Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Manuel Rüger" <mrueg@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/openvpn/files/, net-misc/openvpn/
Date: Wed, 17 Feb 2016 21:38:01
Message-Id: 1455745062.7b669d70a6ed3a6c80a3b74be52eb284f6472440.mrueg@gentoo
1 commit: 7b669d70a6ed3a6c80a3b74be52eb284f6472440
2 Author: Manuel Rüger <mrueg <AT> gentoo <DOT> org>
3 AuthorDate: Wed Feb 17 21:37:42 2016 +0000
4 Commit: Manuel Rüger <mrueg <AT> gentoo <DOT> org>
5 CommitDate: Wed Feb 17 21:37:42 2016 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7b669d70
7
8 net-misc/openvpn: Fix build with libressl. Thanks to Marek Behun.
9
10 Gentoo-Bug: 574294
11
12 Package-Manager: portage-2.2.27
13
14 .../files/openvpn-2.3.10-fix-libressl.patch | 36 ++++++
15 net-misc/openvpn/openvpn-2.3.10-r1.ebuild | 136 +++++++++++++++++++++
16 2 files changed, 172 insertions(+)
17
18 diff --git a/net-misc/openvpn/files/openvpn-2.3.10-fix-libressl.patch b/net-misc/openvpn/files/openvpn-2.3.10-fix-libressl.patch
19 new file mode 100644
20 index 0000000..35e5b36
21 --- /dev/null
22 +++ b/net-misc/openvpn/files/openvpn-2.3.10-fix-libressl.patch
23 @@ -0,0 +1,36 @@
24 +From 9dfc2309c6b4143892137844197f5f84755f6580 Mon Sep 17 00:00:00 2001
25 +From: Niels Ole Salscheider <niels_ole@××××××××××××××××××.de>
26 +Date: Sun, 10 Jan 2016 14:44:35 +0100
27 +Subject: [PATCH] Fix build with libressl
28 +
29 +Signed-off-by: Niels Ole Salscheider <niels_ole@××××××××××××××××××.de>
30 +Acked-by: Steffan Karger <steffan.karger@××××××.com>
31 +Message-Id: <1452433475-16779-1-git-send-email-niels_ole@××××××××××××××××××.de>
32 +URL: http://article.gmane.org/gmane.network.openvpn.devel/10975
33 +Signed-off-by: Gert Doering <gert@×××××××××××.de>
34 +---
35 + src/openvpn/ssl_openssl.c | 4 ++--
36 + 1 file changed, 2 insertions(+), 2 deletions(-)
37 +
38 +diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
39 +index d2f40e7..e390f4d 100644
40 +--- a/src/openvpn/ssl_openssl.c
41 ++++ b/src/openvpn/ssl_openssl.c
42 +@@ -358,7 +358,7 @@ tls_ctx_check_cert_time (const struct tls_root_ctx *ctx)
43 +
44 + ASSERT (ctx);
45 +
46 +-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
47 ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
48 + /* OpenSSL 1.0.2 and up */
49 + cert = SSL_CTX_get0_certificate (ctx->ctx);
50 + #else
51 +@@ -393,7 +393,7 @@ tls_ctx_check_cert_time (const struct tls_root_ctx *ctx)
52 + }
53 +
54 + cleanup:
55 +-#if OPENSSL_VERSION_NUMBER < 0x10002000L
56 ++#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
57 + SSL_free (ssl);
58 + #endif
59 + return;
60
61 diff --git a/net-misc/openvpn/openvpn-2.3.10-r1.ebuild b/net-misc/openvpn/openvpn-2.3.10-r1.ebuild
62 new file mode 100644
63 index 0000000..57bc92c
64 --- /dev/null
65 +++ b/net-misc/openvpn/openvpn-2.3.10-r1.ebuild
66 @@ -0,0 +1,136 @@
67 +# Copyright 1999-2016 Gentoo Foundation
68 +# Distributed under the terms of the GNU General Public License v2
69 +# $Id$
70 +
71 +EAPI=5
72 +
73 +inherit multilib flag-o-matic user systemd
74 +
75 +DESCRIPTION="Robust and highly flexible tunneling application compatible with many OSes"
76 +SRC_URI="http://swupdate.openvpn.net/community/releases/${P}.tar.gz"
77 +HOMEPAGE="http://openvpn.net/"
78 +
79 +LICENSE="GPL-2"
80 +SLOT="0"
81 +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~arm-linux ~x86-linux"
82 +IUSE="examples down-root iproute2 libressl +lzo pam pkcs11 +plugins polarssl selinux socks +ssl static systemd userland_BSD"
83 +
84 +REQUIRED_USE="static? ( !plugins !pkcs11 )
85 + polarssl? ( ssl !libressl )
86 + pkcs11? ( ssl )
87 + !plugins? ( !pam !down-root )"
88 +
89 +DEPEND="
90 + kernel_linux? (
91 + iproute2? ( sys-apps/iproute2[-minimal] ) !iproute2? ( sys-apps/net-tools )
92 + )
93 + pam? ( virtual/pam )
94 + ssl? (
95 + !polarssl? (
96 + !libressl? ( >=dev-libs/openssl-0.9.7:* )
97 + libressl? ( dev-libs/libressl )
98 + )
99 + polarssl? ( >=net-libs/polarssl-1.3.8 )
100 + )
101 + lzo? ( >=dev-libs/lzo-1.07 )
102 + pkcs11? ( >=dev-libs/pkcs11-helper-1.11 )
103 + systemd? ( sys-apps/systemd )"
104 +RDEPEND="${DEPEND}
105 + selinux? ( sec-policy/selinux-openvpn )
106 +"
107 +
108 +src_prepare() {
109 + epatch "${FILESDIR}"/${P}-fix-libressl.patch
110 +}
111 +
112 +src_configure() {
113 + use static && LDFLAGS="${LDFLAGS} -Xcompiler -static"
114 + local myconf
115 + use polarssl && myconf="--with-crypto-library=polarssl"
116 + econf \
117 + ${myconf} \
118 + --docdir="${EPREFIX}/usr/share/doc/${PF}" \
119 + --with-plugindir="${ROOT}/usr/$(get_libdir)/$PN" \
120 + $(use_enable ssl) \
121 + $(use_enable ssl crypto) \
122 + $(use_enable lzo) \
123 + $(use_enable pkcs11) \
124 + $(use_enable plugins) \
125 + $(use_enable iproute2) \
126 + $(use_enable socks) \
127 + $(use_enable pam plugin-auth-pam) \
128 + $(use_enable down-root plugin-down-root) \
129 + $(use_enable systemd)
130 +}
131 +
132 +src_install() {
133 + default
134 + find "${ED}/usr" -name '*.la' -delete
135 + # install documentation
136 + dodoc AUTHORS ChangeLog PORTS README README.IPv6
137 +
138 + # Install some helper scripts
139 + keepdir /etc/openvpn
140 + exeinto /etc/openvpn
141 + doexe "${FILESDIR}/up.sh"
142 + doexe "${FILESDIR}/down.sh"
143 +
144 + # Install the init script and config file
145 + newinitd "${FILESDIR}/${PN}-2.1.init" openvpn
146 + newconfd "${FILESDIR}/${PN}-2.1.conf" openvpn
147 +
148 + # install examples, controlled by the respective useflag
149 + if use examples ; then
150 + # dodoc does not supportly support directory traversal, #15193
151 + insinto /usr/share/doc/${PF}/examples
152 + doins -r sample contrib
153 + fi
154 +
155 + systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfile ${PN}.conf
156 + systemd_newunit distro/systemd/openvpn-client@.service openvpn-client@.service
157 + systemd_newunit distro/systemd/openvpn-server@.service openvpn-server@.service
158 +}
159 +
160 +pkg_postinst() {
161 + # Add openvpn user so openvpn servers can drop privs
162 + # Clients should run as root so they can change ip addresses,
163 + # dns information and other such things.
164 + enewgroup openvpn
165 + enewuser openvpn "" "" "" openvpn
166 +
167 + if [ path_exists -o "${ROOT}/etc/openvpn/*/local.conf" ] ; then
168 + ewarn "WARNING: The openvpn init script has changed"
169 + ewarn ""
170 + fi
171 +
172 + elog "The openvpn init script expects to find the configuration file"
173 + elog "openvpn.conf in /etc/openvpn along with any extra files it may need."
174 + elog ""
175 + elog "To create more VPNs, simply create a new .conf file for it and"
176 + elog "then create a symlink to the openvpn init script from a link called"
177 + elog "openvpn.newconfname - like so"
178 + elog " cd /etc/openvpn"
179 + elog " ${EDITOR##*/} foo.conf"
180 + elog " cd /etc/init.d"
181 + elog " ln -s openvpn openvpn.foo"
182 + elog ""
183 + elog "You can then treat openvpn.foo as any other service, so you can"
184 + elog "stop one vpn and start another if you need to."
185 +
186 + if grep -Eq "^[ \t]*(up|down)[ \t].*" "${ROOT}/etc/openvpn"/*.conf 2>/dev/null ; then
187 + ewarn ""
188 + ewarn "WARNING: If you use the remote keyword then you are deemed to be"
189 + ewarn "a client by our init script and as such we force up,down scripts."
190 + ewarn "These scripts call /etc/openvpn/\$SVCNAME-{up,down}.sh where you"
191 + ewarn "can move your scripts to."
192 + fi
193 +
194 + if use plugins ; then
195 + einfo ""
196 + einfo "plugins have been installed into /usr/$(get_libdir)/${PN}"
197 + fi
198 +
199 + einfo ""
200 + einfo "OpenVPN 2.3.x no longer includes the easy-rsa suite of utilities."
201 + einfo "They can now be emerged via app-crypt/easy-rsa."
202 +}
Report Message
Find on MARC Find on Google Groups