debian/0000775000000000000000000000000012225522344007171 5ustar debian/README.Debian0000664000000000000000000000130212160753233011227 0ustar radvd for Debian ---------------- radvd comes with a example configuration in /usr/share/doc/radvd/examples/simple-radvd.conf that advertises non-routable documentation addresses (see rfc3849) on eth0. For details of the configuration file format see radvd.conf(5). Furthermore, radvd needs IPv6 forwarding enabled; this can be set by uncommenting the following line to /etc/sysctl.conf: ,---- | net.ipv6.conf.default.forwarding=1 `---- If starting radvd fails, please have a look at /var/log/syslog, since radvd doesn't output startup failures to the terminal. -- Andreas Rottmann , Thu, 7 Jun 2007 18:32:54 +0200 -- Ghe Rivero , Thu, 2 Jun 2011 09:03:02 +0100 debian/patches/0000775000000000000000000000000012160753336010625 5ustar debian/patches/0007-checking-iface-name-more-carefully.patch0000664000000000000000000000112612160753233020710 0ustar From 7a1471b62da88373e8f4209d503307c5d841b81f Mon Sep 17 00:00:00 2001 From: Vasiliy Kulikov Date: Sat, 8 Oct 2011 09:26:58 -0700 Subject: [PATCH] checking iface name more carefully modified: device-linux.c --- device-linux.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- a/device-linux.c +++ b/device-linux.c @@ -247,7 +247,7 @@ return -1; /* No path traversal */ - if (strstr(name, "..") || strchr(name, '/')) + if (!iface[0] || !strcmp(iface, ".") || !strcmp(iface, "..") || strchr(iface, '/')) return -1; if (access(spath, F_OK) != 0) debian/patches/series0000664000000000000000000000025512160753233012040 0ustar 0001-set_interface_var-doesn-t-check-interface-name-and-b.patch 0006-removing-mdelay-in-unicast-only-case.patch 0007-checking-iface-name-more-carefully.patch kfreebsd.patch debian/patches/0006-removing-mdelay-in-unicast-only-case.patch0000664000000000000000000000131712160753233021266 0ustar From 2591d0189257caeaae2057dfed0a260310497a61 Mon Sep 17 00:00:00 2001 From: Reuben Hawkins Date: Tue, 4 Oct 2011 13:18:47 -0700 Subject: [PATCH] removing mdelay in unicast only case --- process.c | 1 - 1 files changed, 0 insertions(+), 1 deletions(-) --- a/process.c +++ b/process.c @@ -193,7 +193,8 @@ delay = MAX_RA_DELAY_TIME * rand() / (RAND_MAX +1.0); if (iface->UnicastOnly) { - send_ra_forall(iface, &addr->sin6_addr); + mdelay(delay); + send_ra_forall(iface, &addr->sin6_addr); } else if ( timevaldiff(&tv, &iface->last_multicast) / 1000.0 < iface->MinDelayBetweenRAs ) { /* last RA was sent only a few moments ago, don't send another immediately. */ debian/patches/0005-process_ra-has-numerous-missed-len-checks.-It-leads-.patch0000664000000000000000000000254312160753233024103 0ustar From 7de1b9abf87b747ee2611c0d2a94dfeee79878b4 Mon Sep 17 00:00:00 2001 From: Vasiliy Kulikov Date: Tue, 4 Oct 2011 00:35:57 -0700 Subject: [PATCH] process_ra() has numerous missed len checks. It leads to buffer overreads. --- process.c | 11 +++++++++++ 1 files changed, 11 insertions(+), 0 deletions(-) diff --git a/process.c b/process.c index 3307daa..f30d147 100644 --- a/process.c +++ b/process.c @@ -310,6 +310,8 @@ process_ra(struct Interface *iface, unsigned char *msg, int len, { case ND_OPT_MTU: mtu = (struct nd_opt_mtu *)opt_str; + if (len < sizeof(*mtu)) + return; if (iface->AdvLinkMTU && (ntohl(mtu->nd_opt_mtu_mtu) != iface->AdvLinkMTU)) { @@ -319,6 +321,8 @@ process_ra(struct Interface *iface, unsigned char *msg, int len, break; case ND_OPT_PREFIX_INFORMATION: pinfo = (struct nd_opt_prefix_info *) opt_str; + if (len < sizeof(*pinfo)) + return; preferred = ntohl(pinfo->nd_opt_pi_preferred_time); valid = ntohl(pinfo->nd_opt_pi_valid_time); @@ -373,6 +377,8 @@ process_ra(struct Interface *iface, unsigned char *msg, int len, break; case ND_OPT_RDNSS_INFORMATION: rdnssinfo = (struct nd_opt_rdnss_info_local *) opt_str; + if (len < sizeof(*rdnssinfo)) + return; count = rdnssinfo->nd_opt_rdnssi_len; /* Check the RNDSS addresses received */ -- 1.7.6.3 debian/patches/0008-In-process_ra-ND_OPT_DNSSL_INFORMATION-option-parsin.patch0000664000000000000000000000311612160753233023365 0ustar From 9dfaaaf740ce784541e76e68de4ae04dce2c0921 Mon Sep 17 00:00:00 2001 From: Vasiliy Kulikov Date: Tue, 4 Oct 2011 00:31:15 -0700 Subject: [PATCH] In process_ra() ND_OPT_DNSSL_INFORMATION option parsing "label_len" is not checked for negativeness; it leads to "suffix" buffer overflow, which leads to privilege escalation (at least with -fno-stack-protector, I didn't discover whether it's possible with -fstack-protector). --- process.c | 11 +++++++++-- 1 files changed, 9 insertions(+), 2 deletions(-) diff --git a/process.c b/process.c index 302bb4f..3307daa 100644 --- a/process.c +++ b/process.c @@ -280,7 +280,7 @@ process_ra(struct Interface *iface, unsigned char *msg, int len, char prefix_str[INET6_ADDRSTRLEN]; char rdnss_str[INET6_ADDRSTRLEN]; char suffix[256]; - int offset, label_len; + unsigned int offset, label_len; uint32_t preferred, valid, count; if (len < 2) @@ -434,7 +434,14 @@ process_ra(struct Interface *iface, unsigned char *msg, int len, continue; } - if ((sizeof(suffix) - strlen(suffix)) < (label_len + 2)) { + /* + * 1) must not overflow int: label + 2, offset + label_len + * 2) last byte of dnssli_suffix must not overflow opt_str + len + */ + if ((sizeof(suffix) - strlen(suffix)) < (label_len + 2) || + label_len > label_len + 2 || + &dnsslinfo->nd_opt_dnssli_suffixes[offset+label_len] - (char*)opt_str >= len || + offset + label_len < offset) { flog(LOG_ERR, "oversized suffix in DNSSL option on %s from %s", iface->Name, addr_str); break; -- 1.7.7 debian/patches/0001-set_interface_var-doesn-t-check-interface-name-and-b.patch0000664000000000000000000000211712160753233024161 0ustar From 92e22ca23e52066da2258df8c76a2dca8a428bcc Mon Sep 17 00:00:00 2001 From: Vasiliy Kulikov Date: Tue, 4 Oct 2011 00:33:15 -0700 Subject: [PATCH] set_interface_var() doesn't check interface name and blindly does fopen(path "/" ifname, "w") on it. As "ifname" is an untrusted input, it should be checked for ".." and/or "/" in it. Otherwise, an infected unprivileged daemon may overwrite contents of file named "mtu", "hoplimit", etc. in arbitrary location with arbitrary 32-bit value in decimal representation ("%d"). If an attacker has a local account or may create arbitrary symlinks with these names in any location (e.g. /tmp), any file may be overwritten with a decimal value. --- device-linux.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) --- a/device-linux.c +++ b/device-linux.c @@ -246,6 +246,10 @@ if (!iface[0] || !strcmp(iface, ".") || !strcmp(iface, "..") || strchr(iface, '/')) return -1; + /* No path traversal */ + if (strstr(name, "..") || strchr(name, '/')) + return -1; + if (access(spath, F_OK) != 0) return -1; debian/patches/0002-main-must-fail-on-privsep_init-errors-it-must-not-ru.patch0000664000000000000000000000137612160753233024332 0ustar From 2c50375043186e133f15135f4c93ca964238ee60 Mon Sep 17 00:00:00 2001 From: Vasiliy Kulikov Date: Tue, 4 Oct 2011 00:35:20 -0700 Subject: [PATCH] main() must fail on privsep_init() errors, it must not run without privilege separation as privsep is expected. --- radvd.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/radvd.c b/radvd.c index af74f17..3962d24 100644 --- a/radvd.c +++ b/radvd.c @@ -271,7 +271,7 @@ main(int argc, char *argv[]) if (!singleprocess) { dlog(LOG_DEBUG, 3, "Initializing privsep"); if (privsep_init() < 0) - flog(LOG_WARNING, "Failed to initialize privsep."); + perror("Failed to initialize privsep."); } if (drop_root_privileges(username) < 0) { -- 1.7.6.3 debian/patches/send.c-unaligned-traps.patch.old0000664000000000000000000000054312160753233016666 0ustar --- radvd-1.1.orig/send.c +++ radvd-1.1/send.c @@ -27,7 +27,7 @@ struct msghdr mhdr; struct cmsghdr *cmsg; struct iovec iov; - char chdr[CMSG_SPACE(sizeof(struct in6_pktinfo))]; + char __attribute__((aligned(8))) chdr[CMSG_SPACE(sizeof(struct in6_pktinfo))]; struct nd_router_advert *radvert; struct AdvPrefix *prefix; struct AdvRoute *route; debian/patches/kfreebsd.patch0000664000000000000000000000075112160753233013432 0ustar --- a/configure.ac +++ b/configure.ac @@ -26,6 +26,12 @@ AC_DEFINE([_GNU_SOURCE], [], [whether compiling on Linux, glibc>=2.8 doesn't expose in6_pktinfo otherwise..]) arch=linux ;; + *kfreebsd*gnu*) + AC_MSG_RESULT(kfreebsd-gnu) + AC_DEFINE([_GNU_SOURCE], [], [glibc>=2.8 doesn't expose in6_pktinfo otherwise..]) + arch=bsd44 + ;; + *bsd*) AC_MSG_RESULT(bsd44) arch=bsd44 debian/patches/0003-privsep_read_loop-should-return-on-unprivileged-daem.patch0000664000000000000000000000126112160753233024560 0ustar From 074816cd0b37aac7b3209987e6e998f0a847b275 Mon Sep 17 00:00:00 2001 From: Vasiliy Kulikov Date: Tue, 4 Oct 2011 00:43:20 -0700 Subject: [PATCH] privsep_read_loop() should return on unprivileged daemon death / socket close(), not loop forever with polling read() getting -1. --- privsep-linux.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/privsep-linux.c b/privsep-linux.c index d6717bf..15a9e1b 100644 --- a/privsep-linux.c +++ b/privsep-linux.c @@ -63,7 +63,7 @@ privsep_read_loop(void) } if (ret != sizeof(cmd)) { /* Short read, ignore */ - continue; + return; } cmd.iface[IFNAMSIZ-1] = '\0'; -- 1.7.6.3 debian/patches/03-if-names-relax.patch.old0000664000000000000000000000070012160753233015444 0ustar diff -ruN radvd-0.7.2.orig/scanner.l radvd-0.7.2/scanner.l --- radvd-0.7.2.orig/scanner.l 2002-07-11 23:26:16.000000000 +0200 +++ radvd-0.7.2/scanner.l 2004-02-22 16:53:10.000000000 +0100 @@ -34,7 +34,7 @@ addr3 ({hexdigit}{1,4}":"){7}{hexdigit}{1,4} addr ({addr1}|{addr2}|{addr3}|"::") whitespace ([ \t])+ -string [a-z]([a-z]|{digit}|_)*([:.]{digit}+)? +string [a-z]([a-z:._-]|{digit})*([:.]{digit}+)? %% #.*$ {/* ignore comments */} debian/patches/0004-Really-exit-on-privsep-init-failure.patch0000664000000000000000000000130012160753233021102 0ustar From 7dc53cc3b792775369bf0b2f053a3f4ed5d87e3d Mon Sep 17 00:00:00 2001 From: Vasiliy Kulikov Date: Tue, 4 Oct 2011 18:12:26 +0400 Subject: [PATCH] Really exit on privsep init failure. --- radvd.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/radvd.c b/radvd.c index 3962d24..109b83a 100644 --- a/radvd.c +++ b/radvd.c @@ -270,8 +270,10 @@ main(int argc, char *argv[]) if (username) { if (!singleprocess) { dlog(LOG_DEBUG, 3, "Initializing privsep"); - if (privsep_init() < 0) + if (privsep_init() < 0) { perror("Failed to initialize privsep."); + exit(1); + } } if (drop_root_privileges(username) < 0) { -- 1.7.6.3 debian/tests/0000775000000000000000000000000012160753336010340 5ustar debian/tests/daemons0000775000000000000000000000064012160753233011710 0ustar #!/bin/bash #-------------- # Testing radvd #-------------- set -e DAEMON=radvd # copy default config file cp /usr/share/doc/radvd/examples/simple-radvd.conf /etc/radvd.conf # add ipv6 forwarding, restart daemon sysctl -w net.ipv6.conf.all.forwarding=1 /etc/init.d/${DAEMON} restart > /dev/null 2>&1 if pidof -x $DAEMON > /dev/null; then echo "OK" else echo "ERROR: ${DAEMON} IS NOT RUNNING" exit 1 fi debian/tests/control0000664000000000000000000000006312160753233011736 0ustar Tests: daemons Depends: @ Restrictions: needs-root debian/source/0000775000000000000000000000000012160753336010476 5ustar debian/source/format0000664000000000000000000000001312160753233011677 0ustar 3.0 (quilt)debian/copyright.in0000664000000000000000000000051012160753233011526 0ustar This is radvd. It was originally packaged by Adam Heath, on Fri Aug 4 21:45:09 CDT 2000. and is now maintained by Andreas Rottmann . It was downloaded from http://v6web.litech.org/radvd/dist/radvd-0.7.1.tar.gz No modifications where needed for debian integration. The upstream copyright follows: ---- debian/radvd.postinst0000664000000000000000000000110112160753233012070 0ustar #!/bin/sh set -e if [ "$1" = configure ]; then if ! getent passwd radvd >/dev/null; then adduser --quiet --system --no-create-home --home /var/run/radvd radvd fi for i in /var/run/radvd; do if ! dpkg-statoverride --list $i >/dev/null; then dpkg-statoverride --update --add radvd root 4755 $i fi done fi # Recover from incorrect init.d script headers in version 1:1.3-1 and earlier if [ "$1" = "configure" ] && dpkg --compare-versions "$2" le "1:1.3-1" \ && [ -f /etc/rcS.d/S[0-9][0-9]radvd ] ; then update-rc.d -f radvd remove fi #DEBHELPER# debian/changelog0000664000000000000000000003340412225522340011043 0ustar radvd (1:1.9.1-1.1ubuntu2) saucy; urgency=low * Use dh_autotools-dev to update config.{sub,guess} for AArch64. -- Matthias Klose Thu, 10 Oct 2013 14:59:51 +0200 radvd (1:1.9.1-1.1ubuntu1) saucy; urgency=low * Merge from Debian unstable. Remaining changes: - debian/tests: Add autopkgtest. -- Logan Rosen Fri, 14 Jun 2013 21:16:50 -0400 radvd (1:1.9.1-1.1) unstable; urgency=low * Non-maintainer upload with maintainer approval. * Apply patch to enable hardening build flags (Closes: #665715). -- Thijs Kinkhorst Fri, 07 Jun 2013 11:04:30 +0200 radvd (1:1.9.1-1ubuntu1) saucy; urgency=low * debian/tests: Add autopkgtest. -- Yolanda Mon, 27 May 2013 11:01:59 +0200 radvd (1:1.9.1-1) unstable; urgency=low * New upstream release * Added pkg-config, libdaemon-dev as build-depend * DNSSL options are concatenated if specified with trailing. Closes: #634485 -- Ghe Rivero Sun, 01 Jul 2012 10:51:22 +0200 radvd (1:1.8.5-1) unstable; urgency=low * New upstream release -- Ghe Rivero Fri, 10 Feb 2012 12:27:16 +0100 radvd (1:1.8.4-1) unstable; urgency=low * New upstream release -- Ghe Rivero Mon, 23 Jan 2012 18:05:23 +0100 radvd (1:1.8.3-2) unstable; urgency=low * Added status option for init command. Closes: #651473 - Thanks to Casper Gielen * Switch to dpkg-source 3.0 (quilt) format -- Ghe Rivero Fri, 09 Dec 2011 10:18:38 +0100 radvd (1:1.8.3-1) unstable; urgency=low * New upstream release -- Ghe Rivero Sat, 03 Dec 2011 14:40:16 +0100 radvd (1:1.8-1.2) unstable; urgency=high * Non-maintainer upload by the Security Team. * debian/patches: - add 0008-In-process_ra-ND_OPT_DNSSL_INFORMATION-option-parsin, backported from upstream, fix a buffer overflow leading to privilege escalation (CVE-2011-3601). -- Yves-Alexis Perez Mon, 17 Oct 2011 18:24:08 +0200 radvd (1:1.8-1.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * debian/patches: backport patches from upstream to fix various security issues: closes: #644614 - 0001-set_interface_var-doesn-t-check-interface-name-and-b fix arbitrary file overwrite (CVE-2011-3602) - 0002-main-must-fail-on-privsep_init-errors-it-must-not-ru, 0003-privsep_read_loop-should-return-on-unprivileged-daem and 0004-Really-exit-on-privsep-init-failure fix failure to check return code of privilege dropping function (CVE-2011-3603) - 0005-process_ra-has-numerous-missed-len-checks.-It-leads- fix multiple buffer overreads (CVE-2011-3604) - 0006-removing-mdelay-in-unicast-only-case fix a denial of service (CVE-2011-3605) - 0007-checking-iface-name-more-carefully on top of 0001-set_interface_var-doesn-t-check-interface-name-and-b (CVE-2011-3602) -- Yves-Alexis Perez Fri, 14 Oct 2011 23:28:02 +0200 radvd (1:1.8-1) unstable; urgency=low * New upstream release - Fix segfault in timer handling. (Closes: #611297) - Fix error in DNSSL parsing (Closes: #615625) - Fix no respond on a tunnel interface after peer is reconnected (Closes: #628592) * Bumped Debian Policy Version 3.9.2 * Added support for kfreebsd (Closes: #618266) * Remove pid file checking in init script (Closes: #604905) * Some clarifications in README.Debian file (Closes: #601975) -- Ghe Rivero Thu, 02 Jun 2011 08:20:52 +0200 radvd (1:1.7-1) unstable; urgency=low * New upstream release -- Ghe Rivero Wed, 16 Feb 2011 15:27:12 +0100 radvd (1:1.6-1) unstable; urgency=low * New upstream release -- Ghe Rivero Mon, 15 Mar 2010 08:29:25 +0100 radvd (1:1.5-1) unstable; urgency=low * New upstream release (Closes: #546162) - Fix RA starvation (Closes: #553696) - Fix network cable removed infinite loop (Closes: #523722) * Some Lintian cleans (Closes: #530421) -- Ghe Rivero Mon, 08 Feb 2010 16:48:10 +0100 radvd (1:1.3-1.1) unstable; urgency=low * Non-maintainer upload to fix release goal. * Source build fine in pbuilder now (Closes: #518878) * Correct runlevels and dependencies in init.d script, and add postinst code to recover systems bit by this bug (Closes: #541874). * Fix typo in init.d script (Closes: #519560). * Update to use debhelper 7. * Remove the privsep.c symlink in the clean target to make sure the source is rebuildable. -- Petter Reinholdtsen Mon, 28 Sep 2009 20:54:12 +0200 radvd (1:1.3-1) unstable; urgency=low * New upstream release -- Ghe Rivero Sat, 25 Jul 2009 17:24:46 +0200 radvd (1:1.2-1) unstable; urgency=low * New upstream release * Added watch file * Clean Lintian warnings - debhelper-but-no-misc-depends - out-of-date-standards-version - script-calls-init-script-directly - copyright-without-copyright-notice * Jornadas Free Software UPSA -- Ghe Rivero Thu, 12 Mar 2009 16:51:13 +0100 radvd (1:1.1-3) unstable; urgency=low * Check for ipv6 forwarding in initscript (Closes: #498038) * Solved start for /var/run on tmpfs (Closes: #473804) -- Ghe Rivero Tue, 23 Sep 2008 22:16:20 +0200 radvd (1:1.1-2.1) unstable; urgency=low * Non-maintainer upload for the alpha port, with maintainer's approval. * Fix the alignment of the "chdr" buffer in send.c, so that we stop getting unaligned traps that make the process run much less efficiently. This probably also causes radvd to crash outright on sparc, though this has not been confirmed. Thanks to Bob Tracy for the patch. Closes: #456205. -- Steve Langasek Thu, 28 Aug 2008 01:19:30 -0700 radvd (1:1.1-2) unstable; urgency=low * Migrated to unstable -- Ghe Rivero Fri, 25 Apr 2008 09:37:13 +0200 radvd (1:1.1-1) experimental; urgency=low * New upstream release - Closes: #409600 - Closes: #428862 - Closes: #429874 - Closes: #431665 * New Maintainer. (Closes: #427965) * Updated initscript restart option (Closes: #461837) * Removed forwarding in initscript (Closes: #413669) -- Ghe Rivero Wed, 6 Feb 2008 23:22:22 +0100 radvd (1:1.0-2) unstable; urgency=low * Don't enable forwarding in the initscript, as suggested by Marco d'Itri; this should be done via /etc/sysctl.conf (closes: #413669). * README.Debian updated to reflect this. * simple-radvd.conf: Fix netmask (/64 instead of /32). -- Andreas Rottmann Thu, 07 Jun 2007 18:34:48 +0200 radvd (1:1.0-1) unstable; urgency=low * New upstream release (closes: #396441). * Removed patch 01-linux-2.6.patch, as it is integrated upstream. * Bumped standards-version to 3.7.2 (no changes). * Added "INIT INFO" block to initscript. -- Andreas Rottmann Wed, 1 Nov 2006 16:47:28 +0100 radvd (1:0.8-1) unstable; urgency=low * New upstream release. - Fixes adress garbling issue (closes: #301543). * Bumped standards-version to 3.6.2. * Added missing adduser dependency (thanks, lintian!). * Make download URL version independendent in copyright. -- Andreas Rottmann Thu, 11 Aug 2005 20:59:53 +0200 radvd (1:0.7.3-1) unstable; urgency=low * New upstream release. * Upload to unstable. -- Andreas Rottmann Tue, 22 Feb 2005 19:47:02 +0100 radvd (1:0.7.2+0.7.3rc1-1) experimental; urgency=low * New upstream release (0.7.3 release candidate). - Fixes hang/sendmsg issue (closes: #287863). - Drop patches integrated upstream: 02-radvd_conf_man.patch. * Now runs as user radvd (closes: #242471). * radvd.init: check for and remove stale pidfile (closes: #293789). * control: tighten dependency on debhelper. -- Andreas Rottmann Sat, 19 Feb 2005 12:56:08 +0100 radvd (1:0.7.2-7) unstable; urgency=low * Fix restart initscript action (closes: #278369). -- Andreas Rottmann Mon, 29 Nov 2004 14:30:26 +0100 radvd (1:0.7.2-6) unstable; urgency=low * Applied patch by Fabio Massimo Di Nitto, thanks. (closes: #273892). * Now using documentation prefix instead of deprectated site-local prefix (closes: #242473). * Also install the upstream example (radvd.conf.example). -- Andreas Rottmann Sun, 3 Oct 2004 17:27:35 +0200 radvd (1:0.7.2-5) unstable; urgency=low * Don't install a config file in /etc anymore (see, and closes: #225558). Instead output a more verbose message in the init script, telling the user how to configure it. Config file previously in /etc now shipped in /usr/share/doc/radvd/examples/simple-radvd.conf. -- Andreas Rottmann Mon, 1 Mar 2004 21:54:24 +0100 radvd (1:0.7.2-4) unstable; urgency=low * debian/init: Don't try to restore state of interfaces that are down (closes: #233499). * New patch 03-if-names-relax.patch, which allows [:.-_] to be used in interface names (closes: #200868). -- Andreas Rottmann Sun, 22 Feb 2004 16:47:01 +0100 radvd (1:0.7.2-3) unstable; urgency=low * New patch 02-radvd_conf_man.patch, fixes AdvValidLifetime default manpage error (closes: #226027). * New patch 01-linux-2.6.patch, which fixes the warning on Linux 2.6 (posted on radvd-devel-l by Pekka Savola ). * debian/rules: Include simple-patchsys.mk. * debian/init: Save forwarding configuration of interfaces at start time and restore them at stop time (closes: #224197). * debian/README: Document that the forwarding state is safed/restored. * debian/copyright: + Point to download dir, not file. + Remove "no modification was needed" line. -- Andreas Rottmann Thu, 1 Jan 2004 21:16:33 +0100 radvd (1:0.7.2-2) unstable; urgency=low * radvd.8.man: Fixed --method, which should read --logmethod (closes: #221246). * debian/control: Standards-Version 3.5.1 (no changes). * debian/rules: Switched to CDBS (from CBS). -- Andreas Rottmann Wed, 19 Nov 2003 23:22:30 +0100 radvd (1:0.7.2-1) unstable; urgency=low * New upstream release. + Adds support for VLANs (closes: #166002). * Now using CBS. + Build-Depend on autotools-dev, so CBS can use current config.{guess,sub}. * Build-Depend on debhelper v4. -- Andreas Rottmann Sun, 23 Feb 2003 21:09:47 +0100 radvd (1:0.7.1-6) unstable; urgency=low * Now checking wether IPv6 is enabled in init script. (closes: #155961) -- Andreas Rottmann Fri, 9 Aug 2002 15:21:59 +0200 radvd (1:0.7.1-5) unstable; urgency=low * Corrected spelling in package description. (closes: #140978) -- Andreas Rottmann Wed, 3 Apr 2002 11:21:14 +0200 radvd (1:0.7.1-4) unstable; urgency=low * Init script now enables IPv6 forwarding. (closes: #134740) * Updated debian/copyright. * Added debian/README.Debian. -- Andreas Rottmann Sun, 3 Mar 2002 16:31:24 +0100 radvd (1:0.7.1-3) unstable; urgency=low * Rewrote complicated init script. (closes: #116038) -- Andreas Rottmann Sun, 17 Feb 2002 18:50:36 +0100 radvd (1:0.7.1-2) unstable; urgency=low * Fixed typo in debian/control 'Maintainer:' field. -- Andreas Rottmann Wed, 6 Feb 2002 18:51:51 +0100 radvd (1:0.7.1-1) unstable; urgency=low * New maintainer. (closes: #131640) * New upstream. (closes: #115992) * Fixed build for ash. (closes: #116443) * Fixed postinst script. (closes: #116405) * Fixed init script. (closes: #108486) -- Andreas Rottmann Mon, 4 Feb 2002 16:51:44 +0100 radvd (1:0.6.2pl4-1.1) unstable; urgency=low * NMU * New config.guess and config.sub, as a patch. Closes: #115992 -- LaMont Jones Sat, 20 Oct 2001 21:16:17 -0600 radvd (1:0.6.2pl4-1) unstable; urgency=low * New upstream. Closes: #115430 * Mistakenly uploaded 0.6.2 last time around, with an epoch, even tho it was going backwards. :( Closes: #107953. * Apply buffer overrun fixes from radvd mailing list. * Added build-depends on flex and bison. Closes: #104018. * Don't start radvd if the config file doesn't exist or is empty. Closes: #99009. * Handle varied /proc/net/if_inet6 on linux(fixed upstream). Closes: #99005. * Upstream uses daemon(3) to detach from the terminal, so std{in,out,err} get closed correctly. Closes: #108485. * Rewrote init script, to support reload(sends SIGHUP). * List both the offical location and the location for the patchlevels in copyright. Closes: #115428. -- Adam Heath Mon, 15 Oct 2001 12:32:31 -0500 radvd (1:0.6.2-1) unstable; urgency=low * New upstream. -- Adam Heath Sat, 7 Jul 2001 15:07:29 -0500 radvd (0.6.2pl3-1) unstable; urgency=low * New upstream. Closes: #84317, #97048. * Check for existance and size of /etc/radvd.conf, before starting the daemon, in the init script. Closes: #98102. -- Adam Heath Fri, 12 Jan 2001 00:53:23 -0600 radvd (0.5.0-2) unstable; urgency=low * Updated config.guess and config.sub. Closes: #78566. -- Adam Heath Fri, 12 Jan 2001 00:53:23 -0600 radvd (0.5.0-1) unstable; urgency=low * New upstream version. * Created new debian/rules. * Uses dbs. * Added a binary-static target to debian/rules. This is not the normal target, however. Useful when installing this deb on older, pre-glibc 2.1 machines. -- Adam Heath Fri, 4 Aug 2000 00:29:37 -0500 radvd (0.4.2-1) unstable; urgency=low * Initial Release. -- Anthony Towns Fri, 26 Mar 1999 00:13:21 +1000 debian/compat0000664000000000000000000000000212160753302010365 0ustar 9 debian/copyright0000664000000000000000000000520712160753233011131 0ustar This is radvd. It was originally packaged by Adam Heath, on Fri Aug 4 21:45:09 CDT 2000. and later maintained by Andreas Rottmann . Now it's maintained by Ghe Rivero Upstream author: Pekka Savola Copyright: 2001-2009 Pekka Savola 2001 Lars Fenneberg 2001 Marko Myllynen It was downloaded from http://v6web.litech.org/radvd/dist/ No modifications where needed for debian integration. The upstream copyright follows: ---- The author(s) grant permission for redistribution and use in source and binary forms, with or without modification, of the software and documentation provided that the following conditions are met: 0. If you receive a version of the software that is specifically labelled as not being for redistribution (check the version message and/or README), you are not permitted to redistribute that version of the software in any way or form. 1. All terms of all other applicable copyrights and licenses must be followed. 2. Redistributions of source code must retain the authors' copyright notice(s), this list of conditions, and the following disclaimer. 3. Redistributions in binary form must reproduce the authors' copyright notice(s), this list of conditions, and the following disclaimer in the documentation and/or other materials provided with the distribution. 4. All advertising materials mentioning features or use of this software must display the following acknowledgement with the name(s) of the authors as specified in the copyright notice(s) substituted where indicated: This product includes software developed by the authors which are mentioned at the start of the source files and other contributors. 5. Neither the name(s) of the author(s) nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ITS AUTHORS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. debian/rules0000775000000000000000000000065412225522303010251 0ustar #!/usr/bin/make -f export DEB_BUILD_MAINT_OPTIONS = hardening=+all %: dh $@ --with autotools_dev override_dh_autobuild: cp debian/copyright.in > COPYRIGHT override_dh_autoclean: rm -f gram.c gram.h scanner.c rm -f privsep.c override_dh_install: install -m 644 debian/simple-radvd.conf `pwd`/debian/radvd/usr/share/doc/radvd/examples/ install -m 644 radvd.conf.example `pwd`/debian/radvd/usr/share/doc/radvd/examples/ debian/control0000664000000000000000000000164112160753302010574 0ustar Source: radvd Section: net Priority: optional Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Ghe Rivero Standards-Version: 3.9.3 Build-Depends: autotools-dev, debhelper (>= 9), flex, bison, pkg-config, libdaemon-dev XS-Testsuite: autopkgtest Package: radvd Architecture: any Depends: ${shlibs:Depends}, adduser, ${misc:Depends} Description: Router Advertisement Daemon IPv6 has a lot more support for autoconfiguration than IPv4. But for this autoconfiguration to work on the hosts of a network, the routers of the local network have to run a program which answers the autoconfiguration requests of the hosts. . On Linux this program is called radvd, which stands for Router ADVertisement Daemon. This daemon listens to router solicitations (RS) and answers with router advertisement (RA). Furthermore unsolicited RAs are also sent from time to time. debian/radvd.dirs0000664000000000000000000000005112160753233011151 0ustar usr/sbin etc usr/share/doc/radvd/examplesdebian/radvd.init0000664000000000000000000000424612160753233011165 0ustar #! /bin/sh ### BEGIN INIT INFO # Provides: radvd # Required-Start: $syslog $remote_fs $network # Required-Stop: $syslog $remote_fs $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Router Advertising Daemon ### END INIT INFO PATH=/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/sbin/radvd NAME=radvd DESC=radvd CONFIG=/etc/radvd.conf PIDDIR=/var/run/radvd PIDFILE=$PIDDIR/radvd.pid OPTIONS="-u radvd -p $PIDFILE" PROC_SYS_IP6_FORWARDING=/proc/sys/net/ipv6/conf/all/forwarding . /lib/lsb/init-functions test -x $DAEMON || exit 0 set -e # Check for IPv6 support in kernel if [ "$(uname -s)" != "GNU/kFreeBSD" ]; then if test \! -e /proc/sys/net/ipv6; then echo "IPv6 support must be enabled in the kernel for $DESC to work." exit fi fi chkconfig() { if [ "$(uname -s)" != "GNU/kFreeBSD" ]; then if [ ! -e $CONFIG -o ! -s $CONFIG ]; then echo "" echo "* $CONFIG does not exist or is empty." echo "* See /usr/share/doc/radvd/README.Debian" echo "* radvd will *not* be started." exit 0 elif [ ! -e $PROC_SYS_IP6_FORWARDING -o \ "$(cat $PROC_SYS_IP6_FORWARDING)" = "0" ]; then echo "" echo "* IPv6 forwarding seems to be disabled." echo "* See /usr/share/doc/radvd/README.Debian" echo "* radvd will *not* be started." exit 0 fi fi } case "$1" in start) echo -n "Starting $DESC: " chkconfig # Anything under /var/run can go away on reboot [ -e $PIDDIR ] || install -d -o radvd -g root -m 4755 $PIDDIR if ! start-stop-daemon --oknodo --start --pidfile $PIDFILE \ --exec $DAEMON -- $OPTIONS; then echo "failed." && exit 1 fi echo "$NAME." ;; stop) echo -n "Stopping $DESC: " start-stop-daemon --oknodo --stop --pidfile $PIDFILE \ --exec $DAEMON echo "$NAME." ;; reload|force-reload) echo "Reloading $DESC configuration files." start-stop-daemon --stop --signal HUP --quiet --pidfile \ $PIDFILE --exec $DAEMON ;; restart) invoke-rc.d $NAME stop invoke-rc.d $NAME start ;; status) status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $? ;; *) N=/etc/init.d/$NAME echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2 exit 1 ;; esac exit 0 debian/radvd.postrm0000664000000000000000000000015112160753233011535 0ustar #!/bin/sh set -e #DEBHELPER# if [ "$1" = purge ]; then dpkg-statoverride --remove /var/run/radvd fi debian/simple-radvd.conf0000664000000000000000000000011712160753233012427 0ustar interface eth0 { AdvSendAdvert on; prefix 2001:db8::/64 { }; }; debian/watch0000664000000000000000000000035512160753233010226 0ustar version=3 opts=uversionmangle=s/\.(tar.*|tgz|zip|gz|bz2)$//i,dversionmangle=s/[-.+~]?(cvs|svn|git|snapshot|pre|hg)(.*)$//i,pasv \ http://v6web.litech.org/radvd/dist/ (?:.*/)?radvd-?_?([\d+\.]+|\d+)\.(tar.*|tgz|zip|gz|bz2|) debian uupdate