svn commit: r496212 - in head/net/wireguard: . files
Bernhard Froehlich
decke at FreeBSD.org
Mon Mar 18 21:18:04 UTC 2019
Author: decke
Date: Mon Mar 18 21:18:02 2019
New Revision: 496212
URL: https://svnweb.freebsd.org/changeset/ports/496212
Log:
net/wireguard:
- Cherry pick patch that fixes TMPDIR handling and tmp file leaks on /
- Fix rc.d script to initialize variable
- Bump PORTREVISION
Added:
head/net/wireguard/files/patch-5d60f6beb5ddcda0aee99261d0bb7fa7db934001 (contents, props changed)
head/net/wireguard/files/patch-cba99f16a4ec9a229358ce1ed96080bd5ae04a7e (contents, props changed)
Deleted:
head/net/wireguard/files/patch-wg-quick_freebsd.bash
Modified:
head/net/wireguard/Makefile
head/net/wireguard/files/wireguard.in
Modified: head/net/wireguard/Makefile
==============================================================================
--- head/net/wireguard/Makefile Mon Mar 18 21:13:08 2019 (r496211)
+++ head/net/wireguard/Makefile Mon Mar 18 21:18:02 2019 (r496212)
@@ -2,7 +2,7 @@
PORTNAME= wireguard
PORTVERSION= 0.0.20190227
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= net
MASTER_SITES= https://git.zx2c4.com/WireGuard/snapshot/
DISTNAME= WireGuard-${PORTVERSION}
Added: head/net/wireguard/files/patch-5d60f6beb5ddcda0aee99261d0bb7fa7db934001
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/wireguard/files/patch-5d60f6beb5ddcda0aee99261d0bb7fa7db934001 Mon Mar 18 21:18:02 2019 (r496212)
@@ -0,0 +1,28 @@
+From 5d60f6beb5ddcda0aee99261d0bb7fa7db934001 Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason at zx2c4.com>
+Date: Mon, 18 Mar 2019 14:41:10 -0600
+Subject: wg-quick: freebsd: export TMPDIR when restoring and don't make empty
+
+Otherwise mktemp doesn't see it, and if it's empty we wind up in /.
+---
+ src/tools/wg-quick/freebsd.bash | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/tools/wg-quick/freebsd.bash b/src/tools/wg-quick/freebsd.bash
+index e83dbef0..c3fa47a5 100755
+--- wg-quick/freebsd.bash
++++ wg-quick/freebsd.bash
+@@ -42,8 +42,9 @@ unset ORIGINAL_TMPDIR
+ make_temp() {
+ local old_umask
+
+- [[ -v ORIGINAL_TMPDIR ]] && TMPDIR="$ORIGINAL_TMPDIR"
++ [[ -v ORIGINAL_TMPDIR ]] && export TMPDIR="$ORIGINAL_TMPDIR"
+ ORIGINAL_TMPDIR="$TMPDIR"
++ [[ -z $TMPDIR ]] && unset TMPDIR
+
+ old_umask="$(umask)"
+ umask 077
+--
+cgit v1.2.1-20-gc37e
+
Added: head/net/wireguard/files/patch-cba99f16a4ec9a229358ce1ed96080bd5ae04a7e
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/wireguard/files/patch-cba99f16a4ec9a229358ce1ed96080bd5ae04a7e Mon Mar 18 21:18:02 2019 (r496212)
@@ -0,0 +1,31 @@
+From cba99f16a4ec9a229358ce1ed96080bd5ae04a7e Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason at zx2c4.com>
+Date: Thu, 28 Feb 2019 19:03:11 +0100
+Subject: wg-quick: freebsd: rebreak interface loopback, while fixing localhost
+
+The commit 7c833642 ("wg-quick: freebsd: allow loopback to work") was
+supposed to make things better, but actually it just started sending
+legitimate localhost traffic over the WireGuard interface, which is
+really quite bad.
+
+This reverts commit 7c833642dfa342218602ab18e7091e86408d2982.
+---
+ src/tools/wg-quick/freebsd.bash | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tools/wg-quick/freebsd.bash b/src/tools/wg-quick/freebsd.bash
+index 93f1a3b7..e83dbef0 100755
+--- wg-quick/freebsd.bash
++++ wg-quick/freebsd.bash
+@@ -158,7 +158,7 @@ add_addr() {
+ if [[ $1 == *:* ]]; then
+ cmd ifconfig "$INTERFACE" inet6 "$1" alias
+ else
+- cmd ifconfig "$INTERFACE" inet "$1" 127.0.0.1 alias
++ cmd ifconfig "$INTERFACE" inet "$1" "${1%%/*}" alias
+ fi
+ }
+
+--
+cgit v1.2.1-20-gc37e
+
Modified: head/net/wireguard/files/wireguard.in
==============================================================================
--- head/net/wireguard/files/wireguard.in Mon Mar 18 21:13:08 2019 (r496211)
+++ head/net/wireguard/files/wireguard.in Mon Mar 18 21:18:02 2019 (r496212)
@@ -37,6 +37,7 @@ wireguard_stop()
load_rc_config $name
+: ${wireguard_enable="NO"}
: ${wireguard_interfaces=""}
run_rc_command "$1"
More information about the svn-ports-all
mailing list