[packages/openvpn-devel] rework openvpn-devel package

- make use of build-variants to support OpenSSL, PolarSSL and no SSL at all - add menu derived from the stable package, to enable/disable support for various functionality at compile time git-svn-id: svn://svn.openwrt.org/openwrt/packages@32337 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-06-13 15:54:29 +00:00 · 2012-06-13 15:54:29 +00:00 · 5e6ee24d8f
commit 5e6ee24d8f
parent a2b46138ba
4 changed files with 326 additions and 35 deletions
--- a/net/openvpn-devel/Config-nossl.in
+++ b/net/openvpn-devel/Config-nossl.in
@ -0,0 +1,68 @@
+menu "Configuration"
+	depends on PACKAGE_openvpn-devel-nossl
+
+config OPENVPN_DEVEL_nossl_ENABLE_LZO
+	bool "Enable LZO compression support"
+	default y
+
+#config OPENVPN_DEVEL_nossl_ENABLE_CRYPTO
+#	bool "Enable crypto support"
+#	default y
+
+#config OPENVPN_DEVEL_nossl_ENABLE_SSL
+#	bool "Enable SSL support for TLS-based key exchange"
+#	default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_X509_ALT_USERNAME
+	bool "Enable the --x509-username-field feature"
+	default n
+
+config OPENVPN_DEVEL_nossl_ENABLE_SERVER
+	bool "Enable server support (otherwise only client mode is support)"
+	default y
+
+#config OPENVPN_DEVEL_nossl_ENABLE_EUREPHIA
+#	bool "Enable support for the eurephia plug-in"
+#	default n
+
+config OPENVPN_DEVEL_nossl_ENABLE_MANAGEMENT
+	bool "Enable management server support"
+	default n
+
+#config OPENVPN_DEVEL_nossl_ENABLE_PKCS11
+#	bool "Enable pkcs11 support"
+#	default n
+
+config OPENVPN_DEVEL_nossl_ENABLE_HTTP
+	bool "Enable HTTP proxy support"
+	default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_SOCKS
+	bool "Enable SOCKS proxy support"
+	default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_FRAGMENT
+	bool "Enable internal fragmentation support (--fragment)"
+	default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_MULTIHOME
+	bool "Enable multi-homed UDP server support (--multihome)"
+	default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_PORT_SHARE
+	bool "Enable TCP server port-share support (--port-share)"
+	default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_DEF_AUTH
+	bool "Enable deferred authentication"
+	default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_PF
+	bool "Enable internal packet filter"
+	default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_IPROUTE2
+	bool "Enable support for iproute2"
+	default n
+
+endmenu
--- a/net/openvpn-devel/Config-openssl.in
+++ b/net/openvpn-devel/Config-openssl.in
@ -0,0 +1,68 @@
+menu "Configuration"
+	depends on PACKAGE_openvpn-devel-openssl
+
+config OPENVPN_DEVEL_openssl_ENABLE_LZO
+	bool "Enable LZO compression support"
+	default y
+
+#config OPENVPN_DEVEL_openssl_ENABLE_CRYPTO
+#	bool "Enable crypto support"
+#	default y
+
+#config OPENVPN_DEVEL_openssl_ENABLE_SSL
+#	bool "Enable SSL support for TLS-based key exchange"
+#	default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_X509_ALT_USERNAME
+	bool "Enable the --x509-username-field feature"
+	default n
+
+config OPENVPN_DEVEL_openssl_ENABLE_SERVER
+	bool "Enable server support (otherwise only client mode is support)"
+	default y
+
+#config OPENVPN_DEVEL_openssl_ENABLE_EUREPHIA
+#	bool "Enable support for the eurephia plug-in"
+#	default n
+
+config OPENVPN_DEVEL_openssl_ENABLE_MANAGEMENT
+	bool "Enable management server support"
+	default n
+
+#config OPENVPN_DEVEL_openssl_ENABLE_PKCS11
+#	bool "Enable pkcs11 support"
+#	default n
+
+config OPENVPN_DEVEL_openssl_ENABLE_HTTP
+	bool "Enable HTTP proxy support"
+	default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_SOCKS
+	bool "Enable SOCKS proxy support"
+	default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_FRAGMENT
+	bool "Enable internal fragmentation support (--fragment)"
+	default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_MULTIHOME
+	bool "Enable multi-homed UDP server support (--multihome)"
+	default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_PORT_SHARE
+	bool "Enable TCP server port-share support (--port-share)"
+	default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_DEF_AUTH
+	bool "Enable deferred authentication"
+	default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_PF
+	bool "Enable internal packet filter"
+	default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_IPROUTE2
+	bool "Enable support for iproute2"
+	default n
+
+endmenu
--- a/net/openvpn-devel/Config-polarssl.in
+++ b/net/openvpn-devel/Config-polarssl.in
@ -0,0 +1,68 @@
+menu "Configuration"
+	depends on PACKAGE_openvpn-devel-polarssl
+
+config OPENVPN_DEVEL_polarssl_ENABLE_LZO
+	bool "Enable LZO compression support"
+	default y
+
+#config OPENVPN_DEVEL_polarssl_ENABLE_CRYPTO
+#	bool "Enable crypto support"
+#	default y
+
+#config OPENVPN_DEVEL_polarssl_ENABLE_SSL
+#	bool "Enable SSL support for TLS-based key exchange"
+#	default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_X509_ALT_USERNAME
+	bool "Enable the --x509-username-field feature"
+	default n
+
+config OPENVPN_DEVEL_polarssl_ENABLE_SERVER
+	bool "Enable server support (otherwise only client mode is support)"
+	default y
+
+#config OPENVPN_DEVEL_polarssl_ENABLE_EUREPHIA
+#	bool "Enable support for the eurephia plug-in"
+#	default n
+
+config OPENVPN_DEVEL_polarssl_ENABLE_MANAGEMENT
+	bool "Enable management server support"
+	default n
+
+#config OPENVPN_DEVEL_polarssl_ENABLE_PKCS11
+#	bool "Enable pkcs11 support"
+#	default n
+
+config OPENVPN_DEVEL_polarssl_ENABLE_HTTP
+	bool "Enable HTTP proxy support"
+	default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_SOCKS
+	bool "Enable SOCKS proxy support"
+	default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_FRAGMENT
+	bool "Enable internal fragmentation support (--fragment)"
+	default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_MULTIHOME
+	bool "Enable multi-homed UDP server support (--multihome)"
+	default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_PORT_SHARE
+	bool "Enable TCP server port-share support (--port-share)"
+	default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_DEF_AUTH
+	bool "Enable deferred authentication"
+	default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_PF
+	bool "Enable internal packet filter"
+	default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_IPROUTE2
+	bool "Enable support for iproute2"
+	default n
+
+endmenu
--- a/net/openvpn-devel/Makefile
+++ b/net/openvpn-devel/Makefile
@ -8,58 +8,145 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=openvpn-devel
-PKG_VERSION:=201120
-PKG_RELEASE:=4

+PKG_REV:=10b4b65e0318ce305e05cdec4b44b8f6bcd3915f
+PKG_VERSION:=r$(PKG_REV)
+PKG_RELEASE=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=git://openvpn.git.sourceforge.net/gitroot/openvpn/openvpn.git
+PKG_SOURCE_VERSION:=$(PKG_REV)
 PKG_SOURCE:=openvpn-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=ftp://ftp.secure-computing.net/pub/FreeBSD/ports/openvpn-devel \
-	ftp://ftp2.secure-computing.net/pub/FreeBSD/ports/openvpn-devel
-PKG_MD5SUM:=58d219359d5e086cc7749f23428c0bb0
+PKG_SOURCE_SUBDIR:=openvpn-$(PKG_VERSION)
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/openvpn-$(PKG_VERSION)

 PKG_INSTALL:=1
+PKG_FIXUP:=autoreconf
 PKG_BUILD_PARALLEL:=1
-PKG_BUILD_DIR:=$(BUILD_DIR)/openvpn-devel

 include $(INCLUDE_DIR)/package.mk

-define Package/openvpn-devel
+define Package/openvpn-devel/Default
+  TITLE:=Open source VPN solution using $(2)
  SECTION:=net
  CATEGORY:=Network
-  DEPENDS:=+kmod-tun +kmod-ipv6 +libopenssl +liblzo +ip
-  TITLE:=Open source VPN solution using SSL (devel version)
  URL:=http://openvpn.net
  SUBMENU:=VPN
+  MENU:=1
+  DEPENDS:=+kmod-tun +OPENVPN_DEVEL_$(1)_ENABLE_LZO:liblzo +OPENVPN_DEVEL_$(1)_ENABLE_IPROUTE2:ip $(3)
+  VARIANT:=$(1)
+  MAINTAINER:=Mirko Vogt <mirko@openwrt.org>
 endef

-define Package/openvpn-devel/conffiles
+Package/openvpn-devel-openssl=$(call Package/openvpn-devel/Default,openssl,OpenSSL,+libopenssl)
+Package/openvpn-devel-polarssl=$(call Package/openvpn-devel/Default,polarssl,PolarSSL,+libpolarssl)
+Package/openvpn-devel-nossl=$(call Package/openvpn-devel/Default,nossl,plaintext (no SSL))
+
+define Package/openvpn-devel/config/Default
+	source "$(SOURCE)/Config-$(1).in"
+endef
+
+Package/openvpn-devel-openssl/config=$(call Package/openvpn-devel/config/Default,openssl)
+Package/openvpn-devel-polarssl/config=$(call Package/openvpn-devel/config/Default,polarssl)
+Package/openvpn-devel-nossl/config=$(call Package/openvpn-devel/config/Default,nossl)
+
+#define Package/openvpn-devel-easy-rsa
+#  $(call Package/openvpn-devel-openssl)
+#  DEPENDS:=+openssl-util
+#  TITLE:=Simple shell scripts to manage a Certificate Authority
+#endef
+
+#define Package/openvpn-devel-easy-rsa/conffiles
+#/etc/easy-rsa/keys/serial
+#/etc/easy-rsa/keys/index.txt
+#/etc/easy-rsa/vars
+#endef
+
+
+ifeq ($(BUILD_VARIANT),polarssl)
+CONFIG_OPENVPN_DEVEL_POLARSSL:=y
+endif
+ifeq ($(BUILD_VARIANT),openssl)
+CONFIG_OPENVPN_DEVEL_OPENSSL:=y
+endif
+ifeq ($(BUILD_VARIANT),nossl)
+CONFIG_OPENVPN_DEVEL_NOSSL:=y
+endif
+
+CONFIGURE_VARS += \
+	IFCONFIG=/sbin/ifconfig \
+	ROUTE=/sbin/route \
+	IPROUTE=/usr/sbin/ip \
+	NETSTAT=/sbin/netstat
+
+define Build/Configure
+	$(call Build/Configure/Default, \
+		--enable-small \
+		--disable-selinux \
+		--disable-systemd \
+		--disable-plugins \
+		--disable-debug \
+		--disable-eurephia \
+		--disable-pkcs11 \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_LZO),--enable,--disable)-lzo \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_CRYPTO),--enable,--disable)-crypto \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_X509_ALT_USERNAME),enable,disable-x509-alt-username)-ssl \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_SERVER),--enable,--disable)-server \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_MANAGEMENT),--enable,--disable)-management \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_SOCKS),--enable,--disable)-socks \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_HTTP),--enable,--disable)-http \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_FRAGMENT),--enable,--disable)-fragment \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_MULTIHOME),--enable,--disable)-multihome \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_IPROUTE2),--enable,--disable)-iproute2 \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_DEF_AUTH),--enable,--disable)-def-auth \
+		$(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_PF),--enable,--disable)-pf \
+		$(if $(CONFIG_OPENVPN_DEVEL_NOSSL),--disable-ssl --disable-crypto,--enable-ssl --enable-crypto) \
+		$(if $(CONFIG_OPENVPN_DEVEL_OPENSSL),--with-crypto-library=openssl) \
+		$(if $(CONFIG_OPENVPN_DEVEL_POLARSSL),--with-crypto-library=polarssl) \
+	)
+endef
+
+define Package/openvpn-devel-$(BUILD_VARIANT)/conffiles
 /etc/config/openvpn
 endef

-define Package/openvpn-devel/description
-	 Open source VPN solution using SSL - DEVEL VERSION, Week $(PKG_VERSION)
+define Package/openvpn-devel-$(BUILD_VARIANT)/install
+	$(INSTALL_DIR) \
+		$(1)/usr/sbin \
+		$(1)/etc/init.d \
+		$(1)/etc/config \
+		$(1)/etc/openvpn \
+		$(1)/lib/upgrade/keep.d
+
+	$(INSTALL_BIN) \
+		$(PKG_INSTALL_DIR)/usr/sbin/openvpn \
+		$(1)/usr/sbin/
+
+	$(INSTALL_BIN) \
+		files/openvpn.init \
+		$(1)/etc/init.d/openvpn
+
+	$(INSTALL_CONF) files/openvpn.config \
+		$(1)/etc/config/openvpn
+
+	$(INSTALL_DATA) \
+		files/openvpn.upgrade \
+		$(1)/lib/upgrade/keep.d/openvpn
 endef

-CONFIGURE_ARGS += \
-	--disable-debug \
-	--disable-plugins \
-	--enable-management \
-	--enable-small \
-	--disable-socks \
-	--enable-password-save \
-	--enable-iproute2 \
-	--with-iproute-path=/usr/sbin/ip
+#define Package/openvpn-devel-easy-rsa/install
+#	$(INSTALL_DIR) $(1)/usr/sbin
+#	$(CP) $(PKG_BUILD_DIR)/easy-rsa/2.0/{build-*,clean-all,inherit-inter,list-crl,pkitool,revoke-full,sign-req,whichopensslcnf} $(1)/usr/sbin/
+#	$(INSTALL_DIR) $(1)/etc/easy-rsa
+#	$(INSTALL_DATA) $(PKG_BUILD_DIR)/easy-rsa/2.0/openssl-1.0.0.cnf $(1)/etc/easy-rsa/openssl-1.0.0.cnf
+#	$(INSTALL_DATA) $(PKG_BUILD_DIR)/easy-rsa/2.0/vars $(1)/etc/easy-rsa/vars
+#	$(INSTALL_DIR) $(1)/etc/easy-rsa/keys
+#	$(INSTALL_DATA) files/easy-rsa.index $(1)/etc/easy-rsa/keys/index.txt
+#	$(INSTALL_DATA) files/easy-rsa.serial $(1)/etc/easy-rsa/keys/serial
+#endef

-CONFIGURE_VARS += \
-	ac_cv_func_epoll_create=no
-
-define Package/openvpn-devel/install
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/openvpn $(1)/usr/sbin/
-	$(INSTALL_DIR) $(1)/etc/init.d/
-	$(INSTALL_BIN) files/openvpn.init $(1)/etc/init.d/openvpn
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_CONF) files/openvpn.config $(1)/etc/config/openvpn
-	$(INSTALL_DIR) $(1)/etc/openvpn
-endef
-
-$(eval $(call BuildPackage,openvpn-devel))
+$(eval $(call BuildPackage,openvpn-devel-openssl))
+$(eval $(call BuildPackage,openvpn-devel-polarssl))
+$(eval $(call BuildPackage,openvpn-devel-nossl))
+#$(eval $(call BuildPackage,openvpn-devel-easy-rsa))