diff options
| author | spz <spz@pkgsrc.org> | 2009-09-21 12:33:31 +0000 |
|---|---|---|
| committer | spz <spz@pkgsrc.org> | 2009-09-21 12:33:31 +0000 |
| commit | c965eb6bf8032bd8cf996b9838982442e273a76b (patch) | |
| tree | b6a18794a7bc1b258b13be22f8262d7f248f4e13 | |
| parent | c33f25501a71d32c229b577ddc91579dad63d706 (diff) | |
| download | pkgsrc-c965eb6bf8032bd8cf996b9838982442e273a76b.tar.gz | |
add an option to openvpn to enable using certificates on USB sticks
or cards (etc) that are using the PKCS11 protocol
| -rw-r--r-- | mk/defaults/options.description | 1 | ||||
| -rw-r--r-- | net/openvpn/Makefile | 8 | ||||
| -rw-r--r-- | net/openvpn/options.mk | 16 | ||||
| -rw-r--r-- | security/pkcs11-helper/buildlink3.mk | 3 |
4 files changed, 22 insertions, 6 deletions
diff --git a/mk/defaults/options.description b/mk/defaults/options.description index 6ead8af4d43..a66de81ed65 100644 --- a/mk/defaults/options.description +++ b/mk/defaults/options.description @@ -350,6 +350,7 @@ perl Enable Perl support. pgsql Enable PostgreSQL support. pinepwd Enable $HOME/.pinepwd stored IMAP password file. pinfo-native-curses Use NetBSD native curses rather than ncurses. +pkcs11 Use certificate-on-a-stick (or card) support. png Enable PNG support. postfix-milter Build the milter with support for the Postfix MTA. postfix-stress Enable Postfix stress-adaptive behaviour. diff --git a/net/openvpn/Makefile b/net/openvpn/Makefile index 067d0a0c651..f72f2877850 100644 --- a/net/openvpn/Makefile +++ b/net/openvpn/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.29 2009/05/19 08:59:27 wiz Exp $ +# $NetBSD: Makefile,v 1.30 2009/09/21 12:33:31 spz Exp $ # DISTNAME= openvpn-2.1_rc13 @@ -59,9 +59,8 @@ SUBST_CLASSES+= pkitool SUBST_STAGE.pkitool= post-build SUBST_MESSAGE.pkitool= Fixing up default paths to grep & openssl in pkitool. SUBST_FILES.pkitool= easy-rsa/2.0/pkitool -SUBST_SED.pkitool= \ - -e "s|\\(GREP\\)=.*|\\1=\""${GREP:Q}"\"|" \ - -e "s|\\(OPENSSL\\)=.*|\\1=\""${SSLBASE:Q}/bin/openssl"\"|" +SUBST_SED.pkitool= -e "s|\\(GREP\\)=.*|\\1=\""${GREP:Q}"\"|" +SUBST_SED.pkitool+= -e "s|\\(OPENSSL\\)=.*|\\1=\""${SSLBASE:Q}/bin/openssl"\"|" post-install: cd ${WRKSRC:Q}/easy-rsa/2.0; for file in [a-zR]*; do \ @@ -82,4 +81,5 @@ post-install: ${INSTALL_DATA} $$file ${DESTDIR}${EGDIR:Q}/keys; \ done +.include "options.mk" .include "../../mk/bsd.pkg.mk" diff --git a/net/openvpn/options.mk b/net/openvpn/options.mk new file mode 100644 index 00000000000..2fe596bc77a --- /dev/null +++ b/net/openvpn/options.mk @@ -0,0 +1,16 @@ +# $NetBSD: options.mk,v 1.1 2009/09/21 12:33:31 spz Exp $ + +PKG_OPTIONS_VAR= PKG_OPTIONS.openvpn +PKG_SUPPORTED_OPTIONS= pkcs11 +PKG_SUGGESTED_OPTIONS= + +.include "../../mk/bsd.options.mk" + +# include support for certificates on a stick (or card) + +.if !empty(PKG_OPTIONS:Mpkcs11) +.include "../../security/pkcs11-helper/buildlink3.mk" +.else +# it would pick it up halfways when installed, and fail building +CONFIGURE_ARGS+= --disable-pkcs11 +.endif diff --git a/security/pkcs11-helper/buildlink3.mk b/security/pkcs11-helper/buildlink3.mk index 06e81099832..e0bef0f8408 100644 --- a/security/pkcs11-helper/buildlink3.mk +++ b/security/pkcs11-helper/buildlink3.mk @@ -1,11 +1,10 @@ -# $NetBSD: buildlink3.mk,v 1.1 2009/09/15 20:03:47 spz Exp $ +# $NetBSD: buildlink3.mk,v 1.2 2009/09/21 12:33:31 spz Exp $ BUILDLINK_TREE+= pkcs11-helper .if !defined(PKCS11_HELPER_BUILDLINK3_MK) PKCS11_HELPER_BUILDLINK3_MK:= -BUILDLINK_DEPMETHOD.pkcs11-helper?= build BUILDLINK_API_DEPENDS.pkcs11-helper+= pkcs11-helper>=1.06 BUILDLINK_PKGSRCDIR.pkcs11-helper?= ../../security/pkcs11-helper |