Attachment 888908 Details for Bug 1083317 – Patch for NM-openvpn dist-git for f19

[patch] Patch for NM-openvpn dist-git for f19

0001-fix-disconnect-on-openvpn-soft-restart.patch (text/plain), 16.50 KB, created by Thomas Haller on 2014-04-23 13:23:10 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Thomas Haller

Created: 2014-04-23 13:23:10 UTC

Size: 16.50 KB

patch

obsolete

>From af87535ef1667cb095c24197c70e3971825aac54 Mon Sep 17 00:00:00 2001
>From: Thomas Haller <thaller@redhat.com>
>Date: Wed, 23 Apr 2014 14:40:59 +0200
>Subject: [PATCH 1/1] fix disconnect on openvpn soft-restart
>
>Resolves: 1083317
>---
> 0002-backport-from-upstream.patch | 430 ++++++++++++++++++++++++++++++++++++++
> NetworkManager-openvpn.spec       |   7 +-
> 2 files changed, 436 insertions(+), 1 deletion(-)
> create mode 100644 0002-backport-from-upstream.patch
>
>diff --git a/0002-backport-from-upstream.patch b/0002-backport-from-upstream.patch
>new file mode 100644
>index 0000000..6cd2778
>--- /dev/null
>+++ b/0002-backport-from-upstream.patch
>@@ -0,0 +1,430 @@
>+From 62ecba0eb42dcafb3a047259b84c30d0eacd370e Mon Sep 17 00:00:00 2001
>+From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes@redhat.com>
>+Date: Thu, 20 Mar 2014 16:03:30 +0100
>+Subject: [PATCH 1/7] properties: fix a memory leak in import code
>+
>+(cherry picked from commit 0bda37998f1c506ad9d29126bd263d7a7588f747)
>+---
>+ properties/import-export.c | 4 +---
>+ 1 file changed, 1 insertion(+), 3 deletions(-)
>+
>+diff --git a/properties/import-export.c b/properties/import-export.c
>+index 5312e36..9398299 100644
>+--- a/properties/import-export.c
>++++ b/properties/import-export.c
>+@@ -431,9 +431,7 @@ do_import (const char *path, char **lines, GError **error)
>+ 
>+ 		if (   !strncmp (*line, HTTP_PROXY_RETRY_TAG, strlen (HTTP_PROXY_RETRY_TAG))
>+ 		    || !strncmp (*line, SOCKS_PROXY_RETRY_TAG, strlen (SOCKS_PROXY_RETRY_TAG))) {
>+-			nm_setting_vpn_add_data_item (s_vpn,
>+-			                              g_strdup (NM_OPENVPN_KEY_PROXY_RETRY),
>+-			                              g_strdup ("yes"));
>++			nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_PROXY_RETRY, "yes");
>+ 			continue;
>+ 		}
>+ 
>+-- 
>+1.9.0
>+
>+
>+From 6229835ead9d5c86c8aac5380cc36fbd475e7199 Mon Sep 17 00:00:00 2001
>+From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes@redhat.com>
>+Date: Mon, 24 Mar 2014 12:45:19 +0100
>+Subject: [PATCH 2/7] trivial: fix error messages for tests
>+
>+(cherry picked from commit a39781d88eac42781dacd7f959117bb6922f9f83)
>+---
>+ properties/tests/test-import-export.c | 6 +++---
>+ 1 file changed, 3 insertions(+), 3 deletions(-)
>+
>+diff --git a/properties/tests/test-import-export.c b/properties/tests/test-import-export.c
>+index 3932ce7..f34fd32 100644
>+--- a/properties/tests/test-import-export.c
>++++ b/properties/tests/test-import-export.c
>+@@ -71,14 +71,14 @@ test_item (const char *test,
>+ 
>+ 	value = nm_setting_vpn_get_data_item (s_vpn, item);
>+ 	if (expected == NULL) {
>+-		ASSERT (value == NULL, test, "unexpected '%s' item value (found '%s', expected NULL",
>++		ASSERT (value == NULL, test, "unexpected '%s' item value (found '%s', expected NULL)",
>+ 		        item, value);
>+ 		return;
>+ 	}
>+ 
>+ 	ASSERT (value != NULL, test, "missing '%s' item value", item);
>+ 	ASSERT (strcmp (value, expected) == 0, test,
>+-	        "unexpected '%s' secret value (found '%s', expected '%s')",
>++	        "unexpected '%s' item value (found '%s', expected '%s')",
>+ 	        item, value, expected);
>+ }
>+ 
>+@@ -94,7 +94,7 @@ test_secret (const char *test,
>+ 
>+ 	value = nm_setting_vpn_get_secret (s_vpn, item);
>+ 	if (expected == NULL) {
>+-		ASSERT (value == NULL, test, "unexpected '%s' secret value (found '%s', expected NULL",
>++		ASSERT (value == NULL, test, "unexpected '%s' secret value (found '%s', expected NULL)",
>+ 		        item, value);
>+ 		return;
>+ 	}
>+-- 
>+1.9.0
>+
>+
>+From 951650cf8042dcfef0bb2bde73e68d5ab808e001 Mon Sep 17 00:00:00 2001
>+From: Thomas Haller <thaller@redhat.com>
>+Date: Tue, 18 Mar 2014 15:32:25 +0100
>+Subject: [PATCH 3/7] helper: improve parsing of command line arguments
>+
>+Allow a separator argument "--" to separate arguments
>+provided by openvpn from the arguments provided by the
>+plugin.
>+
>+Signed-off-by: Thomas Haller <thaller@redhat.com>
>+(cherry picked from commit 8a41f0af3d435ef17ab77d0394e92fba33a6b9d5)
>+---
>+ src/nm-openvpn-service-openvpn-helper.c | 30 +++++++++++++++++++++++++-----
>+ src/nm-openvpn-service.c                |  8 ++++----
>+ 2 files changed, 29 insertions(+), 9 deletions(-)
>+
>+diff --git a/src/nm-openvpn-service-openvpn-helper.c b/src/nm-openvpn-service-openvpn-helper.c
>+index 766703d..1e9c301 100644
>+--- a/src/nm-openvpn-service-openvpn-helper.c
>++++ b/src/nm-openvpn-service-openvpn-helper.c
>+@@ -54,6 +54,8 @@ extern char **environ;
>+ #define DBUS_TYPE_G_ARRAY_OF_ARRAY_OF_UINT (dbus_g_type_get_collection ("GPtrArray", DBUS_TYPE_G_ARRAY_OF_UINT))
>+ #define DBUS_TYPE_G_PTR_ARRAY_OF_STRING    (dbus_g_type_get_collection ("GPtrArray", G_TYPE_STRING))
>+ 
>++static gboolean helper_debug = FALSE;
>++
>+ static void
>+ helper_failed (DBusGConnection *connection, const char *reason)
>+ {
>+@@ -381,18 +383,25 @@ main (int argc, char *argv[])
>+ 	struct in_addr temp_addr;
>+ 	gboolean tapdev = FALSE;
>+ 	char **iter;
>++	int shift = 0;
>+ 
>+ #if !GLIB_CHECK_VERSION (2, 35, 0)
>+ 	g_type_init ();
>+ #endif
>+ 
>+-	connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &err);
>+-	if (!connection) {
>+-		g_warning ("Could not get the system bus: %s", err->message);
>+-		exit (1);
>++	for (i = 1; i < argc; i++) {
>++		if (!strcmp (argv[i], "--")) {
>++			i++;
>++			break;
>++		}
>++		if (!strcmp (argv[i], "--helper-debug"))
>++			helper_debug = TRUE;
>++		else
>++			break;
>+ 	}
>++	shift = i - 1;
>+ 
>+-	if (argc >= 2 && !g_strcmp0 (argv[1], "--helper-debug")) {
>++	if (helper_debug) {
>+ 		g_message ("openvpn script environment ---------------------------");
>+ 		iter = environ;
>+ 		while (iter && *iter)
>+@@ -400,6 +409,17 @@ main (int argc, char *argv[])
>+ 		g_message ("------------------------------------------------------");
>+ 	}
>+ 
>++	/* shift the arguments to the right leaving only those provided by openvpn */
>++	argv[shift] = argv[0];
>++	argv += shift;
>++	argc -= shift;
>++
>++	connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &err);
>++	if (!connection) {
>++		g_warning ("Could not get the system bus: %s", err->message);
>++		exit (1);
>++	}
>++
>+ 	config = g_hash_table_new (g_str_hash, g_str_equal);
>+ 
>+ 	/* External world-visible VPN gateway */
>+diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
>+index 7b4cbd7..5d236e1 100644
>+--- a/src/nm-openvpn-service.c
>++++ b/src/nm-openvpn-service.c
>+@@ -738,6 +738,7 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
>+ 	GPtrArray *args;
>+ 	GSource *openvpn_watch;
>+ 	GPid pid;
>++	char *stmp;
>+ 
>+ 	/* Find openvpn */
>+ 	openvpn_binary = nm_find_openvpn ();
>+@@ -968,10 +969,9 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
>+ 
>+ 	/* Up script, called when connection has been established or has been restarted */
>+ 	add_openvpn_arg (args, "--up");
>+-	if (debug)
>+-		add_openvpn_arg (args, NM_OPENVPN_HELPER_PATH " --helper-debug");
>+-	else
>+-		add_openvpn_arg (args, NM_OPENVPN_HELPER_PATH);
>++	stmp = g_strdup_printf ("%s%s --", NM_OPENVPN_HELPER_PATH, debug ? " --helper-debug" : "");
>++	add_openvpn_arg (args, stmp);
>++	g_free (stmp);
>+ 	add_openvpn_arg (args, "--up-restart");
>+ 
>+ 	/* Keep key and tun if restart is needed */
>+-- 
>+1.9.0
>+
>+
>+From 64166f4ff94c49f6fe29766dbdcb776dbadd0c9f Mon Sep 17 00:00:00 2001
>+From: Thomas Haller <thaller@redhat.com>
>+Date: Tue, 18 Mar 2014 15:39:56 +0100
>+Subject: [PATCH 4/7] helper: log the command line arguments for
>+ "--helper-debug"
>+
>+Signed-off-by: Thomas Haller <thaller@redhat.com>
>+(cherry picked from commit 38c4273ad269cca254e4e7687917d34bf050e04b)
>+---
>+ src/nm-openvpn-service-openvpn-helper.c | 17 ++++++++++++++++-
>+ 1 file changed, 16 insertions(+), 1 deletion(-)
>+
>+diff --git a/src/nm-openvpn-service-openvpn-helper.c b/src/nm-openvpn-service-openvpn-helper.c
>+index 1e9c301..7dcd633 100644
>+--- a/src/nm-openvpn-service-openvpn-helper.c
>++++ b/src/nm-openvpn-service-openvpn-helper.c
>+@@ -402,10 +402,25 @@ main (int argc, char *argv[])
>+ 	shift = i - 1;
>+ 
>+ 	if (helper_debug) {
>++		GString *args;
>++
>++		args = g_string_new (NULL);
>++		for (i = 0; i < argc; i++) {
>++			if (i > 0)
>++				g_string_append_c (args, ' ');
>++			if (shift && 1 + shift == i)
>++				g_string_append (args, "  ");
>++			tmp = g_strescape (argv[i], NULL);
>++			g_string_append_printf (args, "\"%s\"", tmp);
>++			g_free (tmp);
>++		}
>++
>++		g_message ("command line: %s", args->str);
>++		g_string_free (args, TRUE);
>+ 		g_message ("openvpn script environment ---------------------------");
>+ 		iter = environ;
>+ 		while (iter && *iter)
>+-			g_print ("%s\n", *iter++);
>++			g_message ("%s", *iter++);
>+ 		g_message ("------------------------------------------------------");
>+ 	}
>+ 
>+-- 
>+1.9.0
>+
>+
>+From cccf3940de08f67b4d9371f1ab1bdf908b3bccd5 Mon Sep 17 00:00:00 2001
>+From: Thomas Haller <thaller@redhat.com>
>+Date: Tue, 18 Mar 2014 15:40:41 +0100
>+Subject: [PATCH 5/7] helper: pass device type to helper script as command line
>+ argument
>+
>+The device name can be changed, so we should not use it do detect
>+the device type. Instead pass it to the helper script as argument.
>+
>+Signed-off-by: Thomas Haller <thaller@redhat.com>
>+(cherry picked from commit 17a837d0e36df086bf842d1ebd6abef2585585f5)
>+---
>+ src/nm-openvpn-service-openvpn-helper.c | 10 +++++++---
>+ src/nm-openvpn-service.c                | 10 +++++-----
>+ 2 files changed, 12 insertions(+), 8 deletions(-)
>+
>+diff --git a/src/nm-openvpn-service-openvpn-helper.c b/src/nm-openvpn-service-openvpn-helper.c
>+index 7dcd633..5cbd40f 100644
>+--- a/src/nm-openvpn-service-openvpn-helper.c
>++++ b/src/nm-openvpn-service-openvpn-helper.c
>+@@ -381,7 +381,7 @@ main (int argc, char *argv[])
>+ 	GValue *nbns_list = NULL;
>+ 	GPtrArray *dns_domains = NULL;
>+ 	struct in_addr temp_addr;
>+-	gboolean tapdev = FALSE;
>++	int tapdev = -1;
>+ 	char **iter;
>+ 	int shift = 0;
>+ 
>+@@ -396,6 +396,10 @@ main (int argc, char *argv[])
>+ 		}
>+ 		if (!strcmp (argv[i], "--helper-debug"))
>+ 			helper_debug = TRUE;
>++		else if (!strcmp (argv[i], "--tun"))
>++			tapdev = 0;
>++		else if (!strcmp (argv[i], "--tap"))
>++			tapdev = 1;
>+ 		else
>+ 			break;
>+ 	}
>+@@ -457,8 +461,8 @@ main (int argc, char *argv[])
>+ 	else
>+ 		helper_failed (connection, "Tunnel Device");
>+ 
>+-	if (strncmp (tmp, "tap", 3) == 0)
>+-		tapdev = TRUE;
>++	if (tapdev == -1)
>++		tapdev = strncmp (tmp, "tap", 3) == 0;
>+ 
>+ 	/* IP address */
>+ 	val = addr_to_gvalue (getenv ("ifconfig_local"));
>+diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
>+index 5d236e1..f23e3c1 100644
>+--- a/src/nm-openvpn-service.c
>++++ b/src/nm-openvpn-service.c
>+@@ -738,6 +738,7 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
>+ 	GPtrArray *args;
>+ 	GSource *openvpn_watch;
>+ 	GPid pid;
>++	gboolean dev_type_is_tap;
>+ 	char *stmp;
>+ 
>+ 	/* Find openvpn */
>+@@ -830,10 +831,8 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
>+ 	/* Device, either tun or tap */
>+ 	add_openvpn_arg (args, "--dev");
>+ 	tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_TAP_DEV);
>+-	if (tmp && !strcmp (tmp, "yes"))
>+-		add_openvpn_arg (args, "tap");
>+-	else
>+-		add_openvpn_arg (args, "tun");
>++	dev_type_is_tap = !g_strcmp0 (tmp, "yes");
>++	add_openvpn_arg (args, dev_type_is_tap ? "tap" : "tun");
>+ 
>+ 	/* Protocol, either tcp or udp */
>+ 	add_openvpn_arg (args, "--proto");
>+@@ -969,7 +968,8 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
>+ 
>+ 	/* Up script, called when connection has been established or has been restarted */
>+ 	add_openvpn_arg (args, "--up");
>+-	stmp = g_strdup_printf ("%s%s --", NM_OPENVPN_HELPER_PATH, debug ? " --helper-debug" : "");
>++	stmp = g_strdup_printf ("%s%s %s --", NM_OPENVPN_HELPER_PATH, debug ? " --helper-debug" : "",
>++	                        dev_type_is_tap ? "--tap" : "--tun");
>+ 	add_openvpn_arg (args, stmp);
>+ 	g_free (stmp);
>+ 	add_openvpn_arg (args, "--up-restart");
>+-- 
>+1.9.0
>+
>+
>+From 92f974bb44d3323c8dc9f1514124df5f4a4a1a24 Mon Sep 17 00:00:00 2001
>+From: Thomas Haller <thaller@redhat.com>
>+Date: Tue, 18 Mar 2014 15:42:13 +0100
>+Subject: [PATCH 6/7] helper: gracefully handle missing environment variables
>+ in --up-restart invocations
>+
>+When calling the script during restart, some environment variables are
>+not set properly. Work around this by taking the values from the
>+command line arguments instead.
>+
>+https://bugzilla.gnome.org/show_bug.cgi?id=556134
>+https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/280160/
>+https://bugzilla.redhat.com/show_bug.cgi?id=766340
>+https://bugzilla.redhat.com/show_bug.cgi?id=1083317
>+
>+Signed-off-by: Thomas Haller <thaller@redhat.com>
>+(cherry picked from commit 39e9437fa6f1e3271776aae632f5b3a34d0ac5f9)
>+
>+Conflicts:
>+	src/nm-openvpn-service-openvpn-helper.c
>+---
>+ src/nm-openvpn-service-openvpn-helper.c | 26 ++++++++++++++++++--------
>+ 1 file changed, 18 insertions(+), 8 deletions(-)
>+
>+diff --git a/src/nm-openvpn-service-openvpn-helper.c b/src/nm-openvpn-service-openvpn-helper.c
>+index 5cbd40f..2485c95 100644
>+--- a/src/nm-openvpn-service-openvpn-helper.c
>++++ b/src/nm-openvpn-service-openvpn-helper.c
>+@@ -384,6 +384,7 @@ main (int argc, char *argv[])
>+ 	int tapdev = -1;
>+ 	char **iter;
>+ 	int shift = 0;
>++	gboolean is_restart;
>+ 
>+ #if !GLIB_CHECK_VERSION (2, 35, 0)
>+ 	g_type_init ();
>+@@ -433,6 +434,8 @@ main (int argc, char *argv[])
>+ 	argv += shift;
>+ 	argc -= shift;
>+ 
>++	is_restart = argc >= 7 && !g_strcmp0 (argv[6], "restart");
>++
>+ 	connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &err);
>+ 	if (!connection) {
>+ 		g_warning ("Could not get the system bus: %s", err->message);
>+@@ -464,21 +467,28 @@ main (int argc, char *argv[])
>+ 	if (tapdev == -1)
>+ 		tapdev = strncmp (tmp, "tap", 3) == 0;
>+ 
>+-	/* IP address */
>+-	val = addr_to_gvalue (getenv ("ifconfig_local"));
>+-	if (val)
>+-		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, val);
>+-	else
>+-		helper_failed (connection, "IP4 Address");
>++	/* IPv4 address */
>++	tmp = getenv ("ifconfig_local");
>++	if (!tmp && is_restart)
>++		tmp = argv[4];
>++	if (tmp && strlen (tmp)) {
>++		val = addr_to_gvalue (tmp);
>++		if (val)
>++			g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, val);
>++		else
>++			helper_failed (connection, "IP4 Address");
>++	}
>+ 
>+ 	/* PTP address; for vpnc PTP address == internal IP4 address */
>+-	val = addr_to_gvalue (getenv ("ifconfig_remote"));
>++	tmp = getenv ("ifconfig_remote");
>++	if (!tmp && is_restart)
>++		tmp = argv[5];
>++	val = addr_to_gvalue (tmp);
>+ 	if (val) {
>+ 		/* Sigh.  Openvpn added 'topology' stuff in 2.1 that changes the meaning
>+ 		 * of the ifconfig bits without actually telling you what they are
>+ 		 * supposed to mean; basically relying on specific 'ifconfig' behavior.
>+ 		 */
>+-		tmp = getenv ("ifconfig_remote");
>+ 		if (tmp && !strncmp (tmp, "255.", 4)) {
>+ 			guint32 addr;
>+ 
>+-- 
>+1.9.0
>+
>+
>+From 3f78861d17e3811687132b490b18466f852e721d Mon Sep 17 00:00:00 2001
>+From: Thomas Haller <thaller@redhat.com>
>+Date: Mon, 24 Mar 2014 14:46:35 +0100
>+Subject: [PATCH 7/7] set G_LOG_DOMAIN to nm-openvpn
>+
>+Signed-off-by: Thomas Haller <thaller@redhat.com>
>+(cherry picked from commit 62d535c10bbe35196d5f0c8f00656e071b64ead0)
>+---
>+ src/Makefile.am | 1 +
>+ 1 file changed, 1 insertion(+)
>+
>+diff --git a/src/Makefile.am b/src/Makefile.am
>+index 15a39a4..fb26f00 100644
>+--- a/src/Makefile.am
>++++ b/src/Makefile.am
>+@@ -11,6 +11,7 @@ AM_CPPFLAGS = \
>+ 	-DLOCALSTATEDIR=\""$(localstatedir)"\" \
>+ 	-DDATADIR=\"$(datadir)\" \
>+ 	-DNM_OPENVPN_LOCALEDIR=\"$(datadir)/locale\" \
>++	-DG_LOG_DOMAIN=\"nm-openvpn\" \
>+ 	-I$(top_srcdir)
>+ 
>+ libexec_PROGRAMS = nm-openvpn-service nm-openvpn-service-openvpn-helper
>+-- 
>+1.9.0
>+
>diff --git a/NetworkManager-openvpn.spec b/NetworkManager-openvpn.spec
>index 4856f8d..e58fef4 100644
>--- a/NetworkManager-openvpn.spec
>+++ b/NetworkManager-openvpn.spec
>@@ -4,12 +4,13 @@ Summary:   NetworkManager VPN plugin for OpenVPN
> Name:      NetworkManager-openvpn
> Epoch:     1
> Version:   0.9.8.2
>-Release:   4%{snapshot}%{?dist}
>+Release:   4.test1%{snapshot}%{?dist}
> License:   GPLv2+
> URL:       http://www.gnome.org/projects/NetworkManager/
> Group:     System Environment/Base
> Source0:   http://ftp.gnome.org/pub/GNOME/sources/%{name}/0.9/%{name}-%{version}%{snapshot}.tar.bz2
> Patch1:    rh997255-fix-pkcs12-endless-loop.patch
>+Patch2:    0002-backport-from-upstream.patch
> 
> BuildRequires: gtk3-devel
> BuildRequires: dbus-devel
>@@ -55,6 +56,7 @@ the OpenVPN server with NetworkManager (GNOME files).
> %setup -q -n %{name}-%{version}
> 
> %patch1 -p1 -b .rh997255-fix-endless-loop
>+%patch2 -p1 -b .0002-backport-from-upstream.orig
> 
> %build
> if [ ! -f configure ]; then
>@@ -88,6 +90,9 @@ rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la
> %{_datadir}/gnome-vpn-properties/openvpn/nm-openvpn-dialog.ui
> 
> %changelog
>+* Wed Apr 23 2014 Thomas Haller <thaller@redhat.com> - 1:0.9.8.2-4.test1
>+- fix disconnects on openvpn soft-restarts (bgo #556134, rh #1083317)
>+
> * Tue Jan  7 2014 JiÅÃ KlimeÅ¡ <jklimes@redhat.com> - 1:0.9.8.2-4
> - properties: fix an endless loop when selecting PKCS12 file (rh #997255)
> 
>-- 
>1.9.0
>

Flags:

thaller: review-

Actions: View | Diff

Attachments on bug 1083317: 888896 | 888908