:59.000000000 +0200 @@ -135,19 +135,19 @@ val = equals + 1; // Remove heading spaces - while (key[0] != '\0' && (key[0] == ' ' || key[0] == '\t')) + while (isspace(key[0])) key++; - while (val[0] != '\0' && (val[0] == ' ' || val[0] == '\t')) + while (isspace(val[0])) val++; // Remove trailing spaces for (i = strlen(key) - 1; i > 0; i--) { - if (key[i] == ' ' || key[i] == '\t') + if (isspace(key[i])) key[i] = '\0'; else break; } for (i = strlen(val) - 1; i > 0; i--) { - if (val[i] == ' ' || val[i] == '\t') + if (isspace(val[i])) val[i] = '\0'; else break; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/src/log.c new/openfortivpn-1.7.1/src/log.c --- old/openfortivpn-1.7.0/src/log.c 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/src/log.c 2018-06-16 20:36:59.000000000 +0200 @@ -55,7 +55,7 @@ is_a_tty = isatty(STDOUT_FILENO); pthread_mutexattr_init(&mutexattr); -#ifndef __APPLE__ +#ifdef HAVE_PTHREAD_MUTEXATTR_SETROBUST pthread_mutexattr_setrobust(&mutexattr, PTHREAD_MUTEX_ROBUST); #endif pthread_mutex_init(&mutex, &mutexattr); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/src/main.c new/openfortivpn-1.7.1/src/main.c --- old/openfortivpn-1.7.0/src/main.c 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/src/main.c 2018-06-16 20:36:59.000000000 +0200 @@ -60,12 +60,12 @@ " -o <otp>, --otp=<otp> One-Time-Password.\n" \ " --realm=<realm> Use specified authentication realm on VPN gateway\n" \ " when tunnel is up.\n" \ -" --set-routes=[01] Set if we should configure output roues through\n" \ +" --set-routes=[01] Set if openfortivpn should configure output roues through\n" \ " the VPN when tunnel is up.\n" \ " --no-routes Do not configure routes, same as --set-routes=0.\n" \ -" --half-internet-routes=[01] Add two 0.0.0.0/1 and 128.0.0.0/1 routes with higher" \ +" --half-internet-routes=[01] Add two 0.0.0.0/1 and 128.0.0.0/1 routes with higher\n" \ " priority instead of replacing the default route.\n" \ -" --set-dns=[01] Set if we should add VPN name servers in\n" \ +" --set-dns=[01] Set if openfortivpn should add VPN name servers in\n" \ " /etc/resolv.conf\n" \ " --no-dns Do not reconfigure DNS, same as --set-dns=0\n" \ " --ca-file=<file> Use specified PEM-encoded certificate bundle\n" \ @@ -188,7 +188,7 @@ {"set-routes", required_argument, 0, 0}, {"no-routes", no_argument, &cfg.set_routes, 0}, {"half-internet-routes", required_argument, 0, 0}, - {"set-dns", required_argument, 0, 0}, + {"set-dns", required_argument, 0, 0}, {"no-dns", no_argument, &cfg.set_dns, 0}, {"pppd-no-peerdns", no_argument, &cfg.pppd_use_peerdns, 0}, {"use-syslog", no_argument, &cfg.use_syslog, 1}, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/src/tunnel.c new/openfortivpn-1.7.1/src/tunnel.c --- old/openfortivpn-1.7.0/src/tunnel.c 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/src/tunnel.c 2018-06-16 20:36:59.000000000 +0200 @@ -50,6 +50,32 @@ #include <sys/wait.h> #include <assert.h> +struct ofv_varr { + unsigned cap; // current capacity + unsigned off; // next slot to write, always < max(cap - 1, 1) + const char **data; // NULL terminated +}; + +static void ofv_append_varr(struct ofv_varr *p, const char *x) +{ + if (p->off + 1 >= p->cap) { + const char **ndata; + unsigned ncap = (p->off + 1) * 2; + assert(p->off + 1 < ncap); + ndata = realloc(p->data, ncap * sizeof(const char *)); + if (ndata) { + p->data = ndata; + p->cap = ncap; + } else { + log_error("realloc: %s\n", strerror(errno)); + assert(ndata); + return; + } + } + assert(p->off + 1 < p->cap); + p->data[p->off] = x; + p->data[++p->off] = NULL; +} static int on_ppp_if_up(struct tunnel *tunnel) { @@ -123,78 +149,55 @@ log_error("forkpty: %s\n", strerror(errno)); return 1; } else if (pid == 0) { // child process - static const char *args[] = { - pppd_path, - "38400", // speed - ":192.0.2.1", // <local_IP_address>:<remote_IP_address> - "noipdefault", - "noaccomp", - "noauth", - "default-asyncmap", - "nopcomp", - "receive-all", - "nodefaultroute", - "nodetach", - "lcp-max-configure", "40", - "mru", "1354", - NULL, // "usepeerdns" - NULL, NULL, NULL, // "debug", "logfile", pppd_log - NULL, NULL, // "plugin", pppd_plugin - NULL, NULL, // "ipparam", pppd_ipparam - NULL, NULL, // "ifname", pppd_ifname - NULL // terminal null pointer required by execvp() - }; + struct ofv_varr pppd_args = { 0, 0, NULL }; if (tunnel->config->pppd_call) { - /* overwrite args[]: keep pppd_path, replace all - * options with "call <name>" */ - int j = 1; - args[j++] = "call"; - args[j++] = tunnel->config->pppd_call; - while (j < ARRAY_SIZE(args)) - args[j++] = NULL; + ofv_append_varr(&pppd_args, pppd_path); + ofv_append_varr(&pppd_args, "call"); + ofv_append_varr(&pppd_args, tunnel->config->pppd_call); + } else { + const char *v[] = { + pppd_path, + "38400", // speed + ":192.0.2.1", // <local_IP_address>:<remote_IP_address> + "noipdefault", + "noaccomp", + "noauth", + "default-asyncmap", + "nopcomp", + "receive-all", + "nodefaultroute", + "nodetach", + "lcp-max-configure", "40", + "mru", "1354" + }; + for (unsigned i = 0; i < ARRAY_SIZE(v); i++) + ofv_append_varr(&pppd_args, v[i]); } - // Dynamically get first NULL pointer so that changes of - // args above don't need code changes here - int i = ARRAY_SIZE(args) - 1; - while (args[i] == NULL) - i--; - i++; - - /* - * Coverity detected a defect: - * CID 196857: Out-of-bounds write (OVERRUN) - * - * It is actually a false positive: - * Although 'args' is constant, Coverity is unable - * to infer there are enough NULL elements in 'args' - * to add the following options. - */ if (tunnel->config->pppd_use_peerdns) - args[i++] = "usepeerdns"; + ofv_append_varr(&pppd_args, "usepeerdns"); if (tunnel->config->pppd_log) { - args[i++] = "debug"; - args[i++] = "logfile"; - args[i++] = tunnel->config->pppd_log; + ofv_append_varr(&pppd_args, "debug"); + ofv_append_varr(&pppd_args, "logfile"); + ofv_append_varr(&pppd_args, tunnel->config->pppd_log); } if (tunnel->config->pppd_plugin) { - args[i++] = "plugin"; - args[i++] = tunnel->config->pppd_plugin; + ofv_append_varr(&pppd_args, "plugin"); + ofv_append_varr(&pppd_args, tunnel->config->pppd_plugin); } if (tunnel->config->pppd_ipparam) { - args[i++] = "ipparam"; - args[i++] = tunnel->config->pppd_ipparam; + ofv_append_varr(&pppd_args, "ipparam"); + ofv_append_varr(&pppd_args, tunnel->config->pppd_ipparam); } if (tunnel->config->pppd_ifname) { - args[i++] = "ifname"; - args[i++] = tunnel->config->pppd_ifname; + ofv_append_varr(&pppd_args, "ifname"); + ofv_append_varr(&pppd_args, tunnel->config->pppd_ifname); } - // Assert that we didn't use up all NULL pointers above - assert(i < ARRAY_SIZE(args)); close(tunnel->ssl_socket); - execv(args[0], (char *const *)args); + execv(pppd_args.data[0], (char *const *)pppd_args.data); + free(pppd_args.data); /* * The following call to fprintf() doesn't work, probably * because of the prior call to forkpty(). diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/tests/ci/install_astyle.sh new/openfortivpn-1.7.1/tests/ci/install_astyle.sh --- old/openfortivpn-1.7.0/tests/ci/install_astyle.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/openfortivpn-1.7.1/tests/ci/install_astyle.sh 2018-06-16 20:36:59.000000000 +0200 @@ -0,0 +1,17 @@ +#!/bin/sh + +set -e + +PREFIX="$1" + +ln -fs "${PREFIX}/bin/astyle" "${HOME}/bin/astyle" +[ -x "${PREFIX}/bin/astyle" ] && exit 0 + +VERSION=3.1 +SRC="https://sourceforge.net/projects/astyle/files/astyle/astyle%20${VERSION}/astyle_${VERSION}_linux.tar.gz/download"; + +wget -O astyle.tar.gz "$SRC" +tar -xf astyle.tar.gz -C "$HOME" +cd "${HOME}/astyle/build/gcc" +make +make prefix="$PREFIX" install diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/tests/ci/install_openssl.sh new/openfortivpn-1.7.1/tests/ci/install_openssl.sh --- old/openfortivpn-1.7.0/tests/ci/install_openssl.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/openfortivpn-1.7.1/tests/ci/install_openssl.sh 2018-06-16 20:36:59.000000000 +0200 @@ -0,0 +1,17 @@ +#!/bin/sh + +set -e + +PREFIX="$1" + +[ -x "${PREFIX}/bin/openssl" ] && exit 0 + +VERSION=1.0.2o +SRC="https://www.openssl.org/source/openssl-${VERSION}.tar.gz"; + +wget -O openssl.tar.gz "$SRC" +tar -xf openssl.tar.gz -C "$HOME" +cd "${HOME}/openssl-${VERSION}" +./config --prefix="$PREFIX" shared -fPIC +make +make install diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.7.0/tests/lint/line-length.py new/openfortivpn-1.7.1/tests/lint/line-length.py --- old/openfortivpn-1.7.0/tests/lint/line-length.py 2018-04-19 16:06:46.000000000 +0200 +++ new/openfortivpn-1.7.1/tests/lint/line-length.py 2018-06-16 20:36:59.000000000 +0200 @@ -1,4 +1,5 @@ #!/usr/bin/python3 +# -*- coding: utf-8 -*- # Copyright (C) 2015 Adrien Vergé import sys @@ -7,10 +8,22 @@ MAX = 90 -def endswithstring(s): - ENDS = ('"', '",', '");', '" \\') - for end in ENDS: - if s.endswith(end): +def endswithstring(line): + """Detect lines from C source code ending with a string. + + Parameters + ---------- + line : str + Line of C source code. + + Returns + ------- + bool + True if line ends with string, False otherwise. + + """ + for end in ('"', '",', '");', '" \\'): + if line.endswith(end): return True return False @@ -20,9 +33,7 @@ for arg in sys.argv[1:]: with open(arg, 'r') as source_file: - nr = 0 - for line in source_file: - nr += 1 + for i, line in enumerate(source_file): line = line.rstrip() # Lines that end with a string are exempted if endswithstring(line): @@ -31,8 +42,8 @@ line = line.replace('\t', ' ') # Lines longer than MAX are reported as an error if len(line) > MAX: - print('{}: {}: line too long ({} char)' - .format(arg, nr, len(line))) + print('{}: {}: line too long ({} characters)' + .format(arg, i, len(line))) exit_status = 1 sys.exit(exit_status)
