commit: bb11c54e4f75db6dddab315fb3db6117959b5882 Author: Zac Medico <zmedico <AT> gentoo <DOT> org> AuthorDate: Fri Mar 31 01:15:24 2017 +0000 Commit: Zac Medico <zmedico <AT> gentoo <DOT> org> CommitDate: Fri Mar 31 01:23:53 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bb11c54e
net-vpn/peervpn: revbump to 0.044-r3 with patch for 512 byte passwords Package-Manager: Portage-2.3.5, Repoman-2.3.2 .../peervpn-0.044-strncpy-null-terminator.patch | 91 ++++++++++++++++++++++ ...vpn-0.044-r2.ebuild => peervpn-0.044-r3.ebuild} | 6 +- 2 files changed, 96 insertions(+), 1 deletion(-) diff --git a/net-vpn/peervpn/files/peervpn-0.044-strncpy-null-terminator.patch b/net-vpn/peervpn/files/peervpn-0.044-strncpy-null-terminator.patch new file mode 100644 index 00000000000..e16d0ef8023 --- /dev/null +++ b/net-vpn/peervpn/files/peervpn-0.044-strncpy-null-terminator.patch @@ -0,0 +1,91 @@ +From 5dda3477ed31888b86792ed05c17d80a77fe0b03 Mon Sep 17 00:00:00 2001 +From: Zac Medico <[email protected]> +Date: Thu, 30 Mar 2017 16:03:27 -0700 +Subject: [PATCH] config.ic: fix strncpy calls to copy null terminator for 512 + byte strings + +This problem caused a 512 byte psk setting to trigger authentication +failure, since the strlen call used to set password_len would return +an unpredictable result on each peer. + +https://github.com/peervpn/peervpn/pull/20 +--- + config.ic | 26 +++++++++++++------------- + 1 file changed, 13 insertions(+), 13 deletions(-) + +diff --git a/config.ic b/config.ic +index e0eba35..405e9de 100644 +--- a/config.ic ++++ b/config.ic +@@ -147,55 +147,55 @@ static int parseConfigLine(char *line, int len, struct s_initconfig *cs) { + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"local",&vpos)) { +- strncpy(cs->sourceip,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->sourceip,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"port",&vpos)) { +- strncpy(cs->sourceport,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->sourceport,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"user",&vpos)) { +- strncpy(cs->userstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->userstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"group",&vpos)) { +- strncpy(cs->groupstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->groupstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"chroot",&vpos)) { +- strncpy(cs->chrootstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->chrootstr,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"networkname",&vpos)) { +- strncpy(cs->networkname,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->networkname,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"interface",&vpos)) { +- strncpy(cs->tapname,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->tapname,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"ifconfig4",&vpos)) { +- strncpy(cs->ifconfig4,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->ifconfig4,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"ifconfig6",&vpos)) { +- strncpy(cs->ifconfig6,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->ifconfig6,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"upcmd",&vpos)) { +- strncpy(cs->upcmd,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->upcmd,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"initpeers",&vpos)) { +- strncpy(cs->initpeers,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->initpeers,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"engine",&vpos)) { +- strncpy(cs->engines,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->engines,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + return 1; + } + else if(parseConfigLineCheckCommand(line,len,"psk",&vpos)) { +- strncpy(cs->password,&line[vpos],CONFPARSER_NAMEBUF_SIZE); ++ strncpy(cs->password,&line[vpos],CONFPARSER_NAMEBUF_SIZE+1); + cs->password_len = strlen(cs->password); + return 1; + } +-- +2.10.2 + diff --git a/net-vpn/peervpn/peervpn-0.044-r2.ebuild b/net-vpn/peervpn/peervpn-0.044-r3.ebuild similarity index 90% rename from net-vpn/peervpn/peervpn-0.044-r2.ebuild rename to net-vpn/peervpn/peervpn-0.044-r3.ebuild index 47b338de404..14ae94d7c02 100644 --- a/net-vpn/peervpn/peervpn-0.044-r2.ebuild +++ b/net-vpn/peervpn/peervpn-0.044-r3.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI=6 @@ -19,6 +19,10 @@ DEPEND="${RDEPEND}" S=${WORKDIR}/${PN}-${EGIT_COMMIT} +PATCHES=( + "${FILESDIR}/${P}-strncpy-null-terminator.patch" +) + pkg_setup() { enewgroup ${PN} enewuser ${PN} -1 -1 -1 ${PN}
