diff options
| author | jlam <jlam@pkgsrc.org> | 2005-09-01 03:40:42 +0000 |
|---|---|---|
| committer | jlam <jlam@pkgsrc.org> | 2005-09-01 03:40:42 +0000 |
| commit | a7d61e0a3fb514ce90e894e670d4ddda37dec5df (patch) | |
| tree | 82c2a0c009f8bcb757fbc2b7291d00418d34ba94 /net | |
| parent | 485175baa943d49702f583c1a0e42545ae089201 (diff) | |
| download | pkgsrc-a7d61e0a3fb514ce90e894e670d4ddda37dec5df.tar.gz | |
Update net/openvpn to 2.0.2. Changes from version 2.0.1 include:
* Fixed bug in route.c in FreeBSD, Darwin, OpenBSD and NetBSD
version of get_default_gateway. Allocated socket for route
manipulation is never freed so number of mbufs continuously
grow and exhaust system resources after a while (Jaroslav Klaus).
* Fixed bug where "--proto tcp-server --mode p2p --management
host port" would cause the management port to not respond until
the OpenVPN peer connects.
Diffstat (limited to 'net')
| -rw-r--r-- | net/openvpn/Makefile | 4 | ||||
| -rw-r--r-- | net/openvpn/distinfo | 10 | ||||
| -rw-r--r-- | net/openvpn/patches/patch-aa | 14 | ||||
| -rw-r--r-- | net/openvpn/patches/patch-ab | 132 |
4 files changed, 6 insertions, 154 deletions
diff --git a/net/openvpn/Makefile b/net/openvpn/Makefile index d6698b0a6fe..22ab7727f54 100644 --- a/net/openvpn/Makefile +++ b/net/openvpn/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.8 2005/08/17 19:55:57 jlam Exp $ +# $NetBSD: Makefile,v 1.9 2005/09/01 03:40:42 jlam Exp $ # -DISTNAME= openvpn-2.0.1 +DISTNAME= openvpn-2.0.2 PKGNAME= ${DISTNAME:S/_//} CATEGORIES= net MASTER_SITES= http://openvpn.net/release/ \ diff --git a/net/openvpn/distinfo b/net/openvpn/distinfo index bd8062036fb..16804dbb35b 100644 --- a/net/openvpn/distinfo +++ b/net/openvpn/distinfo @@ -1,7 +1,5 @@ -$NetBSD: distinfo,v 1.4 2005/08/17 19:55:57 jlam Exp $ +$NetBSD: distinfo,v 1.5 2005/09/01 03:40:42 jlam Exp $ -SHA1 (openvpn-2.0.1.tar.gz) = d0ce0f41c8832e96511761ba4db1d209267c2caa -RMD160 (openvpn-2.0.1.tar.gz) = ced7028e996f119ce1b0e21305aaa744d2181fd9 -Size (openvpn-2.0.1.tar.gz) = 662428 bytes -SHA1 (patch-aa) = c28596050d1f5850219816ea2d855eeda6f37d12 -SHA1 (patch-ab) = d5f9d23078607adbc1bfe23960da6b87725df122 +SHA1 (openvpn-2.0.2.tar.gz) = b1a86e189007dccb969da7e39b18c32819faa9cf +RMD160 (openvpn-2.0.2.tar.gz) = 0a7a5d73ffda93862d71dd4d61d4e29a0a5d99e3 +Size (openvpn-2.0.2.tar.gz) = 663246 bytes diff --git a/net/openvpn/patches/patch-aa b/net/openvpn/patches/patch-aa deleted file mode 100644 index 4fa51ec1d09..00000000000 --- a/net/openvpn/patches/patch-aa +++ /dev/null @@ -1,14 +0,0 @@ -$NetBSD: patch-aa,v 1.2 2005/08/17 19:55:57 jlam Exp $ - ---- easy-rsa/2.0/README.orig 2005-07-17 16:13:42.000000000 -0400 -+++ easy-rsa/2.0/README -@@ -46,9 +46,6 @@ Release Notes for easy-rsa-2.0 - - * This release only affects the Linux/Unix version of easy-rsa. - The Windows version (written to use the Windows shell) is unchanged. -- Note that the new pkitool script is written in bash, and will not -- run on Windows unless bash is installed. To install bash on Windows, -- see the MSYS package available here: http://www.mingw.org/ - - INSTALL easy-rsa - diff --git a/net/openvpn/patches/patch-ab b/net/openvpn/patches/patch-ab deleted file mode 100644 index a122a1acb68..00000000000 --- a/net/openvpn/patches/patch-ab +++ /dev/null @@ -1,132 +0,0 @@ -$NetBSD: patch-ab,v 1.2 2005/08/17 19:55:57 jlam Exp $ - ---- easy-rsa/2.0/pkitool.orig 2005-07-15 14:38:14.000000000 -0400 -+++ easy-rsa/2.0/pkitool -@@ -1,4 +1,4 @@ --#!/bin/bash -+#!/bin/sh - - # OpenVPN -- An application to securely tunnel IP networks - # over a single TCP/UDP port, with support for SSL/TLS-based -@@ -31,7 +31,10 @@ PROGNAME=pkitool - VERSION=2.0 - DEBUG=0 - --function need_vars -+GREP=grep -+OPENSSL=openssl -+ -+need_vars() - { - echo ' Please edit the vars script to reflect your configuration,' - echo ' then source it with "source ./vars".' -@@ -40,7 +43,7 @@ function need_vars - echo " Finally, you can run this tool ($PROGNAME) to build certificates/keys." - } - --function usage -+usage() - { - echo "$PROGNAME $VERSION" - echo "Usage: $PROGNAME [options...] [common-name]" -@@ -103,7 +106,7 @@ BATCH="-batch" - CA="ca" - - # Process options --while [ "$1" ] && [ "${1:0:2}" = "--" ]; do -+while [ $# -gt 0 ]; do - case "$1" in - --server ) REQ_EXT="$REQ_EXT -extensions server" - CA_EXT="$CA_EXT -extensions server" ;; -@@ -115,8 +118,9 @@ while [ "$1" ] && [ "${1:0:2}" = "--" ]; - --csr ) DO_CA="0" ;; - --sign ) DO_REQ="0" ;; - --pkcs12 ) DO_P12="1" ;; -- * ) echo "$PROGNAME: unknown option: $1" -- exit 1 -+ --* ) echo "$PROGNAME: unknown option: $1" -+ exit 1 ;; -+ * ) break ;; - esac - shift - done -@@ -128,25 +132,25 @@ if [ $DO_P12 -eq 1 ]; then - fi - - # If undefined, set default key expiration intervals --if [ -z $KEY_EXPIRE ]; then -- export KEY_EXPIRE=3650 -+if [ -z "$KEY_EXPIRE" ]; then -+ KEY_EXPIRE=3650 - fi --if [ -z $CA_EXPIRE ]; then -- export CA_EXPIRE=3650 -+if [ -z "$CA_EXPIRE" ]; then -+ CA_EXPIRE=3650 - fi - - # Set organizational unit to empty string if undefined - if [ -z "$KEY_OU" ]; then -- export KEY_OU="" -+ KEY_OU="" - fi - - # Set KEY_CN - if [ $DO_ROOT -eq 1 ]; then - if [ -z "$KEY_CN" ]; then - if [ "$1" ]; then -- export KEY_CN="$1" -+ KEY_CN="$1" - elif [ "$KEY_ORG" ]; then -- export KEY_CN="$KEY_ORG CA" -+ KEY_CN="$KEY_ORG CA" - fi - fi - if [ $BATCH ] && [ "$KEY_CN" ]; then -@@ -159,9 +163,10 @@ else - usage - exit 1 - else -- export KEY_CN="$1" -+ KEY_CN="$1" - fi - fi -+export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_CN - - # Show parameters (debugging) - if [ $DEBUG -eq 1 ]; then -@@ -186,7 +191,9 @@ if [ -d "$KEY_DIR" ] && [ "$KEY_CONFIG" - - # Make sure $KEY_CONFIG points to the correct version - # of openssl.cnf -- if ! grep -Eqi 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" ; then -+ if $GREP -i 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" >/dev/null; then -+ : -+ else - echo "$PROGNAME: KEY_CONFIG (set by the ./vars script) is pointing to the wrong" - echo "version of openssl.cnf: $KEY_CONFIG" - echo "The correct version should have a comment that says: easy-rsa version 2.x"; -@@ -195,7 +202,7 @@ if [ -d "$KEY_DIR" ] && [ "$KEY_CONFIG" - - # Build root CA - if [ $DO_ROOT -eq 1 ]; then -- openssl req $BATCH -days $CA_EXPIRE $NODES_REQ -new -x509 \ -+ $OPENSSL req $BATCH -days $CA_EXPIRE $NODES_REQ -new -x509 \ - -keyout "$CA.key" -out "$CA.crt" -config "$KEY_CONFIG" && \ - chmod 0600 "$CA.key" - else -@@ -209,11 +216,11 @@ if [ -d "$KEY_DIR" ] && [ "$KEY_CONFIG" - fi - - # Build cert/key -- ( [ $DO_REQ -eq 0 ] || openssl req $BATCH -days $KEY_EXPIRE $NODES_REQ -new \ -+ ( [ $DO_REQ -eq 0 ] || $OPENSSL req $BATCH -days $KEY_EXPIRE $NODES_REQ -new \ - -keyout "$KEY_CN.key" -out "$KEY_CN.csr" $REQ_EXT -config "$KEY_CONFIG" ) && \ -- ( [ $DO_CA -eq 0 ] || openssl ca $BATCH -days $KEY_EXPIRE -out "$KEY_CN.crt" \ -+ ( [ $DO_CA -eq 0 ] || $OPENSSL ca $BATCH -days $KEY_EXPIRE -out "$KEY_CN.crt" \ - -in "$KEY_CN.csr" $CA_EXT -config "$KEY_CONFIG" ) && \ -- ( [ $DO_P12 -eq 0 ] || openssl pkcs12 -export -inkey "$KEY_CN.key" \ -+ ( [ $DO_P12 -eq 0 ] || $OPENSSL pkcs12 -export -inkey "$KEY_CN.key" \ - -in "$KEY_CN.crt" -certfile "$CA.crt" -out "$KEY_CN.p12" $NODES_P12 ) && \ - ( [ $DO_CA -eq 0 ] || chmod 0600 "$KEY_CN.key" ) && \ - ( [ $DO_P12 -eq 0 ] || chmod 0600 "$KEY_CN.p12" ) |