[packages/openvpn-devel] rework openvpn-devel package

 - make use of build-variants to support OpenSSL, PolarSSL and no SSL at all
 - add menu derived from the stable package, to enable/disable support for various functionality at compile time

git-svn-id: svn://svn.openwrt.org/openwrt/packages@32337 3c298f89-4303-0410-b956-a3cf2f4a3e73

diff --git a/net/openvpn-devel/Config-nossl.in b/net/openvpn-devel/Config-nossl.in
new file mode 100644 (file)
index 0000000..94d2349
--- /dev/null
+++ b/net/openvpn-devel/Config-nossl.in
@@ -0,0 +1,68 @@
+menu "Configuration"
+       depends on PACKAGE_openvpn-devel-nossl
+
+config OPENVPN_DEVEL_nossl_ENABLE_LZO
+       bool "Enable LZO compression support"
+       default y
+
+#config OPENVPN_DEVEL_nossl_ENABLE_CRYPTO
+#      bool "Enable crypto support"
+#      default y
+
+#config OPENVPN_DEVEL_nossl_ENABLE_SSL
+#      bool "Enable SSL support for TLS-based key exchange"
+#      default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_X509_ALT_USERNAME
+       bool "Enable the --x509-username-field feature"
+       default n
+
+config OPENVPN_DEVEL_nossl_ENABLE_SERVER
+       bool "Enable server support (otherwise only client mode is support)"
+       default y
+
+#config OPENVPN_DEVEL_nossl_ENABLE_EUREPHIA
+#      bool "Enable support for the eurephia plug-in"
+#      default n
+
+config OPENVPN_DEVEL_nossl_ENABLE_MANAGEMENT
+       bool "Enable management server support"
+       default n
+
+#config OPENVPN_DEVEL_nossl_ENABLE_PKCS11
+#      bool "Enable pkcs11 support"
+#      default n
+
+config OPENVPN_DEVEL_nossl_ENABLE_HTTP
+       bool "Enable HTTP proxy support"
+       default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_SOCKS
+       bool "Enable SOCKS proxy support"
+       default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_FRAGMENT
+       bool "Enable internal fragmentation support (--fragment)"
+       default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_MULTIHOME
+       bool "Enable multi-homed UDP server support (--multihome)"
+       default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_PORT_SHARE
+       bool "Enable TCP server port-share support (--port-share)"
+       default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_DEF_AUTH
+       bool "Enable deferred authentication"
+       default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_PF
+       bool "Enable internal packet filter"
+       default y
+
+config OPENVPN_DEVEL_nossl_ENABLE_IPROUTE2
+       bool "Enable support for iproute2"
+       default n
+
+endmenu

diff --git a/net/openvpn-devel/Config-openssl.in b/net/openvpn-devel/Config-openssl.in
new file mode 100644 (file)
index 0000000..0c01a91
--- /dev/null
+++ b/net/openvpn-devel/Config-openssl.in
@@ -0,0 +1,68 @@
+menu "Configuration"
+       depends on PACKAGE_openvpn-devel-openssl
+
+config OPENVPN_DEVEL_openssl_ENABLE_LZO
+       bool "Enable LZO compression support"
+       default y
+
+#config OPENVPN_DEVEL_openssl_ENABLE_CRYPTO
+#      bool "Enable crypto support"
+#      default y
+
+#config OPENVPN_DEVEL_openssl_ENABLE_SSL
+#      bool "Enable SSL support for TLS-based key exchange"
+#      default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_X509_ALT_USERNAME
+       bool "Enable the --x509-username-field feature"
+       default n
+
+config OPENVPN_DEVEL_openssl_ENABLE_SERVER
+       bool "Enable server support (otherwise only client mode is support)"
+       default y
+
+#config OPENVPN_DEVEL_openssl_ENABLE_EUREPHIA
+#      bool "Enable support for the eurephia plug-in"
+#      default n
+
+config OPENVPN_DEVEL_openssl_ENABLE_MANAGEMENT
+       bool "Enable management server support"
+       default n
+
+#config OPENVPN_DEVEL_openssl_ENABLE_PKCS11
+#      bool "Enable pkcs11 support"
+#      default n
+
+config OPENVPN_DEVEL_openssl_ENABLE_HTTP
+       bool "Enable HTTP proxy support"
+       default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_SOCKS
+       bool "Enable SOCKS proxy support"
+       default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_FRAGMENT
+       bool "Enable internal fragmentation support (--fragment)"
+       default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_MULTIHOME
+       bool "Enable multi-homed UDP server support (--multihome)"
+       default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_PORT_SHARE
+       bool "Enable TCP server port-share support (--port-share)"
+       default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_DEF_AUTH
+       bool "Enable deferred authentication"
+       default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_PF
+       bool "Enable internal packet filter"
+       default y
+
+config OPENVPN_DEVEL_openssl_ENABLE_IPROUTE2
+       bool "Enable support for iproute2"
+       default n
+
+endmenu

diff --git a/net/openvpn-devel/Config-polarssl.in b/net/openvpn-devel/Config-polarssl.in
new file mode 100644 (file)
index 0000000..e66e1aa
--- /dev/null
+++ b/net/openvpn-devel/Config-polarssl.in
@@ -0,0 +1,68 @@
+menu "Configuration"
+       depends on PACKAGE_openvpn-devel-polarssl
+
+config OPENVPN_DEVEL_polarssl_ENABLE_LZO
+       bool "Enable LZO compression support"
+       default y
+
+#config OPENVPN_DEVEL_polarssl_ENABLE_CRYPTO
+#      bool "Enable crypto support"
+#      default y
+
+#config OPENVPN_DEVEL_polarssl_ENABLE_SSL
+#      bool "Enable SSL support for TLS-based key exchange"
+#      default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_X509_ALT_USERNAME
+       bool "Enable the --x509-username-field feature"
+       default n
+
+config OPENVPN_DEVEL_polarssl_ENABLE_SERVER
+       bool "Enable server support (otherwise only client mode is support)"
+       default y
+
+#config OPENVPN_DEVEL_polarssl_ENABLE_EUREPHIA
+#      bool "Enable support for the eurephia plug-in"
+#      default n
+
+config OPENVPN_DEVEL_polarssl_ENABLE_MANAGEMENT
+       bool "Enable management server support"
+       default n
+
+#config OPENVPN_DEVEL_polarssl_ENABLE_PKCS11
+#      bool "Enable pkcs11 support"
+#      default n
+
+config OPENVPN_DEVEL_polarssl_ENABLE_HTTP
+       bool "Enable HTTP proxy support"
+       default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_SOCKS
+       bool "Enable SOCKS proxy support"
+       default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_FRAGMENT
+       bool "Enable internal fragmentation support (--fragment)"
+       default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_MULTIHOME
+       bool "Enable multi-homed UDP server support (--multihome)"
+       default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_PORT_SHARE
+       bool "Enable TCP server port-share support (--port-share)"
+       default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_DEF_AUTH
+       bool "Enable deferred authentication"
+       default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_PF
+       bool "Enable internal packet filter"
+       default y
+
+config OPENVPN_DEVEL_polarssl_ENABLE_IPROUTE2
+       bool "Enable support for iproute2"
+       default n
+
+endmenu

diff --git a/net/openvpn-devel/Makefile b/net/openvpn-devel/Makefile
index 1c2e7fc..f1ffd73 100644 (file)
--- a/net/openvpn-devel/Makefile
+++ b/net/openvpn-devel/Makefile
@@ -8,58 +8,145 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openvpn-devel
-PKG_VERSION:=201120
-PKG_RELEASE:=4
 
+PKG_REV:=10b4b65e0318ce305e05cdec4b44b8f6bcd3915f
+PKG_VERSION:=r$(PKG_REV)
+PKG_RELEASE=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=git://openvpn.git.sourceforge.net/gitroot/openvpn/openvpn.git
+PKG_SOURCE_VERSION:=$(PKG_REV)
 PKG_SOURCE:=openvpn-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=ftp://ftp.secure-computing.net/pub/FreeBSD/ports/openvpn-devel \
-       ftp://ftp2.secure-computing.net/pub/FreeBSD/ports/openvpn-devel
-PKG_MD5SUM:=58d219359d5e086cc7749f23428c0bb0
+PKG_SOURCE_SUBDIR:=openvpn-$(PKG_VERSION)
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/openvpn-$(PKG_VERSION)
 
 PKG_INSTALL:=1
+PKG_FIXUP:=autoreconf
 PKG_BUILD_PARALLEL:=1
-PKG_BUILD_DIR:=$(BUILD_DIR)/openvpn-devel
 
 include $(INCLUDE_DIR)/package.mk
 
-define Package/openvpn-devel
+define Package/openvpn-devel/Default
+  TITLE:=Open source VPN solution using $(2)
   SECTION:=net
   CATEGORY:=Network
-  DEPENDS:=+kmod-tun +kmod-ipv6 +libopenssl +liblzo +ip
-  TITLE:=Open source VPN solution using SSL (devel version)
   URL:=http://openvpn.net
   SUBMENU:=VPN
+  MENU:=1
+  DEPENDS:=+kmod-tun +OPENVPN_DEVEL_$(1)_ENABLE_LZO:liblzo +OPENVPN_DEVEL_$(1)_ENABLE_IPROUTE2:ip $(3)
+  VARIANT:=$(1)
+  MAINTAINER:=Mirko Vogt <mirko@openwrt.org>
 endef
 
-define Package/openvpn-devel/conffiles
-/etc/config/openvpn
-endef
+Package/openvpn-devel-openssl=$(call Package/openvpn-devel/Default,openssl,OpenSSL,+libopenssl)
+Package/openvpn-devel-polarssl=$(call Package/openvpn-devel/Default,polarssl,PolarSSL,+libpolarssl)
+Package/openvpn-devel-nossl=$(call Package/openvpn-devel/Default,nossl,plaintext (no SSL))
 
-define Package/openvpn-devel/description
-        Open source VPN solution using SSL - DEVEL VERSION, Week $(PKG_VERSION)
+define Package/openvpn-devel/config/Default
+       source "$(SOURCE)/Config-$(1).in"
 endef
 
-CONFIGURE_ARGS += \
-       --disable-debug \
-       --disable-plugins \
-       --enable-management \
-       --enable-small \
-       --disable-socks \
-       --enable-password-save \
-       --enable-iproute2 \
-       --with-iproute-path=/usr/sbin/ip
+Package/openvpn-devel-openssl/config=$(call Package/openvpn-devel/config/Default,openssl)
+Package/openvpn-devel-polarssl/config=$(call Package/openvpn-devel/config/Default,polarssl)
+Package/openvpn-devel-nossl/config=$(call Package/openvpn-devel/config/Default,nossl)
+
+#define Package/openvpn-devel-easy-rsa
+#  $(call Package/openvpn-devel-openssl)
+#  DEPENDS:=+openssl-util
+#  TITLE:=Simple shell scripts to manage a Certificate Authority
+#endef
+
+#define Package/openvpn-devel-easy-rsa/conffiles
+#/etc/easy-rsa/keys/serial
+#/etc/easy-rsa/keys/index.txt
+#/etc/easy-rsa/vars
+#endef
+
+
+ifeq ($(BUILD_VARIANT),polarssl)
+CONFIG_OPENVPN_DEVEL_POLARSSL:=y
+endif
+ifeq ($(BUILD_VARIANT),openssl)
+CONFIG_OPENVPN_DEVEL_OPENSSL:=y
+endif
+ifeq ($(BUILD_VARIANT),nossl)
+CONFIG_OPENVPN_DEVEL_NOSSL:=y
+endif
 
 CONFIGURE_VARS += \
-       ac_cv_func_epoll_create=no
-
-define Package/openvpn-devel/install
-       $(INSTALL_DIR) $(1)/usr/sbin
-       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/openvpn $(1)/usr/sbin/
-       $(INSTALL_DIR) $(1)/etc/init.d/
-       $(INSTALL_BIN) files/openvpn.init $(1)/etc/init.d/openvpn
-       $(INSTALL_DIR) $(1)/etc/config
-       $(INSTALL_CONF) files/openvpn.config $(1)/etc/config/openvpn
-       $(INSTALL_DIR) $(1)/etc/openvpn
+       IFCONFIG=/sbin/ifconfig \
+       ROUTE=/sbin/route \
+       IPROUTE=/usr/sbin/ip \
+       NETSTAT=/sbin/netstat
+
+define Build/Configure
+       $(call Build/Configure/Default, \
+               --enable-small \
+               --disable-selinux \
+               --disable-systemd \
+               --disable-plugins \
+               --disable-debug \
+               --disable-eurephia \
+               --disable-pkcs11 \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_LZO),--enable,--disable)-lzo \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_CRYPTO),--enable,--disable)-crypto \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_X509_ALT_USERNAME),enable,disable-x509-alt-username)-ssl \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_SERVER),--enable,--disable)-server \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_MANAGEMENT),--enable,--disable)-management \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_SOCKS),--enable,--disable)-socks \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_HTTP),--enable,--disable)-http \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_FRAGMENT),--enable,--disable)-fragment \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_MULTIHOME),--enable,--disable)-multihome \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_IPROUTE2),--enable,--disable)-iproute2 \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_DEF_AUTH),--enable,--disable)-def-auth \
+               $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_PF),--enable,--disable)-pf \
+               $(if $(CONFIG_OPENVPN_DEVEL_NOSSL),--disable-ssl --disable-crypto,--enable-ssl --enable-crypto) \
+               $(if $(CONFIG_OPENVPN_DEVEL_OPENSSL),--with-crypto-library=openssl) \
+               $(if $(CONFIG_OPENVPN_DEVEL_POLARSSL),--with-crypto-library=polarssl) \
+       )
 endef
 
-$(eval $(call BuildPackage,openvpn-devel))
+define Package/openvpn-devel-$(BUILD_VARIANT)/conffiles
+/etc/config/openvpn
+endef
+
+define Package/openvpn-devel-$(BUILD_VARIANT)/install
+       $(INSTALL_DIR) \
+               $(1)/usr/sbin \
+               $(1)/etc/init.d \
+               $(1)/etc/config \
+               $(1)/etc/openvpn \
+               $(1)/lib/upgrade/keep.d
+
+       $(INSTALL_BIN) \
+               $(PKG_INSTALL_DIR)/usr/sbin/openvpn \
+               $(1)/usr/sbin/
+
+       $(INSTALL_BIN) \
+               files/openvpn.init \
+               $(1)/etc/init.d/openvpn
+
+       $(INSTALL_CONF) files/openvpn.config \
+               $(1)/etc/config/openvpn
+
+       $(INSTALL_DATA) \
+               files/openvpn.upgrade \
+               $(1)/lib/upgrade/keep.d/openvpn
+endef
+
+#define Package/openvpn-devel-easy-rsa/install
+#      $(INSTALL_DIR) $(1)/usr/sbin
+#      $(CP) $(PKG_BUILD_DIR)/easy-rsa/2.0/{build-*,clean-all,inherit-inter,list-crl,pkitool,revoke-full,sign-req,whichopensslcnf} $(1)/usr/sbin/
+#      $(INSTALL_DIR) $(1)/etc/easy-rsa
+#      $(INSTALL_DATA) $(PKG_BUILD_DIR)/easy-rsa/2.0/openssl-1.0.0.cnf $(1)/etc/easy-rsa/openssl-1.0.0.cnf
+#      $(INSTALL_DATA) $(PKG_BUILD_DIR)/easy-rsa/2.0/vars $(1)/etc/easy-rsa/vars
+#      $(INSTALL_DIR) $(1)/etc/easy-rsa/keys
+#      $(INSTALL_DATA) files/easy-rsa.index $(1)/etc/easy-rsa/keys/index.txt
+#      $(INSTALL_DATA) files/easy-rsa.serial $(1)/etc/easy-rsa/keys/serial
+#endef
+
+$(eval $(call BuildPackage,openvpn-devel-openssl))
+$(eval $(call BuildPackage,openvpn-devel-polarssl))
+$(eval $(call BuildPackage,openvpn-devel-nossl))
+#$(eval $(call BuildPackage,openvpn-devel-easy-rsa))