head	1.4;
access;
symbols
	RELEASE_6_1_0:1.3
	RELEASE_5_5_0:1.3;
locks; strict;
comment	@# @;


1.4
date	2006.04.05.14.57.25;	author garga;	state dead;
branches;
next	1.3;

1.3
date	2006.02.28.16.25.43;	author vd;	state Exp;
branches;
next	1.2;

1.2
date	2005.11.10.15.05.42;	author garga;	state Exp;
branches;
next	1.1;

1.1
date	2005.11.05.01.24.15;	author mnag;	state Exp;
branches;
next	;


desc
@@


1.4
log
@- Update to 2.0.6
  * security fix for client LD_PRELOAD code injection vulnerability
    through compromised upstream servers
    (FreeBSD VuXML Vuln VID be4ccb7b-c48b-11da-ae12-0002b3b60e4c,
     filed in separate PR)
    CVE id not known yet
  * 2 other changes only relevant for Linux and NetBSD, not detailed here.

PR:		ports/95345
Submitted by:	maintainer
Security:	VuXML be4ccb7b-c48b-11da-ae12-0002b3b60e4c
@
text
@--- t_lpback.sh~
+++ t_lpback.sh
@@@@ -19,11 +19,13 @@@@
 # 02110-1301, USA.
 
 set -e
-trap "rm -f key.$$ log.$$ ; false" 1 2 3 15
+trap "rm -f key.$$ log.$$ ; trap 0 ; exit 77" 1 2 15
+trap "rm -f key.$$ log.$$ ; exit 1" 0 3
 ./openvpn --genkey --secret key.$$
 set +e
 ( ./openvpn --test-crypto --secret key.$$ ) >log.$$ 2>&1
 e=$?
 if [ $e != 0 ] ; then cat log.$$ ; fi
-rm key.$$
+rm key.$$ log.$$
+trap 0
 exit $e
--- t_cltsrv.sh~
+++ t_cltsrv.sh
@@@@ -19,20 +19,41 @@@@
 # 02110-1301, USA.
 
 set -e
+trap "rm -f log.$$ log.$$.signal ; trap 0 ; exit 77" 1 2 15
+trap "rm -f log.$$ log.$$.signal ; exit 1" 0 3
+addopts=
+case `uname -s` in
+    FreeBSD)
+    # FreeBSD jails map the outgoing IP to the jail IP - we need to
+    # allow the real IP unless we want the test to run forever.
+    if test "`sysctl 2>/dev/null -n security.jail.jailed`" = 1 \
+    || ps -ostate= -p $$ | grep -q J; then
+	addopts="--float"
+	if test "x`ifconfig | grep inet`" = x ; then
+	    echo "###"
+	    echo "### To run the test in a FreeBSD jail, you MUST add an IP alias for the jail's IP."
+	    echo "###"
+	    exit 1
+	fi
+    fi
+    ;;
+esac
 echo "the following test will run about two minutes..." >&2
-trap "rm -f log.$$ ; false" 1 2 3 15
 set +e
 (
-./openvpn --cd "${srcdir}" --config sample-config-files/loopback-server &
-./openvpn --cd "${srcdir}" --config sample-config-files/loopback-client
-) >log.$$ 2>&1
+./openvpn --cd "${srcdir}" ${addopts} --down 'echo "srv:${signal}" >&3 ; : #' --tls-exit --ping-exit 180 --config sample-config-files/loopback-server &
+./openvpn --cd "${srcdir}" ${addopts} --down 'echo "clt:${signal}" >&3 ; : #' --tls-exit --ping-exit 180 --config sample-config-files/loopback-client
+) 3>log.$$.signal >log.$$ 2>&1
 e1=$?
 wait $!
 e2=$?
+grep -v ":inactive$" log.$$.signal >/dev/null && { cat log.$$.signal ; echo ; cat log.$$ ; exit 1 ; }
+
 set -e
 
 if [ $e1 != 0 ] || [ $e2 != 0 ] ; then
     cat log.$$
     exit 1
 fi
-rm log.$$
+rm log.$$ log.$$.signal
+trap 0
@


1.3
log
@Fix FreeBSD 4 jail build

PR:		ports/93833
Patch by:	dinoex
Submitted by:	Matthias Andree <matthias.andree@@gmx.de> (maintainer)
Approved by:	portmgr (marcus)
@
text
@@


1.2
log
@- CATEGORY CHANGE: add "net" secondary category
- fix jail build on FreeBSD 4 (no security.jail.jailed oid in sysctl)
- catch jail IP misconfiguration and print clear error message
- add SHA256 checksum
- revise pkg-message and pkg-descr

PR:		ports/88785
Submitted by:	maintainer
@
text
@d33 1
a33 1
+    || `ps -ostate $$ | tail -n1 | grep >/dev/null J` ; then
@


1.1
log
@Enables self-tests with WITH_JAIL
Bump PORTREVISION

PR:		88488
Submitted by:	Matthias Andree <matthias.andree@@gmx.de> (maintainer)
@
text
@d1 2
a2 4
Index: t_lpback.sh
===================================================================
--- t_lpback.sh	(revision 774)
+++ t_lpback.sh	(working copy)
d19 4
a22 5
Index: t_cltsrv.sh
===================================================================
--- t_cltsrv.sh	(revision 774)
+++ t_cltsrv.sh	(working copy)
@@@@ -20,19 +20,33 @@@@
a24 2
 echo "the following test will run about two minutes..." >&2
-trap "rm -f log.$$ ; false" 1 2 3 15
d32 2
a33 1
+    if test `sysctl -n security.jail.jailed` != 0 ; then
d35 6
d44 2
@

