Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openfortivpn for openSUSE:Factory checked in at 2021-09-23 23:03:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openfortivpn (Old) and /work/SRC/openSUSE:Factory/.openfortivpn.new.1899 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openfortivpn" Thu Sep 23 23:03:55 2021 rev:16 rq:921039 version:1.17.1 Changes: -------- --- /work/SRC/openSUSE:Factory/openfortivpn/openfortivpn.changes 2021-07-31 18:52:31.418449166 +0200 +++ /work/SRC/openSUSE:Factory/.openfortivpn.new.1899/openfortivpn.changes 2021-09-23 23:04:02.160322235 +0200 @@ -1,0 +2,8 @@ +Thu Sep 9 12:51:01 UTC 2021 - Martin Hauke <mar...@gmx.de> + +- Updat eto version 1.17.1 + * fix regression: enable OpenSSL engines by default + * fix typos found by codespell + * fix LGTM alerts + +------------------------------------------------------------------- Old: ---- openfortivpn-1.17.0.tar.gz New: ---- openfortivpn-1.17.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openfortivpn.spec ++++++ --- /var/tmp/diff_new_pack.xKYrcf/_old 2021-09-23 23:04:02.724322655 +0200 +++ /var/tmp/diff_new_pack.xKYrcf/_new 2021-09-23 23:04:02.724322655 +0200 @@ -17,7 +17,7 @@ Name: openfortivpn -Version: 1.17.0 +Version: 1.17.1 Release: 0 Summary: Client for PPP+SSL VPN tunnel services License: GPL-3.0-or-later ++++++ openfortivpn-1.17.0.tar.gz -> openfortivpn-1.17.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.17.0/.github/workflows/codespell.yml new/openfortivpn-1.17.1/.github/workflows/codespell.yml --- old/openfortivpn-1.17.0/.github/workflows/codespell.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/openfortivpn-1.17.1/.github/workflows/codespell.yml 2021-09-08 10:25:03.000000000 +0200 @@ -0,0 +1,21 @@ +--- +name: Codespell + +on: + push: + + pull_request: + branches: + - master + +jobs: + codespell: + name: Check for spelling errors + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - uses: codespell-project/actions-codespell@master + with: + skip: checkpatch.pl,spelling.txt,LICENSE.OpenSSL + ignore_words_list: synopsys,parms diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.17.0/CHANGELOG.md new/openfortivpn-1.17.1/CHANGELOG.md --- old/openfortivpn-1.17.0/CHANGELOG.md 2021-07-15 08:44:09.000000000 +0200 +++ new/openfortivpn-1.17.1/CHANGELOG.md 2021-09-08 10:25:03.000000000 +0200 @@ -14,6 +14,12 @@ This high level changelog is usually updated when a release is tagged. On the master branch there may be changes that are not (yet) described here. +### 1.17.1 + +* [-] fix regression: enable OpenSSL engines by default +* [-] fix typos found by codespell +* [-] fix LGTM alerts + ### 1.17.0 * [-] make OpenSSL engines optional @@ -51,7 +57,7 @@ * [+] add git commit id in debug output * [-] do not use interface ip for routing on linux * [-] avoid extra hop on interface for default route -* [+] clean up, updates and improvments in the build system +* [+] clean up, updates and improvements in the build system * [+] increase the inbound HTTP buffer capacity when needed * [+] print domain search list to output * [+] add systemd service file @@ -191,7 +197,7 @@ * [+] Print clear text error messages of pppd upon failure * [~] Existing configuration file is not overwritten anymore at installation time * [~] Increase the accepted cookie size and align the error behavior according to RFCs -* [-] More gracefully handle unexcpected content of resolv.conf +* [-] More gracefully handle unexpected content of resolv.conf * [~] Dynamically allocate memory for split routes and thus support larger numbers of routes ### 1.5.0 @@ -286,8 +292,8 @@ * [+] Add support for client keys and certificates * [~] Extend the split VPN support with older FortiOS servers * [+] Add a config parser to handle received non-xml content -* [~] Allow ommitting the gateway for split routes -* [~] Allow ommitting DNS servers +* [~] Allow omitting the gateway for split routes +* [~] Allow omitting DNS servers * [-] Fix a memory leak in auth_get_config * [+] Support split routes * [+] Export the configuration of routes and gateway to environment diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.17.0/README.md new/openfortivpn-1.17.1/README.md --- old/openfortivpn-1.17.0/README.md 2021-07-15 08:44:09.000000000 +0200 +++ new/openfortivpn-1.17.1/README.md 2021-09-08 10:25:03.000000000 +0200 @@ -95,8 +95,8 @@ * [Gentoo](https://packages.gentoo.org/packages/net-vpn/openfortivpn) * [NixOS](https://github.com/NixOS/nixpkgs/tree/master/pkgs/tools/networking/openfortivpn) * [Arch Linux](https://www.archlinux.org/packages/community/x86_64/openfortivpn) -* [Debian (testing)](https://packages.debian.org/buster/openfortivpn) -* [Ubuntu (bionic and later)](https://packages.ubuntu.com/search?keywords=openfortivpn) and [pre-bionic (ppa)](https://launchpad.net/~ar-lex/+archive/ubuntu/fortisslvpn) +* [Debian](https://packages.debian.org/stable/openfortivpn) +* [Ubuntu](https://packages.ubuntu.com/search?keywords=openfortivpn) * [Solus](https://dev.getsol.us/source/openfortivpn/) On macOS both [Homebrew](https://formulae.brew.sh/formula/openfortivpn) and diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.17.0/configure.ac new/openfortivpn-1.17.1/configure.ac --- old/openfortivpn-1.17.0/configure.ac 2021-07-15 08:44:09.000000000 +0200 +++ new/openfortivpn-1.17.1/configure.ac 2021-09-08 10:25:03.000000000 +0200 @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ([2.63]) -AC_INIT([openfortivpn], [1.17.0]) +AC_INIT([openfortivpn], [1.17.1]) AC_CONFIG_SRCDIR([src/main.c]) AM_INIT_AUTOMAKE([foreign subdir-objects]) @@ -372,7 +372,7 @@ AS_HELP_STRING([--enable-resolvconf], [Enable usage of resolvconf at runtime by default. \ Use --disable-resolvconf for the opposite, note that \ - resolvconf support will still be compliled in, but \ + resolvconf support will still be compilled in, but \ disabled if not explicitly enabled at runtime.])) # Determine how resolvconf works at build-time if it is installed: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.17.0/src/io.c new/openfortivpn-1.17.1/src/io.c --- old/openfortivpn-1.17.0/src/io.c 2021-07-15 08:44:09.000000000 +0200 +++ new/openfortivpn-1.17.1/src/io.c 2021-09-08 10:25:03.000000000 +0200 @@ -462,10 +462,10 @@ break; } - total = (header[0] << 8) | header[1]; - magic = (header[2] << 8) | header[3]; - size = (header[4] << 8) | header[5]; - if (magic != 0x5050 || total != 6 + size || size == 0 || size >= 0xffff) { + total = (uint16_t)(header[0]) << 8 | header[1]; + magic = (uint16_t)(header[2]) << 8 | header[3]; + size = (uint16_t)(header[4]) << 8 | header[5]; + if (magic != 0x5050 || total < 7 || total - 6 != size) { log_error("Received bad header from gateway:\n"); debug_bad_packet(tunnel, header); break; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.17.0/src/ipv4.c new/openfortivpn-1.17.1/src/ipv4.c --- old/openfortivpn-1.17.0/src/ipv4.c 2021-07-15 08:44:09.000000000 +0200 +++ new/openfortivpn-1.17.1/src/ipv4.c 2021-09-08 10:25:03.000000000 +0200 @@ -143,7 +143,7 @@ * - the routing table is to some extent trusted input, * - it's not that large, * - and the loop in strtok_r increments the pointer in each - * interation until it reaches the area where we have ensured + * iteration until it reaches the area where we have ensured * that there is a delimiting '\0' character by proper * initialization. We ensure this also when growing the buffer. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openfortivpn-1.17.0/src/tunnel.c new/openfortivpn-1.17.1/src/tunnel.c --- old/openfortivpn-1.17.0/src/tunnel.c 2021-07-15 08:44:09.000000000 +0200 +++ new/openfortivpn-1.17.1/src/tunnel.c 2021-09-08 10:25:03.000000000 +0200 @@ -35,7 +35,7 @@ #endif #include <openssl/err.h> -#ifdef OPENSSL_ENGINE +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> #endif #include <openssl/ui.h> @@ -447,7 +447,7 @@ */ log_debug("waitpid: %s exit status code %d\n", PPP_DAEMON, exit_status); - if (exit_status >= ARRAY_SIZE(ppp_message) || exit_status < 0) { + if (exit_status >= ARRAY_SIZE(ppp_message)) { log_error("%s: Returned an unknown exit status code: %d\n", PPP_DAEMON, exit_status); } else { @@ -511,19 +511,17 @@ } for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) { - if (( + if ( #if HAVE_USR_SBIN_PPPD - (tunnel->config->pppd_ifname - && strstr(ifa->ifa_name, tunnel->config->pppd_ifname) - != NULL) - || strstr(ifa->ifa_name, "ppp") != NULL + ((tunnel->config->pppd_ifname && + strstr(ifa->ifa_name, tunnel->config->pppd_ifname) != NULL) || + strstr(ifa->ifa_name, "ppp") != NULL) && #endif #if HAVE_USR_SBIN_PPP - strstr(ifa->ifa_name, "tun") != NULL + strstr(ifa->ifa_name, "tun") != NULL && #endif - ) && ifa->ifa_flags & IFF_UP) { - if (&(ifa->ifa_addr->sa_family) != NULL - && ifa->ifa_addr->sa_family == AF_INET) { + ifa->ifa_flags & IFF_UP) { + if (ifa->ifa_addr && ifa->ifa_addr->sa_family == AF_INET) { struct in_addr if_ip_addr = cast_addr(ifa->ifa_addr)->sin_addr; @@ -1117,7 +1115,7 @@ #endif /* Use engine for PIV if user-cert config starts with pkcs11 URI: */ -#ifdef OPENSSL_ENGINE +#ifndef OPENSSL_NO_ENGINE if (tunnel->config->use_engine > 0) { ENGINE *e; @@ -1206,9 +1204,9 @@ goto err_ssl_context; } } -#ifdef OPENSSL_ENGINE +#ifndef OPENSSL_NO_ENGINE } -#endif /* PKCS11-engine */ +#endif tunnel->ssl_handle = SSL_new(tunnel->ssl_context); if (tunnel->ssl_handle == NULL) {
