From: Jo-Philipp Wich Date: Fri, 25 Nov 2011 04:26:41 +0000 (+0000) Subject: [packages] add openvpn-polarssl, experimental small OpenVPN Git build using PolarSSL... X-Git-Url: http://git.openwrt.org/?a=commitdiff_plain;h=46593ad123b896cbe89d6a6715201b969222b0f2;p=openwrt%2Fsvn-archive%2Farchive.git [packages] add openvpn-polarssl, experimental small OpenVPN Git build using PolarSSL instead of OpenSSL - it is fully compatible to the normal OpenVPN SVN-Revision: 29333 --- diff --git a/net/openvpn-polarssl/Makefile b/net/openvpn-polarssl/Makefile new file mode 100644 index 0000000000..c5ebff2252 --- /dev/null +++ b/net/openvpn-polarssl/Makefile @@ -0,0 +1,64 @@ +# +# Copyright (C) 2011 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=openvpn-polarssl +PKG_VERSION:=v2.2-RC2-345-g03ab4ea +PKG_RELEASE=$(PKG_SOURCE_VERSION) +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_URL:=git://openvpn.git.sourceforge.net/gitroot/openvpn/openvpn.git +PKG_SOURCE_PROTO:=git +PKG_SOURCE_VERSION:=03ab4ead8295e005f72dbffcffdaa74487d9668c + +PKG_INSTALL:=1 +PKG_FIXUP:=autoreconf +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/openvpn-polarssl + SECTION:=net + CATEGORY:=Network + DEPENDS:=+kmod-tun +kmod-ipv6 +libpolarssl +liblzo +ip + TITLE:=Open source VPN solution using PolarSSL (Git version) + URL:=http://openvpn.net + SUBMENU:=VPN +endef + +define Package/openvpn-polarssl/conffiles +/etc/config/openvpn +endef + +define Package/openvpn-polarssl/description + Open source VPN solution using PolarSSL - DEVEL VERSION, Git $(PKG_VERSION) +endef + +CONFIGURE_ARGS += \ + --disable-debug \ + --disable-plugins \ + --enable-management \ + --enable-small \ + --disable-socks \ + --enable-password-save \ + --enable-iproute2 \ + --with-ssl-headers=$(STAGING_DIR)/usr/include \ + --with-ssl-lib=$(STAGING_DIR)/usr/lib \ + --with-ssl-type=polarssl + +define Package/openvpn-polarssl/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/openvpn $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc/init.d/ + $(INSTALL_BIN) files/openvpn.init $(1)/etc/init.d/openvpn + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_CONF) files/openvpn.config $(1)/etc/config/openvpn + $(INSTALL_DIR) $(1)/etc/openvpn +endef + +$(eval $(call BuildPackage,openvpn-polarssl)) diff --git a/net/openvpn-polarssl/files b/net/openvpn-polarssl/files new file mode 120000 index 0000000000..aba90e9d62 --- /dev/null +++ b/net/openvpn-polarssl/files @@ -0,0 +1 @@ +../openvpn/files \ No newline at end of file diff --git a/net/openvpn-polarssl/patches/300-fix-plugin_call-with-ssl.patch b/net/openvpn-polarssl/patches/300-fix-plugin_call-with-ssl.patch new file mode 100644 index 0000000000..6b1e3bed86 --- /dev/null +++ b/net/openvpn-polarssl/patches/300-fix-plugin_call-with-ssl.patch @@ -0,0 +1,118 @@ +--- a/init.c ++++ b/init.c +@@ -1337,7 +1337,11 @@ do_route (const struct options *options, + + if (plugin_defined (plugins, OPENVPN_PLUGIN_ROUTE_UP)) + { +- if (plugin_call (plugins, OPENVPN_PLUGIN_ROUTE_UP, NULL, NULL, es) != OPENVPN_PLUGIN_FUNC_SUCCESS) ++ if (plugin_call (plugins, OPENVPN_PLUGIN_ROUTE_UP, NULL, NULL, es ++#ifdef USE_SSL ++ , -1, NULL ++#endif ++ ) != OPENVPN_PLUGIN_FUNC_SUCCESS) + msg (M_WARN, "WARNING: route-up plugin call failed"); + } + +--- a/misc.c ++++ b/misc.c +@@ -213,7 +213,11 @@ run_up_down (const char *command, + ifconfig_local, ifconfig_remote, + context); + +- if (plugin_call (plugins, plugin_type, &argv, NULL, es) != OPENVPN_PLUGIN_FUNC_SUCCESS) ++ if (plugin_call (plugins, plugin_type, &argv, NULL, es ++#ifdef USE_SSL ++ , -1, NULL ++#endif ++ ) != OPENVPN_PLUGIN_FUNC_SUCCESS) + msg (M_FATAL, "ERROR: up/down plugin call failed"); + + argv_reset (&argv); +--- a/multi.c ++++ b/multi.c +@@ -91,7 +91,11 @@ learn_address_script (const struct multi + mroute_addr_print (addr, &gc)); + if (mi) + argv_printf_cat (&argv, "%s", tls_common_name (mi->context.c2.tls_multi, false)); +- if (plugin_call (plugins, OPENVPN_PLUGIN_LEARN_ADDRESS, &argv, NULL, es) != OPENVPN_PLUGIN_FUNC_SUCCESS) ++ if (plugin_call (plugins, OPENVPN_PLUGIN_LEARN_ADDRESS, &argv, NULL, es ++#ifdef USE_SSL ++ , -1, NULL ++#endif ++ ) != OPENVPN_PLUGIN_FUNC_SUCCESS) + { + msg (M_WARN, "WARNING: learn-address plugin call failed"); + ret = false; +@@ -476,7 +480,11 @@ multi_client_disconnect_script (struct m + + if (plugin_defined (mi->context.plugins, OPENVPN_PLUGIN_CLIENT_DISCONNECT)) + { +- if (plugin_call (mi->context.plugins, OPENVPN_PLUGIN_CLIENT_DISCONNECT, NULL, NULL, mi->context.c2.es) != OPENVPN_PLUGIN_FUNC_SUCCESS) ++ if (plugin_call (mi->context.plugins, OPENVPN_PLUGIN_CLIENT_DISCONNECT, NULL, NULL, mi->context.c2.es ++#ifdef USE_SSL ++ , -1, NULL ++#endif ++ ) != OPENVPN_PLUGIN_FUNC_SUCCESS) + msg (M_WARN, "WARNING: client-disconnect plugin call failed"); + } + +--- a/socket.c ++++ b/socket.c +@@ -2117,7 +2117,11 @@ link_socket_connection_initiated (const + { + struct argv argv = argv_new (); + ipchange_fmt (false, &argv, info, &gc); +- if (plugin_call (info->plugins, OPENVPN_PLUGIN_IPCHANGE, &argv, NULL, es) != OPENVPN_PLUGIN_FUNC_SUCCESS) ++ if (plugin_call (info->plugins, OPENVPN_PLUGIN_IPCHANGE, &argv, NULL, es ++#ifdef USE_SSL ++ , -1, NULL ++#endif ++ ) != OPENVPN_PLUGIN_FUNC_SUCCESS) + msg (M_WARN, "WARNING: ipchange plugin call failed"); + argv_reset (&argv); + } +--- a/ssl.c ++++ b/ssl.c +@@ -1939,7 +1939,11 @@ key_method_2_read (struct buffer *buf, s + */ + if (ks->authenticated && plugin_defined (session->opt->plugins, OPENVPN_PLUGIN_TLS_FINAL)) + { +- if (plugin_call (session->opt->plugins, OPENVPN_PLUGIN_TLS_FINAL, NULL, NULL, session->opt->es) != OPENVPN_PLUGIN_FUNC_SUCCESS) ++ if (plugin_call (session->opt->plugins, OPENVPN_PLUGIN_TLS_FINAL, NULL, NULL, session->opt->es ++#ifdef USE_SSL ++ , -1, NULL ++#endif ++ ) != OPENVPN_PLUGIN_FUNC_SUCCESS) + ks->authenticated = false; + } + +--- a/pf.c ++++ b/pf.c +@@ -563,7 +563,11 @@ pf_init_context (struct context *c) + if( pf_file ) { + setenv_str (c->c2.es, "pf_file", pf_file); + +- if (plugin_call (c->plugins, OPENVPN_PLUGIN_ENABLE_PF, NULL, NULL, c->c2.es) == OPENVPN_PLUGIN_FUNC_SUCCESS) ++ if (plugin_call (c->plugins, OPENVPN_PLUGIN_ENABLE_PF, NULL, NULL, c->c2.es ++#ifdef USE_SSL ++ , -1, NULL ++#endif ++ ) == OPENVPN_PLUGIN_FUNC_SUCCESS) + { + event_timeout_init (&c->c2.pf.reload, 1, now); + c->c2.pf.filename = string_alloc (pf_file, NULL); +--- a/ssl_verify.c ++++ b/ssl_verify.c +@@ -1029,7 +1029,11 @@ verify_user_pass_plugin (struct tls_sess + #endif + + /* call command */ +- retval = plugin_call (session->opt->plugins, OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY, NULL, NULL, session->opt->es); ++ retval = plugin_call (session->opt->plugins, OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY, NULL, NULL, session->opt->es ++#ifdef USE_SSL ++ , -1, NULL ++#endif ++ ); + + #ifdef PLUGIN_DEF_AUTH + /* purge auth control filename (and file itself) for non-deferred returns */ diff --git a/net/openvpn-polarssl/patches/400-fix-undefined-print_default.gateway.patch b/net/openvpn-polarssl/patches/400-fix-undefined-print_default.gateway.patch new file mode 100644 index 0000000000..acb395aa72 --- /dev/null +++ b/net/openvpn-polarssl/patches/400-fix-undefined-print_default.gateway.patch @@ -0,0 +1,36 @@ +--- a/init.c ++++ b/init.c +@@ -696,6 +696,7 @@ init_static (void) + #endif + + #ifdef TEST_GET_DEFAULT_GATEWAY ++#ifdef ENABLE_DEBUG + { + struct route_gateway_info rgi; + get_default_gateway(&rgi); +@@ -703,6 +704,7 @@ init_static (void) + return false; + } + #endif ++#endif + + #ifdef GEN_PATH_TEST + { +--- a/options.c ++++ b/options.c +@@ -3859,6 +3859,7 @@ add_option (struct options *options, + + read_config_file (options, p[1], level, file, line, msglevel, permission_mask, option_types_found, es); + } ++#ifdef ENABLE_DEBUG + else if (streq (p[0], "show-gateway")) + { + struct route_gateway_info rgi; +@@ -3867,6 +3868,7 @@ add_option (struct options *options, + print_default_gateway(M_INFO, &rgi); + openvpn_exit (OPENVPN_EXIT_STATUS_GOOD); /* exit point */ + } ++#endif + #if 0 + else if (streq (p[0], "foreign-option") && p[1]) + {