commit: b1f5868a872dd089b583b0ad3f1e9156ba99fd88 Author: Timo Rothenpieler <timo <AT> rothenpieler <DOT> org> AuthorDate: Mon May 1 17:02:31 2023 +0000 Commit: William Hubbs <williamh <AT> gentoo <DOT> org> CommitDate: Mon May 29 23:31:47 2023 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b1f5868a
net-vpn/openvpn: Bump to 2.6.4 Bug: https://bugs.gentoo.org/show_bug.cgi?id=879549 Signed-off-by: William Hubbs <williamh <AT> gentoo.org> net-vpn/openvpn/Manifest | 1 + net-vpn/openvpn/metadata.xml | 1 + net-vpn/openvpn/openvpn-2.6.4.ebuild | 195 +++++++++++++++++++++++++++++++++++ 3 files changed, 197 insertions(+) diff --git a/net-vpn/openvpn/Manifest b/net-vpn/openvpn/Manifest index a9466b552aa3..00d142186b29 100644 --- a/net-vpn/openvpn/Manifest +++ b/net-vpn/openvpn/Manifest @@ -1,3 +1,4 @@ DIST openvpn-2.5.2.tar.xz 1134644 BLAKE2B 59aa0c540894de4cfb37ad4c3139eb69a35d317e3de490f71b185a979989c1253221091a30bfb2ee5243fcfae190605e9787051de079eee79e57bd63392c42d5 SHA512 ae2cac00ae4b9e06e7e70b268ed47d36bbb45409650175e507d5bfa12b0a4f24bccc64f2494d1563f9269c8076d0f753a492f01ea33ce376ba00b7cdcb5c7bd0 DIST openvpn-2.5.6.tar.xz 1150352 BLAKE2B 509821eca9d40c5579700e05e560b906ddee5abb0c51a9a210e2e998cdd9606f734d43d3bec8c473cc4f0aaa1e265e7f05202aa606247ebde8844c0243165fac SHA512 f0f0600df013431af804ace70ea86ac064917acdeaad3759b5d5eaa4a8dc3738d6da6df4c16bbb23443e3493487541cb8b10b89f9f0b40a17caa6e6fc46e0adb DIST openvpn-2.5.7.tar.xz 1150476 BLAKE2B e8d24a8be8ff97072ef3b76dbec15cd6e7097ebe99f680d759f213cb5643d7b4a29664d2a96e6efe1d6ee858a6d6b3f23c6d12cf74f202fbe8cc48642f18dba6 SHA512 9a3234b479f5bab12b8c3af7691f175f8cd32f2929dd27efc16e96e14dbb8e07421e623869ad5ffc2d7e65f2266817d1583723033f3646b9913b10ec6d014b44 +DIST openvpn-2.6.4.tar.gz 1861178 BLAKE2B 584fc3950732d6a1db417811f6e330a154537207f6c9543ab03b1c1a886a98a0aee7d1649055a9f7944555ae8865602be15fd8e23b67258917f1adebde050099 SHA512 903ac41691c26e8e4ad65c9b6fb5e75db2caf2e4079d3c4cb61a44e51be9991508f53a1dd8b4b863b4ac86088ad1a705d22131df1e25612560c9f4276d8190ec diff --git a/net-vpn/openvpn/metadata.xml b/net-vpn/openvpn/metadata.xml index 8e2bb32b6432..f3e8394e706a 100644 --- a/net-vpn/openvpn/metadata.xml +++ b/net-vpn/openvpn/metadata.xml @@ -13,6 +13,7 @@ configurable VPN daemon which can be used to securely link two or more networks using an encrypted tunnel.</longdescription> <use> + <flag name="dco">Enable support for kernel data channel offload</flag> <flag name="down-root">Enable the down-root plugin</flag> <flag name="iproute2">Enabled iproute2 support instead of net-tools</flag> <flag name="mbedtls">Use mbed TLS as the backend crypto library</flag> diff --git a/net-vpn/openvpn/openvpn-2.6.4.ebuild b/net-vpn/openvpn/openvpn-2.6.4.ebuild new file mode 100644 index 000000000000..7e5e2daf32c1 --- /dev/null +++ b/net-vpn/openvpn/openvpn-2.6.4.ebuild @@ -0,0 +1,195 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools systemd linux-info tmpfiles + +DESCRIPTION="Robust and highly flexible tunneling application compatible with many OSes" +HOMEPAGE="https://openvpn.net/"; + +if [[ ${PV} == "9999" ]]; then + EGIT_REPO_URI="https://github.com/OpenVPN/${PN}.git"; + inherit git-r3 +else + SRC_URI="https://build.openvpn.net/downloads/releases/${P}.tar.gz"; + KEYWORDS="~amd64" +fi + +LICENSE="GPL-2" +SLOT="0" + +IUSE="dco down-root examples inotify iproute2 +lz4 +lzo mbedtls +openssl" +IUSE+=" pam pkcs11 +plugins selinux systemd test" + +RESTRICT="!test? ( test )" +REQUIRED_USE=" + ^^ ( openssl mbedtls ) + pkcs11? ( !mbedtls ) + !plugins? ( !pam !down-root ) + inotify? ( plugins ) + dco? ( !iproute2 ) +" + +CDEPEND=" + kernel_linux? ( + iproute2? ( sys-apps/iproute2[-minimal] ) + ) + lz4? ( app-arch/lz4 ) + lzo? ( >=dev-libs/lzo-1.07 ) + mbedtls? ( net-libs/mbedtls:= ) + openssl? ( >=dev-libs/openssl-1.0.2:0= ) + pam? ( sys-libs/pam ) + pkcs11? ( >=dev-libs/pkcs11-helper-1.11 ) + systemd? ( sys-apps/systemd ) + dco? ( >=net-vpn/ovpn-dco-0.2 >=dev-libs/libnl-3.2.29:= ) + sys-libs/libcap-ng:= +" + +BDEPEND="virtual/pkgconfig" + +DEPEND="${CDEPEND} + test? ( dev-util/cmocka ) +" +RDEPEND="${CDEPEND} + acct-group/openvpn + acct-user/openvpn + selinux? ( sec-policy/selinux-openvpn ) +" + +if [[ ${PV} = "9999" ]]; then + BDEPEND+=" dev-python/docutils" +fi + +pkg_setup() { + local CONFIG_CHECK="~TUN" + linux-info_pkg_setup +} + +src_prepare() { + default + + eautoreconf +} + +src_configure() { + local -a myeconfargs + + if ! use mbedtls; then + myeconfargs+=( + $(use_enable pkcs11) + ) + fi + + myeconfargs+=( + $(use_enable inotify async-push) + --with-crypto-library=$(usex mbedtls mbedtls openssl) + $(use_enable lz4) + $(use_enable lzo) + $(use_enable plugins) + $(use_enable iproute2) + $(use_enable pam plugin-auth-pam) + $(use_enable down-root plugin-down-root) + $(use_enable systemd) + $(use_enable dco) + ) + + SYSTEMD_UNIT_DIR=$(systemd_get_systemunitdir) \ + TMPFILES_DIR="/usr/lib/tmpfiles.d" \ + IPROUTE=$(usex iproute2 '/bin/ip' '') \ + econf "${myeconfargs[@]}" +} + +src_test() { + local -x RUN_SUDO=false + + elog "Running top-level tests" + emake check + + pushd tests/unit_tests &>/dev/null || die + elog "Running unit tests" + emake check + popd &>/dev/null || die +} + +src_install() { + default + + find "${ED}/usr" -name '*.la' -delete || die + + # install documentation + dodoc AUTHORS ChangeLog PORTS README + + # Install some helper scripts + keepdir /etc/openvpn + exeinto /etc/openvpn + doexe "${FILESDIR}/up.sh" + doexe "${FILESDIR}/down.sh" + + # Install the init script and config file + newinitd "${FILESDIR}/${PN}-2.1.init" openvpn + newconfd "${FILESDIR}/${PN}-2.1.conf" openvpn + + # install examples, controlled by the respective useflag + if use examples ; then + # (is the below comment relevant anymore?) + ## dodoc does not supportly support directory traversal, #15193 + docinto examples + dodoc -r sample contrib + fi + + # https://bugs.gentoo.org/755680#c3 + doman doc/openvpn.8 +} + +pkg_postinst() { + tmpfiles_process openvpn.conf + + if use x64-macos ; then + elog "You might want to install tuntaposx for TAP interface support:" + elog "http://tuntaposx.sourceforge.net"; + fi + + if systemd_is_booted || has_version sys-apps/systemd ; then + elog "In order to use OpenVPN with systemd please use the correct systemd service file." + elog "" + elog "server:" + elog "" + elog "- Place your server configuration file in /etc/openvpn/server" + elog "- Use the openvpn-server@.service like so" + elog "systemctl start openvpn-server@{Server-config}" + elog "" + elog "client:" + elog "" + elog "- Place your client configuration file in /etc/openvpn/client" + elog "- Use the openvpn-client@.service like so:" + elog "systemctl start openvpn-client@{Client-config}" + else + elog "The openvpn init script expects to find the configuration file" + elog "openvpn.conf in /etc/openvpn along with any extra files it may need." + elog "" + elog "To create more VPNs, simply create a new .conf file for it and" + elog "then create a symlink to the openvpn init script from a link called" + elog "openvpn.newconfname - like so" + elog " cd /etc/openvpn" + elog " ${EDITOR##*/} foo.conf" + elog " cd /etc/init.d" + elog " ln -s openvpn openvpn.foo" + elog "" + elog "You can then treat openvpn.foo as any other service, so you can" + elog "stop one vpn and start another if you need to." + fi + + if grep -Eq "^[ \t]*(up|down)[ \t].*" "${ROOT}/etc/openvpn"/*.conf 2>/dev/null ; then + ewarn "" + ewarn "WARNING: If you use the remote keyword then you are deemed to be" + ewarn "a client by our init script and as such we force up,down scripts." + ewarn "These scripts call /etc/openvpn/\$SVCNAME-{up,down}.sh where you" + ewarn "can move your scripts to." + fi + + if use plugins ; then + einfo "" + einfo "plugins have been installed into /usr/$(get_libdir)/${PN}/plugins" + fi +}
