pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc Update net/openvpn to version 2.0.1. Major changes fr...
details: https://anonhg.NetBSD.org/pkgsrc/rev/1a7c7ac51b5f
branches: trunk
changeset: 498250:1a7c7ac51b5f
user: jlam <jlam%pkgsrc.org@localhost>
date: Wed Aug 17 19:55:57 2005 +0000
description:
Update net/openvpn to version 2.0.1. Major changes from version 1.6.0
include:
Adding a highly scalable server for handling multiple TCP/UDP
clients over point-to-point TUN interfaces, all using a single
port number. The server has been designed so that it can run with
reduced privilege.
On the client side, "pull" has been added, which basically says
"accept certain config file options which the server pushes back
to you." The major win of the push/pull capability is that the
same client configuration file can be used on each client provided
each client has its own set of SSL/TLS keys which have been signed
by the master CA.
A management interface has been developed which can be used to
remotely control or centrally manage an OpenVPN daemon.
"remote" can now specify a set of machines, or a hostname can be
configured with multiple addresses in DNS. A server will be
randomly chosen from the list, and if the connect fails, another
will be tried (see the "remote-random" option)
A package for easy RSA key management (easy-rsa-2.0rc1) has been
included to aid in generating SSL keys and certificates for use
with OpenVPN.
diffstat:
doc/CHANGES | 1 +
net/openvpn/DESCR | 7 +-
net/openvpn/MESSAGE | 26 ++++++++
net/openvpn/Makefile | 90 +++++++++++++++++++++------
net/openvpn/PLIST | 87 ++++++++++++++++++--------
net/openvpn/distinfo | 13 +--
net/openvpn/files/openvpn.sh | 75 +++++++++++++++++++++++
net/openvpn/patches/patch-aa | 46 +++-----------
net/openvpn/patches/patch-ab | 139 +++++++++++++++++++++++++++++++++++++++---
net/openvpn/patches/patch-ac | 45 -------------
10 files changed, 379 insertions(+), 150 deletions(-)
diffs (truncated from 593 to 300 lines):
diff -r 176c4f29e34b -r 1a7c7ac51b5f doc/CHANGES
--- a/doc/CHANGES Wed Aug 17 19:06:41 2005 +0000
+++ b/doc/CHANGES Wed Aug 17 19:55:57 2005 +0000
@@ -650,3 +650,4 @@
Updated databases/p5-DBD-CSV to 0.22 [hiramatsu 2005-08-17]
Updated net/entropy to 0.9.1.438 [tv 2005-08-17]
Updated www/ap2-perl to 2.0.1 [tv 2005-08-17]
+ Updated net/openvpn to 2.0.1 [jlam 2005-08-17]
diff -r 176c4f29e34b -r 1a7c7ac51b5f net/openvpn/DESCR
--- a/net/openvpn/DESCR Wed Aug 17 19:06:41 2005 +0000
+++ b/net/openvpn/DESCR Wed Aug 17 19:55:57 2005 +0000
@@ -1,3 +1,4 @@
-OpenVPN is an easy-to-use, robust, and highly configurable VPN (Virtual Private
-Network) daemon which can be used to securely link two or more private networks
-using an encrypted tunnel over the internet. It uses UDP to avoid TCP over TCP.
+OpenVPN is a robust and highly flexible tunneling application
+that uses all of the encryption, authentication, and certification
+features of the OpenSSL library to securely tunnel IP networks over
+a single TCP/UDP port.
diff -r 176c4f29e34b -r 1a7c7ac51b5f net/openvpn/MESSAGE
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/openvpn/MESSAGE Wed Aug 17 19:55:57 2005 +0000
@@ -0,0 +1,26 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1 2005/08/17 19:55:57 jlam Exp $
+
+The openvpn rc.d script looks for configuration files in:
+
+ ${PKG_SYSCONFDIR}
+
+and by default will start an openvpn process for each config file in
+that directory.
+
+The sample configuration files have been installed into:
+
+ ${PREFIX}/share/examples/openvpn/config
+
+Please refer to the openvpn(8) manpage for full documentation on the
+available options.
+
+There is also a package for ``easy'' RSA key management installed into:
+
+ ${PREFIX}/share/openvpn/easy-rsa
+
+that may optionally be used to set up a certificate authority for
+generating SSL certificates for use with OpenVPN. Please refer to the
+README file in that directory for specific instructions.
+
+===========================================================================
diff -r 176c4f29e34b -r 1a7c7ac51b5f net/openvpn/Makefile
--- a/net/openvpn/Makefile Wed Aug 17 19:06:41 2005 +0000
+++ b/net/openvpn/Makefile Wed Aug 17 19:55:57 2005 +0000
@@ -1,31 +1,79 @@
-# $NetBSD: Makefile,v 1.7 2005/04/11 21:46:53 tv Exp $
+# $NetBSD: Makefile,v 1.8 2005/08/17 19:55:57 jlam Exp $
+#
-DISTNAME= openvpn-1.6.0
-CATEGORIES= net security
-MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=openvpn/}
+DISTNAME= openvpn-2.0.1
+PKGNAME= ${DISTNAME:S/_//}
+CATEGORIES= net
+MASTER_SITES= http://openvpn.net/release/ \
+ http://openvpn.net/release/old/
MAINTAINER= tech-pkg%NetBSD.org@localhost
-HOMEPAGE= http://openvpn.sourceforge.net/
-COMMENT= Easy-to-use, robust, and highly configurable VPN over UDP
+HOMEPAGE= http://openvpn.net/
+COMMENT= Easy-to-use SSL VPN daemon
-#USE_PKGINSTALL= YES
+GNU_CONFIGURE= yes
+USE_TOOLS= grep:run
+USE_LIBTOOL= yes
+USE_PKGINSTALL= yes
+USE_OLD_DES_API= yes
+TEST_TARGET= check
+
+PKG_SYSCONFSUBDIR= openvpn
+DATADIR= ${PREFIX}/share/${PKGBASE}
+DOCDIR= ${PREFIX}/share/doc/${PKGBASE}
+EGDIR= ${PREFIX}/share/examples/${PKGBASE}
+RCD_SCRIPTS= openvpn
-GNU_CONFIGURE= YES
-CONFIGURE_ARGS+= --with-ssl-headers=${SSLBASE}/include/openssl
-CONFIGURE_ARGS+= --with-ssl-lib=${SSLBASE}/lib
-CONFIGURE_ARGS+= --with-lzo-headers=${BUILDLINK_PREFIX.liblzo}/include
-CONFIGURE_ARGS+= --with-lzo-lib=${BUILDLINK_PREFIX.liblzo}/lib
+CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
+CONFIGURE_ARGS+= --enable-pthread
+CONFIGURE_ARGS+= --enable-password-save
+CONFIGURE_ARGS+= --disable-dependency-tracking
+
+# OpenVPN 2.x has a shared module "plugin" architecture that allows
+# inserting callbacks into the server for various tasks.
+#
+DL_AUTO_VARS= yes
+.include "../../mk/dlopen.buildlink3.mk"
-EGDIR= ${PREFIX}/share/examples/openvpn
+.include "../../archivers/lzo/buildlink3.mk"
+.include "../../security/openssl/buildlink3.mk"
+.include "../../mk/pthread.buildlink3.mk"
+
+post-build:
+ for file in ${WRKSRC}/easy-rsa/2.0/pkitool; do \
+ ${SED} -e "s|^\(GREP\)=.*|\1=\""${GREP}"\"|" \
+ -e "s|^\(OPENSSL\)=.*|\1=\""${SSLBASE}/bin/openssl"\"|" \
+ $$file > $$file.new; \
+ ${MV} -f $$file.new $$file; \
+ ${CHMOD} +x $$file; \
+ done
post-install:
- ${INSTALL_DATA_DIR} ${EGDIR}/sample-config-files
- ${INSTALL_DATA} ${WRKSRC}/sample-config-files/* ${EGDIR}/sample-config-files
- ${INSTALL_DATA_DIR} ${EGDIR}/sample-keys
- ${INSTALL_DATA} ${WRKSRC}/sample-keys/* ${EGDIR}/sample-keys
- ${INSTALL_DATA_DIR} ${EGDIR}/sample-scripts
- ${INSTALL_DATA} ${WRKSRC}/sample-scripts/* ${EGDIR}/sample-scripts
+ ${INSTALL_DATA_DIR} ${DATADIR}/easy-rsa
+ dir=${DATADIR:S/^${PREFIX}\///}/easy-rsa; \
+ cd ${WRKSRC}/easy-rsa/2.0; \
+ ${GREP} "^$$dir/" ${PKGDIR}/PLIST | ${SED} "s|^$$dir/||" | \
+ while read file; do \
+ case $$file in \
+ [A-Z]*|*.cnf) ${INSTALL_DATA} $$file ${PREFIX}/$$dir ;; \
+ *) ${INSTALL_SCRIPT} $$file ${PREFIX}/$$dir ;; \
+ esac; \
+ done
+ ${INSTALL_DATA_DIR} ${DOCDIR}
+ ${INSTALL_DATA} ${WRKSRC}/management/management-notes.txt ${DOCDIR}
+ ${INSTALL_DATA_DIR} ${EGDIR}
+ ${INSTALL_DATA_DIR} ${EGDIR}/config
+ cd ${WRKSRC}/sample-config-files; for file in *; do \
+ ${INSTALL_DATA} $$file ${EGDIR}/config; \
+ done
+ ${INSTALL_DATA_DIR} ${EGDIR}/scripts
+ cd ${WRKSRC}/sample-scripts; for file in *; do \
+ ${INSTALL_DATA} $$file ${EGDIR}/scripts; \
+ done
+ ${INSTALL_DATA_DIR} ${EGDIR}/keys
+ cd ${WRKSRC}/sample-keys; for file in *; do \
+ ${INSTALL_DATA} $$file ${EGDIR}/keys; \
+ done
-.include "../../archivers/liblzo/buildlink3.mk"
-.include "../../security/openssl/buildlink3.mk"
+
.include "../../mk/bsd.pkg.mk"
diff -r 176c4f29e34b -r 1a7c7ac51b5f net/openvpn/PLIST
--- a/net/openvpn/PLIST Wed Aug 17 19:06:41 2005 +0000
+++ b/net/openvpn/PLIST Wed Aug 17 19:55:57 2005 +0000
@@ -1,31 +1,62 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2004/02/10 12:39:17 wulf Exp $
+@comment $NetBSD: PLIST,v 1.2 2005/08/17 19:55:57 jlam Exp $
man/man8/openvpn.8
sbin/openvpn
-share/examples/openvpn/sample-config-files/README
-share/examples/openvpn/sample-config-files/firewall.sh
-share/examples/openvpn/sample-config-files/home.up
-share/examples/openvpn/sample-config-files/loopback-client
-share/examples/openvpn/sample-config-files/loopback-server
-share/examples/openvpn/sample-config-files/office.up
-share/examples/openvpn/sample-config-files/openvpn-shutdown.sh
-share/examples/openvpn/sample-config-files/openvpn-startup.sh
-share/examples/openvpn/sample-config-files/static-home.conf
-share/examples/openvpn/sample-config-files/static-office.conf
-share/examples/openvpn/sample-config-files/tls-home.conf
-share/examples/openvpn/sample-config-files/tls-office.conf
-share/examples/openvpn/sample-config-files/xinetd-client-config
-share/examples/openvpn/sample-config-files/xinetd-server-config
-share/examples/openvpn/sample-keys/README
-share/examples/openvpn/sample-keys/client.crt
-share/examples/openvpn/sample-keys/client.key
-share/examples/openvpn/sample-keys/dh1024.pem
-share/examples/openvpn/sample-keys/server.crt
-share/examples/openvpn/sample-keys/server.key
-share/examples/openvpn/sample-keys/tmp-ca.crt
-share/examples/openvpn/sample-keys/tmp-ca.key
-share/examples/openvpn/sample-scripts/openvpn.init
-share/examples/openvpn/sample-scripts/verify-cn
-@dirrm share/examples/openvpn/sample-config-files
-@dirrm share/examples/openvpn/sample-keys
-@dirrm share/examples/openvpn/sample-scripts
+share/doc/openvpn/management-notes.txt
+share/examples/openvpn/config/README
+share/examples/openvpn/config/client.conf
+share/examples/openvpn/config/firewall.sh
+share/examples/openvpn/config/home.up
+share/examples/openvpn/config/loopback-client
+share/examples/openvpn/config/loopback-server
+share/examples/openvpn/config/office.up
+share/examples/openvpn/config/openvpn-shutdown.sh
+share/examples/openvpn/config/openvpn-startup.sh
+share/examples/openvpn/config/server.conf
+share/examples/openvpn/config/static-home.conf
+share/examples/openvpn/config/static-office.conf
+share/examples/openvpn/config/tls-home.conf
+share/examples/openvpn/config/tls-office.conf
+share/examples/openvpn/config/xinetd-client-config
+share/examples/openvpn/config/xinetd-server-config
+share/examples/openvpn/keys/README
+share/examples/openvpn/keys/client.crt
+share/examples/openvpn/keys/client.key
+share/examples/openvpn/keys/dh1024.pem
+share/examples/openvpn/keys/pass.crt
+share/examples/openvpn/keys/pass.key
+share/examples/openvpn/keys/pkcs12.p12
+share/examples/openvpn/keys/server.crt
+share/examples/openvpn/keys/server.key
+share/examples/openvpn/keys/tmp-ca.crt
+share/examples/openvpn/keys/tmp-ca.key
+share/examples/openvpn/scripts/auth-pam.pl
+share/examples/openvpn/scripts/bridge-start
+share/examples/openvpn/scripts/bridge-stop
+share/examples/openvpn/scripts/openvpn.init
+share/examples/openvpn/scripts/verify-cn
+share/examples/rc.d/openvpn
+share/openvpn/easy-rsa/README
+share/openvpn/easy-rsa/build-ca
+share/openvpn/easy-rsa/build-dh
+share/openvpn/easy-rsa/build-inter
+share/openvpn/easy-rsa/build-key
+share/openvpn/easy-rsa/build-key-pass
+share/openvpn/easy-rsa/build-key-pkcs12
+share/openvpn/easy-rsa/build-key-server
+share/openvpn/easy-rsa/build-req
+share/openvpn/easy-rsa/build-req-pass
+share/openvpn/easy-rsa/clean-all
+share/openvpn/easy-rsa/inherit-inter
+share/openvpn/easy-rsa/list-crl
+share/openvpn/easy-rsa/openssl.cnf
+share/openvpn/easy-rsa/pkitool
+share/openvpn/easy-rsa/revoke-full
+share/openvpn/easy-rsa/sign-req
+share/openvpn/easy-rsa/vars
+@dirrm share/openvpn/easy-rsa
+@dirrm share/openvpn
+@dirrm share/examples/openvpn/scripts
+@dirrm share/examples/openvpn/keys
+@dirrm share/examples/openvpn/config
@dirrm share/examples/openvpn
+@dirrm share/doc/openvpn
diff -r 176c4f29e34b -r 1a7c7ac51b5f net/openvpn/distinfo
--- a/net/openvpn/distinfo Wed Aug 17 19:06:41 2005 +0000
+++ b/net/openvpn/distinfo Wed Aug 17 19:55:57 2005 +0000
@@ -1,8 +1,7 @@
-$NetBSD: distinfo,v 1.3 2005/02/24 12:13:58 agc Exp $
+$NetBSD: distinfo,v 1.4 2005/08/17 19:55:57 jlam Exp $
-SHA1 (openvpn-1.6.0.tar.gz) = 1a7a4e1b610564902f50b488f19254ab9a1f9c7e
-RMD160 (openvpn-1.6.0.tar.gz) = ffcb1746590bdd4dab6777856a6caf8c129d57de
-Size (openvpn-1.6.0.tar.gz) = 430324 bytes
-SHA1 (patch-aa) = 1467b3f2cacc16657e88bc292c778ef7cfc48d66
-SHA1 (patch-ab) = b32248e2d9dc6dfdf015d86873770544a214103b
-SHA1 (patch-ac) = b689cd044be21205eb4c53edd856ea2161b45cc1
+SHA1 (openvpn-2.0.1.tar.gz) = d0ce0f41c8832e96511761ba4db1d209267c2caa
+RMD160 (openvpn-2.0.1.tar.gz) = ced7028e996f119ce1b0e21305aaa744d2181fd9
+Size (openvpn-2.0.1.tar.gz) = 662428 bytes
+SHA1 (patch-aa) = c28596050d1f5850219816ea2d855eeda6f37d12
+SHA1 (patch-ab) = d5f9d23078607adbc1bfe23960da6b87725df122
diff -r 176c4f29e34b -r 1a7c7ac51b5f net/openvpn/files/openvpn.sh
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/openvpn/files/openvpn.sh Wed Aug 17 19:55:57 2005 +0000
@@ -0,0 +1,75 @@
+#!@RCD_SCRIPTS_SHELL@
+#
+# $NetBSD: openvpn.sh,v 1.1 2005/08/17 19:55:57 jlam Exp $
+#
+# PROVIDE: openvpn
+# REQUIRE: NETWORKING
+#
+# To start openvpn at startup, copy this script to /etc/rc.d. You will
+# also need to set the following variables:
+#
+# openvpn=YES
+#
+# The following variables are optional:
+#
+# openvpn_cfg="server.conf" # whitespace-separated list of
+# # OpenVPN config files relative to
+# # directory @PKG_SYSCONFDIR@. If
+# # set, then an openvpn process is
+# # started for each file, otherwise
+# # a process is started for all
+# # *.conf files.
+#
+# For information on how to write an OpenVPN config file, please read the
+# openvpn(8) man page or check the website at:
+#
+# http://openvpn.net/
+#
+
+. /etc/rc.subr
+
+name="openvpn"
Home |
Main Index |
Thread Index |
Old Index