NetworkManager-libreswan/0010-Fixed-more-coverity-scan-issues.patch

176 lines
5.9 KiB
Diff
Raw Normal View History

New upstream release 0.9.8.4 - Fixed 926225 - Fixed dependency to libreswan. - Created a new sub package NetworkManager-openswan-gnome - Various other spec file fixes. - Additional code changes are as follows: - Fixed an issue where proper network stack is not loaded unless _stackmanager is run before starting pluto daemon service. - Fixed the termination operation of pluto daemon to comply with libreswan changes. - Fixed various debug messages. - Fixed initiation of pluto daemon by this plugin to reflect the changes in libreaswan. - Fixed defaults values for more parameters to help the VPN connection stay more reliable. - Rewrote pluto watch API which watches the pluto process for its status. Fixed memory leak issues as not all child processes were reaped correctly. Also g_spwan_close_pid was not being called after children were reaped. Also modified debugs and added more to help with debugging in the future. - Fixed an issue where nm-openswan service is searching for ipsec binary in both /sbin and /usr/sbin leading to same operation twice, as /sbin is just symlink to /usr/sbin, so removed /sbin from the search paths. - Fixed some libreswan related macro changes. - Fixed netmask issue when sending IP information to the nm openswan plugin service. - Fixed the current code as it does not set the default route field NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT when sending VPN information to nm-openswan plugin. This fix sets the field to TRUE. - Fixed some issues found by coverity scan. - Fixed an issue where writing configuration on stdin should not end with \n as it gives error. It used to work previously, but not with latest NetworkManager versions. - libreswan related fixes, as some macros have been modified after forking to libreswan from openswan. - openswan/libreswan does not provide tun0 interface, so fixed the code where it sends tun0 interface. - Fix prcoessing of nm-openswan-dialog.ui file and added more error notifications. - Fixed dead code based on coverity scan. - Fixed gnomekeyring lib dependencies. - Fixed Networkmanager and related lib dependencies. - Fixed gtk label max width issue by setting it to 35. - NM-openswan was missing support for nm-openswan-auth-dialog.desktop.in.in. So added a new nm-openswan-auth-dialog.desktop.in.in, and modified related Makefile and configure.ac files.
2013-12-10 22:51:36 +00:00
From 0cae80518c6329f1575bf46b615123a5e034515a Mon Sep 17 00:00:00 2001
From: Avesh Agarwal <avagarwa@redhat.com>
Date: Tue, 10 Dec 2013 14:33:38 -0500
Subject: [PATCH 10/20] Fixed more coverity scan issues.
---
src/Makefile.am | 3 ---
src/nm-openswan-service-helper.c | 21 -------------------
src/nm-openswan-service.c | 44 ----------------------------------------
3 files changed, 68 deletions(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 12ce851..4f3e316 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -21,17 +21,14 @@ nm_openswan_service_SOURCES = \
nm-openswan-service.c \
nm-openswan-service.h
-
nm_openswan_service_LDADD = \
$(DBUS_LIBS) \
$(GTHREAD_LIBS) \
$(NM_LIBS)
-
nm_openswan_service_helper_SOURCES = \
nm-openswan-service-helper.c
-
nm_openswan_service_helper_LDADD = \
$(DBUS_LIBS) \
$(GTHREAD_LIBS) \
diff --git a/src/nm-openswan-service-helper.c b/src/nm-openswan-service-helper.c
index 07bc576..e148b26 100644
--- a/src/nm-openswan-service-helper.c
+++ b/src/nm-openswan-service-helper.c
@@ -207,7 +207,6 @@ main (int argc, char *argv[])
GValue *val;
GError *err = NULL;
struct in_addr temp_addr;
- //long int mtu = 1412;
char nmask[16]="255.255.255.255";
@@ -292,12 +291,6 @@ main (int argc, char *argv[])
if (val)
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_DNS, val);
-#if 0
- /* WINS servers */
- val = addr_list_to_gvalue (getenv ("INTERNAL_IP4_NBNS"));
- if (val)
- g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_NBNS, val);
-#endif
/* Default domain */
val = str_to_gvalue (getenv ("PLUTO_PEER_DOMAIN_INFO"), TRUE);
@@ -309,20 +302,6 @@ main (int argc, char *argv[])
if (val)
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_BANNER, val);
-#if 0
- /* MTU */
- tmp = getenv ("INTERNAL_IP4_MTU");
- if (tmp && strlen (tmp)) {
- errno = 0;
- mtu = strtol (tmp, NULL, 10);
- if (errno || mtu < 0 || mtu > 20000) {
- g_warning ("Ignoring invalid tunnel MTU '%s'", tmp);
- mtu = 1412;
- }
- }
- val = uint_to_gvalue ((guint32) mtu);
- g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_MTU, val);
-#endif
/* Send the config info to nm-openswan-service */
send_ip4_config (connection, config);
diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
index f9bea3d..64792a6 100644
--- a/src/nm-openswan-service.c
+++ b/src/nm-openswan-service.c
@@ -308,11 +308,7 @@ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
g_ptr_array_add (openswan_argv, (gpointer) "--add");
g_ptr_array_add (openswan_argv, (gpointer) "--config");
g_ptr_array_add (openswan_argv, (gpointer) "-");
- //g_ptr_array_add (openswan_argv, (gpointer) "--up");
- //g_ptr_array_add (openswan_argv, (gpointer) "--name");
g_ptr_array_add (openswan_argv, (gpointer) "nm-conn1");
- //g_ptr_array_add (openswan_argv, (gpointer) "--xauthpass");
- //g_ptr_array_add (openswan_argv, (gpointer) nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
g_ptr_array_add (openswan_argv, NULL);
if (!g_spawn_async_with_pipes (NULL, (char **) openswan_argv->pdata, NULL,
@@ -524,17 +520,11 @@ nm_openswan_config_write (gint openswan_fd, NMSettingVPN *s_vpn,
{
WriteConfigInfo *info;
const char *props_username;
- //const char *props_natt_mode;
const char *default_username;
const char *phase1_alg_str;
const char *phase2_alg_str;
- //const char *pw_type;
gint fdtmp1=-1;
- //gint conf_fd=-1;
- //gint secret_fd=-1;
- //conf_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.conf", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
- //secret_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.secrets", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
fdtmp1 = openswan_fd;
if(fdtmp1 != -1) {
@@ -576,49 +566,17 @@ nm_openswan_config_write (gint openswan_fd, NMSettingVPN *s_vpn,
}
write_config_option (fdtmp1, " nm_configured=yes\n");
- //write_config_option (fdtmp1, " leftupdown=%s\n", NM_OSW_UPDOWN_PATH);
- //write_config_option (fdtmp1, " auto=add\n");
write_config_option (fdtmp1, " auto=add");
- //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_VPN_SETTING_NAME));
- //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_NAME));
}
- //default_username = nm_setting_vpn_get_user_name (s_vpn);
-
- /* Fill username if it's not present */
- /*props_username = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_LEFTXAUTHUSER);
- if ( default_username
- && strlen (default_username)
- && (!props_username || !strlen (props_username))) {
- write_config_option (openswan_fd,
- NM_OPENSWAN_LEFTXAUTHUSER " %s\n",
- default_username);
- }*/
-
info = g_malloc0 (sizeof (WriteConfigInfo));
- //info->fd = openswan_fd;
- //info->conf_fd = conf_fd;
info->conf_fd = openswan_fd;
- //info->secret_fd = secret_fd;
info->s_vpn = s_vpn;
- /* Check for ignored user password */
- /*pw_type = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES);
- if (pw_type && !strcmp (pw_type, NM_OPENSWAN_PW_TYPE_UNUSED))
- info->upw_ignored = TRUE;*/
-
- /* Check for ignored group password */
- /*pw_type = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_PSK_INPUT_MODES);
- if (pw_type && !strcmp (pw_type, NM_OPENSWAN_PW_TYPE_UNUSED))
- info->gpw_ignored = TRUE;*/
-
nm_setting_vpn_foreach_data_item (s_vpn, write_one_property, info);
- //nm_setting_vpn_foreach_secret (s_vpn, write_one_property, info);
*error = info->error;
- //close(conf_fd);
close(openswan_fd);
sleep(3);
- //close(secret_fd);
g_free (info);
return *error ? FALSE : TRUE;
@@ -807,8 +765,6 @@ real_disconnect (NMVPNPlugin *plugin,
}
g_ptr_array_free (openswan_argv, TRUE);
- //unlink("/etc/ipsec.d/ipsec-nm-conn1.conf");
- //unlink("/etc/ipsec.d/ipsec-nm-conn1.secrets");
return TRUE;
}
--
1.8.3.1