[Midnightbsd-cvs] mports [18974] trunk/security/openvpn: update to openvpn 2.3.6

Fri May 15 18:58:20 EDT 2015

Revision: 18974
          http://svnweb.midnightbsd.org/mports/?rev=18974
Author:   laffer1
Date:     2015-05-15 18:58:20 -0400 (Fri, 15 May 2015)
Log Message:
-----------
update to openvpn 2.3.6

Modified Paths:
--------------
    trunk/security/openvpn/Makefile
    trunk/security/openvpn/distinfo
    trunk/security/openvpn/files/openvpn.in
    trunk/security/openvpn/pkg-plist

Added Paths:
-----------
    trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-client
    trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-server
    trunk/security/openvpn/files/patch-tests__t_cltsrv.sh

Modified: trunk/security/openvpn/Makefile
===================================================================

--- trunk/security/openvpn/Makefile	2015-05-15 22:56:36 UTC (rev 18973)
+++ trunk/security/openvpn/Makefile	2015-05-15 22:58:20 UTC (rev 18974)
@@ -1,20 +1,20 @@
 # $MidnightBSD$
 
-PORTNAME=		openvpn
-DISTVERSION=		2.3.3
-CATEGORIES=		security net
-MASTER_SITES=		http://swupdate.openvpn.net/community/releases/ \
-			http://build.openvpn.net/downloads/releases/
+PORTNAME=	openvpn
+DISTVERSION=	2.3.6
+CATEGORIES=	security net
+MASTER_SITES=	http://swupdate.openvpn.net/community/releases/ \
+		http://build.openvpn.net/downloads/releases/
 
 MAINTAINER=	ports at MidnightBSD.org
 COMMENT=	Secure IP/Ethernet tunnel daemon
 
-LICENSE=		gpl2
+LICENSE=	gpl2
 
 CONFLICTS=	openvpn-devel-[0-9]* openvpn-2.0* openvpn-beta-[0-9]*
 
 GNU_CONFIGURE=	yes
-USES=		tar:xz
+USES=		cpe libtool pkgconfig shebangfix tar:xz
 USE_OPENSSL=	yes
 CONFIGURE_TARGET=	--build=${ARCH}-portbld-freebsd9.1
 CONFIGURE_ARGS=	--with-lzo-lib=${LOCALBASE}/lib \
@@ -25,7 +25,7 @@
 CPPFLAGS+=		-I${LOCALBASE}/include
 LDFLAGS+=		-L${LOCALBASE}/lib
 
-OPTIONS_DEFINE=		PW_SAVE PKCS11 EASYRSA
+OPTIONS_DEFINE=		PW_SAVE PKCS11 EASYRSA DOCS EXAMPLES
 OPTIONS_DEFAULT=	EASYRSA OPENSSL
 OPTIONS_SINGLE=		SSL
 OPTIONS_SINGLE_SSL=	OPENSSL POLARSSL

Modified: trunk/security/openvpn/distinfo
===================================================================
--- trunk/security/openvpn/distinfo	2015-05-15 22:56:36 UTC (rev 18973)
+++ trunk/security/openvpn/distinfo	2015-05-15 22:58:20 UTC (rev 18974)
@@ -1,2 +1,2 @@
-SHA256 (openvpn-2.3.3.tar.xz) = 19693ac1db8e99a73a0fe1de5809f34a5693109d4fdb929449a0c457986440f7
-SIZE (openvpn-2.3.3.tar.xz) = 781240
+SHA256 (openvpn-2.3.6.tar.xz) = adae2ef34c9225347a844683b88caa87cde0979b7f2390fd1776db0eb51510ed
+SIZE (openvpn-2.3.6.tar.xz) = 809348

Modified: trunk/security/openvpn/files/openvpn.in
===================================================================
--- trunk/security/openvpn/files/openvpn.in	2015-05-15 22:56:36 UTC (rev 18973)
+++ trunk/security/openvpn/files/openvpn.in	2015-05-15 22:58:20 UTC (rev 18974)
@@ -8,7 +8,8 @@
 # and Vasil Dimov
 # softrestart feature suggested by Nick Hibma
 #
-# $FreeBSD: ports/security/openvpn/files/openvpn.sh.in,v 1.15 2011/01/08 10:04:58 mandree Exp $
+# $MidnightBSD$
+# $FreeBSD: head/security/openvpn/files/openvpn.in 340872 2014-01-24 00:14:07Z mat $
 # 
 # This program is free software; you can redistribute it and/or modify it under
 # the terms of the GNU General Public License as published by the Free Software
@@ -45,10 +46,11 @@
 # /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/NAME
 #
 # NAME_enable="NO"	# set to YES to enable openvpn
-# NAME_if=""		# driver(s) to load, set to "tun", "tap" or "tun tap"
+# NAME_if=		# driver(s) to load, set to "tun", "tap" or "tun tap"
+#			# it is OK to specify the if_ prefix.
 #
 # # optional:
-# NAME_flags=""				# additional command line arguments
+# NAME_flags=				# additional command line arguments
 # NAME_configfile="%%PREFIX%%/etc/openvpn/NAME.conf"	# --config file
 # NAME_dir="%%PREFIX%%/etc/openvpn"	# --cd directory
 #
@@ -75,22 +77,8 @@
 esac
 
 name="${name##*/}"
+rcvar=${name}_enable
 
-rcvar=$(set_rcvar)
-
-openvpn_precmd()
-{
-	for i in $interfaces ; do
-		if ! sysctl debug.if_${i}_debug >/dev/null 2>&1 ; then
-			if ! kldload if_${i} ; then
-				warn "Could not load $i module."
-				return 1
-			fi
-		fi
-	done
-	return 0
-}
-
 stop_postcmd()
 {
 	rm -f "$pidfile" || warn "Could not remove $pidfile."
@@ -113,9 +101,7 @@
 # command and arguments
 command="%%PREFIX%%/sbin/openvpn"
 
-# run this first
-start_precmd="openvpn_precmd"
-# and this last
+# run this last
 stop_postcmd="stop_postcmd"
 
 load_rc_config ${name}
@@ -128,7 +114,13 @@
 dir="$(eval echo \${${name}_dir})"
 interfaces="$(eval echo \${${name}_if})"
 
+required_modules=
+for i in $interfaces ; do
+    required_modules="$required_modules${required_modules:+" "}if_${i#if_}"
+done
+
 required_files=${configfile}
+
 command_args="--cd ${dir} --daemon ${name} --config ${configfile} --writepid ${pidfile}"
 
 run_rc_command "$1"

Added: trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-client
===================================================================
--- trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-client	                        (rev 0)
+++ trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-client	2015-05-15 22:58:20 UTC (rev 18974)
@@ -0,0 +1,13 @@
+--- ./sample/sample-config-files/loopback-client.orig	2012-09-10 17:01:08.000000000 +0200
++++ ./sample/sample-config-files/loopback-client	2013-01-11 21:30:07.000000000 +0100
+@@ -9,8 +9,8 @@
+ #  ./openvpn --config sample-config-files/loopback-client  (In one window) 
+ #  ./openvpn --config sample-config-files/loopback-server  (Simultaneously in another window) 
+ 
+-rport 16000
+-lport 16001
++rport 16100
++lport 16101
+ remote localhost
+ local localhost
+ dev null


Property changes on: trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-client
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-server
===================================================================
--- trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-server	                        (rev 0)
+++ trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-server	2015-05-15 22:58:20 UTC (rev 18974)
@@ -0,0 +1,13 @@
+--- ./sample/sample-config-files/loopback-server.orig	2012-09-10 17:01:08.000000000 +0200
++++ ./sample/sample-config-files/loopback-server	2013-01-11 21:30:07.000000000 +0100
+@@ -9,8 +9,8 @@
+ #  ./openvpn --config sample-config-files/loopback-client  (In one window) 
+ #  ./openvpn --config sample-config-files/loopback-server  (Simultaneously in another window) 
+ 
+-rport 16001
+-lport 16000
++rport 16101
++lport 16100
+ remote localhost
+ local localhost
+ dev null


Property changes on: trunk/security/openvpn/files/patch-sample__sample-config-files__loopback-server
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/security/openvpn/files/patch-tests__t_cltsrv.sh
===================================================================
--- trunk/security/openvpn/files/patch-tests__t_cltsrv.sh	                        (rev 0)
+++ trunk/security/openvpn/files/patch-tests__t_cltsrv.sh	2015-05-15 22:58:20 UTC (rev 18974)
@@ -0,0 +1,65 @@
+--- ./tests/t_cltsrv.sh.orig	2013-05-31 14:00:07.000000000 +0200
++++ ./tests/t_cltsrv.sh	2014-01-27 18:51:13.000000000 +0100
+@@ -1,7 +1,7 @@
+ #! /bin/sh
+ #
+ # t_cltsrv.sh - script to test OpenVPN's crypto loopback
+-# Copyright (C) 2005, 2006, 2008  Matthias Andree
++# Copyright (C) 2005 - 2014  Matthias Andree
+ #
+ # This program is free software; you can redistribute it and/or
+ # modify it under the terms of the GNU General Public License
+@@ -22,8 +22,9 @@
+ srcdir="${srcdir:-.}"
+ top_srcdir="${top_srcdir:-..}"
+ top_builddir="${top_builddir:-..}"
+-trap "rm -f log.$$ log.$$.signal ; trap 0 ; exit 77" 1 2 15
+-trap "rm -f log.$$ log.$$.signal ; exit 1" 0 3
++root="${top_srcdir}/sample"
++trap "rm -f ${root}/sample-config-files/loopback-*.test log.$$ log.$$.signal ; trap 0 ; exit 77" 1 2 15
++trap "a=\$? ; rm -f ${root}/sample-config-files/loopback-*.test log.$$ log.$$.signal ; test \$a = 0 && exit 1 || exit \$a" 0 3
+ addopts=
+ case `uname -s` in
+     FreeBSD)
+@@ -45,18 +46,38 @@
+ # make sure that the --down script is executable -- fail (rather than
+ # skip) test if it isn't.
+ downscript="../tests/t_cltsrv-down.sh"
+-root="${top_srcdir}/sample"
+ test -x "${root}/${downscript}" || chmod +x "${root}/${downscript}" || { echo >&2 "${root}/${downscript} is not executable, failing." ; exit 1 ; }
+ echo "The following test will take about two minutes." >&2
+ echo "If the addresses are in use, this test will retry up to two times." >&2
+ 
++set -- $(ifconfig lo0 | grep -E '\<inet' | head -n1)
++add=
++if [ "x$1$2" = "x" ] ; then
++    echo >&2 "### NO ADDRESSES ON LOOPBACK INTERFACE lo0, SKIPPING TEST ###"
++    exit 77
++fi
++if [ "inet6" = "$1" ] ; then
++    add='proto udp6'
++fi
++for i in server client ; do
++    sed -e "s/localhost/$2/" -e "/^remote/a\\
++$add" ${root}/sample-config-files/loopback-$i \
++    >${root}/sample-config-files/loopback-$i.test
++done
++
+ # go
+ success=0
+ for i in 1 2 3 ; do
+   set +e
+   (
+-  "${top_builddir}/src/openvpn/openvpn" --script-security 2 --cd "${root}" ${addopts} --setenv role srv --down "${downscript}" --tls-exit --ping-exit 180 --config "sample-config-files/loopback-server" &
+-  "${top_builddir}/src/openvpn/openvpn" --script-security 2 --cd "${top_srcdir}/sample" ${addopts} --setenv role clt --down "${downscript}" --tls-exit --ping-exit 180 --config "sample-config-files/loopback-client"
++  "${top_builddir}/src/openvpn/openvpn" --script-security 2 \
++      --cd "${root}" ${addopts} --setenv role srv \
++      --down "${downscript}" --tls-exit --ping-exit 180 \
++      --config "sample-config-files/loopback-server.test" &
++  "${top_builddir}/src/openvpn/openvpn" --script-security 2 \
++      --cd "${top_srcdir}/sample" ${addopts} --setenv role clt \
++      --down "${downscript}" --tls-exit --ping-exit 180 \
++      --config "sample-config-files/loopback-client.test"
+   ) 3>log.$$.signal >log.$$ 2>&1
+   e1=$?
+   wait $!


Property changes on: trunk/security/openvpn/files/patch-tests__t_cltsrv.sh
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Modified: trunk/security/openvpn/pkg-plist
===================================================================
--- trunk/security/openvpn/pkg-plist	2015-05-15 22:56:36 UTC (rev 18973)
+++ trunk/security/openvpn/pkg-plist	2015-05-15 22:58:20 UTC (rev 18974)
@@ -1,9 +1,5 @@
 include/openvpn-plugin.h
-lib/openvpn/plugins/openvpn-plugin-auth-pam.la
 lib/openvpn/plugins/openvpn-plugin-auth-pam.so
-lib/openvpn/plugins/openvpn-plugin-down-root.la
 lib/openvpn/plugins/openvpn-plugin-down-root.so
 man/man8/openvpn.8.gz
 sbin/openvpn
- at dirrm lib/openvpn/plugins
- at dirrm lib/openvpn

