summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--package/openvpn/patches/patch-easy-rsa_2_0_build-dh10
-rw-r--r--package/openvpn/patches/patch-easy-rsa_2_0_clean-all9
-rw-r--r--package/openvpn/patches/patch-easy-rsa_2_0_list-crl9
-rw-r--r--package/openvpn/patches/patch-easy-rsa_2_0_pkitool8
-rw-r--r--package/openvpn/patches/patch-easy-rsa_2_0_revoke-full10
-rw-r--r--package/openvpn/patches/patch-easy-rsa_2_0_vars32
-rw-r--r--package/openvpn/patches/patch-easy-rsa_2_0_vars.orig20
-rw-r--r--package/openvpn/patches/patch-t_client_sh61
-rw-r--r--package/openvpn/patches/patch-t_client_sh.orig55
9 files changed, 214 insertions, 0 deletions
diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_build-dh b/package/openvpn/patches/patch-easy-rsa_2_0_build-dh
new file mode 100644
index 000000000..771800a17
--- /dev/null
+++ b/package/openvpn/patches/patch-easy-rsa_2_0_build-dh
@@ -0,0 +1,10 @@
+--- openvpn-2.2.1.orig/easy-rsa/2.0/build-dh 2011-04-27 11:52:59.000000000 +0200
++++ openvpn-2.2.1/easy-rsa/2.0/build-dh 2011-12-02 18:10:44.000000000 +0100
+@@ -1,5 +1,7 @@
+ #!/bin/sh
+
++. /etc/easy-rsa/vars
++
+ # Build Diffie-Hellman parameters for the server side
+ # of an SSL/TLS connection.
+
diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_clean-all b/package/openvpn/patches/patch-easy-rsa_2_0_clean-all
new file mode 100644
index 000000000..03df1d1c9
--- /dev/null
+++ b/package/openvpn/patches/patch-easy-rsa_2_0_clean-all
@@ -0,0 +1,9 @@
+--- openvpn-2.2.1.orig/easy-rsa/2.0/clean-all 2011-04-27 11:52:59.000000000 +0200
++++ openvpn-2.2.1/easy-rsa/2.0/clean-all 2011-12-01 19:43:07.000000000 +0100
+@@ -1,5 +1,6 @@
+ #!/bin/sh
+
++. /etc/easy-rsa/vars
+ # Initialize the $KEY_DIR directory.
+ # Note that this script does a
+ # rm -rf on $KEY_DIR so be careful!
diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_list-crl b/package/openvpn/patches/patch-easy-rsa_2_0_list-crl
new file mode 100644
index 000000000..66f5d764d
--- /dev/null
+++ b/package/openvpn/patches/patch-easy-rsa_2_0_list-crl
@@ -0,0 +1,9 @@
+--- openvpn-2.2.1.orig/easy-rsa/2.0/list-crl 2011-04-27 11:52:59.000000000 +0200
++++ openvpn-2.2.1/easy-rsa/2.0/list-crl 2011-12-01 19:43:24.000000000 +0100
+@@ -1,5 +1,6 @@
+ #!/bin/sh
+
++. /etc/easy-rsa/vars
+ # list revoked certificates
+
+ CRL="${1:-crl.pem}"
diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_pkitool b/package/openvpn/patches/patch-easy-rsa_2_0_pkitool
new file mode 100644
index 000000000..87b0c33db
--- /dev/null
+++ b/package/openvpn/patches/patch-easy-rsa_2_0_pkitool
@@ -0,0 +1,8 @@
+--- openvpn-2.2.1.orig/easy-rsa/2.0/pkitool 2011-04-27 11:52:59.000000000 +0200
++++ openvpn-2.2.1/easy-rsa/2.0/pkitool 2011-12-01 19:43:15.000000000 +0100
+@@ -1,4 +1,5 @@
+ #!/bin/sh
++. /etc/easy-rsa/vars
+
+ # OpenVPN -- An application to securely tunnel IP networks
+ # over a single TCP/UDP port, with support for SSL/TLS-based
diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_revoke-full b/package/openvpn/patches/patch-easy-rsa_2_0_revoke-full
new file mode 100644
index 000000000..ac66c4bb9
--- /dev/null
+++ b/package/openvpn/patches/patch-easy-rsa_2_0_revoke-full
@@ -0,0 +1,10 @@
+--- openvpn-2.2.1.orig/easy-rsa/2.0/revoke-full 2011-04-27 11:52:59.000000000 +0200
++++ openvpn-2.2.1/easy-rsa/2.0/revoke-full 2011-12-01 19:43:00.000000000 +0100
+@@ -2,6 +2,7 @@
+
+ # revoke a certificate, regenerate CRL,
+ # and verify revocation
++. /etc/easy-rsa/vars
+
+ CRL="crl.pem"
+ RT="revoke-test.pem"
diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_vars b/package/openvpn/patches/patch-easy-rsa_2_0_vars
new file mode 100644
index 000000000..972f76541
--- /dev/null
+++ b/package/openvpn/patches/patch-easy-rsa_2_0_vars
@@ -0,0 +1,32 @@
+--- openvpn-2.2.1.orig/easy-rsa/2.0/vars 2011-07-01 10:31:26.000000000 +0200
++++ openvpn-2.2.1/easy-rsa/2.0/vars 2011-12-02 19:44:31.000000000 +0100
+@@ -12,7 +12,7 @@
+ # This variable should point to
+ # the top level of the easy-rsa
+ # tree.
+-export EASY_RSA="`pwd`"
++export EASY_RSA="/etc/easy-rsa"
+
+ #
+ # This variable should point to
+@@ -26,7 +26,7 @@ export GREP="grep"
+ # This variable should point to
+ # the openssl.cnf file included
+ # with easy-rsa.
+-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
++export KEY_CONFIG=/etc/easy-rsa/openssl.cnf
+
+ # Edit this variable to point to
+ # your soon-to-be-created key
+@@ -66,9 +66,7 @@ export KEY_PROVINCE="CA"
+ export KEY_CITY="SanFrancisco"
+ export KEY_ORG="Fort-Funston"
+ export KEY_EMAIL="me@myhost.mydomain"
+-export KEY_EMAIL=mail@host.domain
+-export KEY_CN=changeme
+-export KEY_NAME=changeme
+-export KEY_OU=changeme
++export KEY_NAME=VPN
++export KEY_OU="IT Security"
+ export PKCS11_MODULE_PATH=changeme
+ export PKCS11_PIN=1234
diff --git a/package/openvpn/patches/patch-easy-rsa_2_0_vars.orig b/package/openvpn/patches/patch-easy-rsa_2_0_vars.orig
new file mode 100644
index 000000000..d0cac2069
--- /dev/null
+++ b/package/openvpn/patches/patch-easy-rsa_2_0_vars.orig
@@ -0,0 +1,20 @@
+--- openvpn-2.2.1.orig/easy-rsa/2.0/vars 2011-07-01 10:31:26.000000000 +0200
++++ openvpn-2.2.1/easy-rsa/2.0/vars 2011-12-01 19:12:55.000000000 +0100
+@@ -12,7 +12,7 @@
+ # This variable should point to
+ # the top level of the easy-rsa
+ # tree.
+-export EASY_RSA="`pwd`"
++export EASY_RSA="/etc/easy-rsa"
+
+ #
+ # This variable should point to
+@@ -26,7 +26,7 @@ export GREP="grep"
+ # This variable should point to
+ # the openssl.cnf file included
+ # with easy-rsa.
+-export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
++export KEY_CONFIG=/etc/easy-rsa/openssl.cnf
+
+ # Edit this variable to point to
+ # your soon-to-be-created key
diff --git a/package/openvpn/patches/patch-t_client_sh b/package/openvpn/patches/patch-t_client_sh
new file mode 100644
index 000000000..43e346ee1
--- /dev/null
+++ b/package/openvpn/patches/patch-t_client_sh
@@ -0,0 +1,61 @@
+--- openvpn-2.2.1.orig/t_client.sh 2011-07-01 11:27:01.000000000 +0200
++++ openvpn-2.2.1/t_client.sh 2011-12-02 19:33:52.000000000 +0100
+@@ -1,4 +1,4 @@
+-#!/bin/sh
++#!/bin/bash
+ #
+ # run OpenVPN client against ``test reference'' server
+ # - check that ping, http, ... via tunnel works
+@@ -80,12 +80,12 @@ fail()
+ get_ifconfig_route()
+ {
+ # linux / iproute2? (-> if configure got a path)
+- if [ "/sbin/ip" != "ip" ]
++ if [ "/usr/sbin/ip" != "ip" ]
+ then
+ echo "-- linux iproute2 --"
+- /sbin/ip addr show | grep -v valid_lft
+- /sbin/ip route show
+- /sbin/ip -6 route show | sed -e 's/expires [0-9]*sec //'
++ /usr/sbin/ip addr show | grep -v valid_lft
++ /usr/sbin/ip route show
++ /usr/sbin/ip -6 route show | sed -e 's/expires [0-9]*sec //'
+ return
+ fi
+
+@@ -93,27 +93,27 @@ get_ifconfig_route()
+ case `uname -s` in
+ Linux)
+ echo "-- linux / ifconfig --"
+- LANG=C /sbin/ifconfig -a |egrep "( addr:|encap:)"
+- LANG=C /bin/netstat -rn -4 -6
++ LANG=C no -a |egrep "( addr:|encap:)"
++ LANG=C /usr/sbin/netstat -rn -4 -6
+ return
+ ;;
+ FreeBSD|NetBSD|Darwin)
+ echo "-- FreeBSD/NetBSD/Darwin [MacOS X] --"
+- /sbin/ifconfig -a | egrep "(flags=|inet)"
+- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
++ no -a | egrep "(flags=|inet)"
++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
+ return
+ ;;
+ OpenBSD)
+ echo "-- OpenBSD --"
+- /sbin/ifconfig -a | egrep "(flags=|inet)" | \
++ no -a | egrep "(flags=|inet)" | \
+ sed -e 's/pltime [0-9]*//' -e 's/vltime [0-9]*//'
+- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
+ return
+ ;;
+ SunOS)
+ echo "-- Solaris --"
+- /sbin/ifconfig -a | egrep "(flags=|inet)"
+- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }'
++ no -a | egrep "(flags=|inet)"
++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }'
+ return
+ ;;
+ esac
diff --git a/package/openvpn/patches/patch-t_client_sh.orig b/package/openvpn/patches/patch-t_client_sh.orig
new file mode 100644
index 000000000..8e3c470ac
--- /dev/null
+++ b/package/openvpn/patches/patch-t_client_sh.orig
@@ -0,0 +1,55 @@
+--- openvpn-2.2.1.orig/t_client.sh 2011-07-01 11:27:01.000000000 +0200
++++ openvpn-2.2.1/t_client.sh 2011-12-02 18:18:44.000000000 +0100
+@@ -80,12 +80,12 @@ fail()
+ get_ifconfig_route()
+ {
+ # linux / iproute2? (-> if configure got a path)
+- if [ "/sbin/ip" != "ip" ]
++ if [ "ip" != "ip" ]
+ then
+ echo "-- linux iproute2 --"
+- /sbin/ip addr show | grep -v valid_lft
+- /sbin/ip route show
+- /sbin/ip -6 route show | sed -e 's/expires [0-9]*sec //'
++ ip addr show | grep -v valid_lft
++ ip route show
++ ip -6 route show | sed -e 's/expires [0-9]*sec //'
+ return
+ fi
+
+@@ -93,27 +93,27 @@ get_ifconfig_route()
+ case `uname -s` in
+ Linux)
+ echo "-- linux / ifconfig --"
+- LANG=C /sbin/ifconfig -a |egrep "( addr:|encap:)"
+- LANG=C /bin/netstat -rn -4 -6
++ LANG=C no -a |egrep "( addr:|encap:)"
++ LANG=C /usr/sbin/netstat -rn -4 -6
+ return
+ ;;
+ FreeBSD|NetBSD|Darwin)
+ echo "-- FreeBSD/NetBSD/Darwin [MacOS X] --"
+- /sbin/ifconfig -a | egrep "(flags=|inet)"
+- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
++ no -a | egrep "(flags=|inet)"
++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
+ return
+ ;;
+ OpenBSD)
+ echo "-- OpenBSD --"
+- /sbin/ifconfig -a | egrep "(flags=|inet)" | \
++ no -a | egrep "(flags=|inet)" | \
+ sed -e 's/pltime [0-9]*//' -e 's/vltime [0-9]*//'
+- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$NF }'
+ return
+ ;;
+ SunOS)
+ echo "-- Solaris --"
+- /sbin/ifconfig -a | egrep "(flags=|inet)"
+- /bin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }'
++ no -a | egrep "(flags=|inet)"
++ /usr/sbin/netstat -rn | awk '$3 !~ /^UHL/ { print $1,$2,$3,$6 }'
+ return
+ ;;
+ esac