openvpn-2.3.11: vanilla vs padavan

1. Only in openvpn-2.3.11/distro/rpm: openvpn.spec
2. diff -ur openvpn-2.3.11/doc/openvpn.8 ./openvpn-2.3.x/doc/openvpn.8
3. --- openvpn-2.3.11/doc/openvpn.8        2016-05-10 09:02:33.000000000 +0300
4. +++ ./openvpn-2.3.x/doc/openvpn.8       2016-08-29 13:37:50.264794318 +0300
5. @@ -5622,10 +5622,7 @@
6.  Specify an IPv6 address pool for dynamic assignment to clients.  The
7.  pool starts at
8.  .B ipv6addr
9. -and increments by +1 for every new client (linear mode).  The
10. -.B /bits
11. -setting controls the size of the pool.  Due to implementation details,
12. -the pool size must be between /64 and /112.
13. +and matches the offset determined from the start of the IPv4 pool.
14.  .TP
15.  .B \-\-ifconfig\-ipv6\-push ipv6addr/bits ipv6remote
16.  for ccd/ per-client static IPv6 interface configuration, see
17. diff -ur openvpn-2.3.11/.gitignore ./openvpn-2.3.x/.gitignore
18. --- openvpn-2.3.11/.gitignore   2016-05-10 09:02:33.000000000 +0300
19. +++ ./openvpn-2.3.x/.gitignore  2016-08-29 13:37:50.192792687 +0300
20. @@ -20,30 +20,14 @@
21.  .deps
22.  .libs
23.  Makefile
24. -Makefile.in
25. -aclocal.m4
26.  autodefs.h
27.  autom4te.cache
28. -config.guess
29.  config.h
30. -config.h.in
31.  config.log
32.  config.status
33. -config.sub
34. -configure
35.  configure.h
36. -depcomp
37.  doxygen/
38.  stamp-h1
39. -install-sh
40. -missing
41. -ltmain.sh
42. -libtool
43. -m4/libtool.m4
44. -m4/ltoptions.m4
45. -m4/ltsugar.m4
46. -m4/ltversion.m4
47. -m4/lt~obsolete.m4
48.  
49.  version.sh
50.  msvc-env-local.bat
51. diff -ur openvpn-2.3.11/Makefile.in ./openvpn-2.3.x/Makefile.in
52. --- openvpn-2.3.11/Makefile.in  2016-05-10 09:02:54.000000000 +0300
53. +++ ./openvpn-2.3.x/Makefile.in 2016-08-29 13:37:50.200792869 +0300
54. @@ -484,7 +484,7 @@
55.  .SUFFIXES:
56.  am--refresh: Makefile
57.         @:
58. -$(srcdir)/Makefile.in:  $(srcdir)/Makefile.am  $(am__configure_deps)
59. +$(srcdir)/Makefile.in:  $(srcdir)/Makefile.am
60.         @for dep in $?; do \
61.           case '$(am__configure_deps)' in \
62.             *$$dep*) \
63. @@ -512,8 +512,6 @@
64.  
65.  $(top_srcdir)/configure:  $(am__configure_deps)
66.         $(am__cd) $(srcdir) && $(AUTOCONF)
67. -$(ACLOCAL_M4):  $(am__aclocal_m4_deps)
68. -       $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS)
69.  $(am__aclocal_m4_deps):
70.  
71.  config.h: stamp-h1
72. @@ -523,10 +521,6 @@
73.  stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
74.         @rm -f stamp-h1
75.         cd $(top_builddir) && $(SHELL) ./config.status config.h
76. -$(srcdir)/config.h.in:  $(am__configure_deps)
77. -       ($(am__cd) $(top_srcdir) && $(AUTOHEADER))
78. -       rm -f stamp-h1
79. -       touch $@
80.  
81.  distclean-hdr:
82.         -rm -f config.h stamp-h1
83. diff -ur openvpn-2.3.11/src/openvpn/init.c ./openvpn-2.3.x/src/openvpn/init.c
84. --- openvpn-2.3.11/src/openvpn/init.c   2016-05-10 09:02:33.000000000 +0300
85. +++ ./openvpn-2.3.x/src/openvpn/init.c  2016-08-29 13:37:50.376796854 +0300
86. @@ -2525,8 +2525,10 @@
87.      msg (M_WARN, "WARNING: using --pull/--client and --ifconfig together is probably not what you want");
88.  
89.  #if P2MP_SERVER
90. +#if 0
91.    if (o->server_bridge_defined | o->server_bridge_proxy_dhcp)
92.      msg (M_WARN, "NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to");
93. +#endif
94.  
95.    if (o->mode == MODE_SERVER)
96.      {
97. diff -ur openvpn-2.3.11/src/openvpn/multi.c ./openvpn-2.3.x/src/openvpn/multi.c
98. --- openvpn-2.3.11/src/openvpn/multi.c  2016-05-10 09:02:33.000000000 +0300
99. +++ ./openvpn-2.3.x/src/openvpn/multi.c 2016-08-29 13:37:50.416797759 +0300
100. @@ -1354,7 +1354,7 @@
101.               mi->context.c2.push_ifconfig_ipv6_remote =
102.                     mi->context.c1.tuntap->local_ipv6;
103.               mi->context.c2.push_ifconfig_ipv6_netbits =
104. -                   mi->context.options.ifconfig_ipv6_pool_netbits;
105. +                   mi->context.options.ifconfig_ipv6_netbits;
106.               mi->context.c2.push_ifconfig_ipv6_defined = true;
107.             }
108.         }
109. diff -ur openvpn-2.3.11/src/openvpn/ssl.c ./openvpn-2.3.x/src/openvpn/ssl.c
110. --- openvpn-2.3.11/src/openvpn/ssl.c    2016-05-10 09:02:33.000000000 +0300
111. +++ ./openvpn-2.3.x/src/openvpn/ssl.c   2016-08-29 13:37:50.464798846 +0300
112. @@ -150,6 +150,7 @@
113.      {"DHE-RSA-CAMELLIA128-SHA", "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA"},
114.      {"DHE-RSA-CAMELLIA256-SHA256", "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256"},
115.      {"DHE-RSA-CAMELLIA256-SHA", "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA"},
116. +    {"DHE-RSA-CHACHA20-POLY1305", "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256"},
117.      {"DHE-RSA-SEED-SHA", "TLS-DHE-RSA-WITH-SEED-CBC-SHA"},
118.      {"DH-RSA-SEED-SHA", "TLS-DH-RSA-WITH-SEED-CBC-SHA"},
119.      {"ECDH-ECDSA-AES128-GCM-SHA256", "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256"},
120. @@ -178,6 +179,7 @@
121.      {"ECDHE-ECDSA-CAMELLIA128-SHA", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA"},
122.      {"ECDHE-ECDSA-CAMELLIA256-SHA256", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA256"},
123.      {"ECDHE-ECDSA-CAMELLIA256-SHA", "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA"},
124. +    {"ECDHE-ECDSA-CHACHA20-POLY1305", "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256"},
125.      {"ECDHE-ECDSA-DES-CBC3-SHA", "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA"},
126.      {"ECDHE-ECDSA-DES-CBC-SHA", "TLS-ECDHE-ECDSA-WITH-DES-CBC-SHA"},
127.      {"ECDHE-ECDSA-RC4-SHA", "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA"},
128. @@ -193,6 +195,7 @@
129.      {"ECDHE-RSA-CAMELLIA128-SHA", "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA"},
130.      {"ECDHE-RSA-CAMELLIA256-SHA256", "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA256"},
131.      {"ECDHE-RSA-CAMELLIA256-SHA", "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA"},
132. +    {"ECDHE-RSA-CHACHA20-POLY1305", "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"},
133.      {"ECDHE-RSA-DES-CBC3-SHA", "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA"},
134.      {"ECDHE-RSA-DES-CBC-SHA", "TLS-ECDHE-RSA-WITH-DES-CBC-SHA"},
135.      {"ECDHE-RSA-RC4-SHA", "TLS-ECDHE-RSA-WITH-RC4-128-SHA"},
136. diff -ur openvpn-2.3.11/src/openvpn/ssl_polarssl.c ./openvpn-2.3.x/src/openvpn/ssl_polarssl.c
137. --- openvpn-2.3.11/src/openvpn/ssl_polarssl.c   2016-05-10 09:02:33.000000000 +0300
138. +++ ./openvpn-2.3.x/src/openvpn/ssl_polarssl.c  2016-08-29 13:37:50.480799209 +0300
139. @@ -176,7 +176,12 @@
140.  {
141.    char *tmp_ciphers, *tmp_ciphers_orig, *token;
142.    int i, cipher_count;
143. -  int ciphers_len = strlen (ciphers);
144. +  int ciphers_len;
145. +
146. +  if (NULL == ciphers)
147. +    return; /* Nothing to do */
148. +
149. +  ciphers_len = strlen (ciphers);
150.  
151.    ASSERT (NULL != ctx);
152.    ASSERT (0 != ciphers_len);
153. diff -ur openvpn-2.3.11/src/openvpn/tun.c ./openvpn-2.3.x/src/openvpn/tun.c
154. --- openvpn-2.3.11/src/openvpn/tun.c    2016-05-10 09:02:33.000000000 +0300
155. +++ ./openvpn-2.3.x/src/openvpn/tun.c   2016-08-29 13:37:50.496799570 +0300
156. @@ -62,7 +62,7 @@
157.                             const in_addr_t ip,
158.                             const in_addr_t netmask,
159.                             const unsigned int flags);
160. -static void netsh_command (const struct argv *a, int n);
161. +static void netsh_command (const struct argv *a, int n, int msglevel);
162.  
163.  static const char *netsh_get_id (const char *dev_node, struct gc_arena *gc);
164.  
165. @@ -1246,7 +1246,7 @@
166.                      NETSH_PATH_SUFFIX,
167.                      win32_version_info() == WIN_XP ? actual : iface,
168.                      ifconfig_ipv6_local);
169. -       netsh_command (&argv, 4);
170. +       netsh_command (&argv, 4, M_FATAL);
171.  
172.         /* explicit route needed */
173.         /* on windows, OpenVPN does ifconfig first, open_tun later, so
174. @@ -4246,7 +4246,7 @@
175.   */
176.  
177.  static void
178. -netsh_command (const struct argv *a, int n)
179. +netsh_command (const struct argv *a, int n, int msglevel)
180.  {
181.    int i;
182.    for (i = 0; i < n; ++i)
183. @@ -4261,7 +4261,7 @@
184.         return;
185.        openvpn_sleep (4);
186.      }
187. -  msg (M_FATAL, "NETSH: command failed");
188. +  msg (msglevel, "NETSH: command failed");
189.  }
190.  
191.  void
192. @@ -4411,7 +4411,7 @@
193.                    NETSH_PATH_SUFFIX,
194.                    type,
195.                    flex_name);
196. -      netsh_command (&argv, 2);
197. +      netsh_command (&argv, 2, M_FATAL);
198.      }
199.  
200.    /* add new DNS/WINS settings to TAP interface */
201. @@ -4432,7 +4432,7 @@
202.                          type,
203.                          flex_name,
204.                          print_in_addr_t (addr_list[i], 0, &gc));
205. -           netsh_command (&argv, 2);
206. +           netsh_command (&argv, 2, M_FATAL);
207.  
208.             ++count;
209.           }
210. @@ -4507,7 +4507,7 @@
211.                        print_in_addr_t (ip, 0, &gc),
212.                        print_in_addr_t (netmask, 0, &gc));
213.  
214. -         netsh_command (&argv, 4);
215. +         netsh_command (&argv, 4, M_FATAL);
216.         }
217.      }
218.  
219. @@ -4553,7 +4553,7 @@
220.                NETSH_PATH_SUFFIX,
221.                actual_name);
222.  
223. -  netsh_command (&argv, 4);
224. +  netsh_command (&argv, 4, M_FATAL);
225.  
226.    argv_reset (&argv);
227.  }
228. @@ -5269,7 +5269,7 @@
229.                      tt->actual_name,
230.                      ifconfig_ipv6_local );
231.  
232. -         netsh_command (&argv, 1);
233. +         netsh_command (&argv, 1, M_WARN);
234.            argv_reset (&argv);
235.         }
236.  #if 1
237. Only in openvpn-2.3.11/tests: t_client.sh