1 |
commit: ca31acc706315933f9be168f1647fa9e2f56a273 |
2 |
Author: layman <layman <AT> localhost> |
3 |
AuthorDate: Wed Dec 16 21:54:18 2015 +0000 |
4 |
Commit: Mike Auty <ikelos <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Dec 16 21:54:18 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/dev/ikelos.git/commit/?id=ca31acc7 |
7 |
|
8 |
Add in vlan support to openvpn. |
9 |
|
10 |
net-misc/openvpn/ChangeLog | 158 +++ |
11 |
net-misc/openvpn/ChangeLog-2015 | 1286 ++++++++++++++++++++ |
12 |
net-misc/openvpn/Manifest | 16 + |
13 |
.../openvpn/files/2.3.6-disable-compression.patch | 18 + |
14 |
net-misc/openvpn/files/2.3.6-null-cipher.patch | 46 + |
15 |
net-misc/openvpn/files/2.3.6-vlan-support.patch | 1005 +++++++++++++++ |
16 |
net-misc/openvpn/files/65openvpn | 1 + |
17 |
net-misc/openvpn/files/down.sh | 33 + |
18 |
net-misc/openvpn/files/openvpn-2.1.conf | 18 + |
19 |
net-misc/openvpn/files/openvpn-2.1.init | 133 ++ |
20 |
net-misc/openvpn/files/openvpn.init | 63 + |
21 |
net-misc/openvpn/files/openvpn.service | 12 + |
22 |
net-misc/openvpn/files/openvpn.tmpfile | 1 + |
23 |
net-misc/openvpn/files/up.sh | 100 ++ |
24 |
net-misc/openvpn/metadata.xml | 23 + |
25 |
net-misc/openvpn/openvpn-2.3.8-r1.ebuild | 138 +++ |
26 |
16 files changed, 3051 insertions(+) |
27 |
|
28 |
diff --git a/net-misc/openvpn/ChangeLog b/net-misc/openvpn/ChangeLog |
29 |
new file mode 100644 |
30 |
index 0000000..2e79375 |
31 |
--- /dev/null |
32 |
+++ b/net-misc/openvpn/ChangeLog |
33 |
@@ -0,0 +1,158 @@ |
34 |
+# ChangeLog for net-misc/openvpn |
35 |
+# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 |
36 |
+# (auto-generated from git log) |
37 |
+ |
38 |
+*openvpn-9999 (09 Aug 2015) |
39 |
+*openvpn-2.3.8 (09 Aug 2015) |
40 |
+*openvpn-2.3.7 (09 Aug 2015) |
41 |
+*openvpn-2.3.6-r2 (09 Aug 2015) |
42 |
+*openvpn-2.3.6-r1 (09 Aug 2015) |
43 |
+*openvpn-2.3.6 (09 Aug 2015) |
44 |
+ |
45 |
+ 09 Aug 2015; Robin H. Johnson <robbat2@g.o> |
46 |
+ +files/2.3.6-disable-compression.patch, +files/2.3.6-null-cipher.patch, |
47 |
+ +files/65openvpn, +files/down.sh, +files/openvpn-2.1.conf, |
48 |
+ +files/openvpn-2.1.init, +files/openvpn.init, +files/openvpn.service, |
49 |
+ +files/openvpn.tmpfile, +files/up.sh, +metadata.xml, +openvpn-2.3.6.ebuild, |
50 |
+ +openvpn-2.3.6-r1.ebuild, +openvpn-2.3.6-r2.ebuild, +openvpn-2.3.7.ebuild, |
51 |
+ +openvpn-2.3.8.ebuild, +openvpn-9999.ebuild: |
52 |
+ proj/gentoo: Initial commit |
53 |
+ |
54 |
+ This commit represents a new era for Gentoo: |
55 |
+ Storing the gentoo-x86 tree in Git, as converted from CVS. |
56 |
+ |
57 |
+ This commit is the start of the NEW history. |
58 |
+ Any historical data is intended to be grafted onto this point. |
59 |
+ |
60 |
+ Creation process: |
61 |
+ 1. Take final CVS checkout snapshot |
62 |
+ 2. Remove ALL ChangeLog* files |
63 |
+ 3. Transform all Manifests to thin |
64 |
+ 4. Remove empty Manifests |
65 |
+ 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ |
66 |
+ 5.1. Do not touch files with -kb/-ko keyword flags. |
67 |
+ |
68 |
+ Signed-off-by: Robin H. Johnson <robbat2@g.o> |
69 |
+ X-Thanks: Alec Warner <antarus@g.o> - did the GSoC 2006 migration |
70 |
+ tests |
71 |
+ X-Thanks: Robin H. Johnson <robbat2@g.o> - infra guy, herding this |
72 |
+ project |
73 |
+ X-Thanks: Nguyen Thai Ngoc Duy <pclouds@g.o> - Former Gentoo |
74 |
+ developer, wrote Git features for the migration |
75 |
+ X-Thanks: Brian Harring <ferringb@g.o> - wrote much python to improve |
76 |
+ cvs2svn |
77 |
+ X-Thanks: Rich Freeman <rich0@g.o> - validation scripts |
78 |
+ X-Thanks: Patrick Lauer <patrick@g.o> - Gentoo dev, running new 2014 |
79 |
+ work in migration |
80 |
+ X-Thanks: Michał Górny <mgorny@g.o> - scripts, QA, nagging |
81 |
+ X-Thanks: All of other Gentoo developers - many ideas and lots of paint on |
82 |
+ the bikeshed |
83 |
+ |
84 |
+ 09 Aug 2015; Mikle Kolyada <zlogene@g.o> openvpn-2.3.7.ebuild: |
85 |
+ x86 stable wrt bug #556874 |
86 |
+ |
87 |
+ Package-Manager: portage-2.2.20 |
88 |
+ |
89 |
+ 09 Aug 2015; Mikle Kolyada <zlogene@g.o> openvpn-2.3.7.ebuild: |
90 |
+ ia64 stable wrt bug #556874 |
91 |
+ |
92 |
+ Package-Manager: portage-2.2.20 |
93 |
+ |
94 |
+ 09 Aug 2015; Ulrich Müller <ulm@g.o> files/down.sh, |
95 |
+ files/openvpn-2.1.init, files/up.sh: |
96 |
+ [QA] Remove executable bit from files, bug 550434. |
97 |
+ |
98 |
+ 22 Aug 2015; Jeroen Roovers <jer@g.o> openvpn-2.3.7.ebuild: |
99 |
+ Stable for HPPA (bug #556874). |
100 |
+ |
101 |
+ Package-Manager: portage-2.2.20.1 |
102 |
+ |
103 |
+ 24 Aug 2015; Jeroen Roovers <jer@g.o> openvpn-2.3.7.ebuild: |
104 |
+ Stable for PPC64 (bug #556874). |
105 |
+ |
106 |
+ Package-Manager: portage-2.2.20.1 |
107 |
+ |
108 |
+ 24 Aug 2015; Justin Lecher <jlec@g.o> metadata.xml: |
109 |
+ Use https by default |
110 |
+ |
111 |
+ Convert all URLs for sites supporting encrypted connections from http to |
112 |
+ https |
113 |
+ |
114 |
+ Signed-off-by: Justin Lecher <jlec@g.o> |
115 |
+ |
116 |
+ 24 Aug 2015; Mike Gilbert <floppym@g.o> metadata.xml: |
117 |
+ Revert DOCTYPE SYSTEM https changes in metadata.xml |
118 |
+ |
119 |
+ repoman does not yet accept the https version. |
120 |
+ This partially reverts eaaface92ee81f30a6ac66fe7acbcc42c00dc450. |
121 |
+ |
122 |
+ Bug: https://bugs.gentoo.org/552720 |
123 |
+ |
124 |
+ 26 Aug 2015; Markus Meier <maekke@g.o> openvpn-2.3.7.ebuild: |
125 |
+ arm stable, bug #556874 |
126 |
+ |
127 |
+ Package-Manager: portage-2.2.20.1 |
128 |
+ RepoMan-Options: --include-arches="arm" |
129 |
+ |
130 |
+ 05 Sep 2015; Mikle Kolyada <zlogene@g.o> openvpn-2.3.8.ebuild: |
131 |
+ amd64 stable wrt bug #556874 |
132 |
+ |
133 |
+ Package-Manager: portage-2.2.20.1 |
134 |
+ |
135 |
+ 08 Sep 2015; Jeroen Roovers <jer@g.o> openvpn-2.3.8.ebuild: |
136 |
+ Stable for HPPA PPC64 (bug #556874). |
137 |
+ |
138 |
+ Package-Manager: portage-2.2.20.1 |
139 |
+ |
140 |
+ 15 Sep 2015; Tobias Klausmann <klausman@g.o> openvpn-2.3.8.ebuild: |
141 |
+ add alpha keyword |
142 |
+ |
143 |
+ Gentoo-Bug: 556874 |
144 |
+ |
145 |
+ Package-Manager: portage-2.2.20.1 |
146 |
+ |
147 |
+ 26 Sep 2015; Mikle Kolyada <zlogene@g.o> openvpn-2.3.8.ebuild: |
148 |
+ ia64 stable wrt bug #556874 |
149 |
+ |
150 |
+ Package-Manager: portage-2.2.20.1 |
151 |
+ |
152 |
+ 27 Sep 2015; Mikle Kolyada <zlogene@g.o> openvpn-2.3.8.ebuild: |
153 |
+ x86 stable wrt bug #556874 |
154 |
+ |
155 |
+ Package-Manager: portage-2.2.20.1 |
156 |
+ |
157 |
+ 29 Sep 2015; Markus Meier <maekke@g.o> openvpn-2.3.8.ebuild: |
158 |
+ arm stable, bug #556874 |
159 |
+ |
160 |
+ Package-Manager: portage-2.2.20.1 |
161 |
+ RepoMan-Options: --include-arches="arm" |
162 |
+ |
163 |
+ 10 Oct 2015; Mikle Kolyada <zlogene@g.o> openvpn-2.3.8.ebuild: |
164 |
+ sparc stable wrt bug #556874 |
165 |
+ |
166 |
+ Package-Manager: portage-2.2.20.1 |
167 |
+ |
168 |
+ 12 Nov 2015; Agostino Sarubbo <ago@g.o> openvpn-2.3.8.ebuild: |
169 |
+ ppc stable wrt bug #556874 |
170 |
+ |
171 |
+ Package-Manager: portage-2.2.20.1 |
172 |
+ RepoMan-Options: --include-arches="ppc" |
173 |
+ |
174 |
+ 06 Dec 2015; Dirkjan Ochtman <djc@g.o> -openvpn-2.3.6.ebuild, |
175 |
+ -openvpn-2.3.6-r1.ebuild, -openvpn-2.3.6-r2.ebuild, -openvpn-2.3.7.ebuild: |
176 |
+ remove old versions |
177 |
+ |
178 |
+ Package-Manager: portage-2.2.20.1 |
179 |
+ |
180 |
+*openvpn-2.3.8-r1 (06 Dec 2015) |
181 |
+ |
182 |
+ 06 Dec 2015; Dirkjan Ochtman <djc@g.o> +openvpn-2.3.8-r1.ebuild: |
183 |
+ add support for libressl (fixes bug 565242) |
184 |
+ |
185 |
+ Package-Manager: portage-2.2.20.1 |
186 |
+ |
187 |
+ 06 Dec 2015; Dirkjan Ochtman <djc@g.o> openvpn-2.3.8-r1.ebuild: |
188 |
+ set EAPI=5 in 2.3.8-r1 |
189 |
+ |
190 |
+ Package-Manager: portage-2.2.20.1 |
191 |
+ |
192 |
|
193 |
diff --git a/net-misc/openvpn/ChangeLog-2015 b/net-misc/openvpn/ChangeLog-2015 |
194 |
new file mode 100644 |
195 |
index 0000000..93cb534 |
196 |
--- /dev/null |
197 |
+++ b/net-misc/openvpn/ChangeLog-2015 |
198 |
@@ -0,0 +1,1286 @@ |
199 |
+# ChangeLog for net-misc/openvpn |
200 |
+# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 |
201 |
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openvpn/ChangeLog,v 1.327 2015/08/08 05:13:53 prometheanfire Exp $ |
202 |
+ |
203 |
+*openvpn-2.3.8 (08 Aug 2015) |
204 |
+ |
205 |
+ 08 Aug 2015; Matthew Thode <prometheanfire@g.o> +openvpn-2.3.8.ebuild: |
206 |
+ updating to fix asking for the password at init |
207 |
+ |
208 |
+ 07 Aug 2015; Tobias Klausmann <klausman@g.o> openvpn-2.3.7.ebuild: |
209 |
+ Stable on alpha, bug 556874 |
210 |
+ |
211 |
+ 06 Aug 2015; Mikle Kolyada <zlogene@g.o> openvpn-2.3.7.ebuild: |
212 |
+ amd64 stable wrt bug #556874 |
213 |
+ |
214 |
+ 12 Jul 2015; Dirkjan Ochtman <djc@g.o> openvpn-2.3.6-r1.ebuild, |
215 |
+ openvpn-2.3.6-r2.ebuild, openvpn-2.3.6.ebuild, openvpn-2.3.7.ebuild, |
216 |
+ openvpn-9999.ebuild: |
217 |
+ Don't default to polarssl, this was introduced accidentally |
218 |
+ |
219 |
+ 12 Jul 2015; Dirkjan Ochtman <djc@g.o> openvpn-9999.ebuild: |
220 |
+ Bring openvpn-9999 in line with 2.3.7 (fix bug 554638) |
221 |
+ |
222 |
+ 12 Jul 2015; Dirkjan Ochtman <djc@g.o> openvpn-2.3.6-r1.ebuild, |
223 |
+ openvpn-2.3.6-r2.ebuild, openvpn-2.3.6.ebuild, openvpn-2.3.7.ebuild: |
224 |
+ Remove some accidentally committed debugging cruft |
225 |
+ |
226 |
+*openvpn-2.3.7 (12 Jul 2015) |
227 |
+ |
228 |
+ 12 Jul 2015; Dirkjan Ochtman <djc@g.o> +openvpn-2.3.7.ebuild, |
229 |
+ metadata.xml: |
230 |
+ Version bump openvpn to 2.3.7 (fixes bug 554524, bug 489272, bug 553352, bug |
231 |
+ 531474) |
232 |
+ |
233 |
+*openvpn-2.3.6-r2 (17 Feb 2015) |
234 |
+ |
235 |
+ 17 Feb 2015; Dirkjan Ochtman <djc@g.o> |
236 |
+ +files/2.3.6-disable-compression.patch, +openvpn-2.3.6-r2.ebuild: |
237 |
+ Version bump openvpn to 2.3.6-r2 (fixes bug 537318) |
238 |
+ |
239 |
+*openvpn-2.3.6-r1 (08 Feb 2015) |
240 |
+ |
241 |
+ 08 Feb 2015; Dirkjan Ochtman <djc@g.o> +files/2.3.6-null-cipher.patch, |
242 |
+ +openvpn-2.3.6-r1.ebuild: |
243 |
+ Fix support for null ciphers (bug 531700; thanks to gentoo@×××××××.org) |
244 |
+ |
245 |
+ 18 Jan 2015; Dirkjan Ochtman <djc@g.o> openvpn-2.3.6.ebuild: |
246 |
+ Fix minimum version of libpkcs11-helper dependency (fixes bug 536332) |
247 |
+ |
248 |
+ 28 Dec 2014; Dirkjan Ochtman <djc@g.o> -openvpn-2.3.2.ebuild, |
249 |
+ -openvpn-2.3.3.ebuild, -openvpn-2.3.4-r1.ebuild, -openvpn-2.3.5.ebuild: |
250 |
+ Remove vulnerable versions of openvpn (bug 531308) |
251 |
+ |
252 |
+ 26 Dec 2014; Agostino Sarubbo <ago@g.o> openvpn-2.3.6.ebuild: |
253 |
+ Stable for sparc, wrt bug #531308 |
254 |
+ |
255 |
+ 23 Dec 2014; Agostino Sarubbo <ago@g.o> openvpn-2.3.6.ebuild: |
256 |
+ Stable for alpha, wrt bug #531308 |
257 |
+ |
258 |
+ 16 Dec 2014; Markus Meier <maekke@g.o> openvpn-2.3.6.ebuild: |
259 |
+ arm stable, bug #531308 |
260 |
+ |
261 |
+ 06 Dec 2014; Agostino Sarubbo <ago@g.o> openvpn-2.3.6.ebuild: |
262 |
+ Stable for ia64, wrt bug #531308 |
263 |
+ |
264 |
+ 04 Dec 2014; Agostino Sarubbo <ago@g.o> openvpn-2.3.6.ebuild: |
265 |
+ Stable for ppc64, wrt bug #531308 |
266 |
+ |
267 |
+ 03 Dec 2014; Agostino Sarubbo <ago@g.o> openvpn-2.3.6.ebuild: |
268 |
+ Stable for ppc, wrt bug #531308 |
269 |
+ |
270 |
+ 02 Dec 2014; Mike Gilbert <floppym@g.o> files/openvpn.service: |
271 |
+ Revert previous unit file change, bug 527614. |
272 |
+ |
273 |
+ 02 Dec 2014; Jeroen Roovers <jer@g.o> openvpn-2.3.6.ebuild: |
274 |
+ Stable for HPPA (bug #531308). |
275 |
+ |
276 |
+ 02 Dec 2014; Agostino Sarubbo <ago@g.o> openvpn-2.3.6.ebuild: |
277 |
+ Stable for x86, wrt bug #531308 |
278 |
+ |
279 |
+ 02 Dec 2014; Agostino Sarubbo <ago@g.o> openvpn-2.3.6.ebuild: |
280 |
+ Stable for amd64, wrt bug #531308 |
281 |
+ |
282 |
+*openvpn-2.3.6 (01 Dec 2014) |
283 |
+ |
284 |
+ 01 Dec 2014; Dirkjan Ochtman <djc@g.o> +openvpn-2.3.6.ebuild: |
285 |
+ Version bump openvpn to 2.3.6 (fixes bug 531308) |
286 |
+ |
287 |
+ 21 Nov 2014; Tobias Klausmann <klausman@g.o> openvpn-2.3.4-r1.ebuild: |
288 |
+ Stable on alpha, bug 522168 |
289 |
+ |
290 |
+ 16 Nov 2014; Dirkjan Ochtman <djc@g.o> -openvpn-2.3.1.ebuild, |
291 |
+ -openvpn-2.3.4.ebuild: |
292 |
+ Remove old versions of openvpn |
293 |
+ |
294 |
+*openvpn-2.3.5 (16 Nov 2014) |
295 |
+ |
296 |
+ 16 Nov 2014; Dirkjan Ochtman <djc@g.o> +openvpn-2.3.5.ebuild: |
297 |
+ Version bump openvpn to 2.3.5 |
298 |
+ |
299 |
+ 05 Nov 2014; Mike Gilbert <floppym@g.o> files/openvpn.service: |
300 |
+ Use unescaped instance name for PIDFile and config file, bug 527614. |
301 |
+ |
302 |
+ 02 Nov 2014; Sven Vermeulen <swift@g.o> openvpn-2.3.4-r1.ebuild, |
303 |
+ openvpn-9999.ebuild: |
304 |
+ Remove sec-policy/selinux-* dependency from DEPEND but keep in RDEPEND (bug |
305 |
+ #527698) |
306 |
+ |
307 |
+ 05 Oct 2014; Manuel Rüger <mrueg@g.o> openvpn-2.3.4-r1.ebuild: |
308 |
+ Mark stable on amd64. Bug #522168 |
309 |
+ |
310 |
+ 21 Sep 2014; Markus Meier <maekke@g.o> openvpn-2.3.4-r1.ebuild: |
311 |
+ arm stable, bug #522168 |
312 |
+ |
313 |
+ 10 Sep 2014; Jeroen Roovers <jer@g.o> openvpn-2.3.4-r1.ebuild: |
314 |
+ Stable for HPPA (bug #522168). |
315 |
+ |
316 |
+ 27 Aug 2014; Agostino Sarubbo <ago@g.o> openvpn-2.3.3.ebuild: |
317 |
+ Stable for ppc, wrt bug #511668 |
318 |
+ |
319 |
+ 20 Aug 2014; Raúl Porcel <armin76@g.o> openvpn-2.3.3.ebuild: |
320 |
+ ia64/sparc stable wrt bug #511668 |
321 |
+ |
322 |
+ 26 Jul 2014; Pawel Hajdan jr <phajdan.jr@g.o> openvpn-2.3.3.ebuild: |
323 |
+ x86 stable wrt bug #511668 |
324 |
+ |
325 |
+ 21 Jul 2014; Chema Alonso <nimiux@g.o> openvpn-2.3.3.ebuild: |
326 |
+ Stable for amd64 wrt bug #511668 |
327 |
+ |
328 |
+ 21 Jul 2014; Dirkjan Ochtman <djc@g.o> openvpn-2.3.3.ebuild, |
329 |
+ openvpn-2.3.4-r1.ebuild, openvpn-2.3.4.ebuild: |
330 |
+ Make pkcs11 USE depend on ssl flag (fixes bug 517660) |
331 |
+ |
332 |
+ 20 Jul 2014; Tobias Klausmann <klausman@g.o> openvpn-2.3.3.ebuild: |
333 |
+ Stable on alpha, bug #511668 |
334 |
+ |
335 |
+*openvpn-2.3.4-r1 (03 Jul 2014) |
336 |
+ |
337 |
+ 03 Jul 2014; Peter Volkov <pva@g.o> +openvpn-2.3.4-r1.ebuild: |
338 |
+ Added systemd USE flag to forward console query to systemd, #515982 |
339 |
+ |
340 |
+ 09 Jun 2014; Markus Meier <maekke@g.o> openvpn-2.3.3.ebuild: |
341 |
+ arm stable, bug #511668 |
342 |
+ |
343 |
+ 03 Jun 2014; Jeroen Roovers <jer@g.o> openvpn-2.3.3.ebuild: |
344 |
+ Stable for HPPA (bug #511668). |
345 |
+ |
346 |
+*openvpn-2.3.4 (15 May 2014) |
347 |
+ |
348 |
+ 15 May 2014; Dirkjan Ochtman <djc@g.o> +openvpn-2.3.4.ebuild, |
349 |
+ openvpn-2.3.3.ebuild: |
350 |
+ Version bump openvpn to 2.3.4 (bug 510372) |
351 |
+ |
352 |
+ 22 Apr 2014; Dirkjan Ochtman <djc@g.o> |
353 |
+ -files/openvpn-2.2.2-pkcs11.patch, -files/openvpn-9999-pkcs11.patch, |
354 |
+ -openvpn-2.2.2.ebuild, -openvpn-2.3.0.ebuild: |
355 |
+ Remove old versions, patches. |
356 |
+ |
357 |
+*openvpn-2.3.3 (22 Apr 2014) |
358 |
+ |
359 |
+ 22 Apr 2014; Dirkjan Ochtman <djc@g.o> +openvpn-2.3.3.ebuild: |
360 |
+ Version bump openvpn to 2.3.3 (bug 507758). |
361 |
+ |
362 |
+ 26 Sep 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.2.ebuild: |
363 |
+ Stable for arm, wrt bug #484726 |
364 |
+ |
365 |
+ 25 Sep 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.2.ebuild: |
366 |
+ Stable for ppc, wrt bug #484726 |
367 |
+ |
368 |
+ 23 Sep 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.2.ebuild: |
369 |
+ Stable for sparc, wrt bug #484726 |
370 |
+ |
371 |
+ 23 Sep 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.2.ebuild: |
372 |
+ Stable for ppc64, wrt bug #484726 |
373 |
+ |
374 |
+ 23 Sep 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.2.ebuild: |
375 |
+ Stable for alpha, wrt bug #484726 |
376 |
+ |
377 |
+ 14 Sep 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.2.ebuild: |
378 |
+ Stable for x86, wrt bug #484726 |
379 |
+ |
380 |
+ 14 Sep 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.2.ebuild: |
381 |
+ Stable for amd64, wrt bug #484726 |
382 |
+ |
383 |
+ 14 Sep 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.2.ebuild: |
384 |
+ Stable for ia64, wrt bug #484726 |
385 |
+ |
386 |
+ 13 Sep 2013; Jeroen Roovers <jer@g.o> openvpn-2.3.2.ebuild: |
387 |
+ Stable for HPPA (bug #484726). |
388 |
+ |
389 |
+ 26 Aug 2013; Dirkjan Ochtman <djc@g.o> openvpn-2.3.2.ebuild: |
390 |
+ No dies needed here. |
391 |
+ |
392 |
+*openvpn-2.3.2 (10 Jun 2013) |
393 |
+ |
394 |
+ 10 Jun 2013; Dirkjan Ochtman <djc@g.o> +openvpn-2.3.2.ebuild: |
395 |
+ Version bump openvpn to 2.3.2 (bug 472542). |
396 |
+ |
397 |
+ 09 Jun 2013; Mike Frysinger <vapier@g.o> metadata.xml: |
398 |
+ Add upstream CPE tag (security info) from ChromiumOS. |
399 |
+ |
400 |
+ 09 Jun 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
401 |
+ Stable for sh, wrt bug #468756 |
402 |
+ |
403 |
+ 01 Jun 2013; Pacho Ramos <pacho@g.o> metadata.xml: |
404 |
+ Cleanup due bug #151880 |
405 |
+ |
406 |
+ 26 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
407 |
+ Stable for s390, wrt bug #468756 |
408 |
+ |
409 |
+ 20 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
410 |
+ Stable for s390, wrt bug #468364 |
411 |
+ |
412 |
+ 11 May 2013; Jeroen Roovers <jer@g.o> openvpn-2.3.1.ebuild: |
413 |
+ Stable for HPPA (bug #468756). |
414 |
+ |
415 |
+ 11 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
416 |
+ Stable for sparc, wrt bug #468756 |
417 |
+ |
418 |
+ 11 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
419 |
+ Stable for ppc, wrt bug #468756 |
420 |
+ |
421 |
+ 11 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
422 |
+ Stable for ppc64, wrt bug #468756 |
423 |
+ |
424 |
+ 11 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
425 |
+ Stable for ia64, wrt bug #468756 |
426 |
+ |
427 |
+ 11 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
428 |
+ Stable for arm, wrt bug #468756 |
429 |
+ |
430 |
+ 11 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
431 |
+ Stable for alpha, wrt bug #468756 |
432 |
+ |
433 |
+ 11 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
434 |
+ Stable for x86, wrt bug #468756 |
435 |
+ |
436 |
+ 11 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.1.ebuild: |
437 |
+ Stable for amd64, wrt bug #468756 |
438 |
+ |
439 |
+ 08 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
440 |
+ Stable for sh, wrt bug #468364 |
441 |
+ |
442 |
+ 08 May 2013; Jeroen Roovers <jer@g.o> openvpn-2.3.0.ebuild: |
443 |
+ Stable for HPPA (bug #468364). |
444 |
+ |
445 |
+ 07 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
446 |
+ Stable for ppc64, wrt bug #468364 |
447 |
+ |
448 |
+ 07 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
449 |
+ Stable for sparc, wrt bug #468364 |
450 |
+ |
451 |
+ 07 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
452 |
+ Stable for ia64, wrt bug #468364 |
453 |
+ |
454 |
+ 05 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
455 |
+ Stable for alpha, wrt bug #468364 |
456 |
+ |
457 |
+ 05 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
458 |
+ Stable for arm, wrt bug #468364 |
459 |
+ |
460 |
+ 03 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
461 |
+ Stable for ppc, wrt bug #468364 |
462 |
+ |
463 |
+ 03 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
464 |
+ Stable for x86, wrt bug #468364 |
465 |
+ |
466 |
+ 03 May 2013; Agostino Sarubbo <ago@g.o> openvpn-2.3.0.ebuild: |
467 |
+ Stable for amd64, wrt bug #468364 |
468 |
+ |
469 |
+ 03 May 2013; Dirkjan Ochtman <djc@g.o> openvpn-2.3.1.ebuild: |
470 |
+ Fix USE flag order for 2.3.1. |
471 |
+ |
472 |
+ 03 May 2013; Dirkjan Ochtman <djc@g.o> openvpn-9999.ebuild: |
473 |
+ Add polarssl for 9999 ebuild (thanks to josh.cepek@×××.net). |
474 |
+ |
475 |
+*openvpn-2.3.1 (03 May 2013) |
476 |
+ |
477 |
+ 03 May 2013; Dirkjan Ochtman <djc@g.o> +openvpn-2.3.1.ebuild: |
478 |
+ Version bump to 2.3.1, add polarssl support (bug 463984, thanks to |
479 |
+ josh.cepek@×××.net). |
480 |
+ |
481 |
+ 20 Feb 2013; Zac Medico <zmedico@g.o> openvpn-2.3.0.ebuild: |
482 |
+ Add ~arm-linux keyword. |
483 |
+ |
484 |
+ 09 Feb 2013; Dirkjan Ochtman <djc@g.o> files/up.sh: |
485 |
+ Add metric to openresolv if possible (thanks Alon Bar-Lev, bug 391175). |
486 |
+ |
487 |
+ 25 Jan 2013; Kacper Kowalik <xarthisius@g.o> +files/openvpn.service, |
488 |
+ +files/openvpn.tmpfile, openvpn-2.3.0.ebuild: |
489 |
+ Add unit and tmp file for systemd compatibility. Fixes bug 448884 |
490 |
+ |
491 |
+ 24 Jan 2013; Dirkjan Ochtman <djc@g.o> openvpn-2.3.0.ebuild: |
492 |
+ Emit message about split out easy-rsa. |
493 |
+ |
494 |
+ 12 Jan 2013; Dirkjan Ochtman <djc@g.o> openvpn-9999.ebuild: |
495 |
+ Update live ebuild with changes for 2.3.0 (bug 415995). |
496 |
+ |
497 |
+ 12 Jan 2013; Dirkjan Ochtman <djc@g.o> |
498 |
+ -files/openvpn-2.1_rc13-peercred.patch, -files/openvpn-2.1_rc20-pkcs11.patch, |
499 |
+ -openvpn-2.1.4.ebuild, -files/openvpn-2.2.0-pkcs11.patch, metadata.xml: |
500 |
+ Remove old versions and files. |
501 |
+ |
502 |
+*openvpn-2.3.0 (12 Jan 2013) |
503 |
+ |
504 |
+ 12 Jan 2013; Dirkjan Ochtman <djc@g.o> +openvpn-2.3.0.ebuild, |
505 |
+ metadata.xml: |
506 |
+ Version bump to 2.3.0 (bug 451376) with updated build system (bug 415995). |
507 |
+ |
508 |
+ 06 Jan 2013; Torsten Veller <tove@g.o> openvpn-2.2.2.ebuild: |
509 |
+ Drop duplicate arches from KEYWORDS |
510 |
+ |
511 |
+ 09 Sep 2012; Justin Lecher <jlec@g.o> openvpn-2.1.4.ebuild, |
512 |
+ openvpn-2.2.2.ebuild, openvpn-9999.ebuild: |
513 |
+ Drop unnessecary PN and '.' from DESCRIPTION |
514 |
+ |
515 |
+ 23 Aug 2012; Fabian Groffen <grobian@g.o> openvpn-2.2.2.ebuild, |
516 |
+ openvpn-9999.ebuild: |
517 |
+ Drop ~x86-macos, it doesn't compile, and we don't care enough to fix it |
518 |
+ |
519 |
+ 23 Aug 2012; Christoph Junghans <ottxor@g.o> openvpn-2.2.2.ebuild: |
520 |
+ added prefix keywords (bug #417519) |
521 |
+ |
522 |
+ 29 Jul 2012; Raúl Porcel <armin76@g.o> openvpn-2.2.2.ebuild: |
523 |
+ alpha/ia64/s390/sh/sparc stable wrt #415847 |
524 |
+ |
525 |
+ 01 Jun 2012; Zac Medico <zmedico@g.o> openvpn-2.1.4.ebuild, |
526 |
+ openvpn-2.2.2.ebuild, openvpn-9999.ebuild: |
527 |
+ inherit user for enewgroup and enewuser |
528 |
+ |
529 |
+ 27 May 2012; Markus Meier <maekke@g.o> openvpn-2.2.2.ebuild: |
530 |
+ arm stable, bug #415847 |
531 |
+ |
532 |
+ 23 May 2012; Jeroen Roovers <jer@g.o> openvpn-2.2.2.ebuild: |
533 |
+ Stable for HPPA (bug #415847). |
534 |
+ |
535 |
+ 23 May 2012; Brent Baude <ranger@g.o> openvpn-2.2.2.ebuild: |
536 |
+ Marking openvpn-2.2.2 ppc64 for bug 415847 |
537 |
+ |
538 |
+ 22 May 2012; Brent Baude <ranger@g.o> openvpn-2.2.2.ebuild: |
539 |
+ Marking openvpn-2.2.2 ppc for bug 415847 |
540 |
+ |
541 |
+ 18 May 2012; Jeff Horelick <jdhore@g.o> openvpn-2.2.2.ebuild: |
542 |
+ marked x86 per bug 415847 |
543 |
+ |
544 |
+ 14 May 2012; Agostino Sarubbo <ago@g.o> openvpn-2.2.2.ebuild: |
545 |
+ Stable for amd64, wrt bug #415847 |
546 |
+ |
547 |
+ 14 May 2012; Dirkjan Ochtman <djc@g.o> -openvpn-2.2.0-r1.ebuild: |
548 |
+ Remove old version. |
549 |
+ |
550 |
+ 14 May 2012; Dirkjan Ochtman <djc@g.o> openvpn-9999.ebuild: |
551 |
+ Update live ebuild to deal with new build system (thanks Alon Bar-Lev, bug |
552 |
+ 409577). |
553 |
+ |
554 |
+ 14 Apr 2012; Zac Medico <zmedico@g.o> openvpn-2.2.2.ebuild: |
555 |
+ Add ~amd64-linux keyword. |
556 |
+ |
557 |
+ 01 Mar 2012; Dirkjan Ochtman <djc@g.o> openvpn-9999.ebuild: |
558 |
+ Fix CVS header in live ebuild. |
559 |
+ |
560 |
+*openvpn-9999 (01 Mar 2012) |
561 |
+ |
562 |
+ 01 Mar 2012; Dirkjan Ochtman <djc@g.o> +openvpn-9999.ebuild, |
563 |
+ +files/openvpn-9999-pkcs11.patch: |
564 |
+ Add live ebuild (bug 385375). Thanks to Marcel Pennewiß. |
565 |
+ |
566 |
+ 23 Feb 2012; Christian Faulhammer <fauli@g.o> |
567 |
+ files/openvpn-2.1_rc20-pkcs11.patch, +files/openvpn-2.2.0-pkcs11.patch: |
568 |
+ Make patch application work again, see bug 404269 |
569 |
+ |
570 |
+ 17 Feb 2012; Dirkjan Ochtman <djc@g.o> openvpn-2.2.2.ebuild: |
571 |
+ Remove reference to old ipv6 use flag, bug 404137. |
572 |
+ |
573 |
+ 17 Feb 2012; Dirkjan Ochtman <djc@g.o> -openvpn-2.2.0.ebuild: |
574 |
+ Remove old version, fixing bug 401747. |
575 |
+ |
576 |
+ 16 Feb 2012; Dirkjan Ochtman <djc@g.o> openvpn-2.2.2.ebuild: |
577 |
+ Make 2.2.2 have +ssl (bug 404111). |
578 |
+ |
579 |
+*openvpn-2.2.2 (16 Feb 2012) |
580 |
+ |
581 |
+ 16 Feb 2012; Dirkjan Ochtman <djc@g.o> |
582 |
+ files/openvpn-2.1_rc20-pkcs11.patch, +openvpn-2.2.2.ebuild, |
583 |
+ +files/openvpn-2.2.2-pkcs11.patch: |
584 |
+ Version bump to 2.2.2 (bug 383537), some cleanups from darkside. |
585 |
+ |
586 |
+ 29 Jul 2011; Zac Medico <zmedico@g.o> openvpn-2.2.0-r1.ebuild: |
587 |
+ Add ~x86-linux keyword. |
588 |
+ |
589 |
+ 28 Jul 2011; Zac Medico <zmedico@g.o> openvpn-2.2.0-r1.ebuild: |
590 |
+ Fix for prefix. |
591 |
+ |
592 |
+*openvpn-2.2.0-r1 (01 May 2011) |
593 |
+ |
594 |
+ 01 May 2011; Dirkjan Ochtman <djc@g.o> +openvpn-2.2.0-r1.ebuild: |
595 |
+ Fix issues with docdir and remaining eurephia mentions (bug 365487). |
596 |
+ |
597 |
+ 30 Apr 2011; Dirkjan Ochtman <djc@g.o> openvpn-2.2.0.ebuild: |
598 |
+ Upgrade to EAPI=4 for 2.2.0, get rid of prepalldocs. |
599 |
+ |
600 |
+ 30 Apr 2011; Dirkjan Ochtman <djc@g.o> -openvpn-2.1.2.ebuild, |
601 |
+ -openvpn-2.1.3.ebuild: |
602 |
+ Remove old versions. |
603 |
+ |
604 |
+*openvpn-2.2.0 (30 Apr 2011) |
605 |
+ |
606 |
+ 30 Apr 2011; Dirkjan Ochtman <djc@g.o> +openvpn-2.2.0.ebuild: |
607 |
+ Version bump to 2.2.0, add ipv6 payload support (bug 335563). |
608 |
+ |
609 |
+ 21 Mar 2011; Kacper Kowalik <xarthisius@g.o> openvpn-2.1.4.ebuild: |
610 |
+ ppc/ppc64 stable wrt #354661 |
611 |
+ |
612 |
+ 20 Mar 2011; Raúl Porcel <armin76@g.o> openvpn-2.1.4.ebuild: |
613 |
+ s390/sh/sparc stable wrt #354661 |
614 |
+ |
615 |
+ 13 Mar 2011; Markus Meier <maekke@g.o> openvpn-2.1.4.ebuild: |
616 |
+ arm stable, bug #354661 |
617 |
+ |
618 |
+ 08 Mar 2011; Tobias Klausmann <klausman@g.o> openvpn-2.1.4.ebuild: |
619 |
+ Stable on alpha, bug #354661 |
620 |
+ |
621 |
+ 03 Mar 2011; Thomas Kahle <tomka@g.o> openvpn-2.1.4.ebuild: |
622 |
+ x86 stable per bug 354661 |
623 |
+ |
624 |
+ 21 Feb 2011; Jeroen Roovers <jer@g.o> openvpn-2.1.4.ebuild: |
625 |
+ Stable for HPPA (bug #354661). |
626 |
+ |
627 |
+ 13 Feb 2011; Markos Chandras <hwoarang@g.o> openvpn-2.1.4.ebuild: |
628 |
+ Stable on amd64 wrt bug #354661 |
629 |
+ |
630 |
+ 10 Jan 2011; Brent Baude <ranger@g.o> openvpn-2.1.3.ebuild: |
631 |
+ stable ppc, bug 342897 |
632 |
+ |
633 |
+ 28 Dec 2010; Brent Baude <ranger@g.o> openvpn-2.1.3.ebuild: |
634 |
+ stable ppc64, bug 342897 |
635 |
+ |
636 |
+*openvpn-2.1.4 (14 Dec 2010) |
637 |
+ |
638 |
+ 14 Dec 2010; Dirkjan Ochtman <djc@g.o> +openvpn-2.1.4.ebuild: |
639 |
+ Version bump to 2.1.4. |
640 |
+ |
641 |
+ 05 Dec 2010; Raúl Porcel <armin76@g.o> openvpn-2.1.3.ebuild: |
642 |
+ alpha/s390/sh/sparc stable wrt #342897 |
643 |
+ |
644 |
+ 03 Nov 2010; Markus Meier <maekke@g.o> openvpn-2.1.3.ebuild: |
645 |
+ arm stable, bug #342897 |
646 |
+ |
647 |
+ 03 Nov 2010; Pawel Hajdan jr <phajdan.jr@g.o> openvpn-2.1.3.ebuild: |
648 |
+ x86 stable wrt bug #342897 |
649 |
+ |
650 |
+ 29 Oct 2010; Jeroen Roovers <jer@g.o> openvpn-2.1.3.ebuild: |
651 |
+ Stable for HPPA (bug #342897). |
652 |
+ |
653 |
+ 28 Oct 2010; Markos Chandras <hwoarang@g.o> openvpn-2.1.3.ebuild: |
654 |
+ Stable on amd64 wrt bug #342897 |
655 |
+ |
656 |
+ 28 Oct 2010; Dirkjan Ochtman <djc@g.o> openvpn-2.1.3.ebuild: |
657 |
+ Fix QA issues for bug 342933. |
658 |
+ |
659 |
+ 27 Oct 2010; Dirkjan Ochtman <djc@g.o> +files/65openvpn, |
660 |
+ openvpn-2.1.3.ebuild: |
661 |
+ Add CONFIG_PROTECT for /usr/share/openvpn/easy-rsa, as suggested by |
662 |
+ hwoarang. |
663 |
+ |
664 |
+ 19 Oct 2010; Dirkjan Ochtman <djc@g.o> |
665 |
+ -files/openvpn-2.0.9-pam.patch, -files/openvpn-2.0.9-persistent.patch, |
666 |
+ -openvpn-2.1.0-r1.ebuild: |
667 |
+ Clean up cruft from old versions. |
668 |
+ |
669 |
+ 19 Oct 2010; Dirkjan Ochtman <djc@g.o> openvpn-2.1.3.ebuild: |
670 |
+ Update ebuild to use new path_exists function. |
671 |
+ |
672 |
+ 19 Oct 2010; Jeroen Roovers <jer@g.o> openvpn-2.1.2.ebuild: |
673 |
+ Stable for HPPA (bug #338919). |
674 |
+ |
675 |
+ 15 Oct 2010; Brent Baude <ranger@g.o> openvpn-2.1.2.ebuild: |
676 |
+ stable ppc, bug 338919 |
677 |
+ |
678 |
+ 12 Oct 2010; Dirkjan Ochtman <djc@g.o> openvpn-2.1.3.ebuild: |
679 |
+ Improved 2.1.3 ebuild; thanks to pva for the review. |
680 |
+ |
681 |
+ 12 Oct 2010; Raúl Porcel <armin76@g.o> openvpn-2.1.2.ebuild: |
682 |
+ alpha/arm/s390/sh/sparc stable wrt #338919 |
683 |
+ |
684 |
+ 06 Oct 2010; Markus Meier <maekke@g.o> openvpn-2.1.2.ebuild: |
685 |
+ x86 stable, bug #338919 |
686 |
+ |
687 |
+ 30 Sep 2010; Brent Baude <ranger@g.o> openvpn-2.1.2.ebuild: |
688 |
+ stable ppc64, bug 338919 |
689 |
+ |
690 |
+ 28 Sep 2010; Markos Chandras <hwoarang@g.o> openvpn-2.1.2.ebuild: |
691 |
+ Stable on amd64 wrt bug #338919 |
692 |
+ |
693 |
+*openvpn-2.1.3 (27 Sep 2010) |
694 |
+ |
695 |
+ 27 Sep 2010; Dirkjan Ochtman <djc@g.o> +openvpn-2.1.3.ebuild: |
696 |
+ Version bump to 2.1.3. |
697 |
+ |
698 |
+ 27 Sep 2010; Dirkjan Ochtman <djc@g.o> -openvpn-2.0.9.ebuild, |
699 |
+ -openvpn-2.1_rc15.ebuild: |
700 |
+ Clean up old versions. |
701 |
+ |
702 |
+ 07 Sep 2010; Joseph Jezak <josejx@g.o> openvpn-2.1.0-r1.ebuild, |
703 |
+ openvpn-2.1.2.ebuild: |
704 |
+ Change altivec fix to work on ppc64 as well. |
705 |
+ |
706 |
+ 06 Sep 2010; Brent Baude <ranger@g.o> openvpn-2.1.0-r1.ebuild: |
707 |
+ Marking openvpn-2.1.0-r1 ppc64 for bug 293894 |
708 |
+ |
709 |
+ 04 Sep 2010; Raúl Porcel <armin76@g.o> openvpn-2.1.0-r1.ebuild: |
710 |
+ alpha/s390/sh/sparc stable wrt #293894 |
711 |
+ |
712 |
+ 28 Aug 2010; Markus Meier <maekke@g.o> openvpn-2.1.0-r1.ebuild: |
713 |
+ arm stable, bug #293894 |
714 |
+ |
715 |
+ 25 Aug 2010; Jeroen Roovers <jer@g.o> openvpn-2.1.0-r1.ebuild: |
716 |
+ Stable for HPPA PPC (bug #293894). |
717 |
+ |
718 |
+ 24 Aug 2010; Pawel Hajdan jr <phajdan.jr@g.o> |
719 |
+ openvpn-2.1.0-r1.ebuild: |
720 |
+ x86 stable wrt security bug #293894 |
721 |
+ |
722 |
+ 23 Aug 2010; Markos Chandras <hwoarang@g.o> |
723 |
+ openvpn-2.1.0-r1.ebuild: |
724 |
+ Stable on amd64 wrt bug #293894 |
725 |
+ |
726 |
+ 23 Aug 2010; Dirkjan Ochtman <djc@g.o> openvpn-2.1.0-r1.ebuild, |
727 |
+ openvpn-2.1.2.ebuild: |
728 |
+ Get rid of useless threads flag. |
729 |
+ |
730 |
+*openvpn-2.1.2 (23 Aug 2010) |
731 |
+ |
732 |
+ 23 Aug 2010; Dirkjan Ochtman <djc@g.o> +openvpn-2.1.2.ebuild: |
733 |
+ Version bump to 2.1.2. |
734 |
+ |
735 |
+ 23 Aug 2010; Dirkjan Ochtman <djc@g.o> openvpn-2.1.0-r1.ebuild: |
736 |
+ Remove built_with_use, upgrade to EAPI=2. |
737 |
+ |
738 |
+ 23 Aug 2010; Dirkjan Ochtman <djc@g.o> -openvpn-2.0.6.ebuild, |
739 |
+ -openvpn-2.0.7-r2.ebuild, -files/openvpn-2.0.7-pam.patch, |
740 |
+ -files/openvpn-2.0.7-persistent.patch, -openvpn-2.1_rc19.ebuild, |
741 |
+ -openvpn-2.1_rc20.ebuild, -openvpn-2.1_rc21.ebuild: |
742 |
+ Clean up old versions. |
743 |
+ |
744 |
+ 23 Aug 2010; Dirkjan Ochtman <djc@g.o> metadata.xml: |
745 |
+ Add myself as a maintainer. |
746 |
+ |
747 |
+ 28 Feb 2010; Cédric Krier <cedk@g.o> files/openvpn-2.1.init, |
748 |
+ files/openvpn.init: |
749 |
+ Fix init scripts to work with tabs for bug #301619 |
750 |
+ |
751 |
+ 28 Feb 2010; Cédric Krier <cedk@g.o> openvpn-2.1.0-r1.ebuild: |
752 |
+ Filter out -maltivec on ppc for bug #293840 |
753 |
+ |
754 |
+*openvpn-2.1.0-r1 (29 Dec 2009) |
755 |
+ |
756 |
+ 29 Dec 2009; Cédric Krier <cedk@g.o> -openvpn-2.1.0.ebuild, |
757 |
+ +openvpn-2.1.0-r1.ebuild, -files/openvpn-2.1.0-stdbool.patch: |
758 |
+ Remove stdbool patch for bug #297854 |
759 |
+ |
760 |
+*openvpn-2.1.0 (19 Dec 2009) |
761 |
+ |
762 |
+ 19 Dec 2009; Cédric Krier <cedk@g.o> +openvpn-2.1.0.ebuild, |
763 |
+ +files/openvpn-2.1.0-stdbool.patch: |
764 |
+ Version bump and add patch for bug #293840 |
765 |
+ |
766 |
+*openvpn-2.1_rc21 (15 Nov 2009) |
767 |
+ |
768 |
+ 15 Nov 2009; Cédric Krier <cedk@g.o> +openvpn-2.1_rc21.ebuild: |
769 |
+ Version bump |
770 |
+ |
771 |
+ 10 Oct 2009; Cédric Krier <cedk@g.o> openvpn-2.1_rc20.ebuild, |
772 |
+ metadata.xml: |
773 |
+ Add eurephia patch for bug #272079 |
774 |
+ |
775 |
+*openvpn-2.1_rc20 (10 Oct 2009) |
776 |
+ |
777 |
+ 10 Oct 2009; Cédric Krier <cedk@g.o> +openvpn-2.1_rc20.ebuild, |
778 |
+ +files/openvpn-2.1_rc20-pkcs11.patch: |
779 |
+ Version bump with ipv6 patch for bug #287896 and patch for bug #273586 |
780 |
+ |
781 |
+ 10 Oct 2009; Cédric Krier <cedk@g.o> files/openvpn-2.1.init: |
782 |
+ Remove --nobind from init script for bug #282721 |
783 |
+ |
784 |
+ 10 Oct 2009; Raúl Porcel <armin76@g.o> openvpn-2.0.9.ebuild: |
785 |
+ sh/sparc stable wrt #272546 |
786 |
+ |
787 |
+ 10 Oct 2009; Raúl Porcel <armin76@g.o> openvpn-2.1_rc15.ebuild: |
788 |
+ s390/sh/sparc stable wrt #280072 |
789 |
+ |
790 |
+ 04 Oct 2009; Markus Meier <maekke@g.o> openvpn-2.1_rc15.ebuild: |
791 |
+ arm stable, bug #280072 |
792 |
+ |
793 |
+ 26 Sep 2009; Brent Baude <ranger@g.o> openvpn-2.1_rc15.ebuild: |
794 |
+ Marking openvpn-2.1_rc15 ppc64 for bug 280072 |
795 |
+ |
796 |
+ 29 Aug 2009; nixnut <nixnut@g.o> openvpn-2.1_rc15.ebuild: |
797 |
+ ppc stable #280072 |
798 |
+ |
799 |
+ 29 Aug 2009; nixnut <nixnut@g.o> openvpn-2.0.9.ebuild: |
800 |
+ ppc stable #272546 |
801 |
+ |
802 |
+ 28 Aug 2009; Tobias Klausmann <klausman@g.o> |
803 |
+ openvpn-2.1_rc15.ebuild: |
804 |
+ Stable on alpha, bug #280072 |
805 |
+ |
806 |
+ 19 Aug 2009; Jeroen Roovers <jer@g.o> openvpn-2.1_rc15.ebuild: |
807 |
+ Stable for HPPA (bug #280072). |
808 |
+ |
809 |
+ 05 Aug 2009; <chainsaw@g.o> openvpn-2.1_rc15.ebuild: |
810 |
+ Marked stable on AMD64 as requested by Cédric Krier <cedk@g.o> in |
811 |
+ bug #280072. Compile-tested on a Core2 Duo, no suitable network |
812 |
+ environment to test. |
813 |
+ |
814 |
+ 04 Aug 2009; Christian Faulhammer <fauli@g.o> |
815 |
+ openvpn-2.1_rc15.ebuild: |
816 |
+ stable x86, bug 280072 |
817 |
+ |
818 |
+*openvpn-2.1_rc19 (01 Aug 2009) |
819 |
+ |
820 |
+ 01 Aug 2009; Cédric Krier <cedk@g.o> +openvpn-2.1_rc19.ebuild: |
821 |
+ Version bump |
822 |
+ |
823 |
+ 28 Jun 2009; Brent Baude <ranger@g.o> openvpn-2.0.9.ebuild: |
824 |
+ Marking openvpn-2.0.9 ppc64 for bug 272546 |
825 |
+ |
826 |
+ 21 Jun 2009; Cédric Krier <cedk@g.o> openvpn-2.1_rc15.ebuild: |
827 |
+ Remove empty doc dir for bug #272994 |
828 |
+ |
829 |
+ 21 Jun 2009; Cédric Krier <cedk@g.o> openvpn-2.1_rc15.ebuild: |
830 |
+ Add missing -Wall for plugin |
831 |
+ |
832 |
+ 21 Jun 2009; Cédric Krier <cedk@g.o> openvpn-2.0.9.ebuild: |
833 |
+ Add missing missing file for easy-rsa for bug #273586 |
834 |
+ |
835 |
+ 21 Jun 2009; Cédric Krier <cedk@g.o> openvpn-2.1_rc15.ebuild: |
836 |
+ Fix CFLAGS and LDFLAGS in plugin for bug #263136 |
837 |
+ |
838 |
+ 11 Jun 2009; Jeroen Roovers <jer@g.o> openvpn-2.0.9.ebuild: |
839 |
+ Stable for HPPA (bug #272546). |
840 |
+ |
841 |
+ 07 Jun 2009; Tobias Klausmann <klausman@g.o> openvpn-2.0.9.ebuild: |
842 |
+ Stable on alpha, bug #272546 |
843 |
+ |
844 |
+ 07 Jun 2009; Markus Meier <maekke@g.o> openvpn-2.0.9.ebuild: |
845 |
+ amd64/x86 stable, bug #272546 |
846 |
+ |
847 |
+ 28 May 2009; Cédric Krier <cedk@g.o> openvpn-2.1_rc15.ebuild: |
848 |
+ Fix bad header and missing RDEPEND |
849 |
+ |
850 |
+ 28 May 2009; Cédric Krier <cedk@g.o> files/up.sh: |
851 |
+ Fix invalid resolv.conf when DOMAIN is empty for bug #269614 |
852 |
+ |
853 |
+ 15 Apr 2009; Cédric Krier <cedk@g.o> files/up.sh: |
854 |
+ Fix up.sh to add search for all domains for bug #259382 |
855 |
+ |
856 |
+*openvpn-2.1_rc15 (03 Jan 2009) |
857 |
+ |
858 |
+ 03 Jan 2009; Cédric Krier <cedk@g.o> -openvpn-2.1_rc13.ebuild, |
859 |
+ +openvpn-2.1_rc15.ebuild: |
860 |
+ Version bump |
861 |
+ |
862 |
+ 02 Nov 2008; Cédric Krier <cedk@g.o> |
863 |
+ +files/openvpn-2.1_rc13-peercred.patch, openvpn-2.1_rc13.ebuild: |
864 |
+ Add peercred patch for bug #245181 |
865 |
+ |
866 |
+*openvpn-2.1_rc13 (01 Nov 2008) |
867 |
+ |
868 |
+ 01 Nov 2008; Cédric Krier <cedk@g.o> |
869 |
+ -files/openvpn-2.1_rc9-tests.patch, -openvpn-2.1_rc9.ebuild, |
870 |
+ +openvpn-2.1_rc13.ebuild: |
871 |
+ Version bump |
872 |
+ |
873 |
+ 01 Nov 2008; Cédric Krier <cedk@g.o> files/openvpn-2.1.init: |
874 |
+ Fix init script for bug #234667 |
875 |
+ |
876 |
+ 28 Sep 2008; Cédric Krier <cedk@g.o> |
877 |
+ +files/openvpn-2.1_rc9-tests.patch, openvpn-2.1_rc9.ebuild: |
878 |
+ Add tests patch for bug #236877 |
879 |
+ |
880 |
+ 02 Aug 2008; Cédric Krier <cedk@g.o> files/openvpn-2.1.init: |
881 |
+ Add --script-security 2 for bug #233657 |
882 |
+ |
883 |
+*openvpn-2.1_rc9 (01 Aug 2008) |
884 |
+ |
885 |
+ 01 Aug 2008; Cédric Krier <cedk@g.o> |
886 |
+ -files/openvpn-2.1_rc7-tap.patch, -openvpn-2.1_rc7-r2.ebuild, |
887 |
+ +openvpn-2.1_rc9.ebuild: |
888 |
+ Version bump |
889 |
+ |
890 |
+*openvpn-2.0.9 (14 May 2008) |
891 |
+ |
892 |
+ 14 May 2008; Cédric Krier <cedk@g.o> |
893 |
+ +files/openvpn-2.0.9-pam.patch, +files/openvpn-2.0.9-persistent.patch, |
894 |
+ +openvpn-2.0.9.ebuild: |
895 |
+ Version bump |
896 |
+ |
897 |
+ 13 May 2008; Cédric Krier <cedk@g.o> metadata.xml: |
898 |
+ Take ownership, after Alon Bar-Lev left |
899 |
+ |
900 |
+*openvpn-2.1_rc7-r2 (18 Apr 2008) |
901 |
+ |
902 |
+ 18 Apr 2008; Alon Bar-Lev <alonbl@g.o> |
903 |
+ files/openvpn-2.1_rc7-tap.patch, -openvpn-2.1_rc7-r1.ebuild, |
904 |
+ +openvpn-2.1_rc7-r2.ebuild: |
905 |
+ Fix tun (again), bug#218129, thanks to Sigmatador |
906 |
+ |
907 |
+*openvpn-2.1_rc7-r1 (16 Apr 2008) |
908 |
+ |
909 |
+ 16 Apr 2008; Alon Bar-Lev <alonbl@g.o> |
910 |
+ files/openvpn-2.1_rc7-tap.patch, -openvpn-2.1_rc7.ebuild, |
911 |
+ +openvpn-2.1_rc7-r1.ebuild: |
912 |
+ Fix typeo in tun, bug#217956, thanks to Sigmatador |
913 |
+ |
914 |
+ 17 Feb 2008; Christoph Mende <angelos@g.o> openvpn-2.0.7-r2.ebuild: |
915 |
+ Stable on amd64, bug #209177 |
916 |
+ |
917 |
+ 12 Feb 2008; Raúl Porcel <armin76@g.o> openvpn-2.0.7-r2.ebuild: |
918 |
+ alpha/sparc stable wrt #209177 |
919 |
+ |
920 |
+*openvpn-2.1_rc7 (09 Feb 2008) |
921 |
+ |
922 |
+ 09 Feb 2008; Alon Bar-Lev <alonbl@g.o> |
923 |
+ -files/openvpn-2.1_rc4-ip6-mss.patch, |
924 |
+ -files/openvpn-2.1_rc6-iproute.patch, +files/openvpn-2.1_rc7-tap.patch, |
925 |
+ -openvpn-2.1_rc4-r2.ebuild, -openvpn-2.1_rc6-r1.ebuild, |
926 |
+ +openvpn-2.1_rc7.ebuild: |
927 |
+ Version bump, fix bug#209055 |
928 |
+ |
929 |
+ 08 Feb 2008; Tobias Scherbaum <dertobi123@g.o> |
930 |
+ openvpn-2.0.7-r2.ebuild: |
931 |
+ ppc stable, bug #209177 |
932 |
+ |
933 |
+ 07 Feb 2008; Jeroen Roovers <jer@g.o> openvpn-2.0.7-r2.ebuild: |
934 |
+ Stable for HPPA (bug #209177). |
935 |
+ |
936 |
+ 07 Feb 2008; Christian Faulhammer <opfer@g.o> |
937 |
+ openvpn-2.0.7-r2.ebuild: |
938 |
+ restrict tests if USE=ssl is not set |
939 |
+ |
940 |
+ 07 Feb 2008; Christian Faulhammer <opfer@g.o> |
941 |
+ openvpn-2.0.7-r2.ebuild: |
942 |
+ stable x86, bug 209177 |
943 |
+ |
944 |
+ 07 Feb 2008; Brent Baude <ranger@g.o> openvpn-2.0.7-r2.ebuild: |
945 |
+ stable ppc64, bug 209177 |
946 |
+ |
947 |
+ 30 Jan 2008; Alon Bar-Lev <alonbl@g.o> files/down.sh, files/up.sh: |
948 |
+ If SVCNAME does not exist avoid doing service magic |
949 |
+ |
950 |
+ 29 Jan 2008; Diego Pettenò <flameeyes@g.o> files/openvpn-2.1.init, |
951 |
+ files/openvpn.init: |
952 |
+ Fix init script dependencies to work without a boot runlevel. |
953 |
+ |
954 |
+*openvpn-2.1_rc6-r1 (25 Jan 2008) |
955 |
+ |
956 |
+ 25 Jan 2008; Alon Bar-Lev <alonbl@g.o> |
957 |
+ +files/openvpn-2.1_rc6-iproute.patch, -openvpn-2.1_rc6.ebuild, |
958 |
+ +openvpn-2.1_rc6-r1.ebuild: |
959 |
+ Fix iproute issue, bug#207320, thanks to Graham Murray |
960 |
+ |
961 |
+*openvpn-2.1_rc6 (24 Jan 2008) |
962 |
+ |
963 |
+ 24 Jan 2008; Alon Bar-Lev <alonbl@g.o> -openvpn-2.1_rc5.ebuild, |
964 |
+ +openvpn-2.1_rc6.ebuild: |
965 |
+ Version bump |
966 |
+ |
967 |
+*openvpn-2.1_rc5 (23 Jan 2008) |
968 |
+ |
969 |
+ 23 Jan 2008; Alon Bar-Lev <alonbl@g.o> +openvpn-2.1_rc5.ebuild: |
970 |
+ Version bump |
971 |
+ |
972 |
+ 21 Dec 2007; Alon Bar-Lev <alonbl@g.o> metadata.xml: |
973 |
+ Take ownership, after Roy left |
974 |
+ |
975 |
+ 25 Sep 2007; Roy Marples <uberlord@g.o> files/openvpn-2.1.conf, |
976 |
+ files/openvpn-2.1.init, files/down.sh, files/up.sh: |
977 |
+ PEER_DNS now allows OpenVPN to create /etc/resolv.conf or not, #193668 |
978 |
+ |
979 |
+ 25 Sep 2007; Roy Marples <uberlord@g.o> files/down.sh, files/up.sh: |
980 |
+ Pass parameters to service specific scripts, #193724 thanks to Sergiy Borodych |
981 |
+ |
982 |
+ 15 Sep 2007; Roy Marples <uberlord@g.o> |
983 |
+ -files/openvpn-2.0.4-darwin.patch, openvpn-2.0.6.ebuild, |
984 |
+ openvpn-2.0.7-r2.ebuild, openvpn-2.1_rc4-r2.ebuild: |
985 |
+ ppc-macos keyword and patch dropped |
986 |
+ |
987 |
+*openvpn-2.1_rc4-r2 (16 Aug 2007) |
988 |
+ |
989 |
+ 16 Aug 2007; Roy Marples <uberlord@g.o> |
990 |
+ +files/openvpn-2.1_rc4-ip6-mss.patch, +openvpn-2.1_rc4-r2.ebuild: |
991 |
+ Add a patch to fix mss for IPv6. |
992 |
+ |
993 |
+ 09 Jul 2007; Roy Marples <uberlord@g.o> openvpn-2.1_rc4.ebuild, |
994 |
+ openvpn-2.1_rc4-r1.ebuild: |
995 |
+ Remove BSD warning about MTU as it no longer applies (I think) |
996 |
+ |
997 |
+ 08 Jul 2007; Roy Marples <uberlord@g.o> files/openvpn-2.1.conf, |
998 |
+ files/openvpn-2.1.init: |
999 |
+ RE_ENTER config variable allows custom up/down scripts to re-enter openvpn. |
1000 |
+ Should fix #133107. |
1001 |
+ |
1002 |
+*openvpn-2.1_rc4-r1 (29 Jun 2007) |
1003 |
+ |
1004 |
+ 29 Jun 2007; Roy Marples <uberlord@g.o> +files/openvpn-2.1.conf, |
1005 |
+ files/openvpn-2.1.init, +openvpn-2.1_rc4-r1.ebuild: |
1006 |
+ DETECT_CLIENT config directive now controls init script behaviour, #181000. |
1007 |
+ IPv6 support added, #183457 thanks to Marcel Pennewiß. |
1008 |
+ |
1009 |
+ 08 Jun 2007; Joshua Kinard <kumba@g.o> openvpn-2.0.7-r2.ebuild: |
1010 |
+ Marked unstable on mips, per #181074. |
1011 |
+ |
1012 |
+*openvpn-2.1_rc4 (26 Apr 2007) |
1013 |
+ |
1014 |
+ 26 Apr 2007; Roy Marples <uberlord@g.o> +openvpn-2.1_rc4.ebuild: |
1015 |
+ Bump, fixes #176001 thanks to boris64. |
1016 |
+ |
1017 |
+ 16 Apr 2007; Roy Marples <uberlord@g.o> |
1018 |
+ +files/openvpn-2.1_rc2-freebsd.patch, openvpn-2.0.6.ebuild, |
1019 |
+ openvpn-2.0.7.ebuild, openvpn-2.0.7-r1.ebuild, openvpn-2.0.7-r2.ebuild, |
1020 |
+ openvpn-2.1_rc2.ebuild: |
1021 |
+ static USE flag now does what it says on the tin, #174786 |
1022 |
+ thanks to Michael Gisbers. |
1023 |
+ Added a patch to clean up compile and install on FreeBSD. |
1024 |
+ |
1025 |
+ 09 Mar 2007; Roy Marples <uberlord@g.o> files/openvpn-2.1.init: |
1026 |
+ Hide ifconfig errors on FreeBSD. |
1027 |
+ Use printf instead of echo -e so we work on all POSIX shells. |
1028 |
+ |
1029 |
+*openvpn-2.1_rc2 (04 Mar 2007) |
1030 |
+ |
1031 |
+ 04 Mar 2007; Roy Marples <uberlord@g.o> +openvpn-2.1_rc2.ebuild: |
1032 |
+ Bumpage. |
1033 |
+ |
1034 |
+*openvpn-2.1_rc1-r2 (23 Feb 2007) |
1035 |
+*openvpn-2.0.7-r2 (23 Feb 2007) |
1036 |
+ |
1037 |
+ 23 Feb 2007; Roy Marples <uberlord@g.o> files/openvpn-2.1.init, |
1038 |
+ files/down.sh, files/openvpn.init, files/up.sh, +openvpn-2.0.7-r2.ebuild, |
1039 |
+ +openvpn-2.1_rc1-r2.ebuild: |
1040 |
+ Init scripts no longer require bash. |
1041 |
+ |
1042 |
+ 07 Feb 2007; Roy Marples <uberlord@g.o> files/down.sh, files/up.sh: |
1043 |
+ up.sh and down.sh no longer require bash. |
1044 |
+ |
1045 |
+ 05 Jan 2007; Diego Pettenò <flameeyes@g.o> openvpn-2.0.6.ebuild, |
1046 |
+ openvpn-2.0.7.ebuild, openvpn-2.0.7-r1.ebuild, openvpn-2.1_rc1.ebuild, |
1047 |
+ openvpn-2.1_rc1-r1.ebuild: |
1048 |
+ Remove gnuconfig_update usage, leave it to econf. |
1049 |
+ |
1050 |
+*openvpn-2.1_rc1-r1 (08 Nov 2006) |
1051 |
+*openvpn-2.0.7-r1 (08 Nov 2006) |
1052 |
+ |
1053 |
+ 08 Nov 2006; Roy Marples <uberlord@g.o> |
1054 |
+ +files/openvpn-2.0.7-persistent.patch, |
1055 |
+ +files/openvpn-2.1_rc1-persistent.patch, +openvpn-2.0.7-r1.ebuild, |
1056 |
+ +openvpn-2.1_rc1-r1.ebuild: |
1057 |
+ Added patches to enable txqueuelen when making a persistent interface, #150791 |
1058 |
+ |
1059 |
+ 06 Nov 2006; Roy Marples <uberlord@g.o> openvpn-2.0.6.ebuild, |
1060 |
+ openvpn-2.0.7.ebuild, -openvpn-2.1_beta15.ebuild, openvpn-2.1_rc1.ebuild: |
1061 |
+ die if iproute2 support was requested, but built with the minimal USE flag. |
1062 |
+ Fixes #154191 thanks to Martin Scherer. |
1063 |
+ |
1064 |
+*openvpn-2.1_rc1 (02 Nov 2006) |
1065 |
+ |
1066 |
+ 02 Nov 2006; Roy Marples <uberlord@g.o> +openvpn-2.1_rc1.ebuild: |
1067 |
+ New upstream version. |
1068 |
+ |
1069 |
+ 01 Nov 2006; Roy Marples <uberlord@g.o> files/openvpn-2.1.init, |
1070 |
+ files/up.sh: |
1071 |
+ Ensure we work with all bash versions. |
1072 |
+ |
1073 |
+ 17 Oct 2006; Roy Marples <uberlord@g.o> openvpn-2.0.7.ebuild, |
1074 |
+ openvpn-2.1_beta15.ebuild: |
1075 |
+ Added ~sparc-fbsd keyword. |
1076 |
+ |
1077 |
+ 14 Oct 2006; Roy Marples <uberlord@g.o> files/openvpn-2.1.init: |
1078 |
+ Quiet stopping. |
1079 |
+ |
1080 |
+ 11 Oct 2006; Roy Marples <uberlord@g.o> |
1081 |
+ +files/openvpn-2.0.7-pam.patch, openvpn-2.0.7.ebuild, |
1082 |
+ openvpn-2.1_beta15.ebuild: |
1083 |
+ Add a patch so we work with both LinuxPAM and OpenPAM correctly. |
1084 |
+ |
1085 |
+ 05 Oct 2006; Markus Rothe <corsair@g.o> openvpn-2.1_beta15.ebuild: |
1086 |
+ Added ~ppc64 |
1087 |
+ |
1088 |
+ 13 Sep 2006; Roy Marples <uberlord@g.o> -openvpn-2.1_beta14.ebuild, |
1089 |
+ openvpn-2.1_beta15.ebuild: |
1090 |
+ Fix plugin install, #147308 again. |
1091 |
+ |
1092 |
+*openvpn-2.1_beta15 (12 Sep 2006) |
1093 |
+ |
1094 |
+ 12 Sep 2006; Roy Marples <uberlord@g.o> files/up.sh, |
1095 |
+ +openvpn-2.1_beta15.ebuild: |
1096 |
+ Version bump, #147308 thanks to Alon Bar-Lev. |
1097 |
+ Fix up.sh for FreeBSD. |
1098 |
+ |
1099 |
+ 10 Sep 2006; Roy Marples <uberlord@g.o> files/openvpn-2.1.init: |
1100 |
+ Add FreeBSD support |
1101 |
+ |
1102 |
+ 08 Jul 2006; Markus Rothe <corsair@g.o> openvpn-2.0.6.ebuild: |
1103 |
+ Stable on ppc64 |
1104 |
+ |
1105 |
+ 06 Jul 2006; Roy Marples <uberlord@g.o> files/openvpn-2.1.init, |
1106 |
+ files/openvpn.init: |
1107 |
+ Allow periods in config names, #139454 thanks to Ed Catmur. |
1108 |
+ |
1109 |
+*openvpn-2.0.7 (29 Jun 2006) |
1110 |
+ |
1111 |
+ 29 Jun 2006; Roy Marples <uberlord@g.o> +openvpn-2.0.7.ebuild: |
1112 |
+ Bump, #138250, thanks to Armando Di Cianno. |
1113 |
+ |
1114 |
+ 15 May 2006; Brent Baude <ranger@g.o> openvpn-2.0.6.ebuild: |
1115 |
+ Marking openvpn-2.0.6 ~ppc64 per bug request 133417 |
1116 |
+ |
1117 |
+ 12 May 2006; Roy Marples <uberlord@g.o> files/down.sh, files/up.sh: |
1118 |
+ up.sh and down.sh now save and restore resolv.conf if we don't |
1119 |
+ have resolvconf installed, #132932. |
1120 |
+ |
1121 |
+ 10 May 2006; Roy Marples <uberlord@g.o> openvpn-2.1_beta14.ebuild, |
1122 |
+ files/up.sh: |
1123 |
+ up.sh no longer overwrites resolv.conf if no dns |
1124 |
+ information has been given to us by openvpn. |
1125 |
+ |
1126 |
+ Dropped the smartcard USE flag and opensc dependency as requested by the |
1127 |
+ openvpn pcks11 patch author Alon Bar-Lev, #118435. |
1128 |
+ |
1129 |
+*openvpn-2.1_beta14 (09 May 2006) |
1130 |
+ |
1131 |
+ 09 May 2006; Roy Marples <uberlord@g.o> +files/openvpn-2.1.init, |
1132 |
+ +files/down.sh, +files/up.sh, +openvpn-2.1_beta14.ebuild: |
1133 |
+ New upstream beta release with smartcard support (#118435). |
1134 |
+ We now add an openvpn user/group so you can drop root if you wish (#120425). |
1135 |
+ |
1136 |
+ If you use the remote keyword in your config then you are deemed to be a |
1137 |
+ client and we force our up/down scripts to be used. These scripts start/stop |
1138 |
+ any services depending on openvpn AND apply any DNS information to resolvconf |
1139 |
+ or /etc/resolv.conf directly if resolvconf is not installed. |
1140 |
+ |
1141 |
+ 05 May 2006; Roy Marples <uberlord@g.o> files/openvpn.init: |
1142 |
+ Tweak init script to start before netmount. |
1143 |
+ |
1144 |
+ 24 Apr 2006; Roy Marples <uberlord@g.o> -openvpn-2.0.5-r2.ebuild, |
1145 |
+ openvpn-2.0.6.ebuild: |
1146 |
+ Stop installing INSTALL document. |
1147 |
+ |
1148 |
+ 09 Apr 2006; Fabian Groffen <grobian@g.o> openvpn-2.0.6.ebuild: |
1149 |
+ Marked ppc-macos stable (bug #128888) |
1150 |
+ |
1151 |
+ 08 Apr 2006; Bryan Østergaard <kloeri@g.o openvpn-2.0.6.ebuild: |
1152 |
+ Stable on alpha, bug 128888. |
1153 |
+ |
1154 |
+ 07 Apr 2006; Rene Nussbaumer <killerfox@g.o> openvpn-2.0.6.ebuild: |
1155 |
+ Stable on hppa. See bug #128888. |
1156 |
+ |
1157 |
+ 05 Apr 2006; Andrej Kacian <ticho@g.o> openvpn-2.0.6.ebuild: |
1158 |
+ Stable on x86, bug #128888. |
1159 |
+ |
1160 |
+ 05 Apr 2006; Patrick McLean <chutzpah@g.o> openvpn-2.0.6.ebuild: |
1161 |
+ Stable on amd64 (bug 128888). |
1162 |
+ |
1163 |
+ 05 Apr 2006; Gustavo Zacarias <gustavoz@g.o> openvpn-2.0.6.ebuild: |
1164 |
+ Stable on sparc wrt security #128888 |
1165 |
+ |
1166 |
+ 05 Apr 2006; Tobias Scherbaum <dertobi123@g.o> |
1167 |
+ openvpn-2.0.6.ebuild: |
1168 |
+ ppc stable, bug #128888 |
1169 |
+ |
1170 |
+*openvpn-2.0.6 (05 Apr 2006) |
1171 |
+ |
1172 |
+ 05 Apr 2006; Roy Marples <uberlord@g.o> +openvpn-2.0.6.ebuild: |
1173 |
+ New upstream release. |
1174 |
+ |
1175 |
+ 08 Feb 2006; Roy Marples <uberlord@g.o> openvpn-2.0.5-r2.ebuild: |
1176 |
+ Marking stable on ppc-macos so I can punt older versions, #117111. |
1177 |
+ It's just an init script anyway, so shouldn't affect things. |
1178 |
+ |
1179 |
+ 07 Feb 2006; Aron Griffis <agriffis@g.o> openvpn-2.0.5-r2.ebuild: |
1180 |
+ Mark 2.0.5-r2 stable on alpha |
1181 |
+ |
1182 |
+ 05 Feb 2006; Guy Martin <gmsoft@g.o> openvpn-2.0.5-r2.ebuild: |
1183 |
+ Stable on hppa. |
1184 |
+ |
1185 |
+ 08 Jan 2006; Carsten Lohrke <carlo@g.o> metadata.xml: |
1186 |
+ One maintainer retired, one left. |
1187 |
+ |
1188 |
+ 05 Jan 2006; Simon Stelling <blubb@g.o> openvpn-2.0.5-r2.ebuild: |
1189 |
+ stable on amd64 |
1190 |
+ |
1191 |
+ 02 Jan 2006; Michael Hanselmann <hansmi@g.o> |
1192 |
+ openvpn-2.0.5-r2.ebuild: |
1193 |
+ Stable on ppc. |
1194 |
+ |
1195 |
+ 30 Dec 2005; Roy Marples <uberlord@g.o> openvpn-2.0.5-r2.ebuild: |
1196 |
+ Stable on x86, #117111. |
1197 |
+ |
1198 |
+ 30 Dec 2005; Gustavo Zacarias <gustavoz@g.o> |
1199 |
+ openvpn-2.0.5-r2.ebuild: |
1200 |
+ Stable on sparc wrt #117111 |
1201 |
+ |
1202 |
+ 08 Nov 2005; Roy Marples <uberlord@g.o> -openvpn-2.0.1.ebuild, |
1203 |
+ -openvpn-2.0.2.ebuild, -openvpn-2.0.2-r3.ebuild, -openvpn-2.0.4-r1.ebuild, |
1204 |
+ -openvpn-2.0.4-r2.ebuild, -openvpn-2.0.5-r1.ebuild: |
1205 |
+ Punted a few versions. |
1206 |
+ |
1207 |
+*openvpn-2.0.5-r2 (06 Nov 2005) |
1208 |
+ |
1209 |
+ 06 Nov 2005; Roy Marples <uberlord@g.o> openvpn-2.0.5.ebuild, |
1210 |
+ +openvpn-2.0.5-r2.ebuild: |
1211 |
+ easyrsa pkitool is now installed, #111635. |
1212 |
+ easyrsa no longer gets installed when minimum USE flag is set. |
1213 |
+ |
1214 |
+ 06 Nov 2005; Simon Stelling <blubb@g.o> openvpn-2.0.5.ebuild: |
1215 |
+ stable on amd64 wrt bug 111116 |
1216 |
+ |
1217 |
+ 05 Nov 2005; Bryan Østergaard <kloeri@g.o> openvpn-2.0.5.ebuild: |
1218 |
+ Stable on alpha, bug 111116. |
1219 |
+ |
1220 |
+ 04 Nov 2005; Gustavo Zacarias <gustavoz@g.o> openvpn-2.0.5.ebuild: |
1221 |
+ Stable on sparc wrt #111116 |
1222 |
+ |
1223 |
+ 04 Nov 2005; Fabian Groffen <grobian@g.o> openvpn-2.0.5.ebuild: |
1224 |
+ Marked ppc-macos for bug #111116 (again) |
1225 |
+ |
1226 |
+ 04 Nov 2005; Mark Loeser <halcy0n@g.o> openvpn-2.0.5.ebuild: |
1227 |
+ Stable on x86; bug #111116 |
1228 |
+ |
1229 |
+ 03 Nov 2005; Michael Hanselmann <hansmi@g.o> openvpn-2.0.5.ebuild: |
1230 |
+ Stable on ppc. See bug #111116. |
1231 |
+ |
1232 |
+*openvpn-2.0.5-r1 (03 Nov 2005) |
1233 |
+*openvpn-2.0.5 (03 Nov 2005) |
1234 |
+ |
1235 |
+ 03 Nov 2005; Roy Marples <uberlord@g.o> +openvpn-2.0.5.ebuild, |
1236 |
+ +openvpn-2.0.5-r1.ebuild: |
1237 |
+ Version bump - fixes some serious issues 2.0.4 had |
1238 |
+ 2.0.5 has old init script |
1239 |
+ 2.0.5-r1 has new init script |
1240 |
+ |
1241 |
+ 03 Nov 2005; Roy Marples <uberlord@g.o> openvpn-2.0.4-r1.ebuild, |
1242 |
+ openvpn-2.0.4-r2.ebuild: |
1243 |
+ easy-rsa now gets installed properly, #111351 |
1244 |
+ |
1245 |
+ 03 Nov 2005; Gustavo Zacarias <gustavoz@g.o> |
1246 |
+ openvpn-2.0.4-r1.ebuild: |
1247 |
+ Stable on sparc wrt #111116 |
1248 |
+ |
1249 |
+ 02 Nov 2005; Fabian Groffen <grobian@g.o> |
1250 |
+ +files/openvpn-2.0.4-darwin.patch, openvpn-2.0.4-r1.ebuild, |
1251 |
+ openvpn-2.0.4-r2.ebuild: |
1252 |
+ Fixed compilation problem on Darwin and marked ppc-macos (bug #111116) |
1253 |
+ |
1254 |
+*openvpn-2.0.4-r2 (02 Nov 2005) |
1255 |
+*openvpn-2.0.4-r1 (02 Nov 2005) |
1256 |
+ |
1257 |
+ 02 Nov 2005; Roy Marples <uberlord@g.o> -openvpn-2.0.4.ebuild, |
1258 |
+ +openvpn-2.0.4-r1.ebuild, +openvpn-2.0.4-r2.ebuild: |
1259 |
+ 2.0.4 removed as it had the new init script |
1260 |
+ 2.0.4-r1 added with old init script |
1261 |
+ 2.0.4-r2 added with new init script |
1262 |
+ |
1263 |
+ 02 Nov 2005; Roy Marples <uberlord@g.o> openvpn-2.0.4.ebuild: |
1264 |
+ Fixed pam issue when building plugins, #111267 |
1265 |
+ |
1266 |
+ 02 Nov 2005; Michael Hanselmann <hansmi@g.o> openvpn-2.0.4.ebuild: |
1267 |
+ Stable on ppc. |
1268 |
+ |
1269 |
+ 02 Nov 2005; Andrej Kacian <ticho@g.o> openvpn-2.0.4.ebuild: |
1270 |
+ Stable on x86, security bug #111116. |
1271 |
+ |
1272 |
+*openvpn-2.0.4 (02 Nov 2005) |
1273 |
+ |
1274 |
+ 02 Nov 2005; Roy Marples <uberlord@g.o> metadata.xml, |
1275 |
+ +openvpn-2.0.4.ebuild: |
1276 |
+ Added myself as a maintainer until luckyduck comes back online |
1277 |
+ |
1278 |
+ Version bump, wrt bug #111116 |
1279 |
+ |
1280 |
+ Examples flag really now works, #100943 |
1281 |
+ |
1282 |
+ init script now appends the --cd option only when the same option |
1283 |
+ is not specified in the config file, #109363 |
1284 |
+ |
1285 |
+ 15 Oct 2005; Roy Marples <uberlord@g.o> openvpn-2.0.2-r3.ebuild: |
1286 |
+ plugins now really install to /usr/lib/openvpn |
1287 |
+ |
1288 |
+*openvpn-2.0.2-r3 (14 Oct 2005) |
1289 |
+ |
1290 |
+ 14 Oct 2005; Roy Marples <uberlord@g.o> files/openvpn.init, |
1291 |
+ -openvpn-2.0.2-r2.ebuild, +openvpn-2.0.2-r3.ebuild: |
1292 |
+ init script now modprobes tun if /dev/tun does not exist and errors |
1293 |
+ if tun/tap support is not enabled in the kernel |
1294 |
+ |
1295 |
+ iproute2 USE flag fixed as --disable-iproute2 also enables it in the Makefile |
1296 |
+ |
1297 |
+*openvpn-2.0.2-r2 (14 Oct 2005) |
1298 |
+ |
1299 |
+ 14 Oct 2005; Roy Marples <uberlord@g.o> files/openvpn.init, |
1300 |
+ -openvpn-2.0.2-r1.ebuild, +openvpn-2.0.2-r2.ebuild: |
1301 |
+ Rev bump for new init script which stops properly on baselayout-1.11 and |
1302 |
+ earlier. |
1303 |
+ |
1304 |
+ 14 Oct 2005; Roy Marples <uberlord@g.o> openvpn-2.0.2-r1.ebuild: |
1305 |
+ Added net-tools as a dependency if iproute2 USE flag is not used. |
1306 |
+ |
1307 |
+*openvpn-2.0.2-r1 (13 Oct 2005) |
1308 |
+ |
1309 |
+ 13 Oct 2005; Roy Marples <uberlord@g.o> +files/openvpn.init, |
1310 |
+ +openvpn-2.0.2-r1.ebuild: |
1311 |
+ New init script which allows more granular control of seperate vpns, #105439 |
1312 |
+ Install all docs, #100943 |
1313 |
+ new iproute2 USE flag, #98782 thanks to Sean Lynn |
1314 |
+ new static USE flag, #105479 thanks to Clemens Noss |
1315 |
+ new minimal USE flag which decides to build bundled plugins or not, #103711 |
1316 |
+ |
1317 |
+*openvpn-2.0.2 (19 Sep 2005) |
1318 |
+ |
1319 |
+ 19 Sep 2005; Seemant Kulleen <seemant@g.o> -openvpn-2.0.ebuild, |
1320 |
+ -openvpn-2.0-r1.ebuild, +openvpn-2.0.2.ebuild: |
1321 |
+ version bump to newest upstream release. wfm, and luckyduck is missing. |
1322 |
+ Closes bug #103913 |
1323 |
+ |
1324 |
+ 15 Sep 2005; Aron Griffis <agriffis@g.o> openvpn-2.0.1.ebuild: |
1325 |
+ Mark 2.0.1 stable on alpha |
1326 |
+ |
1327 |
+ 30 Aug 2005; Gustavo Zacarias <gustavoz@g.o> openvpn-2.0.1.ebuild: |
1328 |
+ Stable on sparc wrt #102871 |
1329 |
+ |
1330 |
+ 24 Aug 2005; Olivier Crête <tester@g.o> openvpn-2.0.1.ebuild: |
1331 |
+ Stable on x86 per security bug #102871 |
1332 |
+ |
1333 |
+ 21 Aug 2005; Fabian Groffen <grobian@g.o> openvpn-2.0.1.ebuild: |
1334 |
+ Stable on ppc-macos (bug #102871) |
1335 |
+ |
1336 |
+ 21 Aug 2005; Michael Hanselmann <hansmi@g.o> openvpn-2.0.1.ebuild: |
1337 |
+ Stable on ppc. |
1338 |
+ |
1339 |
+ 21 Aug 2005; Luis Medinas <metalgod@g.o> openvpn-2.0.1.ebuild: |
1340 |
+ Marked Stable on AMD64. Fixes bug #102871. |
1341 |
+ |
1342 |
+*openvpn-2.0.1 (21 Aug 2005) |
1343 |
+ |
1344 |
+ 21 Aug 2005; petre rodan <kaiowas@g.o> +openvpn-2.0.1.ebuild: |
1345 |
+ version bump as per security bug #102871; added selinux RDEPEND |
1346 |
+ |
1347 |
+ 25 Jun 2005; Jan Brinkmann <luckyduck@g.o> openvpn-2.0-r1.ebuild: |
1348 |
+ -r1 installs the initscript again, fixes #96855. |
1349 |
+ |
1350 |
+ 18 Jun 2005; Jason Wever <weeve@g.o> openvpn-2.0.ebuild: |
1351 |
+ Stable on SPARC. |
1352 |
+ |
1353 |
+ 09 Jun 2005; Jan Brinkmann <luckyduck@g.o> openvpn-2.0-r1.ebuild: |
1354 |
+ Minor fixes. |
1355 |
+ |
1356 |
+*openvpn-2.0-r1 (30 May 2005) |
1357 |
+ |
1358 |
+ 30 May 2005; Jan Brinkmann <luckyduck@g.o> files/openvpn, |
1359 |
+ +openvpn-2.0-r1.ebuild: |
1360 |
+ make use of our initscript again, fixes #94350. the initscript now supports |
1361 |
+ checking if a connection is already online, see #92369 for details. thanks |
1362 |
+ to Christian Hesse <mail@×××××××××.de> for the suggestion. |
1363 |
+ |
1364 |
+ 28 May 2005; Jan Brinkmann <luckyduck@g.o> openvpn-2.0.ebuild: |
1365 |
+ stable on amd64, ppc and x86 |
1366 |
+ |
1367 |
+ 07 May 2005; Jeffrey Forman <jforman@g.o> openvpn-1.6.0.ebuild: |
1368 |
+ openvpn-1.6.0 stable on sparc |
1369 |
+ |
1370 |
+ 01 May 2005; Jan Brinkmann <luckyduck@g.o> openvpn-1.5.0-r1.ebuild, |
1371 |
+ openvpn-1.6.0.ebuild: |
1372 |
+ marked 1.6.0 stable on amd64 and x86, some cosmetic changes. |
1373 |
+ |
1374 |
+ 29 Apr 2005; Jan Brinkmann <luckyduck@g.o> metadata.xml: |
1375 |
+ herd -> secure-tunneling |
1376 |
+ |
1377 |
+ 29 Apr 2005; Jan Brinkmann <luckyduck@g.o> openvpn-2.0.ebuild: |
1378 |
+ added a compatibility warning. |
1379 |
+ |
1380 |
+*openvpn-2.0 (29 Apr 2005) |
1381 |
+ |
1382 |
+ 29 Apr 2005; Jan Brinkmann <luckyduck@g.o> metadata.xml, |
1383 |
+ -openvpn-1.1.0.ebuild, -openvpn-1.3.1.ebuild, -openvpn-1.3.2.ebuild, |
1384 |
+ -openvpn-1.3.2-r1.ebuild, -openvpn-1.4.2.ebuild, -openvpn-1.5.0.ebuild, |
1385 |
+ +openvpn-2.0.ebuild: |
1386 |
+ added ebuild for 2.0, fixes #50767. also updated metadata.xml, took over |
1387 |
+ maintainership. did some cleanup, removed older versions. introduced support |
1388 |
+ for the examples useflag. |
1389 |
+ |
1390 |
+ 05 Feb 2005; <solar@g.o> openvpn-1.5.0-r1.ebuild, |
1391 |
+ openvpn-1.6.0.ebuild: |
1392 |
+ - q/a fix. os-headers are not needed in RDEPEND |
1393 |
+ |
1394 |
+ 23 Jan 2005; Daniel Black <dragonheart@g.o> openvpn-1.5.0-r1.ebuild, |
1395 |
+ openvpn-1.6.0.ebuild: |
1396 |
+ threads is now a global use flags. Changed pthreads to threads. |
1397 |
+ |
1398 |
+ 29 Dec 2004; Ciaran McCreesh <ciaranm@g.o> : |
1399 |
+ Change encoding to UTF-8 for GLEP 31 compliance |
1400 |
+ |
1401 |
+ 18 Dec 2004; Simon Stelling <blubb@g.o> openvpn-1.6.0.ebuild: |
1402 |
+ added ~amd64 |
1403 |
+ |
1404 |
+ 24 Nov 2004; Kito <kito@g.o> openvpn-1.6.0.ebuild: |
1405 |
+ added ~ppc-macos. closes bug Bug 72324 |
1406 |
+ |
1407 |
+ 17 Oct 2004; <solar@g.o> openvpn-1.5.0-r1.ebuild, |
1408 |
+ openvpn-1.6.0.ebuild: |
1409 |
+ added gnuconfig_update for bug #61187 |
1410 |
+ |
1411 |
+*openvpn-1.6.0 (02 Oct 2004) |
1412 |
+ |
1413 |
+ 02 Oct 2004; Joshua Charles Campbell <warpzero@g.o> openvpn-1.6.0.ebuild: |
1414 |
+ Version bump |
1415 |
+ |
1416 |
+ 02 Oct 2004; Bryan Østergaard <kloeri@g.o> openvpn-1.5.0-r1.ebuild: |
1417 |
+ Keyword ~alpha, bug 65839. |
1418 |
+ |
1419 |
+ 25 Aug 2004; Sven Wegener <swegener@g.o> openvpn-1.1.0.ebuild, |
1420 |
+ openvpn-1.3.1.ebuild, openvpn-1.3.2-r1.ebuild, openvpn-1.3.2.ebuild, |
1421 |
+ openvpn-1.4.2.ebuild, openvpn-1.5.0-r1.ebuild, openvpn-1.5.0.ebuild: |
1422 |
+ Changed SRC_URI to use mirror:// syntax. |
1423 |
+ |
1424 |
+ 09 Jul 2004; Travis Tilley <lv@g.o> openvpn-1.5.0-r1.ebuild, |
1425 |
+ openvpn-1.5.0.ebuild: |
1426 |
+ switch linux-headers dependency to virtual/os-headers |
1427 |
+ |
1428 |
+ 25 Mar 2004; Jason Wever <weeve@g.o> openvpn-1.5.0-r1.ebuild: |
1429 |
+ Marked stable on sparc. |
1430 |
+ |
1431 |
+*openvpn-1.5.0-r1 (15 Mar 2004) |
1432 |
+ |
1433 |
+ 15 Mar 2004; <warpzero@g.o> metadata.xml, openvpn-1.5.0-r1.ebuild; |
1434 |
+ Added pthreads support and made the ebuild actually consider its use flags, wow. |
1435 |
+ |
1436 |
+*openvpn-1.5.0 (24 Dec 2003) |
1437 |
+ |
1438 |
+*openvpn-1.4.2 (03 Aug 2003) |
1439 |
+ |
1440 |
+ 03 Aug 2003; <warpzero@g.o> metadata.xml, openvpn-1.5.0.ebuild: |
1441 |
+ version 1.5.0 added |
1442 |
+ fixed init script added. Closes several bugs. |
1443 |
+ |
1444 |
+*openvpn-1.4.2 (03 Aug 2003) |
1445 |
+ |
1446 |
+ 03 Aug 2003; <warpzero@g.o> metadata.xml, openvpn-1.4.2.ebuild: |
1447 |
+ ~ppc keyword |
1448 |
+ |
1449 |
+*openvpn-1.4.2 (03 Aug 2003) |
1450 |
+ |
1451 |
+ 03 Aug 2003; <warpzero@g.o> metadata.xml, openvpn-1.4.2.ebuild: |
1452 |
+ version 1.4.2 added |
1453 |
+ |
1454 |
+ 06 Dec 2002; Rodney Rees <manson@g.o> : changed sparc ~sparc keywords |
1455 |
+ |
1456 |
+*openvpn-1.3.2-r1 (20 May 2003) |
1457 |
+ |
1458 |
+ 20 May 2003; Ryan Phillips <rphillips@g.o> openvpn-1.3.2-r1.ebuild : |
1459 |
+ Included init script. Bug #20085 Fixed. Submitted by Warp Zero |
1460 |
+ |
1461 |
+*openvpn-1.3.2 (31 Jan 2003) |
1462 |
+ |
1463 |
+ 31 Jan 2003; Ryan Phillips <rphillips@g.o> openvpn-1.3.2 : |
1464 |
+ |
1465 |
+ new version. |
1466 |
+ |
1467 |
+*openvpn-1.3.1 (15 Jul 2002) |
1468 |
+ |
1469 |
+ 15 Jul 2002; Ryan Phillips <rphillips@g.o> openvpn-1.3.1 : |
1470 |
+ |
1471 |
+ new version. Thanks to Marko Mikulicic |
1472 |
+ |
1473 |
+*openvpn-1.1.0 (26 May 2002) |
1474 |
+ |
1475 |
+ 09 Jul 2002; phoen][x <phoenix@g.o> openvpn-1.1.0.ebuild : |
1476 |
+ Added KEYWORDS. |
1477 |
+ |
1478 |
+ 26 May 2002; Mike Jones <ashmodai@g.o> ChangeLog, openvpn-1.1.0.ebuild: |
1479 |
+ Added initial ChangeLog which should be updated whenever the package is |
1480 |
+ updated in any way. This changelog is targetted to users. This means that the |
1481 |
+ comments should well explained and written in clean English. The details about |
1482 |
+ writing correct changelogs are explained in the skel.ChangeLog file which you |
1483 |
+ can find in the root directory of the portage repository. |
1484 |
+ |
1485 |
|
1486 |
diff --git a/net-misc/openvpn/Manifest b/net-misc/openvpn/Manifest |
1487 |
new file mode 100644 |
1488 |
index 0000000..83bfe3b |
1489 |
--- /dev/null |
1490 |
+++ b/net-misc/openvpn/Manifest |
1491 |
@@ -0,0 +1,16 @@ |
1492 |
+AUX 2.3.6-disable-compression.patch 579 SHA256 644068d1925a7b2866a4afaef15ebb27f5bbf1b55eed0894d34f7603c230bd9a SHA512 56acdd4716df4f6a0367fd583296718e30d3fa4b6b129159f61f913eba97769943a2354e9b51572314a206f68a20def091a89aec12bc942d94b05369128d3a97 WHIRLPOOL 1fb293d49f63a75cb772c262d9a55a6cb00be0f154387bf4fb3e9be1602038bd70348fad5f1a2b714fa7b45cbcd36a4db2c6f1441f3a00aff7d51732b3629708 |
1493 |
+AUX 2.3.6-null-cipher.patch 1531 SHA256 a3f8ac3630c9887d18d21e0ac9781d615cf8dff277c070306b36c5d0faa8a1ac SHA512 0aa288af3c0b43977bf84b099ea28dbf7ab9a1096d76e8f706989570984c70a4c298430eac35b0c80eab8bc05e6072d965c20a9e3689e7448e759abb92c93fb2 WHIRLPOOL cbefb2a1b6d63373890a76d3a6153335f8d05b07e4546893e7a8871c653d39f06941615181308fbf41a07cf702b2a730dfacc6a01840efdbfbeaf301a58362bb |
1494 |
+AUX 2.3.6-vlan-support.patch 32652 SHA256 5b53cd595b77c8c391b9ad4844028b8524b9d6e877a5a6ae36ce82dff0eea2a3 SHA512 a28532cf98c47a79bce3f87683560b3bff7f5ec727d709eaa12543f8c2b4285b8cca49aa69f591d93c8d13ef7ab901f835eec72776cc27da693058293e14627d WHIRLPOOL fe42ad83d82f1e57b9de8a44bc8a03220d3e2f28b797d7144714ced3b34a8d4d7daf66351fbcc712e56599fc6eb5414077c839df8ffd6616eae38c2b6258d724 |
1495 |
+AUX 65openvpn 45 SHA256 d5758e39fdc75dcbb5a788b1afa743c3c1f08c63c535aa32c300b965474d765c SHA512 713345092b60d1322d3fa96fd72d69ed82dbfee5031a675114bc60acfdacaf0811f6bf4530cf937ca5a86b3f2665b28951b9087ec91c2c0faf75bdaf1e25bdbb WHIRLPOOL 534e7dcf2ac953e9ec5de05810022471cb26a16806cd036f25d02550e20f8aaa91410bd005bc7a5e4a549d8a40d01ae317be1d1e1e25d91ed989bbbea7ede9d2 |
1496 |
+AUX down.sh 943 SHA256 39debebcd8c899f20e6d355cbc8eaab46e28b83a9f6c33a94c065688a4f3d2c7 SHA512 5defd61edf11cc63f3f8f60bef7fa730c4bcdd2545d664bd94666dd3aea80bd9d190263d8835a555e4287a594f6fce0f52426aed49c60233ff637a2a6164a997 WHIRLPOOL c66fd1e016656fe83d7f55b77bf232058397f9cd3054abe13ec006c227afe6746ee4ada310ff43761ec95510f736b8e542f136711d648642eecafe055975c57e |
1497 |
+AUX openvpn-2.1.conf 892 SHA256 330149a83684ddabe413d134d4c8efad4c88b18c2ab67165014deff5f7fffad2 SHA512 982ade883afbe2e656a9cbbe36c31c0e8b4f7bbbe5b63df9f7b834f02a9153032fb7445c85d3e91f62c68a7ddd13c3afbf420fb71cdd13d9c4b69f867bdd9f37 WHIRLPOOL 6ef644826e1e9e2a100e0fa20b5c9190e92c9e08a366dee28dccf3f70fa0593f3c4d271e42db3920630f03704aa2aef8e84d9efbb2b4b6a0d08e74bb340fb0a5 |
1498 |
+AUX openvpn-2.1.init 4186 SHA256 d1b1f8a00935d77521bceb62535350444df3470fa45f4d33c3934051a1bb595b SHA512 7ecd0b4dc7341ea0df598752bec8ae6011bea7973ed9dbf17a12c308aed46362e1507fcb3a3bb26049619747f2f819deec1a42c6dce2c13d2a769f1e37735a2f WHIRLPOOL 9d34c438b7d9e45678e2aa48ab42a68b9e2801423688c6280cbb4934a8ef04cbf8a7953a061659f57fb02adf535596ac9313268c29e2dc18cffbf7315681da82 |
1499 |
+AUX openvpn.init 1486 SHA256 c4b9e0899fa5ee0b90c5100da7711dc7a6a5658f10042b0feda9e7efb90a11cf SHA512 450595b9ec82ded74c26ed9f73182122e05f53655262a342b195dcedfe63a06a5d9927a3bbe50d0d04f810cc786ac3eb78843877f426c893e165b967bc8ac012 WHIRLPOOL e549221283b4b92c9ada312a746c4ad4c645493c1c844ddaddefecee4c31e17bd4bd8555618408e065c83143e157aaf7e75b44f01abe43f507835df2aa1149d3 |
1500 |
+AUX openvpn.service 335 SHA256 a63a6e1505f2b3e20f2c82588dd0c23da9d8c750e1f36fec2ba20a8b5b0c9de1 SHA512 fbd41b80253aaae6750301ac95d8b3bf09e3a70556cc0513792c8e06faa70a716233d134d4928295f381f0f235fcde0eeac9cfa074924b6666a4b46ff7cf91a9 WHIRLPOOL 16f44d10ab03110a21a69716fbac2e64e5376426edd26783d7946d928dd0cc106810126436488843da8e16277d3aa83d208fe50c4aebd9cff86526ce1762b215 |
1501 |
+AUX openvpn.tmpfile 39 SHA256 ef3453056a26487d27908d5ced124285403d8e88deb843fccdba9f6724966826 SHA512 659713b35eee340f2b6578796f4335dda391aa635892e802e3f2531f31c9470460b4e4b3be45457f81f3b08b7d60ce15d16f8d70b968fbf24f846ef5f8611a58 WHIRLPOOL 19e4611ffda68a99851921ccaf3a99d04350cd3e0d8833136da151119c267edc383ff96162aa47a2f77171ae908ad011e4119a7a18961ed0bddcbf38d997b976 |
1502 |
+AUX up.sh 2865 SHA256 d887ee065261affd849227fa27e092cf66549d824a698f302312d15f787dd840 SHA512 35201b0e60ad20358080007e595eb4f96d186ba8e88f0485c55d164c28e3d78a12f3e09347ba3d76abb9b8b03fb4a53664bd74ab484be1548090022b956925fd WHIRLPOOL 8d25a66d192a6710466d149aec7a1719dfe91558205e8ba7e25b93e58869c8fedc96ba4ce2aedb0595b7e0b63299e6e41be1ba82c6b93ae6bbbb26d409c9bf51 |
1503 |
+DIST openvpn-2.3.8.tar.gz 1214843 SHA256 532435eff61c14b44a583f27b72f93e7864e96c95fe51134ec0ad4b1b1107c51 SHA512 b619283d87eea2e47a2f0dfdbf0ffd1d10388fbdaadb33b43c7a2743748a4814f869fad6215d32fab156664d554ae94af456e7bf496890c68e6729b153d76db9 WHIRLPOOL 4868c735ca5e65b34f477457ea38eb6db45fae80563490d1e39ece9bf29b13976dd82d50d054da70c4ee146cb2e88e847bafc3f7ff47112d4494fa0f408d65d0 |
1504 |
+EBUILD openvpn-2.3.8-r1.ebuild 4381 SHA256 2192986546297c598950830a4679bb4cce2c89095c1b638a777a1a7c78b59140 SHA512 ea1bf18b97897459bc7f8ae39d8f785b8b9e0cd9826ca934f955e4e566b4b835286a10c834dd1794ec1e9eeeac4f58b6c0f6f51bd7e253fc0140c7778fad8a42 WHIRLPOOL daa7b6e766df85f7ca940d6a18b3c119a1b9772ee2009065b023b71f35db56a35dabbb6041982220b4f951206c971a554dbc3ea0ac1bfe3353a6f5915bd66a2f |
1505 |
+MISC ChangeLog 5210 SHA256 c07b34e233cf871beb74436576e8e2ed35a3f697d019546c8d46704cc81fb8e4 SHA512 5dceca6859e3f9b52e0de28721bd6054d6b76fc46a0c10a9e0f2781f0f2b97d9c81279ce9bc8dabca8bef75f5698d9e1f1febcd6250a97e9e87bbd96e5917d96 WHIRLPOOL 1d3fb678aafdad476d302a2ff66d91a19209eff8a69946f8acb5d9f5d6bb25f4b15a7877d6d17f95e54cf1149bed73205b6f45408f29614b0e721e97e1ac61f5 |
1506 |
+MISC ChangeLog-2015 45794 SHA256 5934bd3b7fb69833e6a786bff437d0322694e126d2448b3a72c771aff9888052 SHA512 66728563ecab8aabb1dc5ae24fb141a59573bc6e3bf8baa3a78d40dc4d5dc083a70ad76eef883f6efd968850aeece364d2534512ea00dc7ea349ef9e0d128afc WHIRLPOOL 60cd7cdce8fa00c525ba5814bd151fe043692b70cbdac13cec36644c7c695db3b7c24d444cbf3f6f38246e52c9b2f7e9f766fb13ec07196c40d038c881e9e340 |
1507 |
+MISC metadata.xml 988 SHA256 f8d77075b01a7250cfe43ecc06a635ffabe022b9c59eff660a236aff040d84dc SHA512 986f7a5de176f45aeed2e03770cc6b8ac0f1a55f410127c6c7b666255e742a483393db5c85e32f78c2f5e683e8124c3d907acb151245c2a982e587a59e1a4f2c WHIRLPOOL 10e57141519cfeefb7bfa89f0c3a1f4fea64067f8245c123545c85a48934294f694e5d3e888959f215aeccfa97fb54e500b31d4163e76942d80c5d3a6aebdc5f |
1508 |
|
1509 |
diff --git a/net-misc/openvpn/files/2.3.6-disable-compression.patch b/net-misc/openvpn/files/2.3.6-disable-compression.patch |
1510 |
new file mode 100644 |
1511 |
index 0000000..d9d1c76 |
1512 |
--- /dev/null |
1513 |
+++ b/net-misc/openvpn/files/2.3.6-disable-compression.patch |
1514 |
@@ -0,0 +1,18 @@ |
1515 |
+https://community.openvpn.net/openvpn/changeset/5d5233778868ddd568140c394adfcfc8e3453245/ |
1516 |
+ |
1517 |
+--- openvpn-2.3.6/src/openvpn/ssl_openssl.c.orig 2014-11-29 23:00:35.000000000 +0800 |
1518 |
++++ openvpn-2.3.6/src/openvpn/ssl_openssl.c 2015-01-12 21:14:30.186993686 +0800 |
1519 |
+@@ -238,6 +238,13 @@ |
1520 |
+ if (tls_ver_min > TLS_VER_1_2 || tls_ver_max < TLS_VER_1_2) |
1521 |
+ sslopt |= SSL_OP_NO_TLSv1_2; |
1522 |
+ #endif |
1523 |
++ |
1524 |
++#ifdef SSL_OP_NO_COMPRESSION |
1525 |
++ msg (M_WARN, "[Workaround] disable SSL compression"); |
1526 |
++ sslopt |= SSL_OP_NO_COMPRESSION; |
1527 |
++#endif |
1528 |
++ |
1529 |
++ |
1530 |
+ SSL_CTX_set_options (ctx->ctx, sslopt); |
1531 |
+ } |
1532 |
+ |
1533 |
|
1534 |
diff --git a/net-misc/openvpn/files/2.3.6-null-cipher.patch b/net-misc/openvpn/files/2.3.6-null-cipher.patch |
1535 |
new file mode 100644 |
1536 |
index 0000000..1e831cf |
1537 |
--- /dev/null |
1538 |
+++ b/net-misc/openvpn/files/2.3.6-null-cipher.patch |
1539 |
@@ -0,0 +1,46 @@ |
1540 |
+The "really fix cipher none" patch has been merged to release/2.3 and master: |
1541 |
+ |
1542 |
+commit 785838614afc20d362b64907b0212e9a779e2287 (release/2.3) |
1543 |
+commit 98156e90e1e83133a6a6a020db8e7333ada6156b (master) |
1544 |
+ |
1545 |
+diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h |
1546 |
+index 8749878..4e45df0 100644 |
1547 |
+--- a/src/openvpn/crypto_backend.h |
1548 |
++++ b/src/openvpn/crypto_backend.h |
1549 |
+@@ -237,8 +237,7 @@ int cipher_kt_mode (const cipher_kt_t *cipher_kt); |
1550 |
+ * |
1551 |
+ * @return true iff the cipher is a CBC mode cipher. |
1552 |
+ */ |
1553 |
+-bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
1554 |
+- __attribute__((nonnull)); |
1555 |
++bool cipher_kt_mode_cbc(const cipher_kt_t *cipher); |
1556 |
+ |
1557 |
+ /** |
1558 |
+ * Check if the supplied cipher is a supported OFB or CFB mode cipher. |
1559 |
+@@ -247,8 +246,7 @@ bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
1560 |
+ * |
1561 |
+ * @return true iff the cipher is a OFB or CFB mode cipher. |
1562 |
+ */ |
1563 |
+-bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) |
1564 |
+- __attribute__((nonnull)); |
1565 |
++bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher); |
1566 |
+ |
1567 |
+ |
1568 |
+ /** |
1569 |
+diff --git a/tests/t_lpback.sh b/tests/t_lpback.sh |
1570 |
+index 8f88ad9..d7792cd 100755 |
1571 |
+--- a/tests/t_lpback.sh |
1572 |
++++ b/tests/t_lpback.sh |
1573 |
+@@ -35,6 +35,9 @@ CIPHERS=$(${top_builddir}/src/openvpn/openvpn --show-ciphers | \ |
1574 |
+ # GD, 2014-07-06 do not test RC5-* either (fails on NetBSD w/o libcrypto_rc5) |
1575 |
+ CIPHERS=$(echo "$CIPHERS" | egrep -v '^(DES-EDE3-CFB1|DES-CFB1|RC5-)' ) |
1576 |
+ |
1577 |
++# Also test cipher 'none' |
1578 |
++CIPHERS=${CIPHERS}$(printf "\nnone") |
1579 |
++ |
1580 |
+ "${top_builddir}/src/openvpn/openvpn" --genkey --secret key.$$ |
1581 |
+ set +e |
1582 |
+ |
1583 |
+-- |
1584 |
+1.9.1 |
1585 |
+ |
1586 |
|
1587 |
diff --git a/net-misc/openvpn/files/2.3.6-vlan-support.patch b/net-misc/openvpn/files/2.3.6-vlan-support.patch |
1588 |
new file mode 100644 |
1589 |
index 0000000..e06645d |
1590 |
--- /dev/null |
1591 |
+++ b/net-misc/openvpn/files/2.3.6-vlan-support.patch |
1592 |
@@ -0,0 +1,1005 @@ |
1593 |
+diff --git a/configure.ac b/configure.ac |
1594 |
+index 9132468..5646af5 100644 |
1595 |
+--- a/configure.ac |
1596 |
++++ b/configure.ac |
1597 |
+@@ -257,6 +257,12 @@ AC_ARG_ENABLE( |
1598 |
+ [enable_systemd="no"] |
1599 |
+ ) |
1600 |
+ |
1601 |
++AC_ARG_ENABLE(vlan-tagging, |
1602 |
++ [ --disable-vlan-tagging Disable support for 802.1Q-based VLAN tagging], |
1603 |
++ [VLAN_TAGGING="$enableval"], |
1604 |
++ [VLAN_TAGGING="yes"] |
1605 |
++) |
1606 |
++ |
1607 |
+ AC_ARG_WITH( |
1608 |
+ [special-build], |
1609 |
+ [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])], |
1610 |
+@@ -1160,6 +1166,10 @@ if test "${enable_plugin_auth_pam}" = "yes"; then |
1611 |
+ fi |
1612 |
+ fi |
1613 |
+ |
1614 |
++if test "$VLAN_TAGGING" = "yes"; then |
1615 |
++ AC_DEFINE(ENABLE_VLAN_TAGGING, 1, [Enable 802.1Q-based VLAN tagging/untagging]) |
1616 |
++fi |
1617 |
++ |
1618 |
+ CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`" |
1619 |
+ AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings]) |
1620 |
+ |
1621 |
+diff --git a/doc/openvpn.8 b/doc/openvpn.8 |
1622 |
+index a8c189c..e8e222a 100644 |
1623 |
+--- a/doc/openvpn.8 |
1624 |
++++ b/doc/openvpn.8 |
1625 |
+@@ -3623,6 +3623,109 @@ connection is torn down. |
1626 |
+ |
1627 |
+ Not implemented on Windows. |
1628 |
+ .\"********************************************************* |
1629 |
++.TP |
1630 |
++.B \-\-vlan\-tagging |
1631 |
++Turns the OpenVPN server instance into a switch that understands VLAN-tagging, |
1632 |
++based on IEEE 802.1Q. |
1633 |
++ |
1634 |
++The tap device and each of the connecting clients is seen as a port of the |
1635 |
++switch. All client ports are in untagged mode and the tap device is |
1636 |
++VLAN-tagged, untagged or accepts both, depending on the |
1637 |
++.B \-\-vlan\-accept |
1638 |
++setting. |
1639 |
++ |
1640 |
++Ethernet frames with a prepended 802.1Q tag are called "tagged". If the VLAN |
1641 |
++Identifier (VID) field in such a tag is non-zero, the frame is called |
1642 |
++"VLAN-tagged". If the VID is zero, but the Priority Control Point (PCP) field |
1643 |
++is non-zero, the frame is called "prio-tagged". If there is no 802.1Q tag, the |
1644 |
++frame is "untagged". |
1645 |
++ |
1646 |
++Using the |
1647 |
++.B \-\-vlan\-pvid v |
1648 |
++option once per client, each port can be associated with a certain VID. Packets |
1649 |
++can only be distributed between ports with a matching VID. Therefore, clients |
1650 |
++with differing VIDs are completely separated from one-another, even if |
1651 |
++.B \-\-client-to-client |
1652 |
++is activated. |
1653 |
++ |
1654 |
++The filtering of packets takes place in the OpenVPN server. Clients do not |
1655 |
++need support for VLAN tagging. |
1656 |
++ |
1657 |
++The |
1658 |
++.B \-\-vlan\-tagging |
1659 |
++option is off by default. While turned off, OpenVPN |
1660 |
++does no parsing and accepts any Ethernet frames. |
1661 |
++ |
1662 |
++The option can only be activated in |
1663 |
++.B \-\-dev tap |
1664 |
++mode. |
1665 |
++ |
1666 |
++.\"********************************************************* |
1667 |
++.TP |
1668 |
++.B \-\-vlan\-accept all | tagged | untagged |
1669 |
++Allows the tap device's VLAN tagging policy to be configured. You can choose |
1670 |
++between the following modes: |
1671 |
++ |
1672 |
++.B all |
1673 |
++(default) -- Admit all frames. |
1674 |
++.br |
1675 |
++.B tagged |
1676 |
++-- Admit only VLAN-tagged frames. |
1677 |
++.br |
1678 |
++.B untagged |
1679 |
++-- Admit only untagged and priority-tagged frames. |
1680 |
++ |
1681 |
++(Note: Some vendors refer to switch ports running in |
1682 |
++.B tagged |
1683 |
++mode as "trunk ports" and switch ports running in |
1684 |
++.B untagged |
1685 |
++mode as "access ports".) |
1686 |
++ |
1687 |
++Incoming untagged or priority-tagged packets from clients are assigned with the |
1688 |
++client's Port VLAN Identifier (PVID) as their VID. In |
1689 |
++.B untagged |
1690 |
++mode, incoming untagged or priority-tagged packets on the tap device are |
1691 |
++associated with the global |
1692 |
++.B \-\-vlan\-pvid |
1693 |
++setting. In |
1694 |
++.B tagged |
1695 |
++mode, any incoming untagged or priority-tagged packets are dropped. For |
1696 |
++VLAN-tagged packets, any priority information is lost as soon as the |
1697 |
++VLAN-tagging is removed. |
1698 |
++ |
1699 |
++In |
1700 |
++.B tagged |
1701 |
++mode, packets going out through the tap device are VLAN-tagged with the |
1702 |
++originating client's VID. |
1703 |
++ |
1704 |
++In |
1705 |
++.B all |
1706 |
++mode, incoming tagged packets are handled the same way as in |
1707 |
++.B tagged |
1708 |
++mode. Incoming untagged packets are handled as in |
1709 |
++.B untagged |
1710 |
++mode. Outgoing packets are tagged, unless the VID matches the global PVID, in |
1711 |
++which case the packets go out untagged. |
1712 |
++.\"********************************************************* |
1713 |
++.TP |
1714 |
++.B \-\-vlan\-pvid v |
1715 |
++Specifies which VLAN identifier a "port" is associated with. Not valid without |
1716 |
++\fB\-\-vlan\-tagging\fR. |
1717 |
++ |
1718 |
++In client context, the setting specifies which VLAN identifier a client is |
1719 |
++associated with. In global context, the tap device's VLAN identifier is set. |
1720 |
++The latter only makes sense in |
1721 |
++.B \-\-vlan\-accept untagged |
1722 |
++and |
1723 |
++.B \-\-vlan\-accept all |
1724 |
++mode. |
1725 |
++ |
1726 |
++Valid values for |
1727 |
++.B v |
1728 |
++go from 1 through to 4094. Defaults to 1. |
1729 |
++ |
1730 |
++In some switch implementations, the PVID is also referred to as "Native VLAN". |
1731 |
++.\"********************************************************* |
1732 |
+ .SS Client Mode |
1733 |
+ Use client mode when connecting to an OpenVPN server |
1734 |
+ which has |
1735 |
+diff --git a/src/openvpn/errlevel.h b/src/openvpn/errlevel.h |
1736 |
+index 3ee4ebc..2ebec47 100644 |
1737 |
+--- a/src/openvpn/errlevel.h |
1738 |
++++ b/src/openvpn/errlevel.h |
1739 |
+@@ -149,6 +149,8 @@ |
1740 |
+ #define D_PF_DROPPED_BCAST LOGLEV(7, 71, M_DEBUG) /* packet filter dropped a broadcast packet */ |
1741 |
+ #define D_PF_DEBUG LOGLEV(7, 72, M_DEBUG) /* packet filter debugging, must also define PF_DEBUG in pf.h */ |
1742 |
+ |
1743 |
++#define D_VLAN_DEBUG LOGLEV(7, 72, M_DEBUG) /* show VLAN tagging/untagging debug info */ |
1744 |
++ |
1745 |
+ #define D_HANDSHAKE_VERBOSE LOGLEV(8, 70, M_DEBUG) /* show detailed description of each handshake */ |
1746 |
+ #define D_TLS_DEBUG_MED LOGLEV(8, 70, M_DEBUG) /* limited info from tls_session routines */ |
1747 |
+ #define D_INTERVAL LOGLEV(8, 70, M_DEBUG) /* show interval.h debugging info */ |
1748 |
+diff --git a/src/openvpn/mroute.c b/src/openvpn/mroute.c |
1749 |
+index ba4ef46..dc9183b 100644 |
1750 |
+--- a/src/openvpn/mroute.c |
1751 |
++++ b/src/openvpn/mroute.c |
1752 |
+@@ -210,12 +210,28 @@ mroute_extract_addr_ipv4 (struct mroute_addr *src, |
1753 |
+ return ret; |
1754 |
+ } |
1755 |
+ |
1756 |
++static void mroute_copy_ether_to_addr(struct mroute_addr *maddr, |
1757 |
++ const uint8_t *eth_addr, |
1758 |
++ uint16_t vid) |
1759 |
++{ |
1760 |
++ maddr->type = MR_ADDR_ETHER; |
1761 |
++ maddr->netbits = 0; |
1762 |
++ memcpy (maddr->addr, eth_addr, 6); |
1763 |
++#ifdef ENABLE_VLAN_TAGGING |
1764 |
++ maddr->len = 8; |
1765 |
++ memcpy (maddr->addr + 6, &vid, 2); |
1766 |
++#else |
1767 |
++ maddr->len = 6; |
1768 |
++#endif |
1769 |
++} |
1770 |
++ |
1771 |
+ unsigned int |
1772 |
+ mroute_extract_addr_ether (struct mroute_addr *src, |
1773 |
+ struct mroute_addr *dest, |
1774 |
+ struct mroute_addr *esrc, |
1775 |
+ struct mroute_addr *edest, |
1776 |
+- const struct buffer *buf) |
1777 |
++ const struct buffer *buf, |
1778 |
++ uint16_t vid) |
1779 |
+ { |
1780 |
+ unsigned int ret = 0; |
1781 |
+ if (BLEN (buf) >= (int) sizeof (struct openvpn_ethhdr)) |
1782 |
+@@ -223,17 +239,11 @@ mroute_extract_addr_ether (struct mroute_addr *src, |
1783 |
+ const struct openvpn_ethhdr *eth = (const struct openvpn_ethhdr *) BPTR (buf); |
1784 |
+ if (src) |
1785 |
+ { |
1786 |
+- src->type = MR_ADDR_ETHER; |
1787 |
+- src->netbits = 0; |
1788 |
+- src->len = 6; |
1789 |
+- memcpy (src->addr, eth->source, 6); |
1790 |
++ mroute_copy_ether_to_addr(src, eth->source, vid); |
1791 |
+ } |
1792 |
+ if (dest) |
1793 |
+ { |
1794 |
+- dest->type = MR_ADDR_ETHER; |
1795 |
+- dest->netbits = 0; |
1796 |
+- dest->len = 6; |
1797 |
+- memcpy (dest->addr, eth->dest, 6); |
1798 |
++ mroute_copy_ether_to_addr(dest, eth->dest, vid); |
1799 |
+ |
1800 |
+ /* ethernet broadcast/multicast packet? */ |
1801 |
+ if (is_mac_mcast_addr (eth->dest)) |
1802 |
+@@ -248,7 +258,16 @@ mroute_extract_addr_ether (struct mroute_addr *src, |
1803 |
+ struct buffer b = *buf; |
1804 |
+ if (buf_advance (&b, sizeof (struct openvpn_ethhdr))) |
1805 |
+ { |
1806 |
+- switch (ntohs (eth->proto)) |
1807 |
++ uint16_t proto = ntohs (eth->proto); |
1808 |
++ if (proto == OPENVPN_ETH_P_8021Q && |
1809 |
++ BLEN (buf) >= (int) sizeof (struct openvpn_8021qhdr)) |
1810 |
++ { |
1811 |
++ const struct openvpn_8021qhdr *tag = (const struct openvpn_8021qhdr *) BPTR (buf); |
1812 |
++ proto = ntohs (tag->proto); |
1813 |
++ buf_advance (&b, SIZE_ETH_TO_8021Q_HDR); |
1814 |
++ } |
1815 |
++ |
1816 |
++ switch (proto) |
1817 |
+ { |
1818 |
+ case OPENVPN_ETH_P_IPV4: |
1819 |
+ ret |= (mroute_extract_addr_ipv4 (esrc, edest, &b) << MROUTE_SEC_SHIFT); |
1820 |
+@@ -391,6 +410,9 @@ mroute_addr_print_ex (const struct mroute_addr *ma, |
1821 |
+ { |
1822 |
+ case MR_ADDR_ETHER: |
1823 |
+ buf_printf (&out, "%s", format_hex_ex (ma->addr, 6, 0, 1, ":", gc)); |
1824 |
++#ifdef ENABLE_VLAN_TAGGING |
1825 |
++ buf_printf (&out, "@%u", *(uint16_t*)(ma->addr + 6)); |
1826 |
++#endif |
1827 |
+ break; |
1828 |
+ case MR_ADDR_IPV4: |
1829 |
+ { |
1830 |
+diff --git a/src/openvpn/mroute.h b/src/openvpn/mroute.h |
1831 |
+index 608f70b..175dd2a 100644 |
1832 |
+--- a/src/openvpn/mroute.h |
1833 |
++++ b/src/openvpn/mroute.h |
1834 |
+@@ -138,7 +138,8 @@ mroute_extract_addr_from_packet (struct mroute_addr *src, |
1835 |
+ struct mroute_addr *esrc, |
1836 |
+ struct mroute_addr *edest, |
1837 |
+ const struct buffer *buf, |
1838 |
+- int tunnel_type) |
1839 |
++ int tunnel_type, |
1840 |
++ uint16_t vid) |
1841 |
+ { |
1842 |
+ unsigned int mroute_extract_addr_ipv4 (struct mroute_addr *src, |
1843 |
+ struct mroute_addr *dest, |
1844 |
+@@ -148,13 +149,14 @@ mroute_extract_addr_from_packet (struct mroute_addr *src, |
1845 |
+ struct mroute_addr *dest, |
1846 |
+ struct mroute_addr *esrc, |
1847 |
+ struct mroute_addr *edest, |
1848 |
+- const struct buffer *buf); |
1849 |
++ const struct buffer *buf, |
1850 |
++ uint16_t vid); |
1851 |
+ unsigned int ret = 0; |
1852 |
+ verify_align_4 (buf); |
1853 |
+ if (tunnel_type == DEV_TYPE_TUN) |
1854 |
+ ret = mroute_extract_addr_ipv4 (src, dest, buf); |
1855 |
+ else if (tunnel_type == DEV_TYPE_TAP) |
1856 |
+- ret = mroute_extract_addr_ether (src, dest, esrc, edest, buf); |
1857 |
++ ret = mroute_extract_addr_ether (src, dest, esrc, edest, buf, vid); |
1858 |
+ return ret; |
1859 |
+ } |
1860 |
+ |
1861 |
+diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c |
1862 |
+index 6ddfbb5..36a86a5 100644 |
1863 |
+--- a/src/openvpn/multi.c |
1864 |
++++ b/src/openvpn/multi.c |
1865 |
+@@ -6,6 +6,7 @@ |
1866 |
+ * packet compression. |
1867 |
+ * |
1868 |
+ * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@×××××××.net> |
1869 |
++ * Copyright (C) 2010 Fabian Knittel <fabian.knittel@×××××××.de> |
1870 |
+ * |
1871 |
+ * This program is free software; you can redistribute it and/or modify |
1872 |
+ * it under the terms of the GNU General Public License version 2 |
1873 |
+@@ -1956,7 +1957,8 @@ static void |
1874 |
+ multi_bcast (struct multi_context *m, |
1875 |
+ const struct buffer *buf, |
1876 |
+ const struct multi_instance *sender_instance, |
1877 |
+- const struct mroute_addr *sender_addr) |
1878 |
++ const struct mroute_addr *sender_addr, |
1879 |
++ uint16_t vid) |
1880 |
+ { |
1881 |
+ struct hash_iterator hi; |
1882 |
+ struct hash_element *he; |
1883 |
+@@ -2001,6 +2003,10 @@ multi_bcast (struct multi_context *m, |
1884 |
+ } |
1885 |
+ } |
1886 |
+ #endif |
1887 |
++#ifdef ENABLE_VLAN_TAGGING |
1888 |
++ if (vid != 0 && vid != mi->context.options.vlan_pvid) |
1889 |
++ continue; |
1890 |
++#endif |
1891 |
+ multi_add_mbuf (m, mi, mb); |
1892 |
+ } |
1893 |
+ } |
1894 |
+@@ -2179,6 +2185,37 @@ done: |
1895 |
+ gc_free (&gc); |
1896 |
+ } |
1897 |
+ |
1898 |
++#ifdef ENABLE_VLAN_TAGGING |
1899 |
++/* |
1900 |
++ * Decides whether or not to drop an ethernet frame. VLAN-tagged frames are |
1901 |
++ * dropped. All other frames are accepted. |
1902 |
++ * |
1903 |
++ * @param buf The ethernet frame. |
1904 |
++ * @return Returns true if the frame should be dropped, false otherwise. |
1905 |
++ */ |
1906 |
++static bool |
1907 |
++buf_filter_incoming_8021q_vlan_tag (const struct buffer *buf) |
1908 |
++{ |
1909 |
++ const struct openvpn_8021qhdr *vlanhdr; |
1910 |
++ uint16_t vid; |
1911 |
++ |
1912 |
++ if (BLEN (buf) < (int) sizeof (struct openvpn_8021qhdr)) |
1913 |
++ return false; /* Frame too small. */ |
1914 |
++ |
1915 |
++ vlanhdr = (const struct openvpn_8021qhdr *) BPTR (buf); |
1916 |
++ |
1917 |
++ if (ntohs (vlanhdr->tpid) != OPENVPN_ETH_P_8021Q) |
1918 |
++ return false; /* Frame is untagged. */ |
1919 |
++ |
1920 |
++ vid = vlanhdr_get_vid (vlanhdr); |
1921 |
++ if (vid == 0) |
1922 |
++ return false; /* Frame only priority-tagged. */ |
1923 |
++ |
1924 |
++ msg (D_VLAN_DEBUG, "dropping VLAN-tagged incoming frame, vid: %u", vid); |
1925 |
++ return true; |
1926 |
++} |
1927 |
++#endif |
1928 |
++ |
1929 |
+ /* |
1930 |
+ * Process packets in the TCP/UDP socket -> TUN/TAP interface direction, |
1931 |
+ * i.e. client -> server direction. |
1932 |
+@@ -2254,7 +2291,8 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins |
1933 |
+ NULL, |
1934 |
+ NULL, |
1935 |
+ &c->c2.to_tun, |
1936 |
+- DEV_TYPE_TUN); |
1937 |
++ DEV_TYPE_TUN, |
1938 |
++ 0); |
1939 |
+ |
1940 |
+ /* drop packet if extract failed */ |
1941 |
+ if (!(mroute_flags & MROUTE_EXTRACT_SUCCEEDED)) |
1942 |
+@@ -2284,7 +2322,7 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins |
1943 |
+ if (mroute_flags & MROUTE_EXTRACT_MCAST) |
1944 |
+ { |
1945 |
+ /* for now, treat multicast as broadcast */ |
1946 |
+- multi_bcast (m, &c->c2.to_tun, m->pending, NULL); |
1947 |
++ multi_bcast (m, &c->c2.to_tun, m->pending, NULL, 0); |
1948 |
+ } |
1949 |
+ else /* possible client to client routing */ |
1950 |
+ { |
1951 |
+@@ -2321,10 +2359,27 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins |
1952 |
+ } |
1953 |
+ else if (TUNNEL_TYPE (m->top.c1.tuntap) == DEV_TYPE_TAP) |
1954 |
+ { |
1955 |
++#ifdef ENABLE_VLAN_TAGGING |
1956 |
++ uint16_t vid = 0; |
1957 |
++#else |
1958 |
++ const uint16_t vid = 0; |
1959 |
++#endif |
1960 |
+ #ifdef ENABLE_PF |
1961 |
+ struct mroute_addr edest; |
1962 |
+ mroute_addr_reset (&edest); |
1963 |
+ #endif |
1964 |
++#ifdef ENABLE_VLAN_TAGGING |
1965 |
++ if (m->top.options.vlan_tagging) |
1966 |
++ { |
1967 |
++ if (buf_filter_incoming_8021q_vlan_tag (&c->c2.to_tun)) |
1968 |
++ { |
1969 |
++ /* Drop VLAN-tagged frame. */ |
1970 |
++ c->c2.to_tun.len = 0; |
1971 |
++ } |
1972 |
++ else |
1973 |
++ vid = c->options.vlan_pvid; |
1974 |
++ } |
1975 |
++#endif |
1976 |
+ /* extract packet source and dest addresses */ |
1977 |
+ mroute_flags = mroute_extract_addr_from_packet (&src, |
1978 |
+ &dest, |
1979 |
+@@ -2335,7 +2390,8 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins |
1980 |
+ NULL, |
1981 |
+ #endif |
1982 |
+ &c->c2.to_tun, |
1983 |
+- DEV_TYPE_TAP); |
1984 |
++ DEV_TYPE_TAP, |
1985 |
++ vid); |
1986 |
+ |
1987 |
+ if (mroute_flags & MROUTE_EXTRACT_SUCCEEDED) |
1988 |
+ { |
1989 |
+@@ -2346,7 +2402,7 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins |
1990 |
+ { |
1991 |
+ if (mroute_flags & (MROUTE_EXTRACT_BCAST|MROUTE_EXTRACT_MCAST)) |
1992 |
+ { |
1993 |
+- multi_bcast (m, &c->c2.to_tun, m->pending, NULL); |
1994 |
++ multi_bcast (m, &c->c2.to_tun, m->pending, NULL, vid); |
1995 |
+ } |
1996 |
+ else /* try client-to-client routing */ |
1997 |
+ { |
1998 |
+@@ -2404,6 +2460,165 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins |
1999 |
+ return ret; |
2000 |
+ } |
2001 |
+ |
2002 |
++#ifdef ENABLE_VLAN_TAGGING |
2003 |
++/* |
2004 |
++ * For vlan_accept == VAF_ONLY_UNTAGGED_OR_PRIORITY: |
2005 |
++ * Only untagged frames and frames that are priority-tagged (VID == 0) are |
2006 |
++ * accepted. (This means that VLAN-tagged frames are dropped.) For frames |
2007 |
++ * that aren't dropped, the global vlan_pvid is returned as VID. |
2008 |
++ * |
2009 |
++ * For vlan_accept == VAF_ONLY_VLAN_TAGGED: |
2010 |
++ * If a frame is VLAN-tagged the tagging is removed and the embedded VID is |
2011 |
++ * returned. Any included priority information is lost. |
2012 |
++ * If a frame isn't VLAN-tagged, the frame is dropped. |
2013 |
++ * |
2014 |
++ * For vlan_accept == VAF_ALL: |
2015 |
++ * Accepts both VLAN-tagged and untagged (or priority-tagged) frames and |
2016 |
++ * and handles them as described above. |
2017 |
++ * |
2018 |
++ * @param c The global context. |
2019 |
++ * @param buf The ethernet frame. |
2020 |
++ * @return Returns -1 if the frame is dropped or the VID if it is accepted. |
2021 |
++ */ |
2022 |
++static int16_t |
2023 |
++multi_remove_8021q_vlan_tag (const struct context *c, struct buffer *buf) |
2024 |
++{ |
2025 |
++ struct openvpn_ethhdr eth; |
2026 |
++ struct openvpn_8021qhdr vlanhdr; |
2027 |
++ uint16_t vid; |
2028 |
++ uint16_t pcp; |
2029 |
++ |
2030 |
++ if (BLEN (buf) < (sizeof (struct openvpn_8021qhdr))) |
2031 |
++ goto drop; |
2032 |
++ |
2033 |
++ vlanhdr = *(const struct openvpn_8021qhdr *) BPTR (buf); |
2034 |
++ |
2035 |
++ if (ntohs (vlanhdr.tpid) != OPENVPN_ETH_P_8021Q) |
2036 |
++ { |
2037 |
++ /* Untagged frame. */ |
2038 |
++ |
2039 |
++ if (c->options.vlan_accept == VAF_ONLY_VLAN_TAGGED) |
2040 |
++ { |
2041 |
++ /* We only accept vlan-tagged frames, so drop frames without vlan-tag |
2042 |
++ */ |
2043 |
++ msg (D_VLAN_DEBUG, "dropping frame without vlan-tag (proto/len 0x%04x)", |
2044 |
++ ntohs (vlanhdr.tpid)); |
2045 |
++ goto drop; |
2046 |
++ } |
2047 |
++ |
2048 |
++ msg (D_VLAN_DEBUG, "assuming pvid for frame without vlan-tag, pvid: %u (proto/len 0x%04x)", |
2049 |
++ c->options.vlan_pvid, ntohs (vlanhdr.tpid)); |
2050 |
++ /* We return the global PVID as the VID for the untagged frame. */ |
2051 |
++ return c->options.vlan_pvid; |
2052 |
++ } |
2053 |
++ |
2054 |
++ /* Tagged frame. */ |
2055 |
++ |
2056 |
++ vid = vlanhdr_get_vid (&vlanhdr); |
2057 |
++ pcp = vlanhdr_get_pcp (&vlanhdr); |
2058 |
++ |
2059 |
++ if (c->options.vlan_accept == VAF_ONLY_UNTAGGED_OR_PRIORITY) |
2060 |
++ { |
2061 |
++ /* We only accept untagged / prio-tagged frames. |
2062 |
++ */ |
2063 |
++ |
2064 |
++ if (vid != 0) |
2065 |
++ { |
2066 |
++ /* VLAN-tagged frame - which isn't acceptable here - so drop it. */ |
2067 |
++ msg (D_VLAN_DEBUG, "dropping frame with vlan-tag, vid: %u (proto/len 0x%04x)", |
2068 |
++ vid, ntohs (vlanhdr.proto)); |
2069 |
++ goto drop; |
2070 |
++ } |
2071 |
++ |
2072 |
++ /* Fall-through for prio-tagged frames. */ |
2073 |
++ } |
2074 |
++ |
2075 |
++ /* At this point the frame is acceptable to us. It may be prio-tagged and/or |
2076 |
++ VLAN-tagged. */ |
2077 |
++ |
2078 |
++ if (vid != 0) |
2079 |
++ { |
2080 |
++ /* VLAN-tagged frame. Strip the tagging. Any priority information is lost. */ |
2081 |
++ |
2082 |
++ msg (D_VLAN_DEBUG, "removing vlan-tag from frame: vid: %u, wrapped proto/len: 0x%04x", |
2083 |
++ vid, ntohs (vlanhdr.proto)); |
2084 |
++ memcpy (ð, &vlanhdr, sizeof (eth)); |
2085 |
++ eth.proto = vlanhdr.proto; |
2086 |
++ |
2087 |
++ buf_advance (buf, SIZE_ETH_TO_8021Q_HDR); |
2088 |
++ memcpy (BPTR (buf), ð, sizeof eth); |
2089 |
++ |
2090 |
++ return vid; |
2091 |
++ } |
2092 |
++ else |
2093 |
++ { |
2094 |
++ /* Prio-tagged frame. We assume that the sender knows what it's doing and |
2095 |
++ don't stript the tagging. */ |
2096 |
++ |
2097 |
++ /* We return the global PVID as the VID for the priority-tagged frame. */ |
2098 |
++ return c->options.vlan_pvid; |
2099 |
++ } |
2100 |
++drop: |
2101 |
++ /* Drop the frame. */ |
2102 |
++ buf->len = 0; |
2103 |
++ return -1; |
2104 |
++} |
2105 |
++ |
2106 |
++/* |
2107 |
++ * Adds VLAN tagging to a frame. Assumes vlan_accept == VAF_ONLY_VLAN_TAGGED |
2108 |
++ * or VAF_ALL and a matching PVID. |
2109 |
++ */ |
2110 |
++void |
2111 |
++multi_prepend_8021q_vlan_tag (const struct context *c, struct buffer *buf) |
2112 |
++{ |
2113 |
++ struct openvpn_ethhdr eth; |
2114 |
++ struct openvpn_8021qhdr *vlanhdr; |
2115 |
++ |
2116 |
++ /* Frame too small? */ |
2117 |
++ if (BLEN (buf) < (int) sizeof (struct openvpn_ethhdr)) |
2118 |
++ goto drop; |
2119 |
++ |
2120 |
++ eth = *(const struct openvpn_ethhdr *) BPTR (buf); |
2121 |
++ if (ntohs (eth.proto) == OPENVPN_ETH_P_8021Q) |
2122 |
++ { |
2123 |
++ /* Priority-tagged frame. (VLAN-tagged frames couldn't have reached us |
2124 |
++ here.) */ |
2125 |
++ |
2126 |
++ /* Frame too small for header type? */ |
2127 |
++ if (BLEN (buf) < (int) (sizeof (struct openvpn_8021qhdr))) |
2128 |
++ goto drop; |
2129 |
++ |
2130 |
++ vlanhdr = (struct openvpn_8021qhdr *) BPTR (buf); |
2131 |
++ } |
2132 |
++ else |
2133 |
++ { |
2134 |
++ /* Untagged frame. */ |
2135 |
++ |
2136 |
++ /* Not enough head room for VLAN tag? */ |
2137 |
++ if (buf_reverse_capacity (buf) < SIZE_ETH_TO_8021Q_HDR) |
2138 |
++ goto drop; |
2139 |
++ |
2140 |
++ vlanhdr = (struct openvpn_8021qhdr *) buf_prepend (buf, SIZE_ETH_TO_8021Q_HDR); |
2141 |
++ |
2142 |
++ /* Initialise VLAN-tag ... */ |
2143 |
++ memcpy (vlanhdr, ð, sizeof eth); |
2144 |
++ vlanhdr->tpid = htons (OPENVPN_ETH_P_8021Q); |
2145 |
++ vlanhdr->proto = eth.proto; |
2146 |
++ vlanhdr_set_pcp (vlanhdr, 0); |
2147 |
++ vlanhdr_set_cfi (vlanhdr, 0); |
2148 |
++ } |
2149 |
++ |
2150 |
++ vlanhdr_set_vid (vlanhdr, c->options.vlan_pvid); |
2151 |
++ |
2152 |
++ msg (D_VLAN_DEBUG, "tagging frame: vid %u (wrapping proto/len: %04x)", |
2153 |
++ c->options.vlan_pvid, vlanhdr->proto); |
2154 |
++ return; |
2155 |
++drop: |
2156 |
++ /* Drop the frame. */ |
2157 |
++ buf->len = 0; |
2158 |
++} |
2159 |
++#endif /* ENABLE_VLAN_TAGGING */ |
2160 |
++ |
2161 |
+ /* |
2162 |
+ * Process packets in the TUN/TAP interface -> TCP/UDP socket direction, |
2163 |
+ * i.e. server -> client direction. |
2164 |
+@@ -2419,6 +2634,11 @@ multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flag |
2165 |
+ unsigned int mroute_flags; |
2166 |
+ struct mroute_addr src, dest; |
2167 |
+ const int dev_type = TUNNEL_TYPE (m->top.c1.tuntap); |
2168 |
++#ifdef ENABLE_VLAN_TAGGING |
2169 |
++ int16_t vid = 0; |
2170 |
++#else |
2171 |
++ const int16_t vid = 0; |
2172 |
++#endif |
2173 |
+ |
2174 |
+ #ifdef ENABLE_PF |
2175 |
+ struct mroute_addr esrc, *e1, *e2; |
2176 |
+@@ -2446,6 +2666,15 @@ multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flag |
2177 |
+ * the appropriate multi_instance object. |
2178 |
+ */ |
2179 |
+ |
2180 |
++#ifdef ENABLE_VLAN_TAGGING |
2181 |
++ if (dev_type == DEV_TYPE_TAP && m->top.options.vlan_tagging) |
2182 |
++ { |
2183 |
++ if ((vid = multi_remove_8021q_vlan_tag (&m->top, |
2184 |
++ &m->top.c2.buf)) == -1) |
2185 |
++ return false; |
2186 |
++ } |
2187 |
++#endif |
2188 |
++ |
2189 |
+ mroute_flags = mroute_extract_addr_from_packet (&src, |
2190 |
+ &dest, |
2191 |
+ #ifdef ENABLE_PF |
2192 |
+@@ -2455,7 +2684,8 @@ multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flag |
2193 |
+ #endif |
2194 |
+ NULL, |
2195 |
+ &m->top.c2.buf, |
2196 |
+- dev_type); |
2197 |
++ dev_type, |
2198 |
++ vid); |
2199 |
+ |
2200 |
+ if (mroute_flags & MROUTE_EXTRACT_SUCCEEDED) |
2201 |
+ { |
2202 |
+@@ -2466,9 +2696,9 @@ multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flag |
2203 |
+ { |
2204 |
+ /* for now, treat multicast as broadcast */ |
2205 |
+ #ifdef ENABLE_PF |
2206 |
+- multi_bcast (m, &m->top.c2.buf, NULL, e2); |
2207 |
++ multi_bcast (m, &m->top.c2.buf, NULL, e2, vid); |
2208 |
+ #else |
2209 |
+- multi_bcast (m, &m->top.c2.buf, NULL, NULL); |
2210 |
++ multi_bcast (m, &m->top.c2.buf, NULL, NULL, vid); |
2211 |
+ #endif |
2212 |
+ } |
2213 |
+ else |
2214 |
+@@ -2637,7 +2867,7 @@ gremlin_flood_clients (struct multi_context *m) |
2215 |
+ ASSERT (buf_write_u8 (&buf, get_random () & 0xFF)); |
2216 |
+ |
2217 |
+ for (i = 0; i < parm.n_packets; ++i) |
2218 |
+- multi_bcast (m, &buf, NULL, NULL); |
2219 |
++ multi_bcast (m, &buf, NULL, NULL, 0); |
2220 |
+ |
2221 |
+ gc_free (&gc); |
2222 |
+ } |
2223 |
+diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h |
2224 |
+index 32b89d2..10151e4 100644 |
2225 |
+--- a/src/openvpn/multi.h |
2226 |
++++ b/src/openvpn/multi.h |
2227 |
+@@ -555,6 +555,10 @@ multi_get_timeout (struct multi_context *m, struct timeval *dest) |
2228 |
+ static inline bool |
2229 |
+ multi_process_outgoing_tun (struct multi_context *m, const unsigned int mpp_flags) |
2230 |
+ { |
2231 |
++#ifdef ENABLE_VLAN_TAGGING |
2232 |
++ void multi_prepend_8021q_vlan_tag (const struct context *c, |
2233 |
++ struct buffer *buf); |
2234 |
++#endif |
2235 |
+ struct multi_instance *mi = m->pending; |
2236 |
+ bool ret = true; |
2237 |
+ |
2238 |
+@@ -565,6 +569,35 @@ multi_process_outgoing_tun (struct multi_context *m, const unsigned int mpp_flag |
2239 |
+ mi->context.c2.to_tun.len); |
2240 |
+ #endif |
2241 |
+ set_prefix (mi); |
2242 |
++#ifdef ENABLE_VLAN_TAGGING |
2243 |
++ if (m->top.options.vlan_accept == VAF_ONLY_UNTAGGED_OR_PRIORITY) |
2244 |
++ { |
2245 |
++ /* Packets aren't VLAN-tagged on the tap device. */ |
2246 |
++ |
2247 |
++ if (m->top.options.vlan_pvid != mi->context.options.vlan_pvid) |
2248 |
++ { |
2249 |
++ /* Packet is coming from the wrong VID, drop it. */ |
2250 |
++ mi->context.c2.to_tun.len = 0; |
2251 |
++ } |
2252 |
++ } |
2253 |
++ else if (m->top.options.vlan_accept == VAF_ALL) |
2254 |
++ { |
2255 |
++ /* Packets either need to be VLAN-tagged or not, depending on the |
2256 |
++ packet's originating VID and the port's native VID (PVID). */ |
2257 |
++ |
2258 |
++ if (m->top.options.vlan_pvid != mi->context.options.vlan_pvid) |
2259 |
++ { |
2260 |
++ /* Packets need to be VLAN-tagged, because the packet's VID does not |
2261 |
++ match the port's PVID. */ |
2262 |
++ multi_prepend_8021q_vlan_tag (&mi->context, &mi->context.c2.to_tun); |
2263 |
++ } |
2264 |
++ } |
2265 |
++ else if (m->top.options.vlan_accept == VAF_ONLY_VLAN_TAGGED) |
2266 |
++ { |
2267 |
++ /* All packets on the port (the tap device) need to be VLAN-tagged. */ |
2268 |
++ multi_prepend_8021q_vlan_tag (&mi->context, &mi->context.c2.to_tun); |
2269 |
++ } |
2270 |
++#endif |
2271 |
+ process_outgoing_tun (&mi->context); |
2272 |
+ ret = multi_process_post (m, mi, mpp_flags); |
2273 |
+ clear_prefix (); |
2274 |
+diff --git a/src/openvpn/options.c b/src/openvpn/options.c |
2275 |
+index 4ea03d1..c0baf63 100644 |
2276 |
+--- a/src/openvpn/options.c |
2277 |
++++ b/src/openvpn/options.c |
2278 |
+@@ -476,6 +476,11 @@ static const char usage_message[] = |
2279 |
+ " sessions to a web server at host:port. dir specifies an\n" |
2280 |
+ " optional directory to write origin IP:port data.\n" |
2281 |
+ #endif |
2282 |
++#ifdef ENABLE_VLAN_TAGGING |
2283 |
++ "--vlan-tagging : Enable 802.1Q-based VLAN tagging.\n" |
2284 |
++ "--vlan-accept tagged|untagged|all : Set VLAN tagging mode. Default is 'all'.\n" |
2285 |
++ "--vlan-pvid v : Sets the Port VLAN Identifier. Defaults to 1.\n" |
2286 |
++#endif |
2287 |
+ #endif |
2288 |
+ "\n" |
2289 |
+ "Client options (when connecting to a multi-client server):\n" |
2290 |
+@@ -845,6 +850,10 @@ init_options (struct options *o, const bool init_gc) |
2291 |
+ #ifdef ENABLE_PKCS11 |
2292 |
+ o->pkcs11_pin_cache_period = -1; |
2293 |
+ #endif /* ENABLE_PKCS11 */ |
2294 |
++#ifdef ENABLE_VLAN_TAGGING |
2295 |
++ o->vlan_accept = VAF_ALL; |
2296 |
++ o->vlan_pvid = 1; |
2297 |
++#endif |
2298 |
+ |
2299 |
+ /* tmp is only used in P2MP server context */ |
2300 |
+ #if P2MP_SERVER |
2301 |
+@@ -1139,6 +1148,23 @@ dhcp_option_address_parse (const char *name, const char *parm, in_addr_t *array, |
2302 |
+ |
2303 |
+ #endif |
2304 |
+ |
2305 |
++#ifdef ENABLE_VLAN_TAGGING |
2306 |
++static const char * |
2307 |
++print_vlan_accept (enum vlan_acceptable_frames mode) |
2308 |
++{ |
2309 |
++ switch (mode) |
2310 |
++ { |
2311 |
++ case VAF_ONLY_VLAN_TAGGED: |
2312 |
++ return "tagged"; |
2313 |
++ case VAF_ONLY_UNTAGGED_OR_PRIORITY: |
2314 |
++ return "untagged"; |
2315 |
++ case VAF_ALL: |
2316 |
++ return "all"; |
2317 |
++ } |
2318 |
++ return NULL; |
2319 |
++} |
2320 |
++#endif |
2321 |
++ |
2322 |
+ #if P2MP |
2323 |
+ |
2324 |
+ #ifndef ENABLE_SMALL |
2325 |
+@@ -1204,6 +1230,11 @@ show_p2mp_parms (const struct options *o) |
2326 |
+ SHOW_STR (port_share_host); |
2327 |
+ SHOW_STR (port_share_port); |
2328 |
+ #endif |
2329 |
++#ifdef ENABLE_VLAN_TAGGING |
2330 |
++ SHOW_BOOL (vlan_tagging); |
2331 |
++ msg (D_SHOW_PARMS, " vlan_accept = %s", print_vlan_accept (o->vlan_accept)); |
2332 |
++ SHOW_INT (vlan_pvid); |
2333 |
++#endif |
2334 |
+ #endif /* P2MP_SERVER */ |
2335 |
+ |
2336 |
+ SHOW_BOOL (client); |
2337 |
+@@ -2058,6 +2089,17 @@ options_postprocess_verify_ce (const struct options *options, const struct conne |
2338 |
+ if ((options->ssl_flags & SSLF_AUTH_USER_PASS_OPTIONAL) && !ccnr) |
2339 |
+ msg (M_USAGE, "--auth-user-pass-optional %s", postfix); |
2340 |
+ } |
2341 |
++#ifdef ENABLE_VLAN_TAGGING |
2342 |
++ if (options->vlan_tagging && dev != DEV_TYPE_TAP) |
2343 |
++ msg (M_USAGE, "--vlan-tagging must be used with --dev tap"); |
2344 |
++ if (!options->vlan_tagging) |
2345 |
++ { |
2346 |
++ if (options->vlan_accept != defaults.vlan_accept) |
2347 |
++ msg (M_USAGE, "--vlan-accept requires --vlan-tagging"); |
2348 |
++ if (options->vlan_pvid != defaults.vlan_pvid) |
2349 |
++ msg (M_USAGE, "--vlan-pvid requires --vlan-tagging"); |
2350 |
++ } |
2351 |
++#endif |
2352 |
+ } |
2353 |
+ else |
2354 |
+ { |
2355 |
+@@ -2104,6 +2146,10 @@ options_postprocess_verify_ce (const struct options *options, const struct conne |
2356 |
+ if (options->port_share_host || options->port_share_port) |
2357 |
+ msg (M_USAGE, "--port-share requires TCP server mode (--mode server --proto tcp-server)"); |
2358 |
+ #endif |
2359 |
++#ifdef ENABLE_VLAN_TAGGING |
2360 |
++ if (options->vlan_tagging) |
2361 |
++ msg (M_USAGE, "--vlan-tagging requires --mode server"); |
2362 |
++#endif |
2363 |
+ |
2364 |
+ if (options->stale_routes_check_interval) |
2365 |
+ msg (M_USAGE, "--stale-routes-check requires --mode server"); |
2366 |
+@@ -7023,6 +7069,45 @@ add_option (struct options *options, |
2367 |
+ options->use_peer_id = true; |
2368 |
+ options->peer_id = atoi(p[1]); |
2369 |
+ } |
2370 |
++#ifdef ENABLE_VLAN_TAGGING |
2371 |
++ else if (streq (p[0], "vlan-tagging")) |
2372 |
++ { |
2373 |
++ VERIFY_PERMISSION (OPT_P_GENERAL); |
2374 |
++ options->vlan_tagging = true; |
2375 |
++ } |
2376 |
++ else if (streq (p[0], "vlan-accept") && p[1]) |
2377 |
++ { |
2378 |
++ VERIFY_PERMISSION (OPT_P_GENERAL); |
2379 |
++ if (streq (p[1], "tagged")) |
2380 |
++ { |
2381 |
++ options->vlan_accept = VAF_ONLY_VLAN_TAGGED; |
2382 |
++ } |
2383 |
++ else if (streq (p[1], "untagged")) |
2384 |
++ { |
2385 |
++ options->vlan_accept = VAF_ONLY_UNTAGGED_OR_PRIORITY; |
2386 |
++ } |
2387 |
++ else if (streq (p[1], "all")) |
2388 |
++ { |
2389 |
++ options->vlan_accept = VAF_ALL; |
2390 |
++ } |
2391 |
++ else |
2392 |
++ { |
2393 |
++ msg (msglevel, "--vlan-accept must be 'tagged', 'untagged' or 'all'"); |
2394 |
++ goto err; |
2395 |
++ } |
2396 |
++ } |
2397 |
++ else if (streq (p[0], "vlan-pvid") && p[1]) |
2398 |
++ { |
2399 |
++ VERIFY_PERMISSION (OPT_P_GENERAL|OPT_P_INSTANCE); |
2400 |
++ options->vlan_pvid = positive_atoi (p[1]); |
2401 |
++ if (options->vlan_pvid < OPENVPN_8021Q_MIN_VID || |
2402 |
++ options->vlan_pvid > OPENVPN_8021Q_MAX_VID) |
2403 |
++ { |
2404 |
++ msg (msglevel, "the parameter of --vlan-pvid parameters must be >= %u and <= %u", OPENVPN_8021Q_MIN_VID, OPENVPN_8021Q_MAX_VID); |
2405 |
++ goto err; |
2406 |
++ } |
2407 |
++ } |
2408 |
++#endif |
2409 |
+ else |
2410 |
+ { |
2411 |
+ int i; |
2412 |
+diff --git a/src/openvpn/options.h b/src/openvpn/options.h |
2413 |
+index 7a8b21e..35fa6b1 100644 |
2414 |
+--- a/src/openvpn/options.h |
2415 |
++++ b/src/openvpn/options.h |
2416 |
+@@ -159,6 +159,15 @@ struct remote_list |
2417 |
+ struct remote_entry *array[CONNECTION_LIST_SIZE]; |
2418 |
+ }; |
2419 |
+ |
2420 |
++#ifdef ENABLE_VLAN_TAGGING |
2421 |
++enum vlan_acceptable_frames |
2422 |
++{ |
2423 |
++ VAF_ONLY_VLAN_TAGGED, |
2424 |
++ VAF_ONLY_UNTAGGED_OR_PRIORITY, |
2425 |
++ VAF_ALL, |
2426 |
++}; |
2427 |
++#endif |
2428 |
++ |
2429 |
+ struct remote_host_store |
2430 |
+ { |
2431 |
+ # define RH_HOST_LEN 80 |
2432 |
+@@ -597,6 +606,12 @@ struct options |
2433 |
+ |
2434 |
+ bool use_peer_id; |
2435 |
+ uint32_t peer_id; |
2436 |
++ |
2437 |
++#ifdef ENABLE_VLAN_TAGGING |
2438 |
++ bool vlan_tagging; |
2439 |
++ enum vlan_acceptable_frames vlan_accept; |
2440 |
++ uint16_t vlan_pvid; |
2441 |
++#endif |
2442 |
+ }; |
2443 |
+ |
2444 |
+ #define streq(x, y) (!strcmp((x), (y))) |
2445 |
+diff --git a/src/openvpn/proto.c b/src/openvpn/proto.c |
2446 |
+index 7b58e6a..2921a6e 100644 |
2447 |
+--- a/src/openvpn/proto.c |
2448 |
++++ b/src/openvpn/proto.c |
2449 |
+@@ -60,9 +60,22 @@ is_ipv_X ( int tunnel_type, struct buffer *buf, int ip_ver ) |
2450 |
+ + sizeof (struct openvpn_iphdr))) |
2451 |
+ return false; |
2452 |
+ eh = (const struct openvpn_ethhdr *) BPTR (buf); |
2453 |
+- if (ntohs (eh->proto) != (ip_ver == 6 ? OPENVPN_ETH_P_IPV6 : OPENVPN_ETH_P_IPV4)) |
2454 |
+- return false; |
2455 |
+- offset = sizeof (struct openvpn_ethhdr); |
2456 |
++ if (ntohs (eh->proto) == OPENVPN_ETH_P_8021Q) { |
2457 |
++ const struct openvpn_8021qhdr *evh; |
2458 |
++ if (BLEN (buf) < (int)(sizeof (struct openvpn_8021qhdr) |
2459 |
++ + sizeof (struct openvpn_iphdr))) |
2460 |
++ return false; |
2461 |
++ evh = (const struct openvpn_8021qhdr *) BPTR (buf); |
2462 |
++ if (ntohs (evh->proto) != |
2463 |
++ (ip_ver == 6 ? OPENVPN_ETH_P_IPV6 : OPENVPN_ETH_P_IPV4)) |
2464 |
++ return false; |
2465 |
++ else |
2466 |
++ offset = sizeof (struct openvpn_8021qhdr); |
2467 |
++ } else if (ntohs (eh->proto) != |
2468 |
++ (ip_ver == 6 ? OPENVPN_ETH_P_IPV6 : OPENVPN_ETH_P_IPV4)) |
2469 |
++ return false; |
2470 |
++ else |
2471 |
++ offset = sizeof (struct openvpn_ethhdr); |
2472 |
+ } |
2473 |
+ else |
2474 |
+ return false; |
2475 |
+diff --git a/src/openvpn/proto.h b/src/openvpn/proto.h |
2476 |
+index f91e787..45e885f 100644 |
2477 |
+--- a/src/openvpn/proto.h |
2478 |
++++ b/src/openvpn/proto.h |
2479 |
+@@ -6,6 +6,7 @@ |
2480 |
+ * packet compression. |
2481 |
+ * |
2482 |
+ * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@×××××××.net> |
2483 |
++ * Copyright (C) 2010 Fabian Knittel <fabian.knittel@×××××××.de> |
2484 |
+ * |
2485 |
+ * This program is free software; you can redistribute it and/or modify |
2486 |
+ * it under the terms of the GNU General Public License version 2 |
2487 |
+@@ -61,9 +62,29 @@ struct openvpn_ethhdr |
2488 |
+ # define OPENVPN_ETH_P_IPV4 0x0800 /* IPv4 protocol */ |
2489 |
+ # define OPENVPN_ETH_P_IPV6 0x86DD /* IPv6 protocol */ |
2490 |
+ # define OPENVPN_ETH_P_ARP 0x0806 /* ARP protocol */ |
2491 |
++# define OPENVPN_ETH_P_8021Q 0x8100 /* 802.1Q protocol */ |
2492 |
+ uint16_t proto; /* packet type ID field */ |
2493 |
+ }; |
2494 |
+ |
2495 |
++struct openvpn_8021qhdr |
2496 |
++{ |
2497 |
++ uint8_t dest[OPENVPN_ETH_ALEN]; /* destination ethernet addr */ |
2498 |
++ uint8_t source[OPENVPN_ETH_ALEN]; /* source ethernet addr */ |
2499 |
++ |
2500 |
++ uint16_t tpid; /* 802.1Q Tag Protocol Identifier */ |
2501 |
++# define OPENVPN_8021Q_MASK_VID htons (0x0FFF) /* mask VID out of pcp_cfi_vid */ |
2502 |
++# define OPENVPN_8021Q_MASK_PCP htons (0xE000) /* mask PCP out of pcp_cfi_vid */ |
2503 |
++# define OPENVPN_8021Q_MASK_CFI htons (0x1000) /* mask CFI out of pcp_cfi_vid */ |
2504 |
++ uint16_t pcp_cfi_vid; /* bit fields, see IEEE 802.1Q */ |
2505 |
++ uint16_t proto; /* contained packet type ID field */ |
2506 |
++}; |
2507 |
++ |
2508 |
++/* |
2509 |
++ * Size difference between a regular Ethernet II header and an Ethernet II |
2510 |
++ * header with additional IEEE 802.1Q tagging. |
2511 |
++ */ |
2512 |
++#define SIZE_ETH_TO_8021Q_HDR (sizeof (struct openvpn_8021qhdr) - sizeof (struct openvpn_ethhdr)) |
2513 |
++ |
2514 |
+ struct openvpn_arp { |
2515 |
+ # define ARP_MAC_ADDR_TYPE 0x0001 |
2516 |
+ uint16_t mac_addr_type; /* 0x0001 */ |
2517 |
+@@ -234,4 +255,80 @@ void ipv4_packet_size_verify (const uint8_t *data, |
2518 |
+ counter_type *errors); |
2519 |
+ #endif |
2520 |
+ |
2521 |
++#ifdef ENABLE_VLAN_TAGGING |
2522 |
++# define OPENVPN_8021Q_MIN_VID 1 |
2523 |
++# define OPENVPN_8021Q_MAX_VID 4094 |
2524 |
++ |
2525 |
++/* |
2526 |
++ * Retrieve the Priority Code Point (PCP) from the IEEE 802.1Q header. |
2527 |
++ * |
2528 |
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging. |
2529 |
++ * @return Returns the PCP in host byte order. |
2530 |
++ */ |
2531 |
++static inline uint16_t |
2532 |
++vlanhdr_get_pcp (const struct openvpn_8021qhdr *hdr) |
2533 |
++{ |
2534 |
++ return ntohs (hdr->pcp_cfi_vid & OPENVPN_8021Q_MASK_PCP); |
2535 |
++} |
2536 |
++/* |
2537 |
++ * Retrieve the Canonical Format Indicator (CFI) from the IEEE 802.1Q header. |
2538 |
++ * |
2539 |
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging. |
2540 |
++ * @return Returns the CFI in host byte order. |
2541 |
++ */ |
2542 |
++static inline uint16_t |
2543 |
++vlanhdr_get_cfi (const struct openvpn_8021qhdr *hdr) |
2544 |
++{ |
2545 |
++ return ntohs (hdr->pcp_cfi_vid & OPENVPN_8021Q_MASK_CFI); |
2546 |
++} |
2547 |
++/* |
2548 |
++ * Retrieve the VLAN Identifier (VID) from the IEEE 802.1Q header. |
2549 |
++ * |
2550 |
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging. |
2551 |
++ * @return Returns the VID in host byte order. |
2552 |
++ */ |
2553 |
++static inline uint16_t |
2554 |
++vlanhdr_get_vid (const struct openvpn_8021qhdr *hdr) |
2555 |
++{ |
2556 |
++ return ntohs (hdr->pcp_cfi_vid & OPENVPN_8021Q_MASK_VID); |
2557 |
++} |
2558 |
++ |
2559 |
++/* |
2560 |
++ * Set the Priority Code Point (PCP) in an IEEE 802.1Q header. |
2561 |
++ * |
2562 |
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging. |
2563 |
++ * @param pcp The PCP to set (in host byte order). |
2564 |
++ */ |
2565 |
++static inline void |
2566 |
++vlanhdr_set_pcp (struct openvpn_8021qhdr *hdr, const uint16_t pcp) |
2567 |
++{ |
2568 |
++ hdr->pcp_cfi_vid = (hdr->pcp_cfi_vid & ~OPENVPN_8021Q_MASK_PCP) | |
2569 |
++ (htons (pcp) & OPENVPN_8021Q_MASK_PCP); |
2570 |
++} |
2571 |
++/* |
2572 |
++ * Set the Canonical Format Indicator (CFI) in an IEEE 802.1Q header. |
2573 |
++ * |
2574 |
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging. |
2575 |
++ * @param cfi The CFI to set (in host byte order). |
2576 |
++ */ |
2577 |
++static inline void |
2578 |
++vlanhdr_set_cfi (struct openvpn_8021qhdr *hdr, const uint16_t cfi) |
2579 |
++{ |
2580 |
++ hdr->pcp_cfi_vid = (hdr->pcp_cfi_vid & ~OPENVPN_8021Q_MASK_CFI) | |
2581 |
++ (htons (cfi) & OPENVPN_8021Q_MASK_CFI); |
2582 |
++} |
2583 |
++/* |
2584 |
++ * Set the VLAN Identifier (VID) in an IEEE 802.1Q header. |
2585 |
++ * |
2586 |
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging. |
2587 |
++ * @param vid The VID to set (in host byte order). |
2588 |
++ */ |
2589 |
++static inline void |
2590 |
++vlanhdr_set_vid (struct openvpn_8021qhdr *hdr, const uint16_t vid) |
2591 |
++{ |
2592 |
++ hdr->pcp_cfi_vid = (hdr->pcp_cfi_vid & ~OPENVPN_8021Q_MASK_VID) | |
2593 |
++ (htons (vid) & OPENVPN_8021Q_MASK_VID); |
2594 |
++} |
2595 |
++#endif |
2596 |
++ |
2597 |
+ #endif |
2598 |
|
2599 |
diff --git a/net-misc/openvpn/files/65openvpn b/net-misc/openvpn/files/65openvpn |
2600 |
new file mode 100644 |
2601 |
index 0000000..4ddb034 |
2602 |
--- /dev/null |
2603 |
+++ b/net-misc/openvpn/files/65openvpn |
2604 |
@@ -0,0 +1 @@ |
2605 |
+CONFIG_PROTECT="/usr/share/openvpn/easy-rsa" |
2606 |
|
2607 |
diff --git a/net-misc/openvpn/files/down.sh b/net-misc/openvpn/files/down.sh |
2608 |
new file mode 100644 |
2609 |
index 0000000..1c70db0 |
2610 |
--- /dev/null |
2611 |
+++ b/net-misc/openvpn/files/down.sh |
2612 |
@@ -0,0 +1,33 @@ |
2613 |
+#!/bin/sh |
2614 |
+# Copyright (c) 2006-2007 Gentoo Foundation |
2615 |
+# Distributed under the terms of the GNU General Public License v2 |
2616 |
+# Contributed by Roy Marples (uberlord@g.o) |
2617 |
+ |
2618 |
+# If we have a service specific script, run this now |
2619 |
+if [ -x /etc/openvpn/"${SVCNAME}"-down.sh ] ; then |
2620 |
+ /etc/openvpn/"${SVCNAME}"-down.sh "$@" |
2621 |
+fi |
2622 |
+ |
2623 |
+# Restore resolv.conf to how it was |
2624 |
+if [ "${PEER_DNS}" != "no" ]; then |
2625 |
+ if [ -x /sbin/resolvconf ] ; then |
2626 |
+ /sbin/resolvconf -d "${dev}" |
2627 |
+ elif [ -e /etc/resolv.conf-"${dev}".sv ] ; then |
2628 |
+ # Important that we copy instead of move incase resolv.conf is |
2629 |
+ # a symlink and not an actual file |
2630 |
+ cp /etc/resolv.conf-"${dev}".sv /etc/resolv.conf |
2631 |
+ rm -f /etc/resolv.conf-"${dev}".sv |
2632 |
+ fi |
2633 |
+fi |
2634 |
+ |
2635 |
+if [ -n "${SVCNAME}" ]; then |
2636 |
+ # Re-enter the init script to start any dependant services |
2637 |
+ if /etc/init.d/"${SVCNAME}" --quiet status ; then |
2638 |
+ export IN_BACKGROUND=true |
2639 |
+ /etc/init.d/"${SVCNAME}" --quiet stop |
2640 |
+ fi |
2641 |
+fi |
2642 |
+ |
2643 |
+exit 0 |
2644 |
+ |
2645 |
+# vim: ts=4 : |
2646 |
|
2647 |
diff --git a/net-misc/openvpn/files/openvpn-2.1.conf b/net-misc/openvpn/files/openvpn-2.1.conf |
2648 |
new file mode 100644 |
2649 |
index 0000000..72510c3 |
2650 |
--- /dev/null |
2651 |
+++ b/net-misc/openvpn/files/openvpn-2.1.conf |
2652 |
@@ -0,0 +1,18 @@ |
2653 |
+# OpenVPN automatically creates an /etc/resolv.conf (or sends it to |
2654 |
+# resolvconf) if given DNS information by the OpenVPN server. |
2655 |
+# Set PEER_DNS="no" to stop this. |
2656 |
+PEER_DNS="yes" |
2657 |
+ |
2658 |
+# OpenVPN can run in many modes. Most people will want the init script |
2659 |
+# to automatically detect the mode and try and apply a good default |
2660 |
+# configuration and setup scripts. However, there are cases where the |
2661 |
+# OpenVPN configuration looks like a client, but it's really a peer or |
2662 |
+# something else. DETECT_CLIENT controls this behaviour. |
2663 |
+DETECT_CLIENT="yes" |
2664 |
+ |
2665 |
+# If DETECT_CLIENT is no and you have your own scripts to re-enter the openvpn |
2666 |
+# init script (ie, it first becomes "inactive" and the script then starts the |
2667 |
+# script again to make it "started") then you can state this below. |
2668 |
+# In other words, unless you understand service dependencies and are a |
2669 |
+# competent shell scripter, don't set this. |
2670 |
+RE_ENTER="no" |
2671 |
|
2672 |
diff --git a/net-misc/openvpn/files/openvpn-2.1.init b/net-misc/openvpn/files/openvpn-2.1.init |
2673 |
new file mode 100644 |
2674 |
index 0000000..d65e6f8 |
2675 |
--- /dev/null |
2676 |
+++ b/net-misc/openvpn/files/openvpn-2.1.init |
2677 |
@@ -0,0 +1,133 @@ |
2678 |
+#!/sbin/runscript |
2679 |
+# Copyright 1999-2007 Gentoo Foundation |
2680 |
+# Distributed under the terms of the GNU General Public License v2 |
2681 |
+ |
2682 |
+VPNDIR=${VPNDIR:-/etc/openvpn} |
2683 |
+VPN=${SVCNAME#*.} |
2684 |
+if [ -n "${VPN}" ] && [ ${SVCNAME} != "openvpn" ]; then |
2685 |
+ VPNPID="/var/run/openvpn.${VPN}.pid" |
2686 |
+else |
2687 |
+ VPNPID="/var/run/openvpn.pid" |
2688 |
+fi |
2689 |
+VPNCONF="${VPNDIR}/${VPN}.conf" |
2690 |
+ |
2691 |
+depend() { |
2692 |
+ need localmount net |
2693 |
+ use dns |
2694 |
+ after bootmisc |
2695 |
+} |
2696 |
+ |
2697 |
+checkconfig() { |
2698 |
+ # Linux has good dynamic tun/tap creation |
2699 |
+ if [ $(uname -s) = "Linux" ] ; then |
2700 |
+ if [ ! -e /dev/net/tun ]; then |
2701 |
+ if ! modprobe tun ; then |
2702 |
+ eerror "TUN/TAP support is not available" \ |
2703 |
+ "in this kernel" |
2704 |
+ return 1 |
2705 |
+ fi |
2706 |
+ fi |
2707 |
+ if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then |
2708 |
+ ebegin "Detected broken /dev/net/tun symlink, fixing..." |
2709 |
+ rm -f /dev/net/tun |
2710 |
+ ln -s /dev/misc/net/tun /dev/net/tun |
2711 |
+ eend $? |
2712 |
+ fi |
2713 |
+ return 0 |
2714 |
+ fi |
2715 |
+ |
2716 |
+ # Other OS's don't, so we rely on a pre-configured interface |
2717 |
+ # per vpn instance |
2718 |
+ local ifname=$(sed -n -e 's/[[:space:]]*dev[[:space:]][[:space:]]*\([^[:space:]]*\).*/\1/p' "${VPNCONF}") |
2719 |
+ if [ -z ${ifname} ] ; then |
2720 |
+ eerror "You need to specify the interface that this openvpn" \ |
2721 |
+ "instance should use" \ |
2722 |
+ "by using the dev option in ${VPNCONF}" |
2723 |
+ return 1 |
2724 |
+ fi |
2725 |
+ |
2726 |
+ if ! ifconfig "${ifname}" >/dev/null 2>/dev/null ; then |
2727 |
+ # Try and create it |
2728 |
+ echo > /dev/"${ifname}" >/dev/null |
2729 |
+ fi |
2730 |
+ if ! ifconfig "${ifname}" >/dev/null 2>/dev/null ; then |
2731 |
+ eerror "${VPNCONF} requires interface ${ifname}" \ |
2732 |
+ "but that does not exist" |
2733 |
+ return 1 |
2734 |
+ fi |
2735 |
+} |
2736 |
+ |
2737 |
+start() { |
2738 |
+ # If we are re-called by the openvpn gentoo-up.sh script |
2739 |
+ # then we don't actually want to start openvpn |
2740 |
+ [ "${IN_BACKGROUND}" = "true" ] && return 0 |
2741 |
+ |
2742 |
+ ebegin "Starting ${SVCNAME}" |
2743 |
+ |
2744 |
+ checkconfig || return 1 |
2745 |
+ |
2746 |
+ local args="" reenter=${RE_ENTER:-no} |
2747 |
+ # If the config file does not specify the cd option, we do |
2748 |
+ # But if we specify it, we override the config option which we do not want |
2749 |
+ if ! grep -q "^[ ]*cd[ ].*" "${VPNCONF}" ; then |
2750 |
+ args="${args} --cd ${VPNDIR}" |
2751 |
+ fi |
2752 |
+ |
2753 |
+ # We mark the service as inactive and then start it. |
2754 |
+ # When we get an authenticated packet from the peer then we run our script |
2755 |
+ # which configures our DNS if any and marks us as up. |
2756 |
+ if [ "${DETECT_CLIENT:-yes}" = "yes" ] && \ |
2757 |
+ grep -q "^[ ]*remote[ ].*" "${VPNCONF}" ; then |
2758 |
+ reenter="yes" |
2759 |
+ args="${args} --up-delay --up-restart" |
2760 |
+ args="${args} --script-security 2" |
2761 |
+ args="${args} --up /etc/openvpn/up.sh" |
2762 |
+ args="${args} --down-pre --down /etc/openvpn/down.sh" |
2763 |
+ |
2764 |
+ # Warn about setting scripts as we override them |
2765 |
+ if grep -Eq "^[ ]*(up|down)[ ].*" "${VPNCONF}" ; then |
2766 |
+ ewarn "WARNING: You have defined your own up/down scripts" |
2767 |
+ ewarn "As you're running as a client, we now force Gentoo specific" |
2768 |
+ ewarn "scripts to be run for up and down events." |
2769 |
+ ewarn "These scripts will call /etc/openvpn/${SVCNAME}-{up,down}.sh" |
2770 |
+ ewarn "where you can put your own code." |
2771 |
+ fi |
2772 |
+ |
2773 |
+ # Warn about the inability to change ip/route/dns information when |
2774 |
+ # dropping privs |
2775 |
+ if grep -q "^[ ]*user[ ].*" "${VPNCONF}" ; then |
2776 |
+ ewarn "WARNING: You are dropping root privileges!" |
2777 |
+ ewarn "As such openvpn may not be able to change ip, routing" |
2778 |
+ ewarn "or DNS configuration." |
2779 |
+ fi |
2780 |
+ else |
2781 |
+ # So we're a server. Run as openvpn unless otherwise specified |
2782 |
+ grep -q "^[ ]*user[ ].*" "${VPNCONF}" || args="${args} --user openvpn" |
2783 |
+ grep -q "^[ ]*group[ ].*" "${VPNCONF}" || args="${args} --group openvpn" |
2784 |
+ fi |
2785 |
+ |
2786 |
+ # Ensure that our scripts get the PEER_DNS variable |
2787 |
+ [ -n "${PEER_DNS}" ] && args="${args} --setenv PEER_DNS ${PEER_DNS}" |
2788 |
+ |
2789 |
+ [ "${reenter}" = "yes" ] && mark_service_inactive "${SVCNAME}" |
2790 |
+ start-stop-daemon --start --exec /usr/sbin/openvpn --pidfile "${VPNPID}" \ |
2791 |
+ -- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon \ |
2792 |
+ --setenv SVCNAME "${SVCNAME}" ${args} |
2793 |
+ eend $? "Check your logs to see why startup failed" |
2794 |
+} |
2795 |
+ |
2796 |
+stop() { |
2797 |
+ # If we are re-called by the openvpn gentoo-down.sh script |
2798 |
+ # then we don't actually want to stop openvpn |
2799 |
+ if [ "${IN_BACKGROUND}" = "true" ] ; then |
2800 |
+ mark_service_inactive "${SVCNAME}" |
2801 |
+ return 0 |
2802 |
+ fi |
2803 |
+ |
2804 |
+ ebegin "Stopping ${SVCNAME}" |
2805 |
+ start-stop-daemon --stop --quiet \ |
2806 |
+ --exec /usr/sbin/openvpn --pidfile "${VPNPID}" |
2807 |
+ eend $? |
2808 |
+} |
2809 |
+ |
2810 |
+# vim: set ts=4 : |
2811 |
|
2812 |
diff --git a/net-misc/openvpn/files/openvpn.init b/net-misc/openvpn/files/openvpn.init |
2813 |
new file mode 100644 |
2814 |
index 0000000..489ab49 |
2815 |
--- /dev/null |
2816 |
+++ b/net-misc/openvpn/files/openvpn.init |
2817 |
@@ -0,0 +1,63 @@ |
2818 |
+#!/sbin/runscript |
2819 |
+# Copyright 1999-2007 Gentoo Foundation |
2820 |
+# Distributed under the terms of the GNU General Public License v2 |
2821 |
+ |
2822 |
+VPNDIR="/etc/openvpn" |
2823 |
+VPN="${SVCNAME#*.}" |
2824 |
+if [ -n "${VPN}" ] && [ "${SVCNAME}" != "openvpn" ]; then |
2825 |
+ VPNPID="/var/run/openvpn.${VPN}.pid" |
2826 |
+else |
2827 |
+ VPNPID="/var/run/openvpn.pid" |
2828 |
+fi |
2829 |
+VPNCONF="${VPNDIR}/${VPN}.conf" |
2830 |
+ |
2831 |
+depend() { |
2832 |
+ need localmount net |
2833 |
+ before netmount |
2834 |
+ after bootmisc |
2835 |
+} |
2836 |
+ |
2837 |
+checktundevice() { |
2838 |
+ if [ ! -e /dev/net/tun ]; then |
2839 |
+ if ! modprobe tun ; then |
2840 |
+ eerror "TUN/TAP support is not available in this kernel" |
2841 |
+ return 1 |
2842 |
+ fi |
2843 |
+ fi |
2844 |
+ if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then |
2845 |
+ ebegin "Detected broken /dev/net/tun symlink, fixing..." |
2846 |
+ rm -f /dev/net/tun |
2847 |
+ ln -s /dev/misc/net/tun /dev/net/tun |
2848 |
+ eend $? |
2849 |
+ fi |
2850 |
+} |
2851 |
+ |
2852 |
+start() { |
2853 |
+ ebegin "Starting ${SVCNAME}" |
2854 |
+ |
2855 |
+ checktundevice || return 1 |
2856 |
+ |
2857 |
+ if [ ! -e "${VPNCONF}" ]; then |
2858 |
+ eend 1 "${VPNCONF} does not exist" |
2859 |
+ return 1 |
2860 |
+ fi |
2861 |
+ |
2862 |
+ local args="" |
2863 |
+ # If the config file does not specify the cd option, we do |
2864 |
+ # But if we specify it, we override the config option which we do not want |
2865 |
+ if ! grep -q "^[ ]*cd[ ].*" "${VPNCONF}" ; then |
2866 |
+ args="${args} --cd ${VPNDIR}" |
2867 |
+ fi |
2868 |
+ |
2869 |
+ start-stop-daemon --start --exec /usr/sbin/openvpn --pidfile "${VPNPID}" \ |
2870 |
+ -- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args} |
2871 |
+ eend $? "Check your logs to see why startup failed" |
2872 |
+} |
2873 |
+ |
2874 |
+stop() { |
2875 |
+ ebegin "Stopping ${SVCNAME}" |
2876 |
+ start-stop-daemon --stop --exec /usr/sbin/openvpn --pidfile "${VPNPID}" |
2877 |
+ eend $? |
2878 |
+} |
2879 |
+ |
2880 |
+# vim: ts=4 |
2881 |
|
2882 |
diff --git a/net-misc/openvpn/files/openvpn.service b/net-misc/openvpn/files/openvpn.service |
2883 |
new file mode 100644 |
2884 |
index 0000000..358dcb7 |
2885 |
--- /dev/null |
2886 |
+++ b/net-misc/openvpn/files/openvpn.service |
2887 |
@@ -0,0 +1,12 @@ |
2888 |
+[Unit] |
2889 |
+Description=OpenVPN Robust And Highly Flexible Tunneling Application On %I |
2890 |
+After=syslog.target network.target |
2891 |
+ |
2892 |
+[Service] |
2893 |
+PrivateTmp=true |
2894 |
+Type=forking |
2895 |
+PIDFile=/var/run/openvpn/%i.pid |
2896 |
+ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf |
2897 |
+ |
2898 |
+[Install] |
2899 |
+WantedBy=multi-user.target |
2900 |
|
2901 |
diff --git a/net-misc/openvpn/files/openvpn.tmpfile b/net-misc/openvpn/files/openvpn.tmpfile |
2902 |
new file mode 100644 |
2903 |
index 0000000..d5fca71 |
2904 |
--- /dev/null |
2905 |
+++ b/net-misc/openvpn/files/openvpn.tmpfile |
2906 |
@@ -0,0 +1 @@ |
2907 |
+D /var/run/openvpn 0710 root openvpn - |
2908 |
|
2909 |
diff --git a/net-misc/openvpn/files/up.sh b/net-misc/openvpn/files/up.sh |
2910 |
new file mode 100644 |
2911 |
index 0000000..6ce82d6 |
2912 |
--- /dev/null |
2913 |
+++ b/net-misc/openvpn/files/up.sh |
2914 |
@@ -0,0 +1,100 @@ |
2915 |
+#!/bin/sh |
2916 |
+# Copyright (c) 2006-2007 Gentoo Foundation |
2917 |
+# Distributed under the terms of the GNU General Public License v2 |
2918 |
+# Contributed by Roy Marples (uberlord@g.o) |
2919 |
+ |
2920 |
+# Setup our resolv.conf |
2921 |
+# Vitally important that we use the domain entry in resolv.conf so we |
2922 |
+# can setup the nameservers are for the domain ONLY in resolvconf if |
2923 |
+# we're using a decent dns cache/forwarder like dnsmasq and NOT nscd/libc. |
2924 |
+# nscd/libc users will get the VPN nameservers before their other ones |
2925 |
+# and will use the first one that responds - maybe the LAN ones? |
2926 |
+# non resolvconf users just the the VPN resolv.conf |
2927 |
+ |
2928 |
+# FIXME:- if we have >1 domain, then we have to use search :/ |
2929 |
+# We need to add a flag to resolvconf to say |
2930 |
+# "these nameservers should only be used for the listed search domains |
2931 |
+# if other global nameservers are present on other interfaces" |
2932 |
+# This however, will break compatibility with Debians resolvconf |
2933 |
+# A possible workaround would be to just list multiple domain lines |
2934 |
+# and try and let resolvconf handle it |
2935 |
+ |
2936 |
+min_route() { |
2937 |
+ local n=1 |
2938 |
+ local m |
2939 |
+ local r |
2940 |
+ |
2941 |
+ eval m="\$route_metric_$n" |
2942 |
+ while [ -n "${m}" ]; do |
2943 |
+ if [ -z "$r" ] || [ "$r" -gt "$m" ]; then |
2944 |
+ r="$m" |
2945 |
+ fi |
2946 |
+ n="$(($n+1))" |
2947 |
+ eval m="\$route_metric_$n" |
2948 |
+ done |
2949 |
+ |
2950 |
+ echo "$r" |
2951 |
+} |
2952 |
+ |
2953 |
+if [ "${PEER_DNS}" != "no" ]; then |
2954 |
+ NS= |
2955 |
+ DOMAIN= |
2956 |
+ SEARCH= |
2957 |
+ i=1 |
2958 |
+ while true ; do |
2959 |
+ eval opt=\$foreign_option_${i} |
2960 |
+ [ -z "${opt}" ] && break |
2961 |
+ if [ "${opt}" != "${opt#dhcp-option DOMAIN *}" ] ; then |
2962 |
+ if [ -z "${DOMAIN}" ] ; then |
2963 |
+ DOMAIN="${opt#dhcp-option DOMAIN *}" |
2964 |
+ else |
2965 |
+ SEARCH="${SEARCH}${SEARCH:+ }${opt#dhcp-option DOMAIN *}" |
2966 |
+ fi |
2967 |
+ elif [ "${opt}" != "${opt#dhcp-option DNS *}" ] ; then |
2968 |
+ NS="${NS}nameserver ${opt#dhcp-option DNS *}\n" |
2969 |
+ fi |
2970 |
+ i=$((${i} + 1)) |
2971 |
+ done |
2972 |
+ |
2973 |
+ if [ -n "${NS}" ] ; then |
2974 |
+ DNS="# Generated by openvpn for interface ${dev}\n" |
2975 |
+ if [ -n "${SEARCH}" ] ; then |
2976 |
+ DNS="${DNS}search ${DOMAIN} ${SEARCH}\n" |
2977 |
+ elif [ -n "${DOMAIN}" ]; then |
2978 |
+ DNS="${DNS}domain ${DOMAIN}\n" |
2979 |
+ fi |
2980 |
+ DNS="${DNS}${NS}" |
2981 |
+ if [ -x /sbin/resolvconf ] ; then |
2982 |
+ metric="$(min_route)" |
2983 |
+ printf "${DNS}" | /sbin/resolvconf -a "${dev}" ${metric:+-m ${metric}} |
2984 |
+ else |
2985 |
+ # Preserve the existing resolv.conf |
2986 |
+ if [ -e /etc/resolv.conf ] ; then |
2987 |
+ cp /etc/resolv.conf /etc/resolv.conf-"${dev}".sv |
2988 |
+ fi |
2989 |
+ printf "${DNS}" > /etc/resolv.conf |
2990 |
+ chmod 644 /etc/resolv.conf |
2991 |
+ fi |
2992 |
+ fi |
2993 |
+fi |
2994 |
+ |
2995 |
+# Below section is Gentoo specific |
2996 |
+# Quick summary - our init scripts are re-entrant and set the SVCNAME env var |
2997 |
+# as we could have >1 openvpn service |
2998 |
+ |
2999 |
+if [ -n "${SVCNAME}" ]; then |
3000 |
+ # If we have a service specific script, run this now |
3001 |
+ if [ -x /etc/openvpn/"${SVCNAME}"-up.sh ] ; then |
3002 |
+ /etc/openvpn/"${SVCNAME}"-up.sh "$@" |
3003 |
+ fi |
3004 |
+ |
3005 |
+ # Re-enter the init script to start any dependant services |
3006 |
+ if ! /etc/init.d/"${SVCNAME}" --quiet status ; then |
3007 |
+ export IN_BACKGROUND=true |
3008 |
+ /etc/init.d/${SVCNAME} --quiet start |
3009 |
+ fi |
3010 |
+fi |
3011 |
+ |
3012 |
+exit 0 |
3013 |
+ |
3014 |
+# vim: ts=4 : |
3015 |
|
3016 |
diff --git a/net-misc/openvpn/metadata.xml b/net-misc/openvpn/metadata.xml |
3017 |
new file mode 100644 |
3018 |
index 0000000..7f3d1f9 |
3019 |
--- /dev/null |
3020 |
+++ b/net-misc/openvpn/metadata.xml |
3021 |
@@ -0,0 +1,23 @@ |
3022 |
+<?xml version="1.0" encoding="UTF-8"?> |
3023 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
3024 |
+<pkgmetadata> |
3025 |
+ <maintainer> |
3026 |
+ <email>djc@g.o</email> |
3027 |
+ <name>Dirkjan Ochtman</name> |
3028 |
+ </maintainer> |
3029 |
+ <longdescription>OpenVPN is an easy-to-use, robust and highly |
3030 |
+configurable VPN daemon which can be used to securely link two or more |
3031 |
+networks using an encrypted tunnel.</longdescription> |
3032 |
+ <use> |
3033 |
+ <flag name="down-root">Enable the down-root plugin</flag> |
3034 |
+ <flag name="iproute2">Enabled iproute2 support instead of net-tools</flag> |
3035 |
+ <flag name="passwordsave">Enables openvpn to save passwords</flag> |
3036 |
+ <flag name="polarssl">Use PolarSSL instead of OpenSSL</flag> |
3037 |
+ <flag name="pkcs11">Enable PKCS#11 smartcard support</flag> |
3038 |
+ <flag name="plugins">Enable the OpenVPN plugin system</flag> |
3039 |
+ <flag name="socks">Enable socks support</flag> |
3040 |
+ </use> |
3041 |
+ <upstream> |
3042 |
+ <remote-id type="cpe">cpe:/a:openvpn:openvpn</remote-id> |
3043 |
+ </upstream> |
3044 |
+</pkgmetadata> |
3045 |
|
3046 |
diff --git a/net-misc/openvpn/openvpn-2.3.8-r1.ebuild b/net-misc/openvpn/openvpn-2.3.8-r1.ebuild |
3047 |
new file mode 100644 |
3048 |
index 0000000..8658417 |
3049 |
--- /dev/null |
3050 |
+++ b/net-misc/openvpn/openvpn-2.3.8-r1.ebuild |
3051 |
@@ -0,0 +1,138 @@ |
3052 |
+# Copyright 1999-2015 Gentoo Foundation |
3053 |
+# Distributed under the terms of the GNU General Public License v2 |
3054 |
+# $Id$ |
3055 |
+ |
3056 |
+EAPI=5 |
3057 |
+ |
3058 |
+inherit eutils autotools multilib flag-o-matic user systemd |
3059 |
+ |
3060 |
+DESCRIPTION="Robust and highly flexible tunneling application compatible with many OSes" |
3061 |
+SRC_URI="http://swupdate.openvpn.net/community/releases/${P}.tar.gz" |
3062 |
+HOMEPAGE="http://openvpn.net/" |
3063 |
+ |
3064 |
+LICENSE="GPL-2" |
3065 |
+SLOT="0" |
3066 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~arm-linux ~x86-linux" |
3067 |
+IUSE="examples down-root iproute2 libressl +lzo pam passwordsave pkcs11 +plugins polarssl selinux socks +ssl static systemd userland_BSD" |
3068 |
+ |
3069 |
+REQUIRED_USE="static? ( !plugins !pkcs11 ) |
3070 |
+ polarssl? ( ssl !libressl ) |
3071 |
+ pkcs11? ( ssl ) |
3072 |
+ !plugins? ( !pam !down-root )" |
3073 |
+ |
3074 |
+DEPEND=" |
3075 |
+ kernel_linux? ( |
3076 |
+ iproute2? ( sys-apps/iproute2[-minimal] ) !iproute2? ( sys-apps/net-tools ) |
3077 |
+ ) |
3078 |
+ pam? ( virtual/pam ) |
3079 |
+ ssl? ( |
3080 |
+ !polarssl? ( |
3081 |
+ !libressl? ( >=dev-libs/openssl-0.9.7:* ) |
3082 |
+ libressl? ( dev-libs/libressl ) |
3083 |
+ ) |
3084 |
+ polarssl? ( >=net-libs/polarssl-1.2.10 ) |
3085 |
+ ) |
3086 |
+ lzo? ( >=dev-libs/lzo-1.07 ) |
3087 |
+ pkcs11? ( >=dev-libs/pkcs11-helper-1.11 ) |
3088 |
+ systemd? ( sys-apps/systemd )" |
3089 |
+RDEPEND="${DEPEND} |
3090 |
+ selinux? ( sec-policy/selinux-openvpn ) |
3091 |
+" |
3092 |
+ |
3093 |
+src_prepare() { |
3094 |
+ epatch "${FILESDIR}/2.3.6-vlan-support.patch" |
3095 |
+ eautoreconf |
3096 |
+} |
3097 |
+ |
3098 |
+src_configure() { |
3099 |
+ use static && LDFLAGS="${LDFLAGS} -Xcompiler -static" |
3100 |
+ local myconf |
3101 |
+ use polarssl && myconf="--with-crypto-library=polarssl" |
3102 |
+ econf \ |
3103 |
+ ${myconf} \ |
3104 |
+ --docdir="${EPREFIX}/usr/share/doc/${PF}" \ |
3105 |
+ --with-plugindir="${ROOT}/usr/$(get_libdir)/$PN" \ |
3106 |
+ $(use_enable passwordsave password-save) \ |
3107 |
+ $(use_enable ssl) \ |
3108 |
+ $(use_enable ssl crypto) \ |
3109 |
+ $(use_enable lzo) \ |
3110 |
+ $(use_enable pkcs11) \ |
3111 |
+ $(use_enable plugins) \ |
3112 |
+ $(use_enable iproute2) \ |
3113 |
+ $(use_enable socks) \ |
3114 |
+ $(use_enable pam plugin-auth-pam) \ |
3115 |
+ $(use_enable down-root plugin-down-root) \ |
3116 |
+ $(use_enable systemd) |
3117 |
+} |
3118 |
+ |
3119 |
+src_install() { |
3120 |
+ default |
3121 |
+ find "${ED}/usr" -name '*.la' -delete |
3122 |
+ # install documentation |
3123 |
+ dodoc AUTHORS ChangeLog PORTS README README.IPv6 |
3124 |
+ |
3125 |
+ # Install some helper scripts |
3126 |
+ keepdir /etc/openvpn |
3127 |
+ exeinto /etc/openvpn |
3128 |
+ doexe "${FILESDIR}/up.sh" |
3129 |
+ doexe "${FILESDIR}/down.sh" |
3130 |
+ |
3131 |
+ # Install the init script and config file |
3132 |
+ newinitd "${FILESDIR}/${PN}-2.1.init" openvpn |
3133 |
+ newconfd "${FILESDIR}/${PN}-2.1.conf" openvpn |
3134 |
+ |
3135 |
+ # install examples, controlled by the respective useflag |
3136 |
+ if use examples ; then |
3137 |
+ # dodoc does not supportly support directory traversal, #15193 |
3138 |
+ insinto /usr/share/doc/${PF}/examples |
3139 |
+ doins -r sample contrib |
3140 |
+ fi |
3141 |
+ |
3142 |
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfile ${PN}.conf |
3143 |
+ systemd_newunit distro/systemd/openvpn-client@.service openvpn-client@.service |
3144 |
+ systemd_newunit distro/systemd/openvpn-server@.service openvpn-server@.service |
3145 |
+} |
3146 |
+ |
3147 |
+pkg_postinst() { |
3148 |
+ # Add openvpn user so openvpn servers can drop privs |
3149 |
+ # Clients should run as root so they can change ip addresses, |
3150 |
+ # dns information and other such things. |
3151 |
+ enewgroup openvpn |
3152 |
+ enewuser openvpn "" "" "" openvpn |
3153 |
+ |
3154 |
+ if [ path_exists -o "${ROOT}/etc/openvpn/*/local.conf" ] ; then |
3155 |
+ ewarn "WARNING: The openvpn init script has changed" |
3156 |
+ ewarn "" |
3157 |
+ fi |
3158 |
+ |
3159 |
+ elog "The openvpn init script expects to find the configuration file" |
3160 |
+ elog "openvpn.conf in /etc/openvpn along with any extra files it may need." |
3161 |
+ elog "" |
3162 |
+ elog "To create more VPNs, simply create a new .conf file for it and" |
3163 |
+ elog "then create a symlink to the openvpn init script from a link called" |
3164 |
+ elog "openvpn.newconfname - like so" |
3165 |
+ elog " cd /etc/openvpn" |
3166 |
+ elog " ${EDITOR##*/} foo.conf" |
3167 |
+ elog " cd /etc/init.d" |
3168 |
+ elog " ln -s openvpn openvpn.foo" |
3169 |
+ elog "" |
3170 |
+ elog "You can then treat openvpn.foo as any other service, so you can" |
3171 |
+ elog "stop one vpn and start another if you need to." |
3172 |
+ |
3173 |
+ if grep -Eq "^[ \t]*(up|down)[ \t].*" "${ROOT}/etc/openvpn"/*.conf 2>/dev/null ; then |
3174 |
+ ewarn "" |
3175 |
+ ewarn "WARNING: If you use the remote keyword then you are deemed to be" |
3176 |
+ ewarn "a client by our init script and as such we force up,down scripts." |
3177 |
+ ewarn "These scripts call /etc/openvpn/\$SVCNAME-{up,down}.sh where you" |
3178 |
+ ewarn "can move your scripts to." |
3179 |
+ fi |
3180 |
+ |
3181 |
+ if use plugins ; then |
3182 |
+ einfo "" |
3183 |
+ einfo "plugins have been installed into /usr/$(get_libdir)/${PN}" |
3184 |
+ fi |
3185 |
+ |
3186 |
+ einfo "" |
3187 |
+ einfo "OpenVPN 2.3.x no longer includes the easy-rsa suite of utilities." |
3188 |
+ einfo "They can now be emerged via app-crypt/easy-rsa." |
3189 |
+} |