From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Jan 26 13:00:36 2007 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1BC7E16A400 for ; Fri, 26 Jan 2007 13:00:36 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id EAE0F13C48E for ; Fri, 26 Jan 2007 13:00:35 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l0QD0ZWb035899 for ; Fri, 26 Jan 2007 13:00:35 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l0QD0Zcc035895; Fri, 26 Jan 2007 13:00:35 GMT (envelope-from gnats) Resent-Date: Fri, 26 Jan 2007 13:00:35 GMT Resent-Message-Id: <200701261300.l0QD0Zcc035895@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Denis Shaposhnikov Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 18C7516A400 for ; Fri, 26 Jan 2007 12:53:58 +0000 (UTC) (envelope-from dsh@vlink.ru) Received: from rigel.internal.vlink.ru (rigel.internal.vlink.ru [85.172.168.9]) by mx1.freebsd.org (Postfix) with ESMTP id 83A7E13C46B for ; Fri, 26 Jan 2007 12:53:57 +0000 (UTC) (envelope-from dsh@vlink.ru) Received: from smtp.smtp.vlink.ru (clamav.smtp.vlink.ru [192.168.4.1]) by deliver.smtp.vlink.ru (Postfix) with ESMTP id C85D8FED6E4 for ; Fri, 26 Jan 2007 15:53:53 +0300 (MSK) Received: from neva.vlink.ru (neva.vlink.ru [85.172.168.250]) by smtp.smtp.vlink.ru (Postfix) with ESMTP id 89A2710098C2 for ; Fri, 26 Jan 2007 15:53:53 +0300 (MSK) Received: from neva.vlink.ru (localhost [127.0.0.1]) by neva.vlink.ru (8.13.8/8.13.8) with ESMTP id l0QCrqIx010803 for ; Fri, 26 Jan 2007 15:53:52 +0300 (MSK) (envelope-from dsh@neva.vlink.ru) Received: (from dsh@localhost) by neva.vlink.ru (8.13.8/8.13.8/Submit) id l0QCrqkU010799; Fri, 26 Jan 2007 15:53:52 +0300 (MSK) (envelope-from dsh) Message-Id: <200701261253.l0QCrqkU010799@neva.vlink.ru> Date: Fri, 26 Jan 2007 15:53:52 +0300 (MSK) From: Denis Shaposhnikov To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/108371: Update port: security/openvpn (add profiles support to startup) X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Denis Shaposhnikov List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Jan 2007 13:00:36 -0000 >Number: 108371 >Category: ports >Synopsis: Update port: security/openvpn (add profiles support to startup) >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Jan 26 13:00:34 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Denis Shaposhnikov >Release: FreeBSD 7.0-CURRENT i386 >Organization: >Environment: System: FreeBSD neva.vlink.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #0: Thu Jan 4 15:33:39 MSK 2007 dsh@neva.vlink.ru:/var/FreeBSD/obj/var/FreeBSD/src/sys/MYNERIC i386 >Description: This patch add ability to run several instances of the openvpn to the startup script. In my situation I use openvpn via UDP mainly but some of my collegs can use TCP only so I have to run second instance of the openvpn. >How-To-Repeat: >Fix: --- openvpn.orig/files/openvpn.sh.in Fri Jan 26 14:18:49 2007 +++ openvpn/files/openvpn.sh.in Fri Jan 26 14:16:25 2007 @@ -44,6 +44,18 @@ # file and directory where keys and certificates reside differ from the above # settings. # +# Add "openvpn_profiles" to run several instances of the openvpn with +# different parameters. Consider the following example: +# +# openvpn_enable="YES" +# openvpn_profiles="def tcp" +# openvpn_tcp_configfile="/usr/local/etc/openvpn/openvpn_tcp.conf" +# openvpn_tcp_pidfile="/var/run/openpvn_tcp.pid" +# +# This will run two instances of the openvpn with parameters taken +# from appropriate openvpn_PROFILENAME_xxx variables. For unspecified +# parameters openvpn_xxx varialbes will be used. +# # Note that we deliberately refrain from unloading drivers. # # For further documentation, please see openvpn(8). @@ -78,6 +90,36 @@ rm -f "$pidfile" || warn "Could not remove $pidfile." } +setup_profile_vars() +{ + name=openvpn_$1 + eval ": \${openvpn_${1}_configfile=${openvpn_configfile}}" + eval ": \${openvpn_${1}_dir=${openvpn_dir}}" + eval ": \${openvpn_${1}_flags=${openvpn_flags}}" + eval ": \${openvpn_${1}_pidfile=${pidfile}}" + eval "pidfile=\"\${openvpn_${1}_pidfile}\"" + eval "required_files=\"\${openvpn_${1}_configfile}\"" + eval "command_args=\"--cd \${openvpn_${1}_dir} --daemon --config \${openvpn_${1}_configfile} --writepid \${pidfile}\"" +} + +start_profiles() +{ + unset start_cmd start_precmd + for _profile in ${openvpn_profiles}; do + setup_profile_vars $_profile + run_rc_command "${rc_arg}" + done +} + +stop_profiles() +{ + unset stop_cmd + for _profile in ${openvpn_profiles}; do + setup_profile_vars $_profile + run_rc_command "${rc_arg}" + done +} + # support SIGHUP to reparse configuration file extra_commands="reload" @@ -93,11 +135,26 @@ stop_postcmd="stop_postcmd" load_rc_config ${name} + : ${openvpn_enable="NO"} : ${openvpn_flags=""} : ${openvpn_if=""} : ${openvpn_configfile="${prefix}/etc/openvpn/openvpn.conf"} : ${openvpn_dir="${prefix}/etc/openvpn"} + required_files="${openvpn_configfile}" command_args="--cd ${openvpn_dir} --daemon --config ${openvpn_configfile} --writepid ${pidfile}" -run_rc_command "$1" + +cmd="$1" +if [ $# -gt 0 ]; then + shift +fi + +[ -n "$*" ] && openvpn_profiles="$*" + +if [ "${openvpn_profiles}" ]; then + start_cmd="start_profiles" + stop_cmd="stop_profiles" +fi + +run_rc_command "$cmd" >Release-Note: >Audit-Trail: >Unformatted: