Date: Fri, 11 Aug 2006 11:59:42 +0200 (CEST) From: Matthias Andree <matthias.andree@gmx.de> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/101802: [NEW PORT] security/openvpn-devel: Secure IP/Ethernet tunnel daemon Message-ID: <20060811095943.03D1B54@libertas.emma.line.org> Resent-Message-ID: <200608111000.k7BA0VPF063446@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 101802 >Category: ports >Synopsis: [NEW PORT] security/openvpn-devel: Secure IP/Ethernet tunnel daemon >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Aug 11 10:00:31 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Matthias Andree >Release: FreeBSD 6.1-RELEASE-p3 i386 >Organization: >Environment: System: FreeBSD libertas.emma.line.org 6.1-RELEASE-p3 FreeBSD 6.1-RELEASE-p3 #13: Sat Jul 15 11:21:56 CEST 2006 >Description: This is a port for the slowly changing beta versions. Please repocopy from ports/security/openvpn before committing. Suggested and tested by: Philippe Laquet ----------------------------------------------------------------------------- OpenVPN is a robust, scalable and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the internet. It can operate over UDP or TCP, can use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one server can handle many clients. WWW: http://openvpn.net/ - Matthias Andree matthias.andree@gmx.de ----------------------------------------------------------------------------- Generated with FreeBSD Port Tools 0.77 >How-To-Repeat: >Fix: --- openvpn-devel-2.1.b14.shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # openvpn-devel # openvpn-devel/files # openvpn-devel/files/openvpn.sh.in # openvpn-devel/files/pkg-message.in # openvpn-devel/files/pkg-req.in # openvpn-devel/Makefile # openvpn-devel/distinfo # openvpn-devel/pkg-descr # openvpn-devel/pkg-plist # echo c - openvpn-devel mkdir -p openvpn-devel > /dev/null 2>&1 echo c - openvpn-devel/files mkdir -p openvpn-devel/files > /dev/null 2>&1 echo x - openvpn-devel/files/openvpn.sh.in sed 's/^X//' >openvpn-devel/files/openvpn.sh.in << 'END-of-openvpn-devel/files/openvpn.sh.in' X#!/bin/sh X# X# openvpn.sh - load tun/tap driver and start OpenVPN daemon X# X# (C) Copyright 2005 by Matthias Andree X# based on suggestions by Matthias Grimm and Dirk Gouders X# X# Made in Northrhine-Westphalia, Germany X# X# $FreeBSD: ports/security/openvpn/files/openvpn.sh.in,v 1.4 2006/02/20 20:47:39 dougb Exp $ X# X# This program is free software; you can redistribute it and/or modify it under X# the terms of the GNU General Public License as published by the Free Software X# Foundation; either version 2 of the License, or (at your option) any later X# version. X# X# This program is distributed in the hope that it will be useful, but WITHOUT X# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS X# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more X# details. X# X# You should have received a copy of the GNU General Public License along with X# this program; if not, write to the Free Software Foundation, Inc., 51 Franklin X# Street, Fifth Floor, Boston, MA 02110-1301, USA. X X# PROVIDE: openvpn X# REQUIRE: DAEMON X# BEFORE: X# KEYWORD: shutdown X X# ----------------------------------------------------------------------------- X# X# Add the following lines to /etc/rc.conf to enable openvpn at boot-up time: X# X# openvpn_enable="YES" # YES or NO X# openvpn_if="tun" # driver(s) to load, set to "tun", "tap" or "tun tap" X# X# # optional: X# openvpn_flags="" # openvpn command line flags X# openvpn_configfile="%%PREFIX%%/etc/openvpn/openvpn.conf" # --config file X# openvpn_dir="%%PREFIX%%/etc/openvpn" # --cd directory X# X# You also need to set openvpn_configfile and openvpn_dir, if the configuration X# file and directory where keys and certificates reside differ from the above X# settings. X# X# Note that we deliberately refrain from unloading drivers. X# X# For further documentation, please see openvpn(8). X# X X. %%RC_SUBR%% X Xname=openvpn Xrcvar=`set_rcvar` X Xprefix="%%PREFIX%%" X Xopenvpn_precmd() X{ X for i in $openvpn_if ; do X # FreeBSD <= 5.4 does not know kldstat's -m option X # FreeBSD >= 6.0 does not add debug.* sysctl information X # in the default build - we check both to keep things simple X if ! sysctl debug.if_${i}_debug >/dev/null 2>&1 \ X && ! kldstat -m if_${i} >/dev/null 2>&1 ; then X if ! kldload if_${i} ; then X warn "Could not load $i module." X return 1 X fi X fi X done X return 0 X} X Xstop_postcmd() X{ X rm -f "$pidfile" || warn "Could not remove $pidfile." X} X X# support SIGHUP to reparse configuration file Xextra_commands="reload" X X# pidfile Xpidfile="/var/run/${name}.pid" X X# command and arguments Xcommand="%%PREFIX%%/sbin/${name}" X X# run this first Xstart_precmd="openvpn_precmd" X# and this last Xstop_postcmd="stop_postcmd" X Xload_rc_config ${name} X: ${openvpn_enable="NO"} X: ${openvpn_flags=""} X: ${openvpn_if=""} X: ${openvpn_configfile="${prefix}/etc/openvpn/openvpn.conf"} X: ${openvpn_dir="${prefix}/etc/openvpn"} Xrequired_files="${openvpn_configfile}" Xcommand_args="--cd ${openvpn_dir} --daemon --config ${openvpn_configfile} --writepid ${pidfile}" Xrun_rc_command "$1" END-of-openvpn-devel/files/openvpn.sh.in echo x - openvpn-devel/files/pkg-message.in sed 's/^X//' >openvpn-devel/files/pkg-message.in << 'END-of-openvpn-devel/files/pkg-message.in' X### ------------------------------------------------------------------------ X### Edit /etc/rc.conf[.local] to start OpenVPN automatically at system X### startup. See %%PREFIX%%/etc/rc.d/openvpn%%RCSFX%% for details. X### ------------------------------------------------------------------------ X### For compatibility notes when interoperating with older OpenVPN X### versions, please, see <http://openvpn.net/relnotes.html>; X### ------------------------------------------------------------------------ X### If you want to donate to OpenVPN: <http://openvpn.net/donate.html>; X### ------------------------------------------------------------------------ X### NOTE THIS IS AN UNSTABLE VERSION UNDER DEVELOPMENT! X### Consider using the stable version instead for production. X### ------------------------------------------------------------------------ END-of-openvpn-devel/files/pkg-message.in echo x - openvpn-devel/files/pkg-req.in sed 's/^X//' >openvpn-devel/files/pkg-req.in << 'END-of-openvpn-devel/files/pkg-req.in' Xset -e X Xrcvers() { X # determine if we have "old" or "new" (rcorder integration) scheme X # for %%PREFIX%%/etc/rc.d/* files X if test $1 -ge 700007 || test $1 -lt 700000 -a $1 -ge 600101 ; then X echo 2 X else X echo 1 X fi X} X Xif [ "$2" = INSTALL ] ; then X # check if the base system is new enough for us, X # which should only matter for package installs. X buildrc=$(rcvers %%OSVERSION%%) X execrc=$(rcvers $(sysctl -n kern.osreldate) ) X if test $buildrc -gt $execrc ; then X cat <<EOF X XError: this package, $1, was compiled for a newer FreeBSD X====== version that uses different boot scripts. X Therefore, the rc.d script WILL NOT WORK. X Please update your ports tree and install security/openvpn from there. X XEOF X exit 1 X fi Xfi END-of-openvpn-devel/files/pkg-req.in echo x - openvpn-devel/Makefile sed 's/^X//' >openvpn-devel/Makefile << 'END-of-openvpn-devel/Makefile' X# New ports collection makefile for: openvpn X# Date created: 2002-06-23 X# Whom: Matthias Andree <matthias.andree@gmx.de> X# X# $FreeBSD: ports/security/openvpn/Makefile,v 1.26 2006/07/28 09:56:53 itetcu Exp $ X# X XPORTNAME= openvpn XDISTVERSION= 2.1_beta14 XCATEGORIES= security net X# MASTER_SITES points to hosts in distinct data centers, X# so just one MASTER_SITES entry should be OK. XMASTER_SITES= http://openvpn.net/release/ XPKGNAMESUFFIX= -devel X XMAINTAINER= matthias.andree@gmx.de XCOMMENT= Secure IP/Ethernet tunnel daemon X X# do not package or link into Latest/ XNO_PACKAGE= pre-release version under development XNO_LATEST_LINK= yes X XGNU_CONFIGURE= yes XUSE_OPENSSL= yes XCONFIGURE_TARGET= --build=${ARCH}-portbld-freebsd${OSREL} XCONFIGURE_ARGS= --with-lzo-lib=${LOCALBASE}/lib \ X --with-lzo-headers=${LOCALBASE}/include X XMAN8= openvpn.8 X XOPTIONS= PW_SAVE "Interactive passwords may be read from a file" off X XUSE_RC_SUBR= openvpn.sh XUSE_LDCONFIG= ${PREFIX}/lib X XSUB_FILES= pkg-message pkg-req XSUB_LIST+= OSVERSION=${OSVERSION} X X.include <bsd.port.pre.mk> X X.if (${OSVERSION} >= 700007 || ( ${OSVERSION} < 700000 && ${OSVERSION} >= 600101)) Xrcsuffix= X.else Xrcsuffix= .sh X.endif XSUB_LIST+= RCSFX=${rcsuffix} X X# NOTE: there is no way to explicitly specify the LZO version to OpenVPN, X# if LZO2 and LZO1 are installed, OpenVPN will pick LZO2. X# So depend on LZO1 only if it's already there and LZO2 isn't. X# PACKAGE_BUILDING will also force LZO2. X.if exists(${LOCALBASE}/lib/liblzo2.so.2) || !exists(${LOCALBASE}/lib/liblzo.so.1) || defined(PACKAGE_BUILDING) XLIB_DEPENDS+= lzo2.2:${PORTSDIR}/archivers/lzo2 X.else XLIB_DEPENDS+= lzo.1:${PORTSDIR}/archivers/lzo X.endif X X.if defined(WITH_PW_SAVE) XCONFIGURE_ARGS+= --enable-password-save X.endif X Xpost-build: X cd ${WRKSRC}/plugin/down-root && ${MAKE} X @# self-tests here X.if !defined(WITHOUT_CHECK) X cd ${WRKSRC} && ${MAKE} check X.endif X Xpre-install: X PKG_PREFIX=${PREFIX} ${SH} ${PKGREQ} ${PKGNAME} INSTALL X Xpost-install: X ${MKDIR} ${PREFIX}/lib X ${INSTALL_PROGRAM} ${WRKSRC}/plugin/down-root/openvpn-down-root.so \ X ${PREFIX}/lib X.if !defined(NOPORTDOCS) X ${MKDIR} ${DOCSDIR} X ${INSTALL_DATA} ${WRKSRC}/plugin/down-root/README \ X ${DOCSDIR}/README.openvpn-down-root X.for docs in AUTHORS COPYING COPYRIGHT.GPL ChangeLog INSTALL NEWS \ X PORTS README X ${INSTALL_DATA} ${WRKSRC}/${docs} ${DOCSDIR} X.endfor X ( cd ${WRKSRC} \ X && ${FIND} easy-rsa sample-config-files sample-scripts -depth \ X | ${GREP} -v easy-rsa/Windows \ X | ${CPIO} -pdmu ${DOCSDIR} ) X.endif X @${CAT} ${PKGMESSAGE} X X.include <bsd.port.post.mk> END-of-openvpn-devel/Makefile echo x - openvpn-devel/distinfo sed 's/^X//' >openvpn-devel/distinfo << 'END-of-openvpn-devel/distinfo' XMD5 (openvpn-2.1_beta14.tar.gz) = 7bd96eaa834a1779755d68c9b2591583 XSHA256 (openvpn-2.1_beta14.tar.gz) = da61d236047b9a5985765961930446a706aeef87dc2b4ce0f7e2c9f2831566ea XSIZE (openvpn-2.1_beta14.tar.gz) = 775042 END-of-openvpn-devel/distinfo echo x - openvpn-devel/pkg-descr sed 's/^X//' >openvpn-devel/pkg-descr << 'END-of-openvpn-devel/pkg-descr' XOpenVPN is a robust, scalable and highly configurable VPN (Virtual Private XNetwork) daemon which can be used to securely link two or more private networks Xusing an encrypted tunnel over the internet. It can operate over UDP or TCP, Xcan use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one Xserver can handle many clients. X XWWW: http://openvpn.net/ X X- Matthias Andree Xmatthias.andree@gmx.de END-of-openvpn-devel/pkg-descr echo x - openvpn-devel/pkg-plist sed 's/^X//' >openvpn-devel/pkg-plist << 'END-of-openvpn-devel/pkg-plist' Xsbin/openvpn Xlib/openvpn-down-root.so X%%PORTDOCS%%%%DOCSDIR%%/AUTHORS X%%PORTDOCS%%%%DOCSDIR%%/COPYING X%%PORTDOCS%%%%DOCSDIR%%/COPYRIGHT.GPL X%%PORTDOCS%%%%DOCSDIR%%/ChangeLog X%%PORTDOCS%%%%DOCSDIR%%/INSTALL X%%PORTDOCS%%%%DOCSDIR%%/NEWS X%%PORTDOCS%%%%DOCSDIR%%/PORTS X%%PORTDOCS%%%%DOCSDIR%%/README X%%PORTDOCS%%%%DOCSDIR%%/README.openvpn-down-root X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/README X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-ca X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-dh X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-inter X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-key X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-key-pass X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-key-pkcs12 X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-key-server X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-req X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-req-pass X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/clean-all X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/list-crl X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/make-crl X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/openssl.cnf X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/revoke-crt X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/revoke-full X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/sign-req X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/vars X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/README X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-ca X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-dh X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-inter X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-key X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-key-pass X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-key-pkcs12 X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-key-server X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-req X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-req-pass X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/clean-all X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/inherit-inter X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/list-crl X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/openssl-0.9.6.cnf X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/openssl.cnf X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/pkitool X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/revoke-full X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/sign-req X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/vars X%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/whichopensslcnf X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/README X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/client.conf X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/firewall.sh X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/home.up X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/loopback-client X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/loopback-server X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/office.up X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/openvpn-shutdown.sh X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/openvpn-startup.sh X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/server.conf X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/static-home.conf X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/static-office.conf X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/tls-home.conf X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/tls-office.conf X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/xinetd-client-config X%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/xinetd-server-config X%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/auth-pam.pl X%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/bridge-start X%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/bridge-stop X%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/openvpn.init X%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/ucn.pl X%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/verify-cn X%%PORTDOCS%%@dirrm %%DOCSDIR%%/sample-scripts X%%PORTDOCS%%@dirrm %%DOCSDIR%%/sample-config-files X%%PORTDOCS%%@dirrm %%DOCSDIR%%/easy-rsa/2.0 X%%PORTDOCS%%@dirrm %%DOCSDIR%%/easy-rsa/1.0 X%%PORTDOCS%%@dirrm %%DOCSDIR%%/easy-rsa X%%PORTDOCS%%@dirrm %%DOCSDIR%% END-of-openvpn-devel/pkg-plist exit --- openvpn-devel-2.1.b14.shar ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060811095943.03D1B54>