diff options
Diffstat (limited to 'package/openvpn')
| -rw-r--r-- | package/openvpn/Makefile | 10 | ||||
| -rw-r--r-- | package/openvpn/patches/easy-rsa.patch | 218 | 
2 files changed, 5 insertions, 223 deletions
| diff --git a/package/openvpn/Makefile b/package/openvpn/Makefile index 5c9c8dc6e..7d193d43d 100644 --- a/package/openvpn/Makefile +++ b/package/openvpn/Makefile @@ -4,12 +4,12 @@  include $(TOPDIR)/rules.mk  PKG_NAME:=		openvpn -PKG_VERSION:=		2.1.3 +PKG_VERSION:=		2.2.1  PKG_RELEASE:=		1 -PKG_MD5SUM:=		7486d3e270ba4b033e311d3e022a0ad7 +PKG_MD5SUM:=		500bee5449b29906150569aaf2eb2730  PKG_DESCR:=		Open Source VPN solution using SSL  PKG_SECTION:=		net/security -PKG_DEPENDS:=		kmod-tun libopenssl +PKG_DEPENDS:=		kmod-tun libopenssl ip  PKG_BUILDDEP:=		openssl  PKG_URL:=		http://openvpn.net/  PKG_SITES:=		http://openvpn.net/release/ @@ -56,7 +56,7 @@ CONFIGURE_ARGS+=	--disable-pthread \  			--disable-plugins \  			--enable-small \  			--enable-iproute2 \ -			--with-iproute-path=ip \ +			--with-iproute-path=/usr/sbin/ip \  			--without-ifconfig-path \  			--without-route-path @@ -72,7 +72,7 @@ openvpn-easy-rsa-install:  	$(CP) ./files/serial $(IDIR_OPENVPN_EASY_RSA)/etc/easy-rsa/keys  	$(CP) $(WRKBUILD)/easy-rsa/2.0/{build-*,clean-all,inherit-inter,list-crl,pkitool,revoke-full,sign-req,whichopensslcnf} \  		$(IDIR_OPENVPN_EASY_RSA)/usr/sbin -	${INSTALL_DATA} $(WRKBUILD)/easy-rsa/2.0/openssl.cnf \ +	${INSTALL_DATA} $(WRKBUILD)/easy-rsa/2.0/openssl-1.0.0.cnf \  		$(IDIR_OPENVPN_EASY_RSA)/etc/easy-rsa/openssl.cnf  	${INSTALL_DATA} $(WRKBUILD)/easy-rsa/2.0/vars \  		$(IDIR_OPENVPN_EASY_RSA)/etc/easy-rsa/vars diff --git a/package/openvpn/patches/easy-rsa.patch b/package/openvpn/patches/easy-rsa.patch deleted file mode 100644 index 957fe336e..000000000 --- a/package/openvpn/patches/easy-rsa.patch +++ /dev/null @@ -1,218 +0,0 @@ -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-ca openvpn-2.0.8/easy-rsa/2.0/build-ca ---- openvpn-2.0.8_orig/easy-rsa/2.0/build-ca	2005-11-02 19:42:38.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/build-ca	2006-10-13 18:14:32.000000000 +0200 -@@ -1,8 +1,7 @@ --#!/bin/bash -+#!/bin/sh -  - # - # Build a root certificate - # -  --export EASY_RSA="${EASY_RSA:-.}" --"$EASY_RSA/pkitool" --interact --initca $* -+/usr/sbin/pkitool --interact --initca $* -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-dh openvpn-2.0.8/easy-rsa/2.0/build-dh ---- openvpn-2.0.8_orig/easy-rsa/2.0/build-dh	2006-06-28 08:29:27.000000000 +0200 -+++ openvpn-2.0.8/easy-rsa/2.0/build-dh	2006-10-13 18:13:40.000000000 +0200 -@@ -1,4 +1,6 @@ --#!/bin/bash -+#!/bin/sh -+ -+. /etc/easy-rsa/vars -  - # Build Diffie-Hellman parameters for the server side - # of an SSL/TLS connection. -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-inter openvpn-2.0.8/easy-rsa/2.0/build-inter ---- openvpn-2.0.8_orig/easy-rsa/2.0/build-inter	2005-11-02 19:42:39.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/build-inter	2006-10-13 18:14:32.000000000 +0200 -@@ -1,7 +1,6 @@ --#!/bin/bash -+#!/bin/sh -  - # Make an intermediate CA certificate/private key pair using a locally generated - # root certificate. -  --export EASY_RSA="${EASY_RSA:-.}" --"$EASY_RSA/pkitool" --interact --inter $* -+/usr/sbin/pkitool --interact --inter $* -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key openvpn-2.0.8/easy-rsa/2.0/build-key ---- openvpn-2.0.8_orig/easy-rsa/2.0/build-key	2005-11-02 19:42:39.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/build-key	2006-10-13 18:14:32.000000000 +0200 -@@ -1,7 +1,6 @@ --#!/bin/bash -+#!/bin/sh -  - # Make a certificate/private key pair using a locally generated - # root certificate. -  --export EASY_RSA="${EASY_RSA:-.}" --"$EASY_RSA/pkitool" --interact $* -+/usr/sbin/pkitool --interact $* -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass openvpn-2.0.8/easy-rsa/2.0/build-key-pass ---- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pass	2005-11-02 19:42:39.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/build-key-pass	2006-10-13 18:14:32.000000000 +0200 -@@ -1,7 +1,6 @@ --#!/bin/bash -+#!/bin/sh -  - # Similar to build-key, but protect the private key - # with a password. -  --export EASY_RSA="${EASY_RSA:-.}" --"$EASY_RSA/pkitool" --interact --pass $* -+/usr/sbin/pkitool --interact --pass $* -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12 openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12 ---- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-pkcs12	2005-11-02 19:42:39.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/build-key-pkcs12	2006-10-13 18:14:32.000000000 +0200 -@@ -1,8 +1,7 @@ --#!/bin/bash -+#!/bin/sh -  - # Make a certificate/private key pair using a locally generated - # root certificate and convert it to a PKCS #12 file including the - # the CA certificate as well. -  --export EASY_RSA="${EASY_RSA:-.}" --"$EASY_RSA/pkitool" --interact --pkcs12 $* -+/usr/sbin/pkitool --interact --pkcs12 $* -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server openvpn-2.0.8/easy-rsa/2.0/build-key-server ---- openvpn-2.0.8_orig/easy-rsa/2.0/build-key-server	2005-11-02 19:42:39.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/build-key-server	2006-10-13 18:14:32.000000000 +0200 -@@ -1,4 +1,4 @@ --#!/bin/bash -+#!/bin/sh -  - # Make a certificate/private key pair using a locally generated - # root certificate. -@@ -6,5 +6,4 @@ - # Explicitly set nsCertType to server using the "server" - # extension in the openssl.cnf file. -  --export EASY_RSA="${EASY_RSA:-.}" --"$EASY_RSA/pkitool" --interact --server $* -+/usr/sbin/pkitool --interact --server $* -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req openvpn-2.0.8/easy-rsa/2.0/build-req ---- openvpn-2.0.8_orig/easy-rsa/2.0/build-req	2005-11-02 19:42:38.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/build-req	2006-10-13 18:14:32.000000000 +0200 -@@ -1,7 +1,6 @@ --#!/bin/bash -+#!/bin/sh -  - # Build a certificate signing request and private key.  Use this - # when your root certificate and key is not available locally. -  --export EASY_RSA="${EASY_RSA:-.}" --"$EASY_RSA/pkitool" --interact --csr $* -+/usr/sbin/pkitool --interact --csr $* -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass openvpn-2.0.8/easy-rsa/2.0/build-req-pass ---- openvpn-2.0.8_orig/easy-rsa/2.0/build-req-pass	2005-11-02 19:42:39.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/build-req-pass	2006-10-13 18:14:32.000000000 +0200 -@@ -1,7 +1,6 @@ --#!/bin/bash -+#!/bin/sh -  - # Like build-req, but protect your private key - # with a password. -  --export EASY_RSA="${EASY_RSA:-.}" --"$EASY_RSA/pkitool" --interact --csr --pass $* -+/usr/sbin/pkitool --interact --csr --pass $* -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/clean-all openvpn-2.0.8/easy-rsa/2.0/clean-all ---- openvpn-2.0.8_orig/easy-rsa/2.0/clean-all	2005-11-02 19:42:39.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/clean-all	2006-10-13 18:13:40.000000000 +0200 -@@ -1,4 +1,6 @@ --#!/bin/bash -+#!/bin/sh -+ -+. /etc/easy-rsa/vars -  - # Initialize the $KEY_DIR directory. - # Note that this script does a -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter openvpn-2.0.8/easy-rsa/2.0/inherit-inter ---- openvpn-2.0.8_orig/easy-rsa/2.0/inherit-inter	2005-11-02 19:42:38.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/inherit-inter	2006-10-13 18:13:40.000000000 +0200 -@@ -1,4 +1,6 @@ --#!/bin/bash -+#!/bin/sh -+ -+. /etc/easy-rsa/vars -  - # Build a new PKI which is rooted on an intermediate certificate generated - # by ./build-inter or ./pkitool --inter from a parent PKI.  The new PKI should -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/list-crl openvpn-2.0.8/easy-rsa/2.0/list-crl ---- openvpn-2.0.8_orig/easy-rsa/2.0/list-crl	2006-06-28 08:29:27.000000000 +0200 -+++ openvpn-2.0.8/easy-rsa/2.0/list-crl	2006-10-13 18:13:40.000000000 +0200 -@@ -1,4 +1,6 @@ --#!/bin/bash -+#!/bin/sh -+ -+. /etc/easy-rsa/vars -  - # list revoked certificates -  -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/pkitool openvpn-2.0.8/easy-rsa/2.0/pkitool ---- openvpn-2.0.8_orig/easy-rsa/2.0/pkitool	2006-06-28 08:29:27.000000000 +0200 -+++ openvpn-2.0.8/easy-rsa/2.0/pkitool	2006-10-13 18:13:40.000000000 +0200 -@@ -1,5 +1,7 @@ - #!/bin/sh -  -+. /etc/easy-rsa/vars -+ - #  OpenVPN -- An application to securely tunnel IP networks - #             over a single TCP/UDP port, with support for SSL/TLS-based - #             session authentication and key exchange, -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full openvpn-2.0.8/easy-rsa/2.0/revoke-full ---- openvpn-2.0.8_orig/easy-rsa/2.0/revoke-full	2006-06-28 08:29:27.000000000 +0200 -+++ openvpn-2.0.8/easy-rsa/2.0/revoke-full	2006-10-13 18:13:40.000000000 +0200 -@@ -1,4 +1,6 @@ --#!/bin/bash -+#!/bin/sh -+ -+. /etc/easy-rsa/vars -  - # revoke a certificate, regenerate CRL, - # and verify revocation -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/sign-req openvpn-2.0.8/easy-rsa/2.0/sign-req ---- openvpn-2.0.8_orig/easy-rsa/2.0/sign-req	2005-11-02 19:42:39.000000000 +0100 -+++ openvpn-2.0.8/easy-rsa/2.0/sign-req	2006-10-13 18:14:32.000000000 +0200 -@@ -1,7 +1,6 @@ --#!/bin/bash -+#!/bin/sh -  - # Sign a certificate signing request (a .csr file) - # with a local root certificate and key. -  --export EASY_RSA="${EASY_RSA:-.}" --"$EASY_RSA/pkitool" --interact --sign $* -+/usr/sbin/pkitool --interact --sign $* -diff -Nur openvpn-2.0.8_orig/easy-rsa/2.0/vars openvpn-2.0.8/easy-rsa/2.0/vars ---- openvpn-2.0.8_orig/easy-rsa/2.0/vars	2006-06-28 08:29:27.000000000 +0200 -+++ openvpn-2.0.8/easy-rsa/2.0/vars	2006-10-13 18:24:03.000000000 +0200 -@@ -12,7 +12,7 @@ - # This variable should point to - # the top level of the easy-rsa - # tree. --export EASY_RSA="`pwd`" -+export EASY_RSA="/etc/easy-rsa" -  - # - # This variable should point to -@@ -26,7 +26,7 @@ - # This variable should point to - # the openssl.cnf file included - # with easy-rsa. --export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` -+export KEY_CONFIG=`/usr/sbin/whichopensslcnf $EASY_RSA` -  - # Edit this variable to point to - # your soon-to-be-created key -@@ -39,7 +39,7 @@ - export KEY_DIR="$EASY_RSA/keys" -  - # Issue rm -rf warning --echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR -+echo NOTE: If you run /usr/sbin/clean-all, I will be doing a rm -rf on $KEY_DIR -  - # Increase this to 2048 if you - # are paranoid.  This will slow | 
