diff options
-rw-r--r-- | package/openvpn/patches/patch-easy-rsa_2_0_build-dh | 10 | ||||
-rw-r--r-- | package/openvpn/patches/patch-easy-rsa_2_0_clean-all | 9 | ||||
-rw-r--r-- | package/openvpn/patches/patch-easy-rsa_2_0_list-crl | 9 | ||||
-rw-r--r-- | package/openvpn/patches/patch-easy-rsa_2_0_pkitool | 8 | ||||
-rw-r--r-- | package/openvpn/patches/patch-easy-rsa_2_0_revoke-full | 10 | ||||
-rw-r--r-- | package/openvpn/patches/patch-easy-rsa_2_0_vars | 32 | ||||
-rw-r--r-- | package/openvpn/patches/patch-easy-rsa_2_0_vars.orig | 20 | ||||
-rw-r--r-- | package/openvpn/patches/patch-t_client_sh | 61 | ||||
-rw-r--r-- | package/openvpn/patches/patch-t_client_sh.orig | 55 |
9 files changed, 214 insertions, 0 deletions
diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_build-dh b/package/openvpn/patches/patch-easy-rsa_2_0_build-dh new file mode 100644 index 000000000..771800a17 --- /dev/null +++ b/package/openvpn/patches/patch-easy-rsa_2_0_build-dh @@ -0,0 +1,10 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/build-dh 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/build-dh 2011-12-02 18:10:44.000000000 +0100 +@@ -1,5 +1,7 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars ++ + # Build Diffie-Hellman parameters for the server side + # of an SSL/TLS connection. + diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_clean-all b/package/openvpn/patches/patch-easy-rsa_2_0_clean-all new file mode 100644 index 000000000..03df1d1c9 --- /dev/null +++ b/package/openvpn/patches/patch-easy-rsa_2_0_clean-all @@ -0,0 +1,9 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/clean-all 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/clean-all 2011-12-01 19:43:07.000000000 +0100 +@@ -1,5 +1,6 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars + # Initialize the $KEY_DIR directory. + # Note that this script does a + # rm -rf on $KEY_DIR so be careful! diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_list-crl b/package/openvpn/patches/patch-easy-rsa_2_0_list-crl new file mode 100644 index 000000000..66f5d764d --- /dev/null +++ b/package/openvpn/patches/patch-easy-rsa_2_0_list-crl @@ -0,0 +1,9 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/list-crl 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/list-crl 2011-12-01 19:43:24.000000000 +0100 +@@ -1,5 +1,6 @@ + #!/bin/sh + ++. /etc/easy-rsa/vars + # list revoked certificates + + CRL="${1:-crl.pem}" diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_pkitool b/package/openvpn/patches/patch-easy-rsa_2_0_pkitool new file mode 100644 index 000000000..87b0c33db --- /dev/null +++ b/package/openvpn/patches/patch-easy-rsa_2_0_pkitool @@ -0,0 +1,8 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/pkitool 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/pkitool 2011-12-01 19:43:15.000000000 +0100 +@@ -1,4 +1,5 @@ + #!/bin/sh ++. /etc/easy-rsa/vars + + # OpenVPN -- An application to securely tunnel IP networks + # over a single TCP/UDP port, with support for SSL/TLS-based diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_revoke-full b/package/openvpn/patches/patch-easy-rsa_2_0_revoke-full new file mode 100644 index 000000000..ac66c4bb9 --- /dev/null +++ b/package/openvpn/patches/patch-easy-rsa_2_0_revoke-full @@ -0,0 +1,10 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/revoke-full 2011-04-27 11:52:59.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/revoke-full 2011-12-01 19:43:00.000000000 +0100 +@@ -2,6 +2,7 @@ + + # revoke a certificate, regenerate CRL, + # and verify revocation ++. /etc/easy-rsa/vars + + CRL="crl.pem" + RT="revoke-test.pem" diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_vars b/package/openvpn/patches/patch-easy-rsa_2_0_vars new file mode 100644 index 000000000..972f76541 --- /dev/null +++ b/package/openvpn/patches/patch-easy-rsa_2_0_vars @@ -0,0 +1,32 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/vars 2011-07-01 10:31:26.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/vars 2011-12-02 19:44:31.000000000 +0100 +@@ -12,7 +12,7 @@ + # This variable should point to + # the top level of the easy-rsa + # tree. +-export EASY_RSA="`pwd`" ++export EASY_RSA="/etc/easy-rsa" + + # + # This variable should point to +@@ -26,7 +26,7 @@ export GREP="grep" + # This variable should point to + # the openssl.cnf file included + # with easy-rsa. +-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` ++export KEY_CONFIG=/etc/easy-rsa/openssl.cnf + + # Edit this variable to point to + # your soon-to-be-created key +@@ -66,9 +66,7 @@ export KEY_PROVINCE="CA" + export KEY_CITY="SanFrancisco" + export KEY_ORG="Fort-Funston" + export KEY_EMAIL="me@myhost.mydomain" +-export KEY_EMAIL=mail@host.domain +-export KEY_CN=changeme +-export KEY_NAME=changeme +-export KEY_OU=changeme ++export KEY_NAME=VPN ++export KEY_OU="IT Security" + export PKCS11_MODULE_PATH=changeme + export PKCS11_PIN=1234 diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_vars.orig b/package/openvpn/patches/patch-easy-rsa_2_0_vars.orig new file mode 100644 index 000000000..d0cac2069 --- /dev/null +++ b/package/openvpn/patches/patch-easy-rsa_2_0_vars.orig @@ -0,0 +1,20 @@ +--- openvpn-2.2.1.orig/easy-rsa/2.0/vars 2011-07-01 10:31:26.000000000 +0200 ++++ openvpn-2.2.1/easy-rsa/2.0/vars 2011-12-01 19:12:55.000000000 +0100 +@@ -12,7 +12,7 @@ + # This variable should point to + # the top level of the easy-rsa + # tree. +-export EASY_RSA="`pwd`" ++export EASY_RSA="/etc/easy-rsa" + + # + # This variable should point to +@@ -26,7 +26,7 @@ export GREP="grep" + # This variable should point to + # the openssl.cnf file included + # with easy-rsa. +-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` ++export KEY_CONFIG=/etc/easy-rsa/openssl.cnf + + # Edit this variable to point to + # your soon-to-be-created key diff --git a/package/openvpn/patches/patch-t_client_sh b/package/openvpn/patches/patch-t_client_sh new file mode 100644 index 000000000..43e346ee1 --- /dev/null +++ b/package/openvpn/patches/patch-t_client_sh @@ -0,0 +1,61 @@ +--- openvpn-2.2.1.orig/t_client.sh 2011-07-01 11:27:01.000000000 +0200 ++++ openvpn-2.2.1/t_client.sh 2011-12-02 19:33:52.000000000 +0100 +@@ -1,4 +1,4 @@ +-#!/bin/sh ++#!/bin/bash + # + # run OpenVPN client against ``test reference'' server + # - check that ping, http, ... via tunnel works +@@ -80,12 +80,12 @@ fail() + get_ifconfig_route() + { + # linux / iproute2? (-> if configure got a path) +- if [ "/sbin/ip" != "ip" ] ++ if [ "/usr/sbin/ip" != "ip" ] + then + echo "-- linux iproute2 --" +- /sbin/ip addr show | grep -v valid_lft +- /sbin/ip route show +- /sbin/ip -6 route show | sed -e 's/expires [0-9]*sec //' ++ /usr/sbin/ip addr show | grep -v valid_lft ++ /usr/sbin/ip route show ++ /usr/sbin/ip -6 route show | sed -e 's/expires [0-9]*sec //' + return + fi + +@@ -93,27 +93,27 @@ get_ifconfig_route() + case `uname -s` in + Linux) + echo "-- linux / ifconfig --" +- LANG=C /sbin/ifconfig -a |egrep "( addr:|encap:)" +- LANG=C /bin/netstat -rn -4 -6 ++ LANG=C no -a |egrep "( addr:|encap:)" ++ LANG=C /usr/sbin/netstat -rn -4 -6 + return + ;; + FreeBSD|NetBSD|Darwin) + echo "-- FreeBSD/NetBSD/Darwin [MacOS X] --" +- /sbin/ifconfig -a | egrep "(flags=|inet)" +- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' ++ no -a | egrep "(flags=|inet)" ++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' + return + ;; + OpenBSD) + echo "-- OpenBSD --" +- /sbin/ifconfig -a | egrep "(flags=|inet)" | \ ++ no -a | egrep "(flags=|inet)" | \ + sed -e 's/pltime [0-9]*//' -e 's/vltime [0-9]*//' +- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' ++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' + return + ;; + SunOS) + echo "-- Solaris --" +- /sbin/ifconfig -a | egrep "(flags=|inet)" +- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }' ++ no -a | egrep "(flags=|inet)" ++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }' + return + ;; + esac diff --git a/package/openvpn/patches/patch-t_client_sh.orig b/package/openvpn/patches/patch-t_client_sh.orig new file mode 100644 index 000000000..8e3c470ac --- /dev/null +++ b/package/openvpn/patches/patch-t_client_sh.orig @@ -0,0 +1,55 @@ +--- openvpn-2.2.1.orig/t_client.sh 2011-07-01 11:27:01.000000000 +0200 ++++ openvpn-2.2.1/t_client.sh 2011-12-02 18:18:44.000000000 +0100 +@@ -80,12 +80,12 @@ fail() + get_ifconfig_route() + { + # linux / iproute2? (-> if configure got a path) +- if [ "/sbin/ip" != "ip" ] ++ if [ "ip" != "ip" ] + then + echo "-- linux iproute2 --" +- /sbin/ip addr show | grep -v valid_lft +- /sbin/ip route show +- /sbin/ip -6 route show | sed -e 's/expires [0-9]*sec //' ++ ip addr show | grep -v valid_lft ++ ip route show ++ ip -6 route show | sed -e 's/expires [0-9]*sec //' + return + fi + +@@ -93,27 +93,27 @@ get_ifconfig_route() + case `uname -s` in + Linux) + echo "-- linux / ifconfig --" +- LANG=C /sbin/ifconfig -a |egrep "( addr:|encap:)" +- LANG=C /bin/netstat -rn -4 -6 ++ LANG=C no -a |egrep "( addr:|encap:)" ++ LANG=C /usr/sbin/netstat -rn -4 -6 + return + ;; + FreeBSD|NetBSD|Darwin) + echo "-- FreeBSD/NetBSD/Darwin [MacOS X] --" +- /sbin/ifconfig -a | egrep "(flags=|inet)" +- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' ++ no -a | egrep "(flags=|inet)" ++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' + return + ;; + OpenBSD) + echo "-- OpenBSD --" +- /sbin/ifconfig -a | egrep "(flags=|inet)" | \ ++ no -a | egrep "(flags=|inet)" | \ + sed -e 's/pltime [0-9]*//' -e 's/vltime [0-9]*//' +- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' ++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }' + return + ;; + SunOS) + echo "-- Solaris --" +- /sbin/ifconfig -a | egrep "(flags=|inet)" +- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }' ++ no -a | egrep "(flags=|inet)" ++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }' + return + ;; + esac |