Date: Mon, 24 Jun 2002 03:35:32 +0200 (CEST) From: Matthias Andree <matthias.andree@web.de> To: FreeBSD-gnats-submit@FreeBSD.org Cc: matthias.andree@web.de Subject: ports/39750: New port: security/openvpn - secure IP/Eth-over-UDP tunnel Message-ID: <20020624013532.5EA211B248@emma.line.org>
next in thread | raw e-mail | index | archive | help
>Number: 39750
>Category: ports
>Synopsis: New port: security/openvpn - secure IP/Eth-over-UDP tunnel
>Confidential: no
>Severity: non-critical
>Priority: high
>Responsible: freebsd-ports
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sun Jun 23 18:40:01 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Matthias Andree
>Release: FreeBSD 4.6-STABLE i386
>Organization:
>Environment:
System: FreeBSD merlin.emma.line.org 4.6-STABLE FreeBSD 4.6-STABLE #4: Sun Jun 23 21:43:40 CEST 2002 toor@merlin.emma.line.org:/usr/src/sys/compile/MA i386
>Description:
This adds a new port for James Yonan's great OpenVPN package.
OpenVPN allows for setting up robust and secure IP-over-UDP or
Ethernet-over-UDP tunnels by means of the tun or tap devices.
This port requires OpenSSL (base system) and LZO (already in ports).
>How-To-Repeat:
>Fix:
Unpack this shar archive and commit it to the ports tree.
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# openvpn
# openvpn/Makefile
# openvpn/files
# openvpn/files/patch-ab:error.c:openlog
# openvpn/files/patch-aa:tun.c:ifconfig
# openvpn/distinfo
# openvpn/pkg-plist
# openvpn/pkg-comment
# openvpn/pkg-descr
#
echo c - openvpn
mkdir -p openvpn > /dev/null 2>&1
echo x - openvpn/Makefile
sed 's/^X//' >openvpn/Makefile << 'END-of-openvpn/Makefile'
X# New ports collection makefile for: openvpn
X# Date created: 2002-06-23
X# Whom: Matthias Andree <matthias.andree@web.de>
X#
X# $FreeBSD$
X#
X
XPORTNAME= openvpn
XPORTVERSION= 1.2.1
XCATEGORIES= security
XMASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
XMASTER_SITE_SUBDIR= ${PORTNAME}
X
XMAINTAINER= matthias.andree@web.de
X
XLIB_DEPENDS= lzo.1:${PORTSDIR}/archivers/lzo
X
XGNU_CONFIGURE= yes
XUSE_OPENSSL= yes
XCONFIGURE_ARGS= --with-lzo-lib=${LOCALBASE}/lib \
X --with-lzo-headers=${LOCALBASE}/include
X
X# This one is ugly, but it is required so that the program-transform-name
X# option is not implicitly used.
XCONFIGURE_TARGET=
X
XMAN8= openvpn.8
X
Xpost-install:
X.if !defined(NOPORTDOCS)
X ${MKDIR} ${LOCALBASE}/share/doc/${PORTNAME}
X for i in AUTHORS COPYING COPYRIGHT.GPL ChangeLog \
X INSTALL NEWS PORTS README ; do \
X ${INSTALL_MAN} ${WRKSRC}/$$i \
X ${LOCALBASE}/share/doc/${PORTNAME}/ ; done
X for i in easy-rsa sample-config-files sample-scripts ; do \
X ${MKDIR} ${LOCALBASE}/share/doc/${PORTNAME}/$$i ; \
X ${INSTALL_MAN} ${WRKSRC}/$$i/* \
X ${LOCALBASE}/share/doc/${PORTNAME}/$$i/ ; \
X done
X.endif
X
X.include <bsd.port.mk>
END-of-openvpn/Makefile
echo c - openvpn/files
mkdir -p openvpn/files > /dev/null 2>&1
echo x - openvpn/files/patch-ab:error.c:openlog
sed 's/^X//' >openvpn/files/patch-ab:error.c:openlog << 'END-of-openvpn/files/patch-ab:error.c:openlog'
X--- error.c.orig Mon Jun 24 02:27:37 2002
X+++ error.c Mon Jun 24 02:28:05 2002
X@@ -215,7 +215,7 @@
X #if defined(HAVE_OPENLOG) && defined(HAVE_SYSLOG)
X if (daemon (cd != NULL, 0) < 0)
X msg (M_ERR, "daemon() failed");
X- openlog ("openvpn", LOG_PID, 0);
X+ openlog ("openvpn", LOG_PID, LOG_DAEMON);
X #else
X msg (M_WARN, "Warning: this operating system lacks daemon logging features, therefore when I become a daemon, I won't be able to log status or error messages");
X if (daemon (cd != NULL, 0) < 0)
END-of-openvpn/files/patch-ab:error.c:openlog
echo x - openvpn/files/patch-aa:tun.c:ifconfig
sed 's/^X//' >openvpn/files/patch-aa:tun.c:ifconfig << 'END-of-openvpn/files/patch-aa:tun.c:ifconfig'
X--- tun.c.orig Sun Jun 23 23:43:57 2002
X+++ tun.c Sun Jun 23 23:45:54 2002
X@@ -76,7 +76,7 @@
X );
X msg (M_INFO, "%s", command_line);
X if (openvpn_system (command_line) != 0)
X- msg (M_ERR, "linux ifconfig failed");
X+ msg (M_ERR, "Linux ifconfig failed");
X
X #elif defined(TARGET_SOLARIS)
X
X@@ -90,7 +90,7 @@
X );
X msg (M_INFO, "%s", command_line);
X if (openvpn_system (command_line) != 0)
X- msg (M_ERR, "solaris ifconfig failed");
X+ msg (M_ERR, "Solaris ifconfig failed");
X
X #elif defined(TARGET_OPENBSD)
X
X@@ -118,7 +118,7 @@
X );
X msg (M_INFO, "%s", command_line);
X if (openvpn_system (command_line) != 0)
X- msg (M_ERR, "openbsd ifconfig failed");
X+ msg (M_ERR, "OpenBSD ifconfig failed");
X
X #elif defined(TARGET_DARWIN)
X
X@@ -144,7 +144,22 @@
X );
X msg (M_INFO, "%s", command_line);
X if (openvpn_system (command_line) != 0)
X- msg (M_ERR, "darwin ifconfig failed");
X+ msg (M_ERR, "Darwin ifconfig failed");
X+
X+#elif defined(TARGET_FREEBSD)
X+ /* example: ifconfig tun2 10.2.0.2 10.2.0.1 mtu 1450 netmask 255.255.255.255 up */
X+ snprintf (command_line, sizeof (command_line),
X+ IFCONFIG_PATH " %s %s %s mtu %d netmask 255.255.255.255 up",
X+ dev,
X+ ifconfig_local,
X+ ifconfig_remote,
X+ tun_mtu
X+ );
X+ msg (M_INFO, "%s", command_line);
X+ if (openvpn_system (command_line) != 0)
X+ msg (M_ERR, "FreeBSD ifconfig failed");
X+
X+
X
X #else
X msg (M_FATAL, "Sorry, but I don't know how to do 'ifconfig' commands on this operating system. You should ifconfig your tun/tap device manually or use an --up script.");
END-of-openvpn/files/patch-aa:tun.c:ifconfig
echo x - openvpn/distinfo
sed 's/^X//' >openvpn/distinfo << 'END-of-openvpn/distinfo'
XMD5 (openvpn-1.2.1.tar.gz) = 9a41f775bb5045d225483c8a2a9b0ad0
END-of-openvpn/distinfo
echo x - openvpn/pkg-plist
sed 's/^X//' >openvpn/pkg-plist << 'END-of-openvpn/pkg-plist'
Xsbin/openvpn
X%%PORTDOCS%%share/doc/openvpn/AUTHORS
X%%PORTDOCS%%share/doc/openvpn/COPYING
X%%PORTDOCS%%share/doc/openvpn/COPYRIGHT.GPL
X%%PORTDOCS%%share/doc/openvpn/ChangeLog
X%%PORTDOCS%%share/doc/openvpn/INSTALL
X%%PORTDOCS%%share/doc/openvpn/NEWS
X%%PORTDOCS%%share/doc/openvpn/PORTS
X%%PORTDOCS%%share/doc/openvpn/README
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/README
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/build-ca
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/build-dh
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/build-key
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/build-key-pass
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/build-req
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/build-req-pass
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/clean-all
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/openssl.cnf
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/sign-req
X%%PORTDOCS%%share/doc/openvpn/easy-rsa/vars
X%%PORTDOCS%%@dirrm share/doc/openvpn/easy-rsa
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/README
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/firewall.sh
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/home.up
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/office.up
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/openvpn-shutdown.sh
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/openvpn-startup.sh
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/static-home.conf
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/static-office.conf
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/tls-home.conf
X%%PORTDOCS%%share/doc/openvpn/sample-config-files/tls-office.conf
X%%PORTDOCS%%@dirrm share/doc/openvpn/sample-config-files
X%%PORTDOCS%%share/doc/openvpn/sample-scripts/openvpn.init
X%%PORTDOCS%%share/doc/openvpn/sample-scripts/verify-cn
X%%PORTDOCS%%@dirrm share/doc/openvpn/sample-scripts
X%%PORTDOCS%%@dirrm share/doc/openvpn/
END-of-openvpn/pkg-plist
echo x - openvpn/pkg-comment
sed 's/^X//' >openvpn/pkg-comment << 'END-of-openvpn/pkg-comment'
XSecure IP/Ethernet tunnel daemon
END-of-openvpn/pkg-comment
echo x - openvpn/pkg-descr
sed 's/^X//' >openvpn/pkg-descr << 'END-of-openvpn/pkg-descr'
XOpenVPN is a robust and highly configurable VPN (Virtual Private
XNetwork) daemon which can be used to securely link two or more private
Xnetworks using an encrypted tunnel over the internet. It uses UDP as its
Xtransport, avoiding TCP-over-TCP retransmission congestion. SSL can be
Xused to authenticate the sites, or they can use a pre-shared secret.
X
XWWW: http://openvpn.sourceforge.net/
X
X- Matthias Andree
Xmatthias.andree@web.de
END-of-openvpn/pkg-descr
exit
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020624013532.5EA211B248>