* Enabled hardened build flags, thanks Moritz Muehlenhoff (closes: #657846)

* Packaging updates * Move to 3.0 (native) source format * Bump DH compat level to 8 * Fix ordering of stdio.h/syslog.h includes (closes: #707385) * Create accounting_dir in init script if necessary (closes: #418156) * Bump Standards-Version to 3.9.4.0 * Add build-arch/build-indep targets to debian/rules * Fix: compiling Warning
2013-09-16 18:22:57 +02:00 · 2013-09-16 18:22:57 +02:00 · ecdddd6065
commit ecdddd6065
parent 26a2025a1b
10 changed files with 35 additions and 46 deletions
--- a/12
+++ b/12
@ -10,20 +10,18 @@ DEFINES =
 DEFINES += -DLIBDIR='"$(libdir)"'
 DEFINES += -DETCDIR='"$(etcdir)"'
-OPTIM =
+DEB_CFLAGS_MAINT_APPEND=-Wall -O3 -Wno-format-zero-length
 OPTIM += -g
 OPTIM += -O3
 CC = gcc
 LD = gcc
 INCLUDES = -I.
-CPPFLAGS = $(INCLUDES) $(DEFINES)
+CPPFLAGS = `dpkg-buildflags --get CPPFLAGS` $(INCLUDES) $(DEFINES)
-CFLAGS = -Wall -Wformat-security -Wno-format-zero-length $(OPTIM)
+CFLAGS = `dpkg-buildflags --get CFLAGS`
-LDFLAGS =
+LDFLAGS = `dpkg-buildflags --get LDFLAGS`
 LDLIBS =
 INSTALL = install -c -D -o root -g root
-l2tpns.LIBS = -lm -lcli -ldl
+l2tpns.LIBS = -lcli -ldl
 OBJS = arp.o cli.o cluster.o constants.o control.o icmp.o l2tpns.o \
    ll.o md5.o ppp.o radius.o tbf.o util.o pppoe.o l2tplac.o
--- a/cli.c
+++ b/cli.c
@ -730,7 +730,7 @@ static int cmd_show_counters(struct cli_def *cli, const char *command, char **ar
 			GET_STAT(tun_tx_bytes),
 			GET_STAT(tun_tx_packets),
 			GET_STAT(tun_tx_errors));
-	cli_print(cli, "");
+	cli_print(cli, " ");
 	cli_print(cli, "%-10s %10s %10s %10s %10s", "Tunnel", "Bytes", "Packets", "Errors", "Retries");
 	cli_print(cli, "%-10s %10u %10u %10u", "RX",
@ -742,7 +742,7 @@ static int cmd_show_counters(struct cli_def *cli, const char *command, char **ar
 			GET_STAT(tunnel_tx_packets),
 			GET_STAT(tunnel_tx_errors),
 			GET_STAT(tunnel_retries));
-	cli_print(cli, "");
+	cli_print(cli, " ");
 	cli_print(cli, "%-30s%-10s", "Counter", "Value");
 	cli_print(cli, "-----------------------------------------");
@ -808,7 +808,7 @@ static int cmd_show_counters(struct cli_def *cli, const char *command, char **ar
 		char *p = strchr(t, '\n');
 		if (p) *p = 0;
-		cli_print(cli, "");
+		cli_print(cli, " ");
 		cli_print(cli, "Last counter reset %s", t);
 	}
@ -1791,7 +1791,7 @@ static int cmd_uptime(struct cli_def *cli, const char *command, char **argv, int
 		return CLI_HELP_NO_ARGS;
 	fh = fopen("/proc/loadavg", "r");
-	fgets(buf, 100, fh);
+	p = fgets(buf, 100, fh);
 	fclose(fh);
 	for (i = 0; i < 3; i++)
@ -2220,7 +2220,7 @@ static int cmd_show_bgp(struct cli_def *cli, const char *command, char **argv, i
 		if (!hdr++)
 		{
-			cli_print(cli, "");
+			cli_print(cli, " ");
 			cli_print(cli, "Peer                  AS         Address "
 			    "State       Retries Retry in Route Pend    Timers");
 			cli_print(cli, "------------------ ----- --------------- "
--- a/debian/compat
+++ b/debian/compat
@ -1 +1 @@
-4
+8
--- a/debian/control
+++ b/debian/control
@ -2,12 +2,12 @@ Source: l2tpns
 Section: net
 Priority: optional
 Maintainer: Jonathan McDowell <noodles@earth.li>
-Build-Depends: debhelper (>> 4), libcli-dev (>> 1.8.5)
+Build-Depends: debhelper (>> 8), libcli-dev (>> 1.8.5)
-Standards-Version: 3.7.2.0
+Standards-Version: 3.9.4.0
 Package: l2tpns
 Architecture: any
-Depends: ${shlibs:Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}
 Description: layer 2 tunnelling protocol network server (LNS)
 l2tpns is a daemon designed to terminate large volumes of layer 2
 tunnelling protocol (RFC 2661: L2TP) sessions.
--- a/debian/init.d
+++ b/debian/init.d
@ -19,6 +19,7 @@ DAEMON=/usr/sbin/l2tpns
 NAME=l2tpns
 DESC=l2tpns
 ARGS="-d"
 ACCTDIR=$(grep "set accounting_dir" /etc/l2tpns/startup-config | sed -e 's/.* "//' -e 's/".*//')
 test -f $DAEMON || exit 0
@ -27,6 +28,9 @@ set -e
 case "$1" in
  start)
 	echo -n "Starting $DESC: "
 	if [ ! -d "$ACCTDIR" ]; then
 		mkdir -p "$ACCTDIR"
 	fi
 	start-stop-daemon --start --quiet --pidfile /var/run/$NAME.pid \
 		--exec $DAEMON -- $ARGS
 	echo "$NAME."
--- a/debian/preinst
+++ b/debian/preinst
@ -1,13 +0,0 @@
 #! /bin/sh
 # preinst script for l2tpns
 set -e
 # dh_installdeb will replace this with shell code automatically
 # generated by other debhelper scripts.
 #DEBHELPER#
 exit 0
--- a/debian/rules
+++ b/debian/rules
@ -2,9 +2,6 @@
 # Sample debian/rules that uses debhelper.
 # GNU copyright 1997 to 1999 by Joey Hess.
 ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS)))
 	CFLAGS += -g
 endif
 ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
 	INSTALL_PROGRAM += -s
 endif
@ -16,8 +13,9 @@ configure-stamp:
 	touch configure-stamp
-build: build-stamp
+build: build-arch build-indep
-
+build-arch: build-stamp
 build-indep: build-stamp
 build-stamp: configure-stamp 
 	dh_testdir
@ -33,14 +31,14 @@ clean:
 	rm -f build-stamp configure-stamp
 	# Add here commands to clean up after the build process.
-	-$(MAKE) clean
+	[ ! -f Makefile ] || $(MAKE) clean
 	dh_clean
 install: build
 	dh_testdir
 	dh_testroot
-	dh_clean -k
+	dh_prep
 	dh_installdirs
 	$(MAKE) install DESTDIR=$(CURDIR)/debian/l2tpns
--- a/debian/source/format
+++ b/debian/source/format
@ -0,0 +1 @@
 3.0 (native)
--- a/garden.c
+++ b/garden.c
@ -157,7 +157,7 @@ int plugin_become_master(void)
    for (i = 0; up_commands[i] && *up_commands[i]; i++)
    {
 	f->log(3, 0, 0, "Running %s\n", up_commands[i]);
-	system(up_commands[i]);
+	int status = system(up_commands[i]);
    }
    return PLUGIN_RET_OK;
@ -176,6 +176,7 @@ int garden_session(sessiont *s, int flag, char *newuser)
 {
    char cmd[2048];
    sessionidt sess;
 	int status;
    if (!s) return 0;
    if (!s->opened) return 0;
@ -191,7 +192,7 @@ int garden_session(sessiont *s, int flag, char *newuser)
 	    f->fmtaddr(htonl(s->ip), 0));
 	f->log(3, sess, s->tunnel, "%s\n", cmd);
-	system(cmd);
+	status = system(cmd);
 	s->walled_garden = 1;
    }
    else
@ -229,7 +230,7 @@ int garden_session(sessiont *s, int flag, char *newuser)
 	f->log(3, sess, s->tunnel, "%s\n", cmd);
 	while (--count)
 	{
-	    int status = system(cmd);
+	    status = system(cmd);
 	    if (WEXITSTATUS(status) != 0) break;
 	}
@ -272,7 +273,7 @@ int plugin_init(struct pluginfuncs *funcs)
 	for (i = 0; down_commands[i] && *down_commands[i]; i++)
 	{
 	    f->log(3, 0, 0, "Running %s\n", down_commands[i]);
-	    system(down_commands[i]);
+	    int status = system(down_commands[i]);
 	}
    }
@ -289,7 +290,7 @@ void plugin_done()
    for (i = 0; down_commands[i] && *down_commands[i]; i++)
    {
 	f->log(3, 0, 0, "Running %s\n", down_commands[i]);
-	system(down_commands[i]);
+	int status = system(down_commands[i]);
    }
 }
--- a/l2tpns.c
+++ b/l2tpns.c
@ -10,6 +10,7 @@
 #include <fcntl.h>
 #include <linux/if_tun.h>
 #define SYSLOG_NAMES
 #include <stdio.h>
 #include <syslog.h>
 #include <malloc.h>
 #include <net/route.h>
@ -19,7 +20,6 @@
 #include <netinet/ip6.h>
 #include <stdarg.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
 #include <ctype.h>
 #include <sys/ioctl.h>
@ -5050,9 +5050,9 @@ int main(int argc, char *argv[])
 		case 'd':
 			if (fork()) exit(0);
 			setsid();
-			freopen("/dev/null", "r", stdin);
+			FILE *in = freopen("/dev/null", "r", stdin);
-			freopen("/dev/null", "w", stdout);
+			FILE *out = freopen("/dev/null", "w", stdout);
-			freopen("/dev/null", "w", stderr);
+			FILE *err = freopen("/dev/null", "w", stderr);
 			break;
 		case 'v':
 			optdebug++;
@ -5103,7 +5103,7 @@ int main(int argc, char *argv[])
 			LOG(0, 0, 0, "Can't set ulimit: %s\n", strerror(errno));
 		// Make core dumps go to /tmp
-		chdir("/tmp");
+		int ret = chdir("/tmp");
 	}
 	if (config->scheduler_fifo)