* [gentoo-commits] dev/ikelos:master commit in: net-misc/openvpn/files/, net-misc/openvpn/
@ 2015-12-16 21:54 Mike Auty
0 siblings, 0 replies; only message in thread
From: Mike Auty @ 2015-12-16 21:54 UTC (permalink / raw
To: gentoo-commits
commit: ca31acc706315933f9be168f1647fa9e2f56a273
Author: layman <layman <AT> localhost>
AuthorDate: Wed Dec 16 21:54:18 2015 +0000
Commit: Mike Auty <ikelos <AT> gentoo <DOT> org>
CommitDate: Wed Dec 16 21:54:18 2015 +0000
URL: https://gitweb.gentoo.org/dev/ikelos.git/commit/?id=ca31acc7
Add in vlan support to openvpn.
net-misc/openvpn/ChangeLog | 158 +++
net-misc/openvpn/ChangeLog-2015 | 1286 ++++++++++++++++++++
net-misc/openvpn/Manifest | 16 +
.../openvpn/files/2.3.6-disable-compression.patch | 18 +
net-misc/openvpn/files/2.3.6-null-cipher.patch | 46 +
net-misc/openvpn/files/2.3.6-vlan-support.patch | 1005 +++++++++++++++
net-misc/openvpn/files/65openvpn | 1 +
net-misc/openvpn/files/down.sh | 33 +
net-misc/openvpn/files/openvpn-2.1.conf | 18 +
net-misc/openvpn/files/openvpn-2.1.init | 133 ++
net-misc/openvpn/files/openvpn.init | 63 +
net-misc/openvpn/files/openvpn.service | 12 +
net-misc/openvpn/files/openvpn.tmpfile | 1 +
net-misc/openvpn/files/up.sh | 100 ++
net-misc/openvpn/metadata.xml | 23 +
net-misc/openvpn/openvpn-2.3.8-r1.ebuild | 138 +++
16 files changed, 3051 insertions(+)
diff --git a/net-misc/openvpn/ChangeLog b/net-misc/openvpn/ChangeLog
new file mode 100644
index 0000000..2e79375
--- /dev/null
+++ b/net-misc/openvpn/ChangeLog
@@ -0,0 +1,158 @@
+# ChangeLog for net-misc/openvpn
+# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
+# (auto-generated from git log)
+
+*openvpn-9999 (09 Aug 2015)
+*openvpn-2.3.8 (09 Aug 2015)
+*openvpn-2.3.7 (09 Aug 2015)
+*openvpn-2.3.6-r2 (09 Aug 2015)
+*openvpn-2.3.6-r1 (09 Aug 2015)
+*openvpn-2.3.6 (09 Aug 2015)
+
+ 09 Aug 2015; Robin H. Johnson <robbat2@gentoo.org>
+ +files/2.3.6-disable-compression.patch, +files/2.3.6-null-cipher.patch,
+ +files/65openvpn, +files/down.sh, +files/openvpn-2.1.conf,
+ +files/openvpn-2.1.init, +files/openvpn.init, +files/openvpn.service,
+ +files/openvpn.tmpfile, +files/up.sh, +metadata.xml, +openvpn-2.3.6.ebuild,
+ +openvpn-2.3.6-r1.ebuild, +openvpn-2.3.6-r2.ebuild, +openvpn-2.3.7.ebuild,
+ +openvpn-2.3.8.ebuild, +openvpn-9999.ebuild:
+ proj/gentoo: Initial commit
+
+ This commit represents a new era for Gentoo:
+ Storing the gentoo-x86 tree in Git, as converted from CVS.
+
+ This commit is the start of the NEW history.
+ Any historical data is intended to be grafted onto this point.
+
+ Creation process:
+ 1. Take final CVS checkout snapshot
+ 2. Remove ALL ChangeLog* files
+ 3. Transform all Manifests to thin
+ 4. Remove empty Manifests
+ 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
+ 5.1. Do not touch files with -kb/-ko keyword flags.
+
+ Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
+ X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration
+ tests
+ X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this
+ project
+ X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo
+ developer, wrote Git features for the migration
+ X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve
+ cvs2svn
+ X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
+ X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014
+ work in migration
+ X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
+ X-Thanks: All of other Gentoo developers - many ideas and lots of paint on
+ the bikeshed
+
+ 09 Aug 2015; Mikle Kolyada <zlogene@gentoo.org> openvpn-2.3.7.ebuild:
+ x86 stable wrt bug #556874
+
+ Package-Manager: portage-2.2.20
+
+ 09 Aug 2015; Mikle Kolyada <zlogene@gentoo.org> openvpn-2.3.7.ebuild:
+ ia64 stable wrt bug #556874
+
+ Package-Manager: portage-2.2.20
+
+ 09 Aug 2015; Ulrich Müller <ulm@gentoo.org> files/down.sh,
+ files/openvpn-2.1.init, files/up.sh:
+ [QA] Remove executable bit from files, bug 550434.
+
+ 22 Aug 2015; Jeroen Roovers <jer@gentoo.org> openvpn-2.3.7.ebuild:
+ Stable for HPPA (bug #556874).
+
+ Package-Manager: portage-2.2.20.1
+
+ 24 Aug 2015; Jeroen Roovers <jer@gentoo.org> openvpn-2.3.7.ebuild:
+ Stable for PPC64 (bug #556874).
+
+ Package-Manager: portage-2.2.20.1
+
+ 24 Aug 2015; Justin Lecher <jlec@gentoo.org> metadata.xml:
+ Use https by default
+
+ Convert all URLs for sites supporting encrypted connections from http to
+ https
+
+ Signed-off-by: Justin Lecher <jlec@gentoo.org>
+
+ 24 Aug 2015; Mike Gilbert <floppym@gentoo.org> metadata.xml:
+ Revert DOCTYPE SYSTEM https changes in metadata.xml
+
+ repoman does not yet accept the https version.
+ This partially reverts eaaface92ee81f30a6ac66fe7acbcc42c00dc450.
+
+ Bug: https://bugs.gentoo.org/552720
+
+ 26 Aug 2015; Markus Meier <maekke@gentoo.org> openvpn-2.3.7.ebuild:
+ arm stable, bug #556874
+
+ Package-Manager: portage-2.2.20.1
+ RepoMan-Options: --include-arches="arm"
+
+ 05 Sep 2015; Mikle Kolyada <zlogene@gentoo.org> openvpn-2.3.8.ebuild:
+ amd64 stable wrt bug #556874
+
+ Package-Manager: portage-2.2.20.1
+
+ 08 Sep 2015; Jeroen Roovers <jer@gentoo.org> openvpn-2.3.8.ebuild:
+ Stable for HPPA PPC64 (bug #556874).
+
+ Package-Manager: portage-2.2.20.1
+
+ 15 Sep 2015; Tobias Klausmann <klausman@gentoo.org> openvpn-2.3.8.ebuild:
+ add alpha keyword
+
+ Gentoo-Bug: 556874
+
+ Package-Manager: portage-2.2.20.1
+
+ 26 Sep 2015; Mikle Kolyada <zlogene@gentoo.org> openvpn-2.3.8.ebuild:
+ ia64 stable wrt bug #556874
+
+ Package-Manager: portage-2.2.20.1
+
+ 27 Sep 2015; Mikle Kolyada <zlogene@gentoo.org> openvpn-2.3.8.ebuild:
+ x86 stable wrt bug #556874
+
+ Package-Manager: portage-2.2.20.1
+
+ 29 Sep 2015; Markus Meier <maekke@gentoo.org> openvpn-2.3.8.ebuild:
+ arm stable, bug #556874
+
+ Package-Manager: portage-2.2.20.1
+ RepoMan-Options: --include-arches="arm"
+
+ 10 Oct 2015; Mikle Kolyada <zlogene@gentoo.org> openvpn-2.3.8.ebuild:
+ sparc stable wrt bug #556874
+
+ Package-Manager: portage-2.2.20.1
+
+ 12 Nov 2015; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.8.ebuild:
+ ppc stable wrt bug #556874
+
+ Package-Manager: portage-2.2.20.1
+ RepoMan-Options: --include-arches="ppc"
+
+ 06 Dec 2015; Dirkjan Ochtman <djc@gentoo.org> -openvpn-2.3.6.ebuild,
+ -openvpn-2.3.6-r1.ebuild, -openvpn-2.3.6-r2.ebuild, -openvpn-2.3.7.ebuild:
+ remove old versions
+
+ Package-Manager: portage-2.2.20.1
+
+*openvpn-2.3.8-r1 (06 Dec 2015)
+
+ 06 Dec 2015; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.3.8-r1.ebuild:
+ add support for libressl (fixes bug 565242)
+
+ Package-Manager: portage-2.2.20.1
+
+ 06 Dec 2015; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.3.8-r1.ebuild:
+ set EAPI=5 in 2.3.8-r1
+
+ Package-Manager: portage-2.2.20.1
+
diff --git a/net-misc/openvpn/ChangeLog-2015 b/net-misc/openvpn/ChangeLog-2015
new file mode 100644
index 0000000..93cb534
--- /dev/null
+++ b/net-misc/openvpn/ChangeLog-2015
@@ -0,0 +1,1286 @@
+# ChangeLog for net-misc/openvpn
+# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openvpn/ChangeLog,v 1.327 2015/08/08 05:13:53 prometheanfire Exp $
+
+*openvpn-2.3.8 (08 Aug 2015)
+
+ 08 Aug 2015; Matthew Thode <prometheanfire@gentoo.org> +openvpn-2.3.8.ebuild:
+ updating to fix asking for the password at init
+
+ 07 Aug 2015; Tobias Klausmann <klausman@gentoo.org> openvpn-2.3.7.ebuild:
+ Stable on alpha, bug 556874
+
+ 06 Aug 2015; Mikle Kolyada <zlogene@gentoo.org> openvpn-2.3.7.ebuild:
+ amd64 stable wrt bug #556874
+
+ 12 Jul 2015; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.3.6-r1.ebuild,
+ openvpn-2.3.6-r2.ebuild, openvpn-2.3.6.ebuild, openvpn-2.3.7.ebuild,
+ openvpn-9999.ebuild:
+ Don't default to polarssl, this was introduced accidentally
+
+ 12 Jul 2015; Dirkjan Ochtman <djc@gentoo.org> openvpn-9999.ebuild:
+ Bring openvpn-9999 in line with 2.3.7 (fix bug 554638)
+
+ 12 Jul 2015; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.3.6-r1.ebuild,
+ openvpn-2.3.6-r2.ebuild, openvpn-2.3.6.ebuild, openvpn-2.3.7.ebuild:
+ Remove some accidentally committed debugging cruft
+
+*openvpn-2.3.7 (12 Jul 2015)
+
+ 12 Jul 2015; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.3.7.ebuild,
+ metadata.xml:
+ Version bump openvpn to 2.3.7 (fixes bug 554524, bug 489272, bug 553352, bug
+ 531474)
+
+*openvpn-2.3.6-r2 (17 Feb 2015)
+
+ 17 Feb 2015; Dirkjan Ochtman <djc@gentoo.org>
+ +files/2.3.6-disable-compression.patch, +openvpn-2.3.6-r2.ebuild:
+ Version bump openvpn to 2.3.6-r2 (fixes bug 537318)
+
+*openvpn-2.3.6-r1 (08 Feb 2015)
+
+ 08 Feb 2015; Dirkjan Ochtman <djc@gentoo.org> +files/2.3.6-null-cipher.patch,
+ +openvpn-2.3.6-r1.ebuild:
+ Fix support for null ciphers (bug 531700; thanks to gentoo@nephros.org)
+
+ 18 Jan 2015; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.3.6.ebuild:
+ Fix minimum version of libpkcs11-helper dependency (fixes bug 536332)
+
+ 28 Dec 2014; Dirkjan Ochtman <djc@gentoo.org> -openvpn-2.3.2.ebuild,
+ -openvpn-2.3.3.ebuild, -openvpn-2.3.4-r1.ebuild, -openvpn-2.3.5.ebuild:
+ Remove vulnerable versions of openvpn (bug 531308)
+
+ 26 Dec 2014; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.6.ebuild:
+ Stable for sparc, wrt bug #531308
+
+ 23 Dec 2014; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.6.ebuild:
+ Stable for alpha, wrt bug #531308
+
+ 16 Dec 2014; Markus Meier <maekke@gentoo.org> openvpn-2.3.6.ebuild:
+ arm stable, bug #531308
+
+ 06 Dec 2014; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.6.ebuild:
+ Stable for ia64, wrt bug #531308
+
+ 04 Dec 2014; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.6.ebuild:
+ Stable for ppc64, wrt bug #531308
+
+ 03 Dec 2014; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.6.ebuild:
+ Stable for ppc, wrt bug #531308
+
+ 02 Dec 2014; Mike Gilbert <floppym@gentoo.org> files/openvpn.service:
+ Revert previous unit file change, bug 527614.
+
+ 02 Dec 2014; Jeroen Roovers <jer@gentoo.org> openvpn-2.3.6.ebuild:
+ Stable for HPPA (bug #531308).
+
+ 02 Dec 2014; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.6.ebuild:
+ Stable for x86, wrt bug #531308
+
+ 02 Dec 2014; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.6.ebuild:
+ Stable for amd64, wrt bug #531308
+
+*openvpn-2.3.6 (01 Dec 2014)
+
+ 01 Dec 2014; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.3.6.ebuild:
+ Version bump openvpn to 2.3.6 (fixes bug 531308)
+
+ 21 Nov 2014; Tobias Klausmann <klausman@gentoo.org> openvpn-2.3.4-r1.ebuild:
+ Stable on alpha, bug 522168
+
+ 16 Nov 2014; Dirkjan Ochtman <djc@gentoo.org> -openvpn-2.3.1.ebuild,
+ -openvpn-2.3.4.ebuild:
+ Remove old versions of openvpn
+
+*openvpn-2.3.5 (16 Nov 2014)
+
+ 16 Nov 2014; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.3.5.ebuild:
+ Version bump openvpn to 2.3.5
+
+ 05 Nov 2014; Mike Gilbert <floppym@gentoo.org> files/openvpn.service:
+ Use unescaped instance name for PIDFile and config file, bug 527614.
+
+ 02 Nov 2014; Sven Vermeulen <swift@gentoo.org> openvpn-2.3.4-r1.ebuild,
+ openvpn-9999.ebuild:
+ Remove sec-policy/selinux-* dependency from DEPEND but keep in RDEPEND (bug
+ #527698)
+
+ 05 Oct 2014; Manuel Rüger <mrueg@gentoo.org> openvpn-2.3.4-r1.ebuild:
+ Mark stable on amd64. Bug #522168
+
+ 21 Sep 2014; Markus Meier <maekke@gentoo.org> openvpn-2.3.4-r1.ebuild:
+ arm stable, bug #522168
+
+ 10 Sep 2014; Jeroen Roovers <jer@gentoo.org> openvpn-2.3.4-r1.ebuild:
+ Stable for HPPA (bug #522168).
+
+ 27 Aug 2014; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.3.ebuild:
+ Stable for ppc, wrt bug #511668
+
+ 20 Aug 2014; Raúl Porcel <armin76@gentoo.org> openvpn-2.3.3.ebuild:
+ ia64/sparc stable wrt bug #511668
+
+ 26 Jul 2014; Pawel Hajdan jr <phajdan.jr@gentoo.org> openvpn-2.3.3.ebuild:
+ x86 stable wrt bug #511668
+
+ 21 Jul 2014; Chema Alonso <nimiux@gentoo.org> openvpn-2.3.3.ebuild:
+ Stable for amd64 wrt bug #511668
+
+ 21 Jul 2014; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.3.3.ebuild,
+ openvpn-2.3.4-r1.ebuild, openvpn-2.3.4.ebuild:
+ Make pkcs11 USE depend on ssl flag (fixes bug 517660)
+
+ 20 Jul 2014; Tobias Klausmann <klausman@gentoo.org> openvpn-2.3.3.ebuild:
+ Stable on alpha, bug #511668
+
+*openvpn-2.3.4-r1 (03 Jul 2014)
+
+ 03 Jul 2014; Peter Volkov <pva@gentoo.org> +openvpn-2.3.4-r1.ebuild:
+ Added systemd USE flag to forward console query to systemd, #515982
+
+ 09 Jun 2014; Markus Meier <maekke@gentoo.org> openvpn-2.3.3.ebuild:
+ arm stable, bug #511668
+
+ 03 Jun 2014; Jeroen Roovers <jer@gentoo.org> openvpn-2.3.3.ebuild:
+ Stable for HPPA (bug #511668).
+
+*openvpn-2.3.4 (15 May 2014)
+
+ 15 May 2014; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.3.4.ebuild,
+ openvpn-2.3.3.ebuild:
+ Version bump openvpn to 2.3.4 (bug 510372)
+
+ 22 Apr 2014; Dirkjan Ochtman <djc@gentoo.org>
+ -files/openvpn-2.2.2-pkcs11.patch, -files/openvpn-9999-pkcs11.patch,
+ -openvpn-2.2.2.ebuild, -openvpn-2.3.0.ebuild:
+ Remove old versions, patches.
+
+*openvpn-2.3.3 (22 Apr 2014)
+
+ 22 Apr 2014; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.3.3.ebuild:
+ Version bump openvpn to 2.3.3 (bug 507758).
+
+ 26 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.2.ebuild:
+ Stable for arm, wrt bug #484726
+
+ 25 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.2.ebuild:
+ Stable for ppc, wrt bug #484726
+
+ 23 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.2.ebuild:
+ Stable for sparc, wrt bug #484726
+
+ 23 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.2.ebuild:
+ Stable for ppc64, wrt bug #484726
+
+ 23 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.2.ebuild:
+ Stable for alpha, wrt bug #484726
+
+ 14 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.2.ebuild:
+ Stable for x86, wrt bug #484726
+
+ 14 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.2.ebuild:
+ Stable for amd64, wrt bug #484726
+
+ 14 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.2.ebuild:
+ Stable for ia64, wrt bug #484726
+
+ 13 Sep 2013; Jeroen Roovers <jer@gentoo.org> openvpn-2.3.2.ebuild:
+ Stable for HPPA (bug #484726).
+
+ 26 Aug 2013; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.3.2.ebuild:
+ No dies needed here.
+
+*openvpn-2.3.2 (10 Jun 2013)
+
+ 10 Jun 2013; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.3.2.ebuild:
+ Version bump openvpn to 2.3.2 (bug 472542).
+
+ 09 Jun 2013; Mike Frysinger <vapier@gentoo.org> metadata.xml:
+ Add upstream CPE tag (security info) from ChromiumOS.
+
+ 09 Jun 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for sh, wrt bug #468756
+
+ 01 Jun 2013; Pacho Ramos <pacho@gentoo.org> metadata.xml:
+ Cleanup due bug #151880
+
+ 26 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for s390, wrt bug #468756
+
+ 20 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for s390, wrt bug #468364
+
+ 11 May 2013; Jeroen Roovers <jer@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for HPPA (bug #468756).
+
+ 11 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for sparc, wrt bug #468756
+
+ 11 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for ppc, wrt bug #468756
+
+ 11 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for ppc64, wrt bug #468756
+
+ 11 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for ia64, wrt bug #468756
+
+ 11 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for arm, wrt bug #468756
+
+ 11 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for alpha, wrt bug #468756
+
+ 11 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for x86, wrt bug #468756
+
+ 11 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.1.ebuild:
+ Stable for amd64, wrt bug #468756
+
+ 08 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for sh, wrt bug #468364
+
+ 08 May 2013; Jeroen Roovers <jer@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for HPPA (bug #468364).
+
+ 07 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for ppc64, wrt bug #468364
+
+ 07 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for sparc, wrt bug #468364
+
+ 07 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for ia64, wrt bug #468364
+
+ 05 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for alpha, wrt bug #468364
+
+ 05 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for arm, wrt bug #468364
+
+ 03 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for ppc, wrt bug #468364
+
+ 03 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for x86, wrt bug #468364
+
+ 03 May 2013; Agostino Sarubbo <ago@gentoo.org> openvpn-2.3.0.ebuild:
+ Stable for amd64, wrt bug #468364
+
+ 03 May 2013; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.3.1.ebuild:
+ Fix USE flag order for 2.3.1.
+
+ 03 May 2013; Dirkjan Ochtman <djc@gentoo.org> openvpn-9999.ebuild:
+ Add polarssl for 9999 ebuild (thanks to josh.cepek@usa.net).
+
+*openvpn-2.3.1 (03 May 2013)
+
+ 03 May 2013; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.3.1.ebuild:
+ Version bump to 2.3.1, add polarssl support (bug 463984, thanks to
+ josh.cepek@usa.net).
+
+ 20 Feb 2013; Zac Medico <zmedico@gentoo.org> openvpn-2.3.0.ebuild:
+ Add ~arm-linux keyword.
+
+ 09 Feb 2013; Dirkjan Ochtman <djc@gentoo.org> files/up.sh:
+ Add metric to openresolv if possible (thanks Alon Bar-Lev, bug 391175).
+
+ 25 Jan 2013; Kacper Kowalik <xarthisius@gentoo.org> +files/openvpn.service,
+ +files/openvpn.tmpfile, openvpn-2.3.0.ebuild:
+ Add unit and tmp file for systemd compatibility. Fixes bug 448884
+
+ 24 Jan 2013; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.3.0.ebuild:
+ Emit message about split out easy-rsa.
+
+ 12 Jan 2013; Dirkjan Ochtman <djc@gentoo.org> openvpn-9999.ebuild:
+ Update live ebuild with changes for 2.3.0 (bug 415995).
+
+ 12 Jan 2013; Dirkjan Ochtman <djc@gentoo.org>
+ -files/openvpn-2.1_rc13-peercred.patch, -files/openvpn-2.1_rc20-pkcs11.patch,
+ -openvpn-2.1.4.ebuild, -files/openvpn-2.2.0-pkcs11.patch, metadata.xml:
+ Remove old versions and files.
+
+*openvpn-2.3.0 (12 Jan 2013)
+
+ 12 Jan 2013; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.3.0.ebuild,
+ metadata.xml:
+ Version bump to 2.3.0 (bug 451376) with updated build system (bug 415995).
+
+ 06 Jan 2013; Torsten Veller <tove@gentoo.org> openvpn-2.2.2.ebuild:
+ Drop duplicate arches from KEYWORDS
+
+ 09 Sep 2012; Justin Lecher <jlec@gentoo.org> openvpn-2.1.4.ebuild,
+ openvpn-2.2.2.ebuild, openvpn-9999.ebuild:
+ Drop unnessecary PN and '.' from DESCRIPTION
+
+ 23 Aug 2012; Fabian Groffen <grobian@gentoo.org> openvpn-2.2.2.ebuild,
+ openvpn-9999.ebuild:
+ Drop ~x86-macos, it doesn't compile, and we don't care enough to fix it
+
+ 23 Aug 2012; Christoph Junghans <ottxor@gentoo.org> openvpn-2.2.2.ebuild:
+ added prefix keywords (bug #417519)
+
+ 29 Jul 2012; Raúl Porcel <armin76@gentoo.org> openvpn-2.2.2.ebuild:
+ alpha/ia64/s390/sh/sparc stable wrt #415847
+
+ 01 Jun 2012; Zac Medico <zmedico@gentoo.org> openvpn-2.1.4.ebuild,
+ openvpn-2.2.2.ebuild, openvpn-9999.ebuild:
+ inherit user for enewgroup and enewuser
+
+ 27 May 2012; Markus Meier <maekke@gentoo.org> openvpn-2.2.2.ebuild:
+ arm stable, bug #415847
+
+ 23 May 2012; Jeroen Roovers <jer@gentoo.org> openvpn-2.2.2.ebuild:
+ Stable for HPPA (bug #415847).
+
+ 23 May 2012; Brent Baude <ranger@gentoo.org> openvpn-2.2.2.ebuild:
+ Marking openvpn-2.2.2 ppc64 for bug 415847
+
+ 22 May 2012; Brent Baude <ranger@gentoo.org> openvpn-2.2.2.ebuild:
+ Marking openvpn-2.2.2 ppc for bug 415847
+
+ 18 May 2012; Jeff Horelick <jdhore@gentoo.org> openvpn-2.2.2.ebuild:
+ marked x86 per bug 415847
+
+ 14 May 2012; Agostino Sarubbo <ago@gentoo.org> openvpn-2.2.2.ebuild:
+ Stable for amd64, wrt bug #415847
+
+ 14 May 2012; Dirkjan Ochtman <djc@gentoo.org> -openvpn-2.2.0-r1.ebuild:
+ Remove old version.
+
+ 14 May 2012; Dirkjan Ochtman <djc@gentoo.org> openvpn-9999.ebuild:
+ Update live ebuild to deal with new build system (thanks Alon Bar-Lev, bug
+ 409577).
+
+ 14 Apr 2012; Zac Medico <zmedico@gentoo.org> openvpn-2.2.2.ebuild:
+ Add ~amd64-linux keyword.
+
+ 01 Mar 2012; Dirkjan Ochtman <djc@gentoo.org> openvpn-9999.ebuild:
+ Fix CVS header in live ebuild.
+
+*openvpn-9999 (01 Mar 2012)
+
+ 01 Mar 2012; Dirkjan Ochtman <djc@gentoo.org> +openvpn-9999.ebuild,
+ +files/openvpn-9999-pkcs11.patch:
+ Add live ebuild (bug 385375). Thanks to Marcel Pennewiß.
+
+ 23 Feb 2012; Christian Faulhammer <fauli@gentoo.org>
+ files/openvpn-2.1_rc20-pkcs11.patch, +files/openvpn-2.2.0-pkcs11.patch:
+ Make patch application work again, see bug 404269
+
+ 17 Feb 2012; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.2.2.ebuild:
+ Remove reference to old ipv6 use flag, bug 404137.
+
+ 17 Feb 2012; Dirkjan Ochtman <djc@gentoo.org> -openvpn-2.2.0.ebuild:
+ Remove old version, fixing bug 401747.
+
+ 16 Feb 2012; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.2.2.ebuild:
+ Make 2.2.2 have +ssl (bug 404111).
+
+*openvpn-2.2.2 (16 Feb 2012)
+
+ 16 Feb 2012; Dirkjan Ochtman <djc@gentoo.org>
+ files/openvpn-2.1_rc20-pkcs11.patch, +openvpn-2.2.2.ebuild,
+ +files/openvpn-2.2.2-pkcs11.patch:
+ Version bump to 2.2.2 (bug 383537), some cleanups from darkside.
+
+ 29 Jul 2011; Zac Medico <zmedico@gentoo.org> openvpn-2.2.0-r1.ebuild:
+ Add ~x86-linux keyword.
+
+ 28 Jul 2011; Zac Medico <zmedico@gentoo.org> openvpn-2.2.0-r1.ebuild:
+ Fix for prefix.
+
+*openvpn-2.2.0-r1 (01 May 2011)
+
+ 01 May 2011; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.2.0-r1.ebuild:
+ Fix issues with docdir and remaining eurephia mentions (bug 365487).
+
+ 30 Apr 2011; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.2.0.ebuild:
+ Upgrade to EAPI=4 for 2.2.0, get rid of prepalldocs.
+
+ 30 Apr 2011; Dirkjan Ochtman <djc@gentoo.org> -openvpn-2.1.2.ebuild,
+ -openvpn-2.1.3.ebuild:
+ Remove old versions.
+
+*openvpn-2.2.0 (30 Apr 2011)
+
+ 30 Apr 2011; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.2.0.ebuild:
+ Version bump to 2.2.0, add ipv6 payload support (bug 335563).
+
+ 21 Mar 2011; Kacper Kowalik <xarthisius@gentoo.org> openvpn-2.1.4.ebuild:
+ ppc/ppc64 stable wrt #354661
+
+ 20 Mar 2011; Raúl Porcel <armin76@gentoo.org> openvpn-2.1.4.ebuild:
+ s390/sh/sparc stable wrt #354661
+
+ 13 Mar 2011; Markus Meier <maekke@gentoo.org> openvpn-2.1.4.ebuild:
+ arm stable, bug #354661
+
+ 08 Mar 2011; Tobias Klausmann <klausman@gentoo.org> openvpn-2.1.4.ebuild:
+ Stable on alpha, bug #354661
+
+ 03 Mar 2011; Thomas Kahle <tomka@gentoo.org> openvpn-2.1.4.ebuild:
+ x86 stable per bug 354661
+
+ 21 Feb 2011; Jeroen Roovers <jer@gentoo.org> openvpn-2.1.4.ebuild:
+ Stable for HPPA (bug #354661).
+
+ 13 Feb 2011; Markos Chandras <hwoarang@gentoo.org> openvpn-2.1.4.ebuild:
+ Stable on amd64 wrt bug #354661
+
+ 10 Jan 2011; Brent Baude <ranger@gentoo.org> openvpn-2.1.3.ebuild:
+ stable ppc, bug 342897
+
+ 28 Dec 2010; Brent Baude <ranger@gentoo.org> openvpn-2.1.3.ebuild:
+ stable ppc64, bug 342897
+
+*openvpn-2.1.4 (14 Dec 2010)
+
+ 14 Dec 2010; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.1.4.ebuild:
+ Version bump to 2.1.4.
+
+ 05 Dec 2010; Raúl Porcel <armin76@gentoo.org> openvpn-2.1.3.ebuild:
+ alpha/s390/sh/sparc stable wrt #342897
+
+ 03 Nov 2010; Markus Meier <maekke@gentoo.org> openvpn-2.1.3.ebuild:
+ arm stable, bug #342897
+
+ 03 Nov 2010; Pawel Hajdan jr <phajdan.jr@gentoo.org> openvpn-2.1.3.ebuild:
+ x86 stable wrt bug #342897
+
+ 29 Oct 2010; Jeroen Roovers <jer@gentoo.org> openvpn-2.1.3.ebuild:
+ Stable for HPPA (bug #342897).
+
+ 28 Oct 2010; Markos Chandras <hwoarang@gentoo.org> openvpn-2.1.3.ebuild:
+ Stable on amd64 wrt bug #342897
+
+ 28 Oct 2010; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.1.3.ebuild:
+ Fix QA issues for bug 342933.
+
+ 27 Oct 2010; Dirkjan Ochtman <djc@gentoo.org> +files/65openvpn,
+ openvpn-2.1.3.ebuild:
+ Add CONFIG_PROTECT for /usr/share/openvpn/easy-rsa, as suggested by
+ hwoarang.
+
+ 19 Oct 2010; Dirkjan Ochtman <djc@gentoo.org>
+ -files/openvpn-2.0.9-pam.patch, -files/openvpn-2.0.9-persistent.patch,
+ -openvpn-2.1.0-r1.ebuild:
+ Clean up cruft from old versions.
+
+ 19 Oct 2010; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.1.3.ebuild:
+ Update ebuild to use new path_exists function.
+
+ 19 Oct 2010; Jeroen Roovers <jer@gentoo.org> openvpn-2.1.2.ebuild:
+ Stable for HPPA (bug #338919).
+
+ 15 Oct 2010; Brent Baude <ranger@gentoo.org> openvpn-2.1.2.ebuild:
+ stable ppc, bug 338919
+
+ 12 Oct 2010; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.1.3.ebuild:
+ Improved 2.1.3 ebuild; thanks to pva for the review.
+
+ 12 Oct 2010; Raúl Porcel <armin76@gentoo.org> openvpn-2.1.2.ebuild:
+ alpha/arm/s390/sh/sparc stable wrt #338919
+
+ 06 Oct 2010; Markus Meier <maekke@gentoo.org> openvpn-2.1.2.ebuild:
+ x86 stable, bug #338919
+
+ 30 Sep 2010; Brent Baude <ranger@gentoo.org> openvpn-2.1.2.ebuild:
+ stable ppc64, bug 338919
+
+ 28 Sep 2010; Markos Chandras <hwoarang@gentoo.org> openvpn-2.1.2.ebuild:
+ Stable on amd64 wrt bug #338919
+
+*openvpn-2.1.3 (27 Sep 2010)
+
+ 27 Sep 2010; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.1.3.ebuild:
+ Version bump to 2.1.3.
+
+ 27 Sep 2010; Dirkjan Ochtman <djc@gentoo.org> -openvpn-2.0.9.ebuild,
+ -openvpn-2.1_rc15.ebuild:
+ Clean up old versions.
+
+ 07 Sep 2010; Joseph Jezak <josejx@gentoo.org> openvpn-2.1.0-r1.ebuild,
+ openvpn-2.1.2.ebuild:
+ Change altivec fix to work on ppc64 as well.
+
+ 06 Sep 2010; Brent Baude <ranger@gentoo.org> openvpn-2.1.0-r1.ebuild:
+ Marking openvpn-2.1.0-r1 ppc64 for bug 293894
+
+ 04 Sep 2010; Raúl Porcel <armin76@gentoo.org> openvpn-2.1.0-r1.ebuild:
+ alpha/s390/sh/sparc stable wrt #293894
+
+ 28 Aug 2010; Markus Meier <maekke@gentoo.org> openvpn-2.1.0-r1.ebuild:
+ arm stable, bug #293894
+
+ 25 Aug 2010; Jeroen Roovers <jer@gentoo.org> openvpn-2.1.0-r1.ebuild:
+ Stable for HPPA PPC (bug #293894).
+
+ 24 Aug 2010; Pawel Hajdan jr <phajdan.jr@gentoo.org>
+ openvpn-2.1.0-r1.ebuild:
+ x86 stable wrt security bug #293894
+
+ 23 Aug 2010; Markos Chandras <hwoarang@gentoo.org>
+ openvpn-2.1.0-r1.ebuild:
+ Stable on amd64 wrt bug #293894
+
+ 23 Aug 2010; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.1.0-r1.ebuild,
+ openvpn-2.1.2.ebuild:
+ Get rid of useless threads flag.
+
+*openvpn-2.1.2 (23 Aug 2010)
+
+ 23 Aug 2010; Dirkjan Ochtman <djc@gentoo.org> +openvpn-2.1.2.ebuild:
+ Version bump to 2.1.2.
+
+ 23 Aug 2010; Dirkjan Ochtman <djc@gentoo.org> openvpn-2.1.0-r1.ebuild:
+ Remove built_with_use, upgrade to EAPI=2.
+
+ 23 Aug 2010; Dirkjan Ochtman <djc@gentoo.org> -openvpn-2.0.6.ebuild,
+ -openvpn-2.0.7-r2.ebuild, -files/openvpn-2.0.7-pam.patch,
+ -files/openvpn-2.0.7-persistent.patch, -openvpn-2.1_rc19.ebuild,
+ -openvpn-2.1_rc20.ebuild, -openvpn-2.1_rc21.ebuild:
+ Clean up old versions.
+
+ 23 Aug 2010; Dirkjan Ochtman <djc@gentoo.org> metadata.xml:
+ Add myself as a maintainer.
+
+ 28 Feb 2010; Cédric Krier <cedk@gentoo.org> files/openvpn-2.1.init,
+ files/openvpn.init:
+ Fix init scripts to work with tabs for bug #301619
+
+ 28 Feb 2010; Cédric Krier <cedk@gentoo.org> openvpn-2.1.0-r1.ebuild:
+ Filter out -maltivec on ppc for bug #293840
+
+*openvpn-2.1.0-r1 (29 Dec 2009)
+
+ 29 Dec 2009; Cédric Krier <cedk@gentoo.org> -openvpn-2.1.0.ebuild,
+ +openvpn-2.1.0-r1.ebuild, -files/openvpn-2.1.0-stdbool.patch:
+ Remove stdbool patch for bug #297854
+
+*openvpn-2.1.0 (19 Dec 2009)
+
+ 19 Dec 2009; Cédric Krier <cedk@gentoo.org> +openvpn-2.1.0.ebuild,
+ +files/openvpn-2.1.0-stdbool.patch:
+ Version bump and add patch for bug #293840
+
+*openvpn-2.1_rc21 (15 Nov 2009)
+
+ 15 Nov 2009; Cédric Krier <cedk@gentoo.org> +openvpn-2.1_rc21.ebuild:
+ Version bump
+
+ 10 Oct 2009; Cédric Krier <cedk@gentoo.org> openvpn-2.1_rc20.ebuild,
+ metadata.xml:
+ Add eurephia patch for bug #272079
+
+*openvpn-2.1_rc20 (10 Oct 2009)
+
+ 10 Oct 2009; Cédric Krier <cedk@gentoo.org> +openvpn-2.1_rc20.ebuild,
+ +files/openvpn-2.1_rc20-pkcs11.patch:
+ Version bump with ipv6 patch for bug #287896 and patch for bug #273586
+
+ 10 Oct 2009; Cédric Krier <cedk@gentoo.org> files/openvpn-2.1.init:
+ Remove --nobind from init script for bug #282721
+
+ 10 Oct 2009; Raúl Porcel <armin76@gentoo.org> openvpn-2.0.9.ebuild:
+ sh/sparc stable wrt #272546
+
+ 10 Oct 2009; Raúl Porcel <armin76@gentoo.org> openvpn-2.1_rc15.ebuild:
+ s390/sh/sparc stable wrt #280072
+
+ 04 Oct 2009; Markus Meier <maekke@gentoo.org> openvpn-2.1_rc15.ebuild:
+ arm stable, bug #280072
+
+ 26 Sep 2009; Brent Baude <ranger@gentoo.org> openvpn-2.1_rc15.ebuild:
+ Marking openvpn-2.1_rc15 ppc64 for bug 280072
+
+ 29 Aug 2009; nixnut <nixnut@gentoo.org> openvpn-2.1_rc15.ebuild:
+ ppc stable #280072
+
+ 29 Aug 2009; nixnut <nixnut@gentoo.org> openvpn-2.0.9.ebuild:
+ ppc stable #272546
+
+ 28 Aug 2009; Tobias Klausmann <klausman@gentoo.org>
+ openvpn-2.1_rc15.ebuild:
+ Stable on alpha, bug #280072
+
+ 19 Aug 2009; Jeroen Roovers <jer@gentoo.org> openvpn-2.1_rc15.ebuild:
+ Stable for HPPA (bug #280072).
+
+ 05 Aug 2009; <chainsaw@gentoo.org> openvpn-2.1_rc15.ebuild:
+ Marked stable on AMD64 as requested by Cédric Krier <cedk@gentoo.org> in
+ bug #280072. Compile-tested on a Core2 Duo, no suitable network
+ environment to test.
+
+ 04 Aug 2009; Christian Faulhammer <fauli@gentoo.org>
+ openvpn-2.1_rc15.ebuild:
+ stable x86, bug 280072
+
+*openvpn-2.1_rc19 (01 Aug 2009)
+
+ 01 Aug 2009; Cédric Krier <cedk@gentoo.org> +openvpn-2.1_rc19.ebuild:
+ Version bump
+
+ 28 Jun 2009; Brent Baude <ranger@gentoo.org> openvpn-2.0.9.ebuild:
+ Marking openvpn-2.0.9 ppc64 for bug 272546
+
+ 21 Jun 2009; Cédric Krier <cedk@gentoo.org> openvpn-2.1_rc15.ebuild:
+ Remove empty doc dir for bug #272994
+
+ 21 Jun 2009; Cédric Krier <cedk@gentoo.org> openvpn-2.1_rc15.ebuild:
+ Add missing -Wall for plugin
+
+ 21 Jun 2009; Cédric Krier <cedk@gentoo.org> openvpn-2.0.9.ebuild:
+ Add missing missing file for easy-rsa for bug #273586
+
+ 21 Jun 2009; Cédric Krier <cedk@gentoo.org> openvpn-2.1_rc15.ebuild:
+ Fix CFLAGS and LDFLAGS in plugin for bug #263136
+
+ 11 Jun 2009; Jeroen Roovers <jer@gentoo.org> openvpn-2.0.9.ebuild:
+ Stable for HPPA (bug #272546).
+
+ 07 Jun 2009; Tobias Klausmann <klausman@gentoo.org> openvpn-2.0.9.ebuild:
+ Stable on alpha, bug #272546
+
+ 07 Jun 2009; Markus Meier <maekke@gentoo.org> openvpn-2.0.9.ebuild:
+ amd64/x86 stable, bug #272546
+
+ 28 May 2009; Cédric Krier <cedk@gentoo.org> openvpn-2.1_rc15.ebuild:
+ Fix bad header and missing RDEPEND
+
+ 28 May 2009; Cédric Krier <cedk@gentoo.org> files/up.sh:
+ Fix invalid resolv.conf when DOMAIN is empty for bug #269614
+
+ 15 Apr 2009; Cédric Krier <cedk@gentoo.org> files/up.sh:
+ Fix up.sh to add search for all domains for bug #259382
+
+*openvpn-2.1_rc15 (03 Jan 2009)
+
+ 03 Jan 2009; Cédric Krier <cedk@gentoo.org> -openvpn-2.1_rc13.ebuild,
+ +openvpn-2.1_rc15.ebuild:
+ Version bump
+
+ 02 Nov 2008; Cédric Krier <cedk@gentoo.org>
+ +files/openvpn-2.1_rc13-peercred.patch, openvpn-2.1_rc13.ebuild:
+ Add peercred patch for bug #245181
+
+*openvpn-2.1_rc13 (01 Nov 2008)
+
+ 01 Nov 2008; Cédric Krier <cedk@gentoo.org>
+ -files/openvpn-2.1_rc9-tests.patch, -openvpn-2.1_rc9.ebuild,
+ +openvpn-2.1_rc13.ebuild:
+ Version bump
+
+ 01 Nov 2008; Cédric Krier <cedk@gentoo.org> files/openvpn-2.1.init:
+ Fix init script for bug #234667
+
+ 28 Sep 2008; Cédric Krier <cedk@gentoo.org>
+ +files/openvpn-2.1_rc9-tests.patch, openvpn-2.1_rc9.ebuild:
+ Add tests patch for bug #236877
+
+ 02 Aug 2008; Cédric Krier <cedk@gentoo.org> files/openvpn-2.1.init:
+ Add --script-security 2 for bug #233657
+
+*openvpn-2.1_rc9 (01 Aug 2008)
+
+ 01 Aug 2008; Cédric Krier <cedk@gentoo.org>
+ -files/openvpn-2.1_rc7-tap.patch, -openvpn-2.1_rc7-r2.ebuild,
+ +openvpn-2.1_rc9.ebuild:
+ Version bump
+
+*openvpn-2.0.9 (14 May 2008)
+
+ 14 May 2008; Cédric Krier <cedk@gentoo.org>
+ +files/openvpn-2.0.9-pam.patch, +files/openvpn-2.0.9-persistent.patch,
+ +openvpn-2.0.9.ebuild:
+ Version bump
+
+ 13 May 2008; Cédric Krier <cedk@gentoo.org> metadata.xml:
+ Take ownership, after Alon Bar-Lev left
+
+*openvpn-2.1_rc7-r2 (18 Apr 2008)
+
+ 18 Apr 2008; Alon Bar-Lev <alonbl@gentoo.org>
+ files/openvpn-2.1_rc7-tap.patch, -openvpn-2.1_rc7-r1.ebuild,
+ +openvpn-2.1_rc7-r2.ebuild:
+ Fix tun (again), bug#218129, thanks to Sigmatador
+
+*openvpn-2.1_rc7-r1 (16 Apr 2008)
+
+ 16 Apr 2008; Alon Bar-Lev <alonbl@gentoo.org>
+ files/openvpn-2.1_rc7-tap.patch, -openvpn-2.1_rc7.ebuild,
+ +openvpn-2.1_rc7-r1.ebuild:
+ Fix typeo in tun, bug#217956, thanks to Sigmatador
+
+ 17 Feb 2008; Christoph Mende <angelos@gentoo.org> openvpn-2.0.7-r2.ebuild:
+ Stable on amd64, bug #209177
+
+ 12 Feb 2008; Raúl Porcel <armin76@gentoo.org> openvpn-2.0.7-r2.ebuild:
+ alpha/sparc stable wrt #209177
+
+*openvpn-2.1_rc7 (09 Feb 2008)
+
+ 09 Feb 2008; Alon Bar-Lev <alonbl@gentoo.org>
+ -files/openvpn-2.1_rc4-ip6-mss.patch,
+ -files/openvpn-2.1_rc6-iproute.patch, +files/openvpn-2.1_rc7-tap.patch,
+ -openvpn-2.1_rc4-r2.ebuild, -openvpn-2.1_rc6-r1.ebuild,
+ +openvpn-2.1_rc7.ebuild:
+ Version bump, fix bug#209055
+
+ 08 Feb 2008; Tobias Scherbaum <dertobi123@gentoo.org>
+ openvpn-2.0.7-r2.ebuild:
+ ppc stable, bug #209177
+
+ 07 Feb 2008; Jeroen Roovers <jer@gentoo.org> openvpn-2.0.7-r2.ebuild:
+ Stable for HPPA (bug #209177).
+
+ 07 Feb 2008; Christian Faulhammer <opfer@gentoo.org>
+ openvpn-2.0.7-r2.ebuild:
+ restrict tests if USE=ssl is not set
+
+ 07 Feb 2008; Christian Faulhammer <opfer@gentoo.org>
+ openvpn-2.0.7-r2.ebuild:
+ stable x86, bug 209177
+
+ 07 Feb 2008; Brent Baude <ranger@gentoo.org> openvpn-2.0.7-r2.ebuild:
+ stable ppc64, bug 209177
+
+ 30 Jan 2008; Alon Bar-Lev <alonbl@gentoo.org> files/down.sh, files/up.sh:
+ If SVCNAME does not exist avoid doing service magic
+
+ 29 Jan 2008; Diego Pettenò <flameeyes@gentoo.org> files/openvpn-2.1.init,
+ files/openvpn.init:
+ Fix init script dependencies to work without a boot runlevel.
+
+*openvpn-2.1_rc6-r1 (25 Jan 2008)
+
+ 25 Jan 2008; Alon Bar-Lev <alonbl@gentoo.org>
+ +files/openvpn-2.1_rc6-iproute.patch, -openvpn-2.1_rc6.ebuild,
+ +openvpn-2.1_rc6-r1.ebuild:
+ Fix iproute issue, bug#207320, thanks to Graham Murray
+
+*openvpn-2.1_rc6 (24 Jan 2008)
+
+ 24 Jan 2008; Alon Bar-Lev <alonbl@gentoo.org> -openvpn-2.1_rc5.ebuild,
+ +openvpn-2.1_rc6.ebuild:
+ Version bump
+
+*openvpn-2.1_rc5 (23 Jan 2008)
+
+ 23 Jan 2008; Alon Bar-Lev <alonbl@gentoo.org> +openvpn-2.1_rc5.ebuild:
+ Version bump
+
+ 21 Dec 2007; Alon Bar-Lev <alonbl@gentoo.org> metadata.xml:
+ Take ownership, after Roy left
+
+ 25 Sep 2007; Roy Marples <uberlord@gentoo.org> files/openvpn-2.1.conf,
+ files/openvpn-2.1.init, files/down.sh, files/up.sh:
+ PEER_DNS now allows OpenVPN to create /etc/resolv.conf or not, #193668
+
+ 25 Sep 2007; Roy Marples <uberlord@gentoo.org> files/down.sh, files/up.sh:
+ Pass parameters to service specific scripts, #193724 thanks to Sergiy Borodych
+
+ 15 Sep 2007; Roy Marples <uberlord@gentoo.org>
+ -files/openvpn-2.0.4-darwin.patch, openvpn-2.0.6.ebuild,
+ openvpn-2.0.7-r2.ebuild, openvpn-2.1_rc4-r2.ebuild:
+ ppc-macos keyword and patch dropped
+
+*openvpn-2.1_rc4-r2 (16 Aug 2007)
+
+ 16 Aug 2007; Roy Marples <uberlord@gentoo.org>
+ +files/openvpn-2.1_rc4-ip6-mss.patch, +openvpn-2.1_rc4-r2.ebuild:
+ Add a patch to fix mss for IPv6.
+
+ 09 Jul 2007; Roy Marples <uberlord@gentoo.org> openvpn-2.1_rc4.ebuild,
+ openvpn-2.1_rc4-r1.ebuild:
+ Remove BSD warning about MTU as it no longer applies (I think)
+
+ 08 Jul 2007; Roy Marples <uberlord@gentoo.org> files/openvpn-2.1.conf,
+ files/openvpn-2.1.init:
+ RE_ENTER config variable allows custom up/down scripts to re-enter openvpn.
+ Should fix #133107.
+
+*openvpn-2.1_rc4-r1 (29 Jun 2007)
+
+ 29 Jun 2007; Roy Marples <uberlord@gentoo.org> +files/openvpn-2.1.conf,
+ files/openvpn-2.1.init, +openvpn-2.1_rc4-r1.ebuild:
+ DETECT_CLIENT config directive now controls init script behaviour, #181000.
+ IPv6 support added, #183457 thanks to Marcel Pennewiß.
+
+ 08 Jun 2007; Joshua Kinard <kumba@gentoo.org> openvpn-2.0.7-r2.ebuild:
+ Marked unstable on mips, per #181074.
+
+*openvpn-2.1_rc4 (26 Apr 2007)
+
+ 26 Apr 2007; Roy Marples <uberlord@gentoo.org> +openvpn-2.1_rc4.ebuild:
+ Bump, fixes #176001 thanks to boris64.
+
+ 16 Apr 2007; Roy Marples <uberlord@gentoo.org>
+ +files/openvpn-2.1_rc2-freebsd.patch, openvpn-2.0.6.ebuild,
+ openvpn-2.0.7.ebuild, openvpn-2.0.7-r1.ebuild, openvpn-2.0.7-r2.ebuild,
+ openvpn-2.1_rc2.ebuild:
+ static USE flag now does what it says on the tin, #174786
+ thanks to Michael Gisbers.
+ Added a patch to clean up compile and install on FreeBSD.
+
+ 09 Mar 2007; Roy Marples <uberlord@gentoo.org> files/openvpn-2.1.init:
+ Hide ifconfig errors on FreeBSD.
+ Use printf instead of echo -e so we work on all POSIX shells.
+
+*openvpn-2.1_rc2 (04 Mar 2007)
+
+ 04 Mar 2007; Roy Marples <uberlord@gentoo.org> +openvpn-2.1_rc2.ebuild:
+ Bumpage.
+
+*openvpn-2.1_rc1-r2 (23 Feb 2007)
+*openvpn-2.0.7-r2 (23 Feb 2007)
+
+ 23 Feb 2007; Roy Marples <uberlord@gentoo.org> files/openvpn-2.1.init,
+ files/down.sh, files/openvpn.init, files/up.sh, +openvpn-2.0.7-r2.ebuild,
+ +openvpn-2.1_rc1-r2.ebuild:
+ Init scripts no longer require bash.
+
+ 07 Feb 2007; Roy Marples <uberlord@gentoo.org> files/down.sh, files/up.sh:
+ up.sh and down.sh no longer require bash.
+
+ 05 Jan 2007; Diego Pettenò <flameeyes@gentoo.org> openvpn-2.0.6.ebuild,
+ openvpn-2.0.7.ebuild, openvpn-2.0.7-r1.ebuild, openvpn-2.1_rc1.ebuild,
+ openvpn-2.1_rc1-r1.ebuild:
+ Remove gnuconfig_update usage, leave it to econf.
+
+*openvpn-2.1_rc1-r1 (08 Nov 2006)
+*openvpn-2.0.7-r1 (08 Nov 2006)
+
+ 08 Nov 2006; Roy Marples <uberlord@gentoo.org>
+ +files/openvpn-2.0.7-persistent.patch,
+ +files/openvpn-2.1_rc1-persistent.patch, +openvpn-2.0.7-r1.ebuild,
+ +openvpn-2.1_rc1-r1.ebuild:
+ Added patches to enable txqueuelen when making a persistent interface, #150791
+
+ 06 Nov 2006; Roy Marples <uberlord@gentoo.org> openvpn-2.0.6.ebuild,
+ openvpn-2.0.7.ebuild, -openvpn-2.1_beta15.ebuild, openvpn-2.1_rc1.ebuild:
+ die if iproute2 support was requested, but built with the minimal USE flag.
+ Fixes #154191 thanks to Martin Scherer.
+
+*openvpn-2.1_rc1 (02 Nov 2006)
+
+ 02 Nov 2006; Roy Marples <uberlord@gentoo.org> +openvpn-2.1_rc1.ebuild:
+ New upstream version.
+
+ 01 Nov 2006; Roy Marples <uberlord@gentoo.org> files/openvpn-2.1.init,
+ files/up.sh:
+ Ensure we work with all bash versions.
+
+ 17 Oct 2006; Roy Marples <uberlord@gentoo.org> openvpn-2.0.7.ebuild,
+ openvpn-2.1_beta15.ebuild:
+ Added ~sparc-fbsd keyword.
+
+ 14 Oct 2006; Roy Marples <uberlord@gentoo.org> files/openvpn-2.1.init:
+ Quiet stopping.
+
+ 11 Oct 2006; Roy Marples <uberlord@gentoo.org>
+ +files/openvpn-2.0.7-pam.patch, openvpn-2.0.7.ebuild,
+ openvpn-2.1_beta15.ebuild:
+ Add a patch so we work with both LinuxPAM and OpenPAM correctly.
+
+ 05 Oct 2006; Markus Rothe <corsair@gentoo.org> openvpn-2.1_beta15.ebuild:
+ Added ~ppc64
+
+ 13 Sep 2006; Roy Marples <uberlord@gentoo.org> -openvpn-2.1_beta14.ebuild,
+ openvpn-2.1_beta15.ebuild:
+ Fix plugin install, #147308 again.
+
+*openvpn-2.1_beta15 (12 Sep 2006)
+
+ 12 Sep 2006; Roy Marples <uberlord@gentoo.org> files/up.sh,
+ +openvpn-2.1_beta15.ebuild:
+ Version bump, #147308 thanks to Alon Bar-Lev.
+ Fix up.sh for FreeBSD.
+
+ 10 Sep 2006; Roy Marples <uberlord@gentoo.org> files/openvpn-2.1.init:
+ Add FreeBSD support
+
+ 08 Jul 2006; Markus Rothe <corsair@gentoo.org> openvpn-2.0.6.ebuild:
+ Stable on ppc64
+
+ 06 Jul 2006; Roy Marples <uberlord@gentoo.org> files/openvpn-2.1.init,
+ files/openvpn.init:
+ Allow periods in config names, #139454 thanks to Ed Catmur.
+
+*openvpn-2.0.7 (29 Jun 2006)
+
+ 29 Jun 2006; Roy Marples <uberlord@gentoo.org> +openvpn-2.0.7.ebuild:
+ Bump, #138250, thanks to Armando Di Cianno.
+
+ 15 May 2006; Brent Baude <ranger@gentoo.org> openvpn-2.0.6.ebuild:
+ Marking openvpn-2.0.6 ~ppc64 per bug request 133417
+
+ 12 May 2006; Roy Marples <uberlord@gentoo.org> files/down.sh, files/up.sh:
+ up.sh and down.sh now save and restore resolv.conf if we don't
+ have resolvconf installed, #132932.
+
+ 10 May 2006; Roy Marples <uberlord@gentoo.org> openvpn-2.1_beta14.ebuild,
+ files/up.sh:
+ up.sh no longer overwrites resolv.conf if no dns
+ information has been given to us by openvpn.
+
+ Dropped the smartcard USE flag and opensc dependency as requested by the
+ openvpn pcks11 patch author Alon Bar-Lev, #118435.
+
+*openvpn-2.1_beta14 (09 May 2006)
+
+ 09 May 2006; Roy Marples <uberlord@gentoo.org> +files/openvpn-2.1.init,
+ +files/down.sh, +files/up.sh, +openvpn-2.1_beta14.ebuild:
+ New upstream beta release with smartcard support (#118435).
+ We now add an openvpn user/group so you can drop root if you wish (#120425).
+
+ If you use the remote keyword in your config then you are deemed to be a
+ client and we force our up/down scripts to be used. These scripts start/stop
+ any services depending on openvpn AND apply any DNS information to resolvconf
+ or /etc/resolv.conf directly if resolvconf is not installed.
+
+ 05 May 2006; Roy Marples <uberlord@gentoo.org> files/openvpn.init:
+ Tweak init script to start before netmount.
+
+ 24 Apr 2006; Roy Marples <uberlord@gentoo.org> -openvpn-2.0.5-r2.ebuild,
+ openvpn-2.0.6.ebuild:
+ Stop installing INSTALL document.
+
+ 09 Apr 2006; Fabian Groffen <grobian@gentoo.org> openvpn-2.0.6.ebuild:
+ Marked ppc-macos stable (bug #128888)
+
+ 08 Apr 2006; Bryan Østergaard <kloeri@gentoo.org openvpn-2.0.6.ebuild:
+ Stable on alpha, bug 128888.
+
+ 07 Apr 2006; Rene Nussbaumer <killerfox@gentoo.org> openvpn-2.0.6.ebuild:
+ Stable on hppa. See bug #128888.
+
+ 05 Apr 2006; Andrej Kacian <ticho@gentoo.org> openvpn-2.0.6.ebuild:
+ Stable on x86, bug #128888.
+
+ 05 Apr 2006; Patrick McLean <chutzpah@gentoo.org> openvpn-2.0.6.ebuild:
+ Stable on amd64 (bug 128888).
+
+ 05 Apr 2006; Gustavo Zacarias <gustavoz@gentoo.org> openvpn-2.0.6.ebuild:
+ Stable on sparc wrt security #128888
+
+ 05 Apr 2006; Tobias Scherbaum <dertobi123@gentoo.org>
+ openvpn-2.0.6.ebuild:
+ ppc stable, bug #128888
+
+*openvpn-2.0.6 (05 Apr 2006)
+
+ 05 Apr 2006; Roy Marples <uberlord@gentoo.org> +openvpn-2.0.6.ebuild:
+ New upstream release.
+
+ 08 Feb 2006; Roy Marples <uberlord@gentoo.org> openvpn-2.0.5-r2.ebuild:
+ Marking stable on ppc-macos so I can punt older versions, #117111.
+ It's just an init script anyway, so shouldn't affect things.
+
+ 07 Feb 2006; Aron Griffis <agriffis@gentoo.org> openvpn-2.0.5-r2.ebuild:
+ Mark 2.0.5-r2 stable on alpha
+
+ 05 Feb 2006; Guy Martin <gmsoft@gentoo.org> openvpn-2.0.5-r2.ebuild:
+ Stable on hppa.
+
+ 08 Jan 2006; Carsten Lohrke <carlo@gentoo.org> metadata.xml:
+ One maintainer retired, one left.
+
+ 05 Jan 2006; Simon Stelling <blubb@gentoo.org> openvpn-2.0.5-r2.ebuild:
+ stable on amd64
+
+ 02 Jan 2006; Michael Hanselmann <hansmi@gentoo.org>
+ openvpn-2.0.5-r2.ebuild:
+ Stable on ppc.
+
+ 30 Dec 2005; Roy Marples <uberlord@gentoo.org> openvpn-2.0.5-r2.ebuild:
+ Stable on x86, #117111.
+
+ 30 Dec 2005; Gustavo Zacarias <gustavoz@gentoo.org>
+ openvpn-2.0.5-r2.ebuild:
+ Stable on sparc wrt #117111
+
+ 08 Nov 2005; Roy Marples <uberlord@gentoo.org> -openvpn-2.0.1.ebuild,
+ -openvpn-2.0.2.ebuild, -openvpn-2.0.2-r3.ebuild, -openvpn-2.0.4-r1.ebuild,
+ -openvpn-2.0.4-r2.ebuild, -openvpn-2.0.5-r1.ebuild:
+ Punted a few versions.
+
+*openvpn-2.0.5-r2 (06 Nov 2005)
+
+ 06 Nov 2005; Roy Marples <uberlord@gentoo.org> openvpn-2.0.5.ebuild,
+ +openvpn-2.0.5-r2.ebuild:
+ easyrsa pkitool is now installed, #111635.
+ easyrsa no longer gets installed when minimum USE flag is set.
+
+ 06 Nov 2005; Simon Stelling <blubb@gentoo.org> openvpn-2.0.5.ebuild:
+ stable on amd64 wrt bug 111116
+
+ 05 Nov 2005; Bryan Østergaard <kloeri@gentoo.org> openvpn-2.0.5.ebuild:
+ Stable on alpha, bug 111116.
+
+ 04 Nov 2005; Gustavo Zacarias <gustavoz@gentoo.org> openvpn-2.0.5.ebuild:
+ Stable on sparc wrt #111116
+
+ 04 Nov 2005; Fabian Groffen <grobian@gentoo.org> openvpn-2.0.5.ebuild:
+ Marked ppc-macos for bug #111116 (again)
+
+ 04 Nov 2005; Mark Loeser <halcy0n@gentoo.org> openvpn-2.0.5.ebuild:
+ Stable on x86; bug #111116
+
+ 03 Nov 2005; Michael Hanselmann <hansmi@gentoo.org> openvpn-2.0.5.ebuild:
+ Stable on ppc. See bug #111116.
+
+*openvpn-2.0.5-r1 (03 Nov 2005)
+*openvpn-2.0.5 (03 Nov 2005)
+
+ 03 Nov 2005; Roy Marples <uberlord@gentoo.org> +openvpn-2.0.5.ebuild,
+ +openvpn-2.0.5-r1.ebuild:
+ Version bump - fixes some serious issues 2.0.4 had
+ 2.0.5 has old init script
+ 2.0.5-r1 has new init script
+
+ 03 Nov 2005; Roy Marples <uberlord@gentoo.org> openvpn-2.0.4-r1.ebuild,
+ openvpn-2.0.4-r2.ebuild:
+ easy-rsa now gets installed properly, #111351
+
+ 03 Nov 2005; Gustavo Zacarias <gustavoz@gentoo.org>
+ openvpn-2.0.4-r1.ebuild:
+ Stable on sparc wrt #111116
+
+ 02 Nov 2005; Fabian Groffen <grobian@gentoo.org>
+ +files/openvpn-2.0.4-darwin.patch, openvpn-2.0.4-r1.ebuild,
+ openvpn-2.0.4-r2.ebuild:
+ Fixed compilation problem on Darwin and marked ppc-macos (bug #111116)
+
+*openvpn-2.0.4-r2 (02 Nov 2005)
+*openvpn-2.0.4-r1 (02 Nov 2005)
+
+ 02 Nov 2005; Roy Marples <uberlord@gentoo.org> -openvpn-2.0.4.ebuild,
+ +openvpn-2.0.4-r1.ebuild, +openvpn-2.0.4-r2.ebuild:
+ 2.0.4 removed as it had the new init script
+ 2.0.4-r1 added with old init script
+ 2.0.4-r2 added with new init script
+
+ 02 Nov 2005; Roy Marples <uberlord@gentoo.org> openvpn-2.0.4.ebuild:
+ Fixed pam issue when building plugins, #111267
+
+ 02 Nov 2005; Michael Hanselmann <hansmi@gentoo.org> openvpn-2.0.4.ebuild:
+ Stable on ppc.
+
+ 02 Nov 2005; Andrej Kacian <ticho@gentoo.org> openvpn-2.0.4.ebuild:
+ Stable on x86, security bug #111116.
+
+*openvpn-2.0.4 (02 Nov 2005)
+
+ 02 Nov 2005; Roy Marples <uberlord@gentoo.org> metadata.xml,
+ +openvpn-2.0.4.ebuild:
+ Added myself as a maintainer until luckyduck comes back online
+
+ Version bump, wrt bug #111116
+
+ Examples flag really now works, #100943
+
+ init script now appends the --cd option only when the same option
+ is not specified in the config file, #109363
+
+ 15 Oct 2005; Roy Marples <uberlord@gentoo.org> openvpn-2.0.2-r3.ebuild:
+ plugins now really install to /usr/lib/openvpn
+
+*openvpn-2.0.2-r3 (14 Oct 2005)
+
+ 14 Oct 2005; Roy Marples <uberlord@gentoo.org> files/openvpn.init,
+ -openvpn-2.0.2-r2.ebuild, +openvpn-2.0.2-r3.ebuild:
+ init script now modprobes tun if /dev/tun does not exist and errors
+ if tun/tap support is not enabled in the kernel
+
+ iproute2 USE flag fixed as --disable-iproute2 also enables it in the Makefile
+
+*openvpn-2.0.2-r2 (14 Oct 2005)
+
+ 14 Oct 2005; Roy Marples <uberlord@gentoo.org> files/openvpn.init,
+ -openvpn-2.0.2-r1.ebuild, +openvpn-2.0.2-r2.ebuild:
+ Rev bump for new init script which stops properly on baselayout-1.11 and
+ earlier.
+
+ 14 Oct 2005; Roy Marples <uberlord@gentoo.org> openvpn-2.0.2-r1.ebuild:
+ Added net-tools as a dependency if iproute2 USE flag is not used.
+
+*openvpn-2.0.2-r1 (13 Oct 2005)
+
+ 13 Oct 2005; Roy Marples <uberlord@gentoo.org> +files/openvpn.init,
+ +openvpn-2.0.2-r1.ebuild:
+ New init script which allows more granular control of seperate vpns, #105439
+ Install all docs, #100943
+ new iproute2 USE flag, #98782 thanks to Sean Lynn
+ new static USE flag, #105479 thanks to Clemens Noss
+ new minimal USE flag which decides to build bundled plugins or not, #103711
+
+*openvpn-2.0.2 (19 Sep 2005)
+
+ 19 Sep 2005; Seemant Kulleen <seemant@gentoo.org> -openvpn-2.0.ebuild,
+ -openvpn-2.0-r1.ebuild, +openvpn-2.0.2.ebuild:
+ version bump to newest upstream release. wfm, and luckyduck is missing.
+ Closes bug #103913
+
+ 15 Sep 2005; Aron Griffis <agriffis@gentoo.org> openvpn-2.0.1.ebuild:
+ Mark 2.0.1 stable on alpha
+
+ 30 Aug 2005; Gustavo Zacarias <gustavoz@gentoo.org> openvpn-2.0.1.ebuild:
+ Stable on sparc wrt #102871
+
+ 24 Aug 2005; Olivier Crête <tester@gentoo.org> openvpn-2.0.1.ebuild:
+ Stable on x86 per security bug #102871
+
+ 21 Aug 2005; Fabian Groffen <grobian@gentoo.org> openvpn-2.0.1.ebuild:
+ Stable on ppc-macos (bug #102871)
+
+ 21 Aug 2005; Michael Hanselmann <hansmi@gentoo.org> openvpn-2.0.1.ebuild:
+ Stable on ppc.
+
+ 21 Aug 2005; Luis Medinas <metalgod@gentoo.org> openvpn-2.0.1.ebuild:
+ Marked Stable on AMD64. Fixes bug #102871.
+
+*openvpn-2.0.1 (21 Aug 2005)
+
+ 21 Aug 2005; petre rodan <kaiowas@gentoo.org> +openvpn-2.0.1.ebuild:
+ version bump as per security bug #102871; added selinux RDEPEND
+
+ 25 Jun 2005; Jan Brinkmann <luckyduck@gentoo.org> openvpn-2.0-r1.ebuild:
+ -r1 installs the initscript again, fixes #96855.
+
+ 18 Jun 2005; Jason Wever <weeve@gentoo.org> openvpn-2.0.ebuild:
+ Stable on SPARC.
+
+ 09 Jun 2005; Jan Brinkmann <luckyduck@gentoo.org> openvpn-2.0-r1.ebuild:
+ Minor fixes.
+
+*openvpn-2.0-r1 (30 May 2005)
+
+ 30 May 2005; Jan Brinkmann <luckyduck@gentoo.org> files/openvpn,
+ +openvpn-2.0-r1.ebuild:
+ make use of our initscript again, fixes #94350. the initscript now supports
+ checking if a connection is already online, see #92369 for details. thanks
+ to Christian Hesse <mail@earthworm.de> for the suggestion.
+
+ 28 May 2005; Jan Brinkmann <luckyduck@gentoo.org> openvpn-2.0.ebuild:
+ stable on amd64, ppc and x86
+
+ 07 May 2005; Jeffrey Forman <jforman@gentoo.org> openvpn-1.6.0.ebuild:
+ openvpn-1.6.0 stable on sparc
+
+ 01 May 2005; Jan Brinkmann <luckyduck@gentoo.org> openvpn-1.5.0-r1.ebuild,
+ openvpn-1.6.0.ebuild:
+ marked 1.6.0 stable on amd64 and x86, some cosmetic changes.
+
+ 29 Apr 2005; Jan Brinkmann <luckyduck@gentoo.org> metadata.xml:
+ herd -> secure-tunneling
+
+ 29 Apr 2005; Jan Brinkmann <luckyduck@gentoo.org> openvpn-2.0.ebuild:
+ added a compatibility warning.
+
+*openvpn-2.0 (29 Apr 2005)
+
+ 29 Apr 2005; Jan Brinkmann <luckyduck@gentoo.org> metadata.xml,
+ -openvpn-1.1.0.ebuild, -openvpn-1.3.1.ebuild, -openvpn-1.3.2.ebuild,
+ -openvpn-1.3.2-r1.ebuild, -openvpn-1.4.2.ebuild, -openvpn-1.5.0.ebuild,
+ +openvpn-2.0.ebuild:
+ added ebuild for 2.0, fixes #50767. also updated metadata.xml, took over
+ maintainership. did some cleanup, removed older versions. introduced support
+ for the examples useflag.
+
+ 05 Feb 2005; <solar@gentoo.org> openvpn-1.5.0-r1.ebuild,
+ openvpn-1.6.0.ebuild:
+ - q/a fix. os-headers are not needed in RDEPEND
+
+ 23 Jan 2005; Daniel Black <dragonheart@gentoo.org> openvpn-1.5.0-r1.ebuild,
+ openvpn-1.6.0.ebuild:
+ threads is now a global use flags. Changed pthreads to threads.
+
+ 29 Dec 2004; Ciaran McCreesh <ciaranm@gentoo.org> :
+ Change encoding to UTF-8 for GLEP 31 compliance
+
+ 18 Dec 2004; Simon Stelling <blubb@gentoo.org> openvpn-1.6.0.ebuild:
+ added ~amd64
+
+ 24 Nov 2004; Kito <kito@gentoo.org> openvpn-1.6.0.ebuild:
+ added ~ppc-macos. closes bug Bug 72324
+
+ 17 Oct 2004; <solar@gentoo.org> openvpn-1.5.0-r1.ebuild,
+ openvpn-1.6.0.ebuild:
+ added gnuconfig_update for bug #61187
+
+*openvpn-1.6.0 (02 Oct 2004)
+
+ 02 Oct 2004; Joshua Charles Campbell <warpzero@gentoo.org> openvpn-1.6.0.ebuild:
+ Version bump
+
+ 02 Oct 2004; Bryan Østergaard <kloeri@gentoo.org> openvpn-1.5.0-r1.ebuild:
+ Keyword ~alpha, bug 65839.
+
+ 25 Aug 2004; Sven Wegener <swegener@gentoo.org> openvpn-1.1.0.ebuild,
+ openvpn-1.3.1.ebuild, openvpn-1.3.2-r1.ebuild, openvpn-1.3.2.ebuild,
+ openvpn-1.4.2.ebuild, openvpn-1.5.0-r1.ebuild, openvpn-1.5.0.ebuild:
+ Changed SRC_URI to use mirror:// syntax.
+
+ 09 Jul 2004; Travis Tilley <lv@gentoo.org> openvpn-1.5.0-r1.ebuild,
+ openvpn-1.5.0.ebuild:
+ switch linux-headers dependency to virtual/os-headers
+
+ 25 Mar 2004; Jason Wever <weeve@gentoo.org> openvpn-1.5.0-r1.ebuild:
+ Marked stable on sparc.
+
+*openvpn-1.5.0-r1 (15 Mar 2004)
+
+ 15 Mar 2004; <warpzero@gentoo.org> metadata.xml, openvpn-1.5.0-r1.ebuild;
+ Added pthreads support and made the ebuild actually consider its use flags, wow.
+
+*openvpn-1.5.0 (24 Dec 2003)
+
+*openvpn-1.4.2 (03 Aug 2003)
+
+ 03 Aug 2003; <warpzero@gentoo.org> metadata.xml, openvpn-1.5.0.ebuild:
+ version 1.5.0 added
+ fixed init script added. Closes several bugs.
+
+*openvpn-1.4.2 (03 Aug 2003)
+
+ 03 Aug 2003; <warpzero@gentoo.org> metadata.xml, openvpn-1.4.2.ebuild:
+ ~ppc keyword
+
+*openvpn-1.4.2 (03 Aug 2003)
+
+ 03 Aug 2003; <warpzero@gentoo.org> metadata.xml, openvpn-1.4.2.ebuild:
+ version 1.4.2 added
+
+ 06 Dec 2002; Rodney Rees <manson@gentoo.org> : changed sparc ~sparc keywords
+
+*openvpn-1.3.2-r1 (20 May 2003)
+
+ 20 May 2003; Ryan Phillips <rphillips@gentoo.org> openvpn-1.3.2-r1.ebuild :
+ Included init script. Bug #20085 Fixed. Submitted by Warp Zero
+
+*openvpn-1.3.2 (31 Jan 2003)
+
+ 31 Jan 2003; Ryan Phillips <rphillips@gentoo.org> openvpn-1.3.2 :
+
+ new version.
+
+*openvpn-1.3.1 (15 Jul 2002)
+
+ 15 Jul 2002; Ryan Phillips <rphillips@gentoo.org> openvpn-1.3.1 :
+
+ new version. Thanks to Marko Mikulicic
+
+*openvpn-1.1.0 (26 May 2002)
+
+ 09 Jul 2002; phoen][x <phoenix@gentoo.org> openvpn-1.1.0.ebuild :
+ Added KEYWORDS.
+
+ 26 May 2002; Mike Jones <ashmodai@gentoo.org> ChangeLog, openvpn-1.1.0.ebuild:
+ Added initial ChangeLog which should be updated whenever the package is
+ updated in any way. This changelog is targetted to users. This means that the
+ comments should well explained and written in clean English. The details about
+ writing correct changelogs are explained in the skel.ChangeLog file which you
+ can find in the root directory of the portage repository.
+
diff --git a/net-misc/openvpn/Manifest b/net-misc/openvpn/Manifest
new file mode 100644
index 0000000..83bfe3b
--- /dev/null
+++ b/net-misc/openvpn/Manifest
@@ -0,0 +1,16 @@
+AUX 2.3.6-disable-compression.patch 579 SHA256 644068d1925a7b2866a4afaef15ebb27f5bbf1b55eed0894d34f7603c230bd9a SHA512 56acdd4716df4f6a0367fd583296718e30d3fa4b6b129159f61f913eba97769943a2354e9b51572314a206f68a20def091a89aec12bc942d94b05369128d3a97 WHIRLPOOL 1fb293d49f63a75cb772c262d9a55a6cb00be0f154387bf4fb3e9be1602038bd70348fad5f1a2b714fa7b45cbcd36a4db2c6f1441f3a00aff7d51732b3629708
+AUX 2.3.6-null-cipher.patch 1531 SHA256 a3f8ac3630c9887d18d21e0ac9781d615cf8dff277c070306b36c5d0faa8a1ac SHA512 0aa288af3c0b43977bf84b099ea28dbf7ab9a1096d76e8f706989570984c70a4c298430eac35b0c80eab8bc05e6072d965c20a9e3689e7448e759abb92c93fb2 WHIRLPOOL cbefb2a1b6d63373890a76d3a6153335f8d05b07e4546893e7a8871c653d39f06941615181308fbf41a07cf702b2a730dfacc6a01840efdbfbeaf301a58362bb
+AUX 2.3.6-vlan-support.patch 32652 SHA256 5b53cd595b77c8c391b9ad4844028b8524b9d6e877a5a6ae36ce82dff0eea2a3 SHA512 a28532cf98c47a79bce3f87683560b3bff7f5ec727d709eaa12543f8c2b4285b8cca49aa69f591d93c8d13ef7ab901f835eec72776cc27da693058293e14627d WHIRLPOOL fe42ad83d82f1e57b9de8a44bc8a03220d3e2f28b797d7144714ced3b34a8d4d7daf66351fbcc712e56599fc6eb5414077c839df8ffd6616eae38c2b6258d724
+AUX 65openvpn 45 SHA256 d5758e39fdc75dcbb5a788b1afa743c3c1f08c63c535aa32c300b965474d765c SHA512 713345092b60d1322d3fa96fd72d69ed82dbfee5031a675114bc60acfdacaf0811f6bf4530cf937ca5a86b3f2665b28951b9087ec91c2c0faf75bdaf1e25bdbb WHIRLPOOL 534e7dcf2ac953e9ec5de05810022471cb26a16806cd036f25d02550e20f8aaa91410bd005bc7a5e4a549d8a40d01ae317be1d1e1e25d91ed989bbbea7ede9d2
+AUX down.sh 943 SHA256 39debebcd8c899f20e6d355cbc8eaab46e28b83a9f6c33a94c065688a4f3d2c7 SHA512 5defd61edf11cc63f3f8f60bef7fa730c4bcdd2545d664bd94666dd3aea80bd9d190263d8835a555e4287a594f6fce0f52426aed49c60233ff637a2a6164a997 WHIRLPOOL c66fd1e016656fe83d7f55b77bf232058397f9cd3054abe13ec006c227afe6746ee4ada310ff43761ec95510f736b8e542f136711d648642eecafe055975c57e
+AUX openvpn-2.1.conf 892 SHA256 330149a83684ddabe413d134d4c8efad4c88b18c2ab67165014deff5f7fffad2 SHA512 982ade883afbe2e656a9cbbe36c31c0e8b4f7bbbe5b63df9f7b834f02a9153032fb7445c85d3e91f62c68a7ddd13c3afbf420fb71cdd13d9c4b69f867bdd9f37 WHIRLPOOL 6ef644826e1e9e2a100e0fa20b5c9190e92c9e08a366dee28dccf3f70fa0593f3c4d271e42db3920630f03704aa2aef8e84d9efbb2b4b6a0d08e74bb340fb0a5
+AUX openvpn-2.1.init 4186 SHA256 d1b1f8a00935d77521bceb62535350444df3470fa45f4d33c3934051a1bb595b SHA512 7ecd0b4dc7341ea0df598752bec8ae6011bea7973ed9dbf17a12c308aed46362e1507fcb3a3bb26049619747f2f819deec1a42c6dce2c13d2a769f1e37735a2f WHIRLPOOL 9d34c438b7d9e45678e2aa48ab42a68b9e2801423688c6280cbb4934a8ef04cbf8a7953a061659f57fb02adf535596ac9313268c29e2dc18cffbf7315681da82
+AUX openvpn.init 1486 SHA256 c4b9e0899fa5ee0b90c5100da7711dc7a6a5658f10042b0feda9e7efb90a11cf SHA512 450595b9ec82ded74c26ed9f73182122e05f53655262a342b195dcedfe63a06a5d9927a3bbe50d0d04f810cc786ac3eb78843877f426c893e165b967bc8ac012 WHIRLPOOL e549221283b4b92c9ada312a746c4ad4c645493c1c844ddaddefecee4c31e17bd4bd8555618408e065c83143e157aaf7e75b44f01abe43f507835df2aa1149d3
+AUX openvpn.service 335 SHA256 a63a6e1505f2b3e20f2c82588dd0c23da9d8c750e1f36fec2ba20a8b5b0c9de1 SHA512 fbd41b80253aaae6750301ac95d8b3bf09e3a70556cc0513792c8e06faa70a716233d134d4928295f381f0f235fcde0eeac9cfa074924b6666a4b46ff7cf91a9 WHIRLPOOL 16f44d10ab03110a21a69716fbac2e64e5376426edd26783d7946d928dd0cc106810126436488843da8e16277d3aa83d208fe50c4aebd9cff86526ce1762b215
+AUX openvpn.tmpfile 39 SHA256 ef3453056a26487d27908d5ced124285403d8e88deb843fccdba9f6724966826 SHA512 659713b35eee340f2b6578796f4335dda391aa635892e802e3f2531f31c9470460b4e4b3be45457f81f3b08b7d60ce15d16f8d70b968fbf24f846ef5f8611a58 WHIRLPOOL 19e4611ffda68a99851921ccaf3a99d04350cd3e0d8833136da151119c267edc383ff96162aa47a2f77171ae908ad011e4119a7a18961ed0bddcbf38d997b976
+AUX up.sh 2865 SHA256 d887ee065261affd849227fa27e092cf66549d824a698f302312d15f787dd840 SHA512 35201b0e60ad20358080007e595eb4f96d186ba8e88f0485c55d164c28e3d78a12f3e09347ba3d76abb9b8b03fb4a53664bd74ab484be1548090022b956925fd WHIRLPOOL 8d25a66d192a6710466d149aec7a1719dfe91558205e8ba7e25b93e58869c8fedc96ba4ce2aedb0595b7e0b63299e6e41be1ba82c6b93ae6bbbb26d409c9bf51
+DIST openvpn-2.3.8.tar.gz 1214843 SHA256 532435eff61c14b44a583f27b72f93e7864e96c95fe51134ec0ad4b1b1107c51 SHA512 b619283d87eea2e47a2f0dfdbf0ffd1d10388fbdaadb33b43c7a2743748a4814f869fad6215d32fab156664d554ae94af456e7bf496890c68e6729b153d76db9 WHIRLPOOL 4868c735ca5e65b34f477457ea38eb6db45fae80563490d1e39ece9bf29b13976dd82d50d054da70c4ee146cb2e88e847bafc3f7ff47112d4494fa0f408d65d0
+EBUILD openvpn-2.3.8-r1.ebuild 4381 SHA256 2192986546297c598950830a4679bb4cce2c89095c1b638a777a1a7c78b59140 SHA512 ea1bf18b97897459bc7f8ae39d8f785b8b9e0cd9826ca934f955e4e566b4b835286a10c834dd1794ec1e9eeeac4f58b6c0f6f51bd7e253fc0140c7778fad8a42 WHIRLPOOL daa7b6e766df85f7ca940d6a18b3c119a1b9772ee2009065b023b71f35db56a35dabbb6041982220b4f951206c971a554dbc3ea0ac1bfe3353a6f5915bd66a2f
+MISC ChangeLog 5210 SHA256 c07b34e233cf871beb74436576e8e2ed35a3f697d019546c8d46704cc81fb8e4 SHA512 5dceca6859e3f9b52e0de28721bd6054d6b76fc46a0c10a9e0f2781f0f2b97d9c81279ce9bc8dabca8bef75f5698d9e1f1febcd6250a97e9e87bbd96e5917d96 WHIRLPOOL 1d3fb678aafdad476d302a2ff66d91a19209eff8a69946f8acb5d9f5d6bb25f4b15a7877d6d17f95e54cf1149bed73205b6f45408f29614b0e721e97e1ac61f5
+MISC ChangeLog-2015 45794 SHA256 5934bd3b7fb69833e6a786bff437d0322694e126d2448b3a72c771aff9888052 SHA512 66728563ecab8aabb1dc5ae24fb141a59573bc6e3bf8baa3a78d40dc4d5dc083a70ad76eef883f6efd968850aeece364d2534512ea00dc7ea349ef9e0d128afc WHIRLPOOL 60cd7cdce8fa00c525ba5814bd151fe043692b70cbdac13cec36644c7c695db3b7c24d444cbf3f6f38246e52c9b2f7e9f766fb13ec07196c40d038c881e9e340
+MISC metadata.xml 988 SHA256 f8d77075b01a7250cfe43ecc06a635ffabe022b9c59eff660a236aff040d84dc SHA512 986f7a5de176f45aeed2e03770cc6b8ac0f1a55f410127c6c7b666255e742a483393db5c85e32f78c2f5e683e8124c3d907acb151245c2a982e587a59e1a4f2c WHIRLPOOL 10e57141519cfeefb7bfa89f0c3a1f4fea64067f8245c123545c85a48934294f694e5d3e888959f215aeccfa97fb54e500b31d4163e76942d80c5d3a6aebdc5f
diff --git a/net-misc/openvpn/files/2.3.6-disable-compression.patch b/net-misc/openvpn/files/2.3.6-disable-compression.patch
new file mode 100644
index 0000000..d9d1c76
--- /dev/null
+++ b/net-misc/openvpn/files/2.3.6-disable-compression.patch
@@ -0,0 +1,18 @@
+https://community.openvpn.net/openvpn/changeset/5d5233778868ddd568140c394adfcfc8e3453245/
+
+--- openvpn-2.3.6/src/openvpn/ssl_openssl.c.orig 2014-11-29 23:00:35.000000000 +0800
++++ openvpn-2.3.6/src/openvpn/ssl_openssl.c 2015-01-12 21:14:30.186993686 +0800
+@@ -238,6 +238,13 @@
+ if (tls_ver_min > TLS_VER_1_2 || tls_ver_max < TLS_VER_1_2)
+ sslopt |= SSL_OP_NO_TLSv1_2;
+ #endif
++
++#ifdef SSL_OP_NO_COMPRESSION
++ msg (M_WARN, "[Workaround] disable SSL compression");
++ sslopt |= SSL_OP_NO_COMPRESSION;
++#endif
++
++
+ SSL_CTX_set_options (ctx->ctx, sslopt);
+ }
+
diff --git a/net-misc/openvpn/files/2.3.6-null-cipher.patch b/net-misc/openvpn/files/2.3.6-null-cipher.patch
new file mode 100644
index 0000000..1e831cf
--- /dev/null
+++ b/net-misc/openvpn/files/2.3.6-null-cipher.patch
@@ -0,0 +1,46 @@
+The "really fix cipher none" patch has been merged to release/2.3 and master:
+
+commit 785838614afc20d362b64907b0212e9a779e2287 (release/2.3)
+commit 98156e90e1e83133a6a6a020db8e7333ada6156b (master)
+
+diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h
+index 8749878..4e45df0 100644
+--- a/src/openvpn/crypto_backend.h
++++ b/src/openvpn/crypto_backend.h
+@@ -237,8 +237,7 @@ int cipher_kt_mode (const cipher_kt_t *cipher_kt);
+ *
+ * @return true iff the cipher is a CBC mode cipher.
+ */
+-bool cipher_kt_mode_cbc(const cipher_kt_t *cipher)
+- __attribute__((nonnull));
++bool cipher_kt_mode_cbc(const cipher_kt_t *cipher);
+
+ /**
+ * Check if the supplied cipher is a supported OFB or CFB mode cipher.
+@@ -247,8 +246,7 @@ bool cipher_kt_mode_cbc(const cipher_kt_t *cipher)
+ *
+ * @return true iff the cipher is a OFB or CFB mode cipher.
+ */
+-bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher)
+- __attribute__((nonnull));
++bool cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher);
+
+
+ /**
+diff --git a/tests/t_lpback.sh b/tests/t_lpback.sh
+index 8f88ad9..d7792cd 100755
+--- a/tests/t_lpback.sh
++++ b/tests/t_lpback.sh
+@@ -35,6 +35,9 @@ CIPHERS=$(${top_builddir}/src/openvpn/openvpn --show-ciphers | \
+ # GD, 2014-07-06 do not test RC5-* either (fails on NetBSD w/o libcrypto_rc5)
+ CIPHERS=$(echo "$CIPHERS" | egrep -v '^(DES-EDE3-CFB1|DES-CFB1|RC5-)' )
+
++# Also test cipher 'none'
++CIPHERS=${CIPHERS}$(printf "\nnone")
++
+ "${top_builddir}/src/openvpn/openvpn" --genkey --secret key.$$
+ set +e
+
+--
+1.9.1
+
diff --git a/net-misc/openvpn/files/2.3.6-vlan-support.patch b/net-misc/openvpn/files/2.3.6-vlan-support.patch
new file mode 100644
index 0000000..e06645d
--- /dev/null
+++ b/net-misc/openvpn/files/2.3.6-vlan-support.patch
@@ -0,0 +1,1005 @@
+diff --git a/configure.ac b/configure.ac
+index 9132468..5646af5 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -257,6 +257,12 @@ AC_ARG_ENABLE(
+ [enable_systemd="no"]
+ )
+
++AC_ARG_ENABLE(vlan-tagging,
++ [ --disable-vlan-tagging Disable support for 802.1Q-based VLAN tagging],
++ [VLAN_TAGGING="$enableval"],
++ [VLAN_TAGGING="yes"]
++)
++
+ AC_ARG_WITH(
+ [special-build],
+ [AS_HELP_STRING([--with-special-build=STRING], [specify special build string])],
+@@ -1160,6 +1166,10 @@ if test "${enable_plugin_auth_pam}" = "yes"; then
+ fi
+ fi
+
++if test "$VLAN_TAGGING" = "yes"; then
++ AC_DEFINE(ENABLE_VLAN_TAGGING, 1, [Enable 802.1Q-based VLAN tagging/untagging])
++fi
++
+ CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`"
+ AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings])
+
+diff --git a/doc/openvpn.8 b/doc/openvpn.8
+index a8c189c..e8e222a 100644
+--- a/doc/openvpn.8
++++ b/doc/openvpn.8
+@@ -3623,6 +3623,109 @@ connection is torn down.
+
+ Not implemented on Windows.
+ .\"*********************************************************
++.TP
++.B \-\-vlan\-tagging
++Turns the OpenVPN server instance into a switch that understands VLAN-tagging,
++based on IEEE 802.1Q.
++
++The tap device and each of the connecting clients is seen as a port of the
++switch. All client ports are in untagged mode and the tap device is
++VLAN-tagged, untagged or accepts both, depending on the
++.B \-\-vlan\-accept
++setting.
++
++Ethernet frames with a prepended 802.1Q tag are called "tagged". If the VLAN
++Identifier (VID) field in such a tag is non-zero, the frame is called
++"VLAN-tagged". If the VID is zero, but the Priority Control Point (PCP) field
++is non-zero, the frame is called "prio-tagged". If there is no 802.1Q tag, the
++frame is "untagged".
++
++Using the
++.B \-\-vlan\-pvid v
++option once per client, each port can be associated with a certain VID. Packets
++can only be distributed between ports with a matching VID. Therefore, clients
++with differing VIDs are completely separated from one-another, even if
++.B \-\-client-to-client
++is activated.
++
++The filtering of packets takes place in the OpenVPN server. Clients do not
++need support for VLAN tagging.
++
++The
++.B \-\-vlan\-tagging
++option is off by default. While turned off, OpenVPN
++does no parsing and accepts any Ethernet frames.
++
++The option can only be activated in
++.B \-\-dev tap
++mode.
++
++.\"*********************************************************
++.TP
++.B \-\-vlan\-accept all | tagged | untagged
++Allows the tap device's VLAN tagging policy to be configured. You can choose
++between the following modes:
++
++.B all
++(default) -- Admit all frames.
++.br
++.B tagged
++-- Admit only VLAN-tagged frames.
++.br
++.B untagged
++-- Admit only untagged and priority-tagged frames.
++
++(Note: Some vendors refer to switch ports running in
++.B tagged
++mode as "trunk ports" and switch ports running in
++.B untagged
++mode as "access ports".)
++
++Incoming untagged or priority-tagged packets from clients are assigned with the
++client's Port VLAN Identifier (PVID) as their VID. In
++.B untagged
++mode, incoming untagged or priority-tagged packets on the tap device are
++associated with the global
++.B \-\-vlan\-pvid
++setting. In
++.B tagged
++mode, any incoming untagged or priority-tagged packets are dropped. For
++VLAN-tagged packets, any priority information is lost as soon as the
++VLAN-tagging is removed.
++
++In
++.B tagged
++mode, packets going out through the tap device are VLAN-tagged with the
++originating client's VID.
++
++In
++.B all
++mode, incoming tagged packets are handled the same way as in
++.B tagged
++mode. Incoming untagged packets are handled as in
++.B untagged
++mode. Outgoing packets are tagged, unless the VID matches the global PVID, in
++which case the packets go out untagged.
++.\"*********************************************************
++.TP
++.B \-\-vlan\-pvid v
++Specifies which VLAN identifier a "port" is associated with. Not valid without
++\fB\-\-vlan\-tagging\fR.
++
++In client context, the setting specifies which VLAN identifier a client is
++associated with. In global context, the tap device's VLAN identifier is set.
++The latter only makes sense in
++.B \-\-vlan\-accept untagged
++and
++.B \-\-vlan\-accept all
++mode.
++
++Valid values for
++.B v
++go from 1 through to 4094. Defaults to 1.
++
++In some switch implementations, the PVID is also referred to as "Native VLAN".
++.\"*********************************************************
+ .SS Client Mode
+ Use client mode when connecting to an OpenVPN server
+ which has
+diff --git a/src/openvpn/errlevel.h b/src/openvpn/errlevel.h
+index 3ee4ebc..2ebec47 100644
+--- a/src/openvpn/errlevel.h
++++ b/src/openvpn/errlevel.h
+@@ -149,6 +149,8 @@
+ #define D_PF_DROPPED_BCAST LOGLEV(7, 71, M_DEBUG) /* packet filter dropped a broadcast packet */
+ #define D_PF_DEBUG LOGLEV(7, 72, M_DEBUG) /* packet filter debugging, must also define PF_DEBUG in pf.h */
+
++#define D_VLAN_DEBUG LOGLEV(7, 72, M_DEBUG) /* show VLAN tagging/untagging debug info */
++
+ #define D_HANDSHAKE_VERBOSE LOGLEV(8, 70, M_DEBUG) /* show detailed description of each handshake */
+ #define D_TLS_DEBUG_MED LOGLEV(8, 70, M_DEBUG) /* limited info from tls_session routines */
+ #define D_INTERVAL LOGLEV(8, 70, M_DEBUG) /* show interval.h debugging info */
+diff --git a/src/openvpn/mroute.c b/src/openvpn/mroute.c
+index ba4ef46..dc9183b 100644
+--- a/src/openvpn/mroute.c
++++ b/src/openvpn/mroute.c
+@@ -210,12 +210,28 @@ mroute_extract_addr_ipv4 (struct mroute_addr *src,
+ return ret;
+ }
+
++static void mroute_copy_ether_to_addr(struct mroute_addr *maddr,
++ const uint8_t *eth_addr,
++ uint16_t vid)
++{
++ maddr->type = MR_ADDR_ETHER;
++ maddr->netbits = 0;
++ memcpy (maddr->addr, eth_addr, 6);
++#ifdef ENABLE_VLAN_TAGGING
++ maddr->len = 8;
++ memcpy (maddr->addr + 6, &vid, 2);
++#else
++ maddr->len = 6;
++#endif
++}
++
+ unsigned int
+ mroute_extract_addr_ether (struct mroute_addr *src,
+ struct mroute_addr *dest,
+ struct mroute_addr *esrc,
+ struct mroute_addr *edest,
+- const struct buffer *buf)
++ const struct buffer *buf,
++ uint16_t vid)
+ {
+ unsigned int ret = 0;
+ if (BLEN (buf) >= (int) sizeof (struct openvpn_ethhdr))
+@@ -223,17 +239,11 @@ mroute_extract_addr_ether (struct mroute_addr *src,
+ const struct openvpn_ethhdr *eth = (const struct openvpn_ethhdr *) BPTR (buf);
+ if (src)
+ {
+- src->type = MR_ADDR_ETHER;
+- src->netbits = 0;
+- src->len = 6;
+- memcpy (src->addr, eth->source, 6);
++ mroute_copy_ether_to_addr(src, eth->source, vid);
+ }
+ if (dest)
+ {
+- dest->type = MR_ADDR_ETHER;
+- dest->netbits = 0;
+- dest->len = 6;
+- memcpy (dest->addr, eth->dest, 6);
++ mroute_copy_ether_to_addr(dest, eth->dest, vid);
+
+ /* ethernet broadcast/multicast packet? */
+ if (is_mac_mcast_addr (eth->dest))
+@@ -248,7 +258,16 @@ mroute_extract_addr_ether (struct mroute_addr *src,
+ struct buffer b = *buf;
+ if (buf_advance (&b, sizeof (struct openvpn_ethhdr)))
+ {
+- switch (ntohs (eth->proto))
++ uint16_t proto = ntohs (eth->proto);
++ if (proto == OPENVPN_ETH_P_8021Q &&
++ BLEN (buf) >= (int) sizeof (struct openvpn_8021qhdr))
++ {
++ const struct openvpn_8021qhdr *tag = (const struct openvpn_8021qhdr *) BPTR (buf);
++ proto = ntohs (tag->proto);
++ buf_advance (&b, SIZE_ETH_TO_8021Q_HDR);
++ }
++
++ switch (proto)
+ {
+ case OPENVPN_ETH_P_IPV4:
+ ret |= (mroute_extract_addr_ipv4 (esrc, edest, &b) << MROUTE_SEC_SHIFT);
+@@ -391,6 +410,9 @@ mroute_addr_print_ex (const struct mroute_addr *ma,
+ {
+ case MR_ADDR_ETHER:
+ buf_printf (&out, "%s", format_hex_ex (ma->addr, 6, 0, 1, ":", gc));
++#ifdef ENABLE_VLAN_TAGGING
++ buf_printf (&out, "@%u", *(uint16_t*)(ma->addr + 6));
++#endif
+ break;
+ case MR_ADDR_IPV4:
+ {
+diff --git a/src/openvpn/mroute.h b/src/openvpn/mroute.h
+index 608f70b..175dd2a 100644
+--- a/src/openvpn/mroute.h
++++ b/src/openvpn/mroute.h
+@@ -138,7 +138,8 @@ mroute_extract_addr_from_packet (struct mroute_addr *src,
+ struct mroute_addr *esrc,
+ struct mroute_addr *edest,
+ const struct buffer *buf,
+- int tunnel_type)
++ int tunnel_type,
++ uint16_t vid)
+ {
+ unsigned int mroute_extract_addr_ipv4 (struct mroute_addr *src,
+ struct mroute_addr *dest,
+@@ -148,13 +149,14 @@ mroute_extract_addr_from_packet (struct mroute_addr *src,
+ struct mroute_addr *dest,
+ struct mroute_addr *esrc,
+ struct mroute_addr *edest,
+- const struct buffer *buf);
++ const struct buffer *buf,
++ uint16_t vid);
+ unsigned int ret = 0;
+ verify_align_4 (buf);
+ if (tunnel_type == DEV_TYPE_TUN)
+ ret = mroute_extract_addr_ipv4 (src, dest, buf);
+ else if (tunnel_type == DEV_TYPE_TAP)
+- ret = mroute_extract_addr_ether (src, dest, esrc, edest, buf);
++ ret = mroute_extract_addr_ether (src, dest, esrc, edest, buf, vid);
+ return ret;
+ }
+
+diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
+index 6ddfbb5..36a86a5 100644
+--- a/src/openvpn/multi.c
++++ b/src/openvpn/multi.c
+@@ -6,6 +6,7 @@
+ * packet compression.
+ *
+ * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
++ * Copyright (C) 2010 Fabian Knittel <fabian.knittel@lettink.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+@@ -1956,7 +1957,8 @@ static void
+ multi_bcast (struct multi_context *m,
+ const struct buffer *buf,
+ const struct multi_instance *sender_instance,
+- const struct mroute_addr *sender_addr)
++ const struct mroute_addr *sender_addr,
++ uint16_t vid)
+ {
+ struct hash_iterator hi;
+ struct hash_element *he;
+@@ -2001,6 +2003,10 @@ multi_bcast (struct multi_context *m,
+ }
+ }
+ #endif
++#ifdef ENABLE_VLAN_TAGGING
++ if (vid != 0 && vid != mi->context.options.vlan_pvid)
++ continue;
++#endif
+ multi_add_mbuf (m, mi, mb);
+ }
+ }
+@@ -2179,6 +2185,37 @@ done:
+ gc_free (&gc);
+ }
+
++#ifdef ENABLE_VLAN_TAGGING
++/*
++ * Decides whether or not to drop an ethernet frame. VLAN-tagged frames are
++ * dropped. All other frames are accepted.
++ *
++ * @param buf The ethernet frame.
++ * @return Returns true if the frame should be dropped, false otherwise.
++ */
++static bool
++buf_filter_incoming_8021q_vlan_tag (const struct buffer *buf)
++{
++ const struct openvpn_8021qhdr *vlanhdr;
++ uint16_t vid;
++
++ if (BLEN (buf) < (int) sizeof (struct openvpn_8021qhdr))
++ return false; /* Frame too small. */
++
++ vlanhdr = (const struct openvpn_8021qhdr *) BPTR (buf);
++
++ if (ntohs (vlanhdr->tpid) != OPENVPN_ETH_P_8021Q)
++ return false; /* Frame is untagged. */
++
++ vid = vlanhdr_get_vid (vlanhdr);
++ if (vid == 0)
++ return false; /* Frame only priority-tagged. */
++
++ msg (D_VLAN_DEBUG, "dropping VLAN-tagged incoming frame, vid: %u", vid);
++ return true;
++}
++#endif
++
+ /*
+ * Process packets in the TCP/UDP socket -> TUN/TAP interface direction,
+ * i.e. client -> server direction.
+@@ -2254,7 +2291,8 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins
+ NULL,
+ NULL,
+ &c->c2.to_tun,
+- DEV_TYPE_TUN);
++ DEV_TYPE_TUN,
++ 0);
+
+ /* drop packet if extract failed */
+ if (!(mroute_flags & MROUTE_EXTRACT_SUCCEEDED))
+@@ -2284,7 +2322,7 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins
+ if (mroute_flags & MROUTE_EXTRACT_MCAST)
+ {
+ /* for now, treat multicast as broadcast */
+- multi_bcast (m, &c->c2.to_tun, m->pending, NULL);
++ multi_bcast (m, &c->c2.to_tun, m->pending, NULL, 0);
+ }
+ else /* possible client to client routing */
+ {
+@@ -2321,10 +2359,27 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins
+ }
+ else if (TUNNEL_TYPE (m->top.c1.tuntap) == DEV_TYPE_TAP)
+ {
++#ifdef ENABLE_VLAN_TAGGING
++ uint16_t vid = 0;
++#else
++ const uint16_t vid = 0;
++#endif
+ #ifdef ENABLE_PF
+ struct mroute_addr edest;
+ mroute_addr_reset (&edest);
+ #endif
++#ifdef ENABLE_VLAN_TAGGING
++ if (m->top.options.vlan_tagging)
++ {
++ if (buf_filter_incoming_8021q_vlan_tag (&c->c2.to_tun))
++ {
++ /* Drop VLAN-tagged frame. */
++ c->c2.to_tun.len = 0;
++ }
++ else
++ vid = c->options.vlan_pvid;
++ }
++#endif
+ /* extract packet source and dest addresses */
+ mroute_flags = mroute_extract_addr_from_packet (&src,
+ &dest,
+@@ -2335,7 +2390,8 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins
+ NULL,
+ #endif
+ &c->c2.to_tun,
+- DEV_TYPE_TAP);
++ DEV_TYPE_TAP,
++ vid);
+
+ if (mroute_flags & MROUTE_EXTRACT_SUCCEEDED)
+ {
+@@ -2346,7 +2402,7 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins
+ {
+ if (mroute_flags & (MROUTE_EXTRACT_BCAST|MROUTE_EXTRACT_MCAST))
+ {
+- multi_bcast (m, &c->c2.to_tun, m->pending, NULL);
++ multi_bcast (m, &c->c2.to_tun, m->pending, NULL, vid);
+ }
+ else /* try client-to-client routing */
+ {
+@@ -2404,6 +2460,165 @@ multi_process_incoming_link (struct multi_context *m, struct multi_instance *ins
+ return ret;
+ }
+
++#ifdef ENABLE_VLAN_TAGGING
++/*
++ * For vlan_accept == VAF_ONLY_UNTAGGED_OR_PRIORITY:
++ * Only untagged frames and frames that are priority-tagged (VID == 0) are
++ * accepted. (This means that VLAN-tagged frames are dropped.) For frames
++ * that aren't dropped, the global vlan_pvid is returned as VID.
++ *
++ * For vlan_accept == VAF_ONLY_VLAN_TAGGED:
++ * If a frame is VLAN-tagged the tagging is removed and the embedded VID is
++ * returned. Any included priority information is lost.
++ * If a frame isn't VLAN-tagged, the frame is dropped.
++ *
++ * For vlan_accept == VAF_ALL:
++ * Accepts both VLAN-tagged and untagged (or priority-tagged) frames and
++ * and handles them as described above.
++ *
++ * @param c The global context.
++ * @param buf The ethernet frame.
++ * @return Returns -1 if the frame is dropped or the VID if it is accepted.
++ */
++static int16_t
++multi_remove_8021q_vlan_tag (const struct context *c, struct buffer *buf)
++{
++ struct openvpn_ethhdr eth;
++ struct openvpn_8021qhdr vlanhdr;
++ uint16_t vid;
++ uint16_t pcp;
++
++ if (BLEN (buf) < (sizeof (struct openvpn_8021qhdr)))
++ goto drop;
++
++ vlanhdr = *(const struct openvpn_8021qhdr *) BPTR (buf);
++
++ if (ntohs (vlanhdr.tpid) != OPENVPN_ETH_P_8021Q)
++ {
++ /* Untagged frame. */
++
++ if (c->options.vlan_accept == VAF_ONLY_VLAN_TAGGED)
++ {
++ /* We only accept vlan-tagged frames, so drop frames without vlan-tag
++ */
++ msg (D_VLAN_DEBUG, "dropping frame without vlan-tag (proto/len 0x%04x)",
++ ntohs (vlanhdr.tpid));
++ goto drop;
++ }
++
++ msg (D_VLAN_DEBUG, "assuming pvid for frame without vlan-tag, pvid: %u (proto/len 0x%04x)",
++ c->options.vlan_pvid, ntohs (vlanhdr.tpid));
++ /* We return the global PVID as the VID for the untagged frame. */
++ return c->options.vlan_pvid;
++ }
++
++ /* Tagged frame. */
++
++ vid = vlanhdr_get_vid (&vlanhdr);
++ pcp = vlanhdr_get_pcp (&vlanhdr);
++
++ if (c->options.vlan_accept == VAF_ONLY_UNTAGGED_OR_PRIORITY)
++ {
++ /* We only accept untagged / prio-tagged frames.
++ */
++
++ if (vid != 0)
++ {
++ /* VLAN-tagged frame - which isn't acceptable here - so drop it. */
++ msg (D_VLAN_DEBUG, "dropping frame with vlan-tag, vid: %u (proto/len 0x%04x)",
++ vid, ntohs (vlanhdr.proto));
++ goto drop;
++ }
++
++ /* Fall-through for prio-tagged frames. */
++ }
++
++ /* At this point the frame is acceptable to us. It may be prio-tagged and/or
++ VLAN-tagged. */
++
++ if (vid != 0)
++ {
++ /* VLAN-tagged frame. Strip the tagging. Any priority information is lost. */
++
++ msg (D_VLAN_DEBUG, "removing vlan-tag from frame: vid: %u, wrapped proto/len: 0x%04x",
++ vid, ntohs (vlanhdr.proto));
++ memcpy (ð, &vlanhdr, sizeof (eth));
++ eth.proto = vlanhdr.proto;
++
++ buf_advance (buf, SIZE_ETH_TO_8021Q_HDR);
++ memcpy (BPTR (buf), ð, sizeof eth);
++
++ return vid;
++ }
++ else
++ {
++ /* Prio-tagged frame. We assume that the sender knows what it's doing and
++ don't stript the tagging. */
++
++ /* We return the global PVID as the VID for the priority-tagged frame. */
++ return c->options.vlan_pvid;
++ }
++drop:
++ /* Drop the frame. */
++ buf->len = 0;
++ return -1;
++}
++
++/*
++ * Adds VLAN tagging to a frame. Assumes vlan_accept == VAF_ONLY_VLAN_TAGGED
++ * or VAF_ALL and a matching PVID.
++ */
++void
++multi_prepend_8021q_vlan_tag (const struct context *c, struct buffer *buf)
++{
++ struct openvpn_ethhdr eth;
++ struct openvpn_8021qhdr *vlanhdr;
++
++ /* Frame too small? */
++ if (BLEN (buf) < (int) sizeof (struct openvpn_ethhdr))
++ goto drop;
++
++ eth = *(const struct openvpn_ethhdr *) BPTR (buf);
++ if (ntohs (eth.proto) == OPENVPN_ETH_P_8021Q)
++ {
++ /* Priority-tagged frame. (VLAN-tagged frames couldn't have reached us
++ here.) */
++
++ /* Frame too small for header type? */
++ if (BLEN (buf) < (int) (sizeof (struct openvpn_8021qhdr)))
++ goto drop;
++
++ vlanhdr = (struct openvpn_8021qhdr *) BPTR (buf);
++ }
++ else
++ {
++ /* Untagged frame. */
++
++ /* Not enough head room for VLAN tag? */
++ if (buf_reverse_capacity (buf) < SIZE_ETH_TO_8021Q_HDR)
++ goto drop;
++
++ vlanhdr = (struct openvpn_8021qhdr *) buf_prepend (buf, SIZE_ETH_TO_8021Q_HDR);
++
++ /* Initialise VLAN-tag ... */
++ memcpy (vlanhdr, ð, sizeof eth);
++ vlanhdr->tpid = htons (OPENVPN_ETH_P_8021Q);
++ vlanhdr->proto = eth.proto;
++ vlanhdr_set_pcp (vlanhdr, 0);
++ vlanhdr_set_cfi (vlanhdr, 0);
++ }
++
++ vlanhdr_set_vid (vlanhdr, c->options.vlan_pvid);
++
++ msg (D_VLAN_DEBUG, "tagging frame: vid %u (wrapping proto/len: %04x)",
++ c->options.vlan_pvid, vlanhdr->proto);
++ return;
++drop:
++ /* Drop the frame. */
++ buf->len = 0;
++}
++#endif /* ENABLE_VLAN_TAGGING */
++
+ /*
+ * Process packets in the TUN/TAP interface -> TCP/UDP socket direction,
+ * i.e. server -> client direction.
+@@ -2419,6 +2634,11 @@ multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flag
+ unsigned int mroute_flags;
+ struct mroute_addr src, dest;
+ const int dev_type = TUNNEL_TYPE (m->top.c1.tuntap);
++#ifdef ENABLE_VLAN_TAGGING
++ int16_t vid = 0;
++#else
++ const int16_t vid = 0;
++#endif
+
+ #ifdef ENABLE_PF
+ struct mroute_addr esrc, *e1, *e2;
+@@ -2446,6 +2666,15 @@ multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flag
+ * the appropriate multi_instance object.
+ */
+
++#ifdef ENABLE_VLAN_TAGGING
++ if (dev_type == DEV_TYPE_TAP && m->top.options.vlan_tagging)
++ {
++ if ((vid = multi_remove_8021q_vlan_tag (&m->top,
++ &m->top.c2.buf)) == -1)
++ return false;
++ }
++#endif
++
+ mroute_flags = mroute_extract_addr_from_packet (&src,
+ &dest,
+ #ifdef ENABLE_PF
+@@ -2455,7 +2684,8 @@ multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flag
+ #endif
+ NULL,
+ &m->top.c2.buf,
+- dev_type);
++ dev_type,
++ vid);
+
+ if (mroute_flags & MROUTE_EXTRACT_SUCCEEDED)
+ {
+@@ -2466,9 +2696,9 @@ multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flag
+ {
+ /* for now, treat multicast as broadcast */
+ #ifdef ENABLE_PF
+- multi_bcast (m, &m->top.c2.buf, NULL, e2);
++ multi_bcast (m, &m->top.c2.buf, NULL, e2, vid);
+ #else
+- multi_bcast (m, &m->top.c2.buf, NULL, NULL);
++ multi_bcast (m, &m->top.c2.buf, NULL, NULL, vid);
+ #endif
+ }
+ else
+@@ -2637,7 +2867,7 @@ gremlin_flood_clients (struct multi_context *m)
+ ASSERT (buf_write_u8 (&buf, get_random () & 0xFF));
+
+ for (i = 0; i < parm.n_packets; ++i)
+- multi_bcast (m, &buf, NULL, NULL);
++ multi_bcast (m, &buf, NULL, NULL, 0);
+
+ gc_free (&gc);
+ }
+diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h
+index 32b89d2..10151e4 100644
+--- a/src/openvpn/multi.h
++++ b/src/openvpn/multi.h
+@@ -555,6 +555,10 @@ multi_get_timeout (struct multi_context *m, struct timeval *dest)
+ static inline bool
+ multi_process_outgoing_tun (struct multi_context *m, const unsigned int mpp_flags)
+ {
++#ifdef ENABLE_VLAN_TAGGING
++ void multi_prepend_8021q_vlan_tag (const struct context *c,
++ struct buffer *buf);
++#endif
+ struct multi_instance *mi = m->pending;
+ bool ret = true;
+
+@@ -565,6 +569,35 @@ multi_process_outgoing_tun (struct multi_context *m, const unsigned int mpp_flag
+ mi->context.c2.to_tun.len);
+ #endif
+ set_prefix (mi);
++#ifdef ENABLE_VLAN_TAGGING
++ if (m->top.options.vlan_accept == VAF_ONLY_UNTAGGED_OR_PRIORITY)
++ {
++ /* Packets aren't VLAN-tagged on the tap device. */
++
++ if (m->top.options.vlan_pvid != mi->context.options.vlan_pvid)
++ {
++ /* Packet is coming from the wrong VID, drop it. */
++ mi->context.c2.to_tun.len = 0;
++ }
++ }
++ else if (m->top.options.vlan_accept == VAF_ALL)
++ {
++ /* Packets either need to be VLAN-tagged or not, depending on the
++ packet's originating VID and the port's native VID (PVID). */
++
++ if (m->top.options.vlan_pvid != mi->context.options.vlan_pvid)
++ {
++ /* Packets need to be VLAN-tagged, because the packet's VID does not
++ match the port's PVID. */
++ multi_prepend_8021q_vlan_tag (&mi->context, &mi->context.c2.to_tun);
++ }
++ }
++ else if (m->top.options.vlan_accept == VAF_ONLY_VLAN_TAGGED)
++ {
++ /* All packets on the port (the tap device) need to be VLAN-tagged. */
++ multi_prepend_8021q_vlan_tag (&mi->context, &mi->context.c2.to_tun);
++ }
++#endif
+ process_outgoing_tun (&mi->context);
+ ret = multi_process_post (m, mi, mpp_flags);
+ clear_prefix ();
+diff --git a/src/openvpn/options.c b/src/openvpn/options.c
+index 4ea03d1..c0baf63 100644
+--- a/src/openvpn/options.c
++++ b/src/openvpn/options.c
+@@ -476,6 +476,11 @@ static const char usage_message[] =
+ " sessions to a web server at host:port. dir specifies an\n"
+ " optional directory to write origin IP:port data.\n"
+ #endif
++#ifdef ENABLE_VLAN_TAGGING
++ "--vlan-tagging : Enable 802.1Q-based VLAN tagging.\n"
++ "--vlan-accept tagged|untagged|all : Set VLAN tagging mode. Default is 'all'.\n"
++ "--vlan-pvid v : Sets the Port VLAN Identifier. Defaults to 1.\n"
++#endif
+ #endif
+ "\n"
+ "Client options (when connecting to a multi-client server):\n"
+@@ -845,6 +850,10 @@ init_options (struct options *o, const bool init_gc)
+ #ifdef ENABLE_PKCS11
+ o->pkcs11_pin_cache_period = -1;
+ #endif /* ENABLE_PKCS11 */
++#ifdef ENABLE_VLAN_TAGGING
++ o->vlan_accept = VAF_ALL;
++ o->vlan_pvid = 1;
++#endif
+
+ /* tmp is only used in P2MP server context */
+ #if P2MP_SERVER
+@@ -1139,6 +1148,23 @@ dhcp_option_address_parse (const char *name, const char *parm, in_addr_t *array,
+
+ #endif
+
++#ifdef ENABLE_VLAN_TAGGING
++static const char *
++print_vlan_accept (enum vlan_acceptable_frames mode)
++{
++ switch (mode)
++ {
++ case VAF_ONLY_VLAN_TAGGED:
++ return "tagged";
++ case VAF_ONLY_UNTAGGED_OR_PRIORITY:
++ return "untagged";
++ case VAF_ALL:
++ return "all";
++ }
++ return NULL;
++}
++#endif
++
+ #if P2MP
+
+ #ifndef ENABLE_SMALL
+@@ -1204,6 +1230,11 @@ show_p2mp_parms (const struct options *o)
+ SHOW_STR (port_share_host);
+ SHOW_STR (port_share_port);
+ #endif
++#ifdef ENABLE_VLAN_TAGGING
++ SHOW_BOOL (vlan_tagging);
++ msg (D_SHOW_PARMS, " vlan_accept = %s", print_vlan_accept (o->vlan_accept));
++ SHOW_INT (vlan_pvid);
++#endif
+ #endif /* P2MP_SERVER */
+
+ SHOW_BOOL (client);
+@@ -2058,6 +2089,17 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
+ if ((options->ssl_flags & SSLF_AUTH_USER_PASS_OPTIONAL) && !ccnr)
+ msg (M_USAGE, "--auth-user-pass-optional %s", postfix);
+ }
++#ifdef ENABLE_VLAN_TAGGING
++ if (options->vlan_tagging && dev != DEV_TYPE_TAP)
++ msg (M_USAGE, "--vlan-tagging must be used with --dev tap");
++ if (!options->vlan_tagging)
++ {
++ if (options->vlan_accept != defaults.vlan_accept)
++ msg (M_USAGE, "--vlan-accept requires --vlan-tagging");
++ if (options->vlan_pvid != defaults.vlan_pvid)
++ msg (M_USAGE, "--vlan-pvid requires --vlan-tagging");
++ }
++#endif
+ }
+ else
+ {
+@@ -2104,6 +2146,10 @@ options_postprocess_verify_ce (const struct options *options, const struct conne
+ if (options->port_share_host || options->port_share_port)
+ msg (M_USAGE, "--port-share requires TCP server mode (--mode server --proto tcp-server)");
+ #endif
++#ifdef ENABLE_VLAN_TAGGING
++ if (options->vlan_tagging)
++ msg (M_USAGE, "--vlan-tagging requires --mode server");
++#endif
+
+ if (options->stale_routes_check_interval)
+ msg (M_USAGE, "--stale-routes-check requires --mode server");
+@@ -7023,6 +7069,45 @@ add_option (struct options *options,
+ options->use_peer_id = true;
+ options->peer_id = atoi(p[1]);
+ }
++#ifdef ENABLE_VLAN_TAGGING
++ else if (streq (p[0], "vlan-tagging"))
++ {
++ VERIFY_PERMISSION (OPT_P_GENERAL);
++ options->vlan_tagging = true;
++ }
++ else if (streq (p[0], "vlan-accept") && p[1])
++ {
++ VERIFY_PERMISSION (OPT_P_GENERAL);
++ if (streq (p[1], "tagged"))
++ {
++ options->vlan_accept = VAF_ONLY_VLAN_TAGGED;
++ }
++ else if (streq (p[1], "untagged"))
++ {
++ options->vlan_accept = VAF_ONLY_UNTAGGED_OR_PRIORITY;
++ }
++ else if (streq (p[1], "all"))
++ {
++ options->vlan_accept = VAF_ALL;
++ }
++ else
++ {
++ msg (msglevel, "--vlan-accept must be 'tagged', 'untagged' or 'all'");
++ goto err;
++ }
++ }
++ else if (streq (p[0], "vlan-pvid") && p[1])
++ {
++ VERIFY_PERMISSION (OPT_P_GENERAL|OPT_P_INSTANCE);
++ options->vlan_pvid = positive_atoi (p[1]);
++ if (options->vlan_pvid < OPENVPN_8021Q_MIN_VID ||
++ options->vlan_pvid > OPENVPN_8021Q_MAX_VID)
++ {
++ msg (msglevel, "the parameter of --vlan-pvid parameters must be >= %u and <= %u", OPENVPN_8021Q_MIN_VID, OPENVPN_8021Q_MAX_VID);
++ goto err;
++ }
++ }
++#endif
+ else
+ {
+ int i;
+diff --git a/src/openvpn/options.h b/src/openvpn/options.h
+index 7a8b21e..35fa6b1 100644
+--- a/src/openvpn/options.h
++++ b/src/openvpn/options.h
+@@ -159,6 +159,15 @@ struct remote_list
+ struct remote_entry *array[CONNECTION_LIST_SIZE];
+ };
+
++#ifdef ENABLE_VLAN_TAGGING
++enum vlan_acceptable_frames
++{
++ VAF_ONLY_VLAN_TAGGED,
++ VAF_ONLY_UNTAGGED_OR_PRIORITY,
++ VAF_ALL,
++};
++#endif
++
+ struct remote_host_store
+ {
+ # define RH_HOST_LEN 80
+@@ -597,6 +606,12 @@ struct options
+
+ bool use_peer_id;
+ uint32_t peer_id;
++
++#ifdef ENABLE_VLAN_TAGGING
++ bool vlan_tagging;
++ enum vlan_acceptable_frames vlan_accept;
++ uint16_t vlan_pvid;
++#endif
+ };
+
+ #define streq(x, y) (!strcmp((x), (y)))
+diff --git a/src/openvpn/proto.c b/src/openvpn/proto.c
+index 7b58e6a..2921a6e 100644
+--- a/src/openvpn/proto.c
++++ b/src/openvpn/proto.c
+@@ -60,9 +60,22 @@ is_ipv_X ( int tunnel_type, struct buffer *buf, int ip_ver )
+ + sizeof (struct openvpn_iphdr)))
+ return false;
+ eh = (const struct openvpn_ethhdr *) BPTR (buf);
+- if (ntohs (eh->proto) != (ip_ver == 6 ? OPENVPN_ETH_P_IPV6 : OPENVPN_ETH_P_IPV4))
+- return false;
+- offset = sizeof (struct openvpn_ethhdr);
++ if (ntohs (eh->proto) == OPENVPN_ETH_P_8021Q) {
++ const struct openvpn_8021qhdr *evh;
++ if (BLEN (buf) < (int)(sizeof (struct openvpn_8021qhdr)
++ + sizeof (struct openvpn_iphdr)))
++ return false;
++ evh = (const struct openvpn_8021qhdr *) BPTR (buf);
++ if (ntohs (evh->proto) !=
++ (ip_ver == 6 ? OPENVPN_ETH_P_IPV6 : OPENVPN_ETH_P_IPV4))
++ return false;
++ else
++ offset = sizeof (struct openvpn_8021qhdr);
++ } else if (ntohs (eh->proto) !=
++ (ip_ver == 6 ? OPENVPN_ETH_P_IPV6 : OPENVPN_ETH_P_IPV4))
++ return false;
++ else
++ offset = sizeof (struct openvpn_ethhdr);
+ }
+ else
+ return false;
+diff --git a/src/openvpn/proto.h b/src/openvpn/proto.h
+index f91e787..45e885f 100644
+--- a/src/openvpn/proto.h
++++ b/src/openvpn/proto.h
+@@ -6,6 +6,7 @@
+ * packet compression.
+ *
+ * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
++ * Copyright (C) 2010 Fabian Knittel <fabian.knittel@lettink.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+@@ -61,9 +62,29 @@ struct openvpn_ethhdr
+ # define OPENVPN_ETH_P_IPV4 0x0800 /* IPv4 protocol */
+ # define OPENVPN_ETH_P_IPV6 0x86DD /* IPv6 protocol */
+ # define OPENVPN_ETH_P_ARP 0x0806 /* ARP protocol */
++# define OPENVPN_ETH_P_8021Q 0x8100 /* 802.1Q protocol */
+ uint16_t proto; /* packet type ID field */
+ };
+
++struct openvpn_8021qhdr
++{
++ uint8_t dest[OPENVPN_ETH_ALEN]; /* destination ethernet addr */
++ uint8_t source[OPENVPN_ETH_ALEN]; /* source ethernet addr */
++
++ uint16_t tpid; /* 802.1Q Tag Protocol Identifier */
++# define OPENVPN_8021Q_MASK_VID htons (0x0FFF) /* mask VID out of pcp_cfi_vid */
++# define OPENVPN_8021Q_MASK_PCP htons (0xE000) /* mask PCP out of pcp_cfi_vid */
++# define OPENVPN_8021Q_MASK_CFI htons (0x1000) /* mask CFI out of pcp_cfi_vid */
++ uint16_t pcp_cfi_vid; /* bit fields, see IEEE 802.1Q */
++ uint16_t proto; /* contained packet type ID field */
++};
++
++/*
++ * Size difference between a regular Ethernet II header and an Ethernet II
++ * header with additional IEEE 802.1Q tagging.
++ */
++#define SIZE_ETH_TO_8021Q_HDR (sizeof (struct openvpn_8021qhdr) - sizeof (struct openvpn_ethhdr))
++
+ struct openvpn_arp {
+ # define ARP_MAC_ADDR_TYPE 0x0001
+ uint16_t mac_addr_type; /* 0x0001 */
+@@ -234,4 +255,80 @@ void ipv4_packet_size_verify (const uint8_t *data,
+ counter_type *errors);
+ #endif
+
++#ifdef ENABLE_VLAN_TAGGING
++# define OPENVPN_8021Q_MIN_VID 1
++# define OPENVPN_8021Q_MAX_VID 4094
++
++/*
++ * Retrieve the Priority Code Point (PCP) from the IEEE 802.1Q header.
++ *
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging.
++ * @return Returns the PCP in host byte order.
++ */
++static inline uint16_t
++vlanhdr_get_pcp (const struct openvpn_8021qhdr *hdr)
++{
++ return ntohs (hdr->pcp_cfi_vid & OPENVPN_8021Q_MASK_PCP);
++}
++/*
++ * Retrieve the Canonical Format Indicator (CFI) from the IEEE 802.1Q header.
++ *
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging.
++ * @return Returns the CFI in host byte order.
++ */
++static inline uint16_t
++vlanhdr_get_cfi (const struct openvpn_8021qhdr *hdr)
++{
++ return ntohs (hdr->pcp_cfi_vid & OPENVPN_8021Q_MASK_CFI);
++}
++/*
++ * Retrieve the VLAN Identifier (VID) from the IEEE 802.1Q header.
++ *
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging.
++ * @return Returns the VID in host byte order.
++ */
++static inline uint16_t
++vlanhdr_get_vid (const struct openvpn_8021qhdr *hdr)
++{
++ return ntohs (hdr->pcp_cfi_vid & OPENVPN_8021Q_MASK_VID);
++}
++
++/*
++ * Set the Priority Code Point (PCP) in an IEEE 802.1Q header.
++ *
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging.
++ * @param pcp The PCP to set (in host byte order).
++ */
++static inline void
++vlanhdr_set_pcp (struct openvpn_8021qhdr *hdr, const uint16_t pcp)
++{
++ hdr->pcp_cfi_vid = (hdr->pcp_cfi_vid & ~OPENVPN_8021Q_MASK_PCP) |
++ (htons (pcp) & OPENVPN_8021Q_MASK_PCP);
++}
++/*
++ * Set the Canonical Format Indicator (CFI) in an IEEE 802.1Q header.
++ *
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging.
++ * @param cfi The CFI to set (in host byte order).
++ */
++static inline void
++vlanhdr_set_cfi (struct openvpn_8021qhdr *hdr, const uint16_t cfi)
++{
++ hdr->pcp_cfi_vid = (hdr->pcp_cfi_vid & ~OPENVPN_8021Q_MASK_CFI) |
++ (htons (cfi) & OPENVPN_8021Q_MASK_CFI);
++}
++/*
++ * Set the VLAN Identifier (VID) in an IEEE 802.1Q header.
++ *
++ * @param hdr Pointer to the Ethernet header with IEEE 802.1Q tagging.
++ * @param vid The VID to set (in host byte order).
++ */
++static inline void
++vlanhdr_set_vid (struct openvpn_8021qhdr *hdr, const uint16_t vid)
++{
++ hdr->pcp_cfi_vid = (hdr->pcp_cfi_vid & ~OPENVPN_8021Q_MASK_VID) |
++ (htons (vid) & OPENVPN_8021Q_MASK_VID);
++}
++#endif
++
+ #endif
diff --git a/net-misc/openvpn/files/65openvpn b/net-misc/openvpn/files/65openvpn
new file mode 100644
index 0000000..4ddb034
--- /dev/null
+++ b/net-misc/openvpn/files/65openvpn
@@ -0,0 +1 @@
+CONFIG_PROTECT="/usr/share/openvpn/easy-rsa"
diff --git a/net-misc/openvpn/files/down.sh b/net-misc/openvpn/files/down.sh
new file mode 100644
index 0000000..1c70db0
--- /dev/null
+++ b/net-misc/openvpn/files/down.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+# Copyright (c) 2006-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# Contributed by Roy Marples (uberlord@gentoo.org)
+
+# If we have a service specific script, run this now
+if [ -x /etc/openvpn/"${SVCNAME}"-down.sh ] ; then
+ /etc/openvpn/"${SVCNAME}"-down.sh "$@"
+fi
+
+# Restore resolv.conf to how it was
+if [ "${PEER_DNS}" != "no" ]; then
+ if [ -x /sbin/resolvconf ] ; then
+ /sbin/resolvconf -d "${dev}"
+ elif [ -e /etc/resolv.conf-"${dev}".sv ] ; then
+ # Important that we copy instead of move incase resolv.conf is
+ # a symlink and not an actual file
+ cp /etc/resolv.conf-"${dev}".sv /etc/resolv.conf
+ rm -f /etc/resolv.conf-"${dev}".sv
+ fi
+fi
+
+if [ -n "${SVCNAME}" ]; then
+ # Re-enter the init script to start any dependant services
+ if /etc/init.d/"${SVCNAME}" --quiet status ; then
+ export IN_BACKGROUND=true
+ /etc/init.d/"${SVCNAME}" --quiet stop
+ fi
+fi
+
+exit 0
+
+# vim: ts=4 :
diff --git a/net-misc/openvpn/files/openvpn-2.1.conf b/net-misc/openvpn/files/openvpn-2.1.conf
new file mode 100644
index 0000000..72510c3
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn-2.1.conf
@@ -0,0 +1,18 @@
+# OpenVPN automatically creates an /etc/resolv.conf (or sends it to
+# resolvconf) if given DNS information by the OpenVPN server.
+# Set PEER_DNS="no" to stop this.
+PEER_DNS="yes"
+
+# OpenVPN can run in many modes. Most people will want the init script
+# to automatically detect the mode and try and apply a good default
+# configuration and setup scripts. However, there are cases where the
+# OpenVPN configuration looks like a client, but it's really a peer or
+# something else. DETECT_CLIENT controls this behaviour.
+DETECT_CLIENT="yes"
+
+# If DETECT_CLIENT is no and you have your own scripts to re-enter the openvpn
+# init script (ie, it first becomes "inactive" and the script then starts the
+# script again to make it "started") then you can state this below.
+# In other words, unless you understand service dependencies and are a
+# competent shell scripter, don't set this.
+RE_ENTER="no"
diff --git a/net-misc/openvpn/files/openvpn-2.1.init b/net-misc/openvpn/files/openvpn-2.1.init
new file mode 100644
index 0000000..d65e6f8
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn-2.1.init
@@ -0,0 +1,133 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+VPNDIR=${VPNDIR:-/etc/openvpn}
+VPN=${SVCNAME#*.}
+if [ -n "${VPN}" ] && [ ${SVCNAME} != "openvpn" ]; then
+ VPNPID="/var/run/openvpn.${VPN}.pid"
+else
+ VPNPID="/var/run/openvpn.pid"
+fi
+VPNCONF="${VPNDIR}/${VPN}.conf"
+
+depend() {
+ need localmount net
+ use dns
+ after bootmisc
+}
+
+checkconfig() {
+ # Linux has good dynamic tun/tap creation
+ if [ $(uname -s) = "Linux" ] ; then
+ if [ ! -e /dev/net/tun ]; then
+ if ! modprobe tun ; then
+ eerror "TUN/TAP support is not available" \
+ "in this kernel"
+ return 1
+ fi
+ fi
+ if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then
+ ebegin "Detected broken /dev/net/tun symlink, fixing..."
+ rm -f /dev/net/tun
+ ln -s /dev/misc/net/tun /dev/net/tun
+ eend $?
+ fi
+ return 0
+ fi
+
+ # Other OS's don't, so we rely on a pre-configured interface
+ # per vpn instance
+ local ifname=$(sed -n -e 's/[[:space:]]*dev[[:space:]][[:space:]]*\([^[:space:]]*\).*/\1/p' "${VPNCONF}")
+ if [ -z ${ifname} ] ; then
+ eerror "You need to specify the interface that this openvpn" \
+ "instance should use" \
+ "by using the dev option in ${VPNCONF}"
+ return 1
+ fi
+
+ if ! ifconfig "${ifname}" >/dev/null 2>/dev/null ; then
+ # Try and create it
+ echo > /dev/"${ifname}" >/dev/null
+ fi
+ if ! ifconfig "${ifname}" >/dev/null 2>/dev/null ; then
+ eerror "${VPNCONF} requires interface ${ifname}" \
+ "but that does not exist"
+ return 1
+ fi
+}
+
+start() {
+ # If we are re-called by the openvpn gentoo-up.sh script
+ # then we don't actually want to start openvpn
+ [ "${IN_BACKGROUND}" = "true" ] && return 0
+
+ ebegin "Starting ${SVCNAME}"
+
+ checkconfig || return 1
+
+ local args="" reenter=${RE_ENTER:-no}
+ # If the config file does not specify the cd option, we do
+ # But if we specify it, we override the config option which we do not want
+ if ! grep -q "^[ ]*cd[ ].*" "${VPNCONF}" ; then
+ args="${args} --cd ${VPNDIR}"
+ fi
+
+ # We mark the service as inactive and then start it.
+ # When we get an authenticated packet from the peer then we run our script
+ # which configures our DNS if any and marks us as up.
+ if [ "${DETECT_CLIENT:-yes}" = "yes" ] && \
+ grep -q "^[ ]*remote[ ].*" "${VPNCONF}" ; then
+ reenter="yes"
+ args="${args} --up-delay --up-restart"
+ args="${args} --script-security 2"
+ args="${args} --up /etc/openvpn/up.sh"
+ args="${args} --down-pre --down /etc/openvpn/down.sh"
+
+ # Warn about setting scripts as we override them
+ if grep -Eq "^[ ]*(up|down)[ ].*" "${VPNCONF}" ; then
+ ewarn "WARNING: You have defined your own up/down scripts"
+ ewarn "As you're running as a client, we now force Gentoo specific"
+ ewarn "scripts to be run for up and down events."
+ ewarn "These scripts will call /etc/openvpn/${SVCNAME}-{up,down}.sh"
+ ewarn "where you can put your own code."
+ fi
+
+ # Warn about the inability to change ip/route/dns information when
+ # dropping privs
+ if grep -q "^[ ]*user[ ].*" "${VPNCONF}" ; then
+ ewarn "WARNING: You are dropping root privileges!"
+ ewarn "As such openvpn may not be able to change ip, routing"
+ ewarn "or DNS configuration."
+ fi
+ else
+ # So we're a server. Run as openvpn unless otherwise specified
+ grep -q "^[ ]*user[ ].*" "${VPNCONF}" || args="${args} --user openvpn"
+ grep -q "^[ ]*group[ ].*" "${VPNCONF}" || args="${args} --group openvpn"
+ fi
+
+ # Ensure that our scripts get the PEER_DNS variable
+ [ -n "${PEER_DNS}" ] && args="${args} --setenv PEER_DNS ${PEER_DNS}"
+
+ [ "${reenter}" = "yes" ] && mark_service_inactive "${SVCNAME}"
+ start-stop-daemon --start --exec /usr/sbin/openvpn --pidfile "${VPNPID}" \
+ -- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon \
+ --setenv SVCNAME "${SVCNAME}" ${args}
+ eend $? "Check your logs to see why startup failed"
+}
+
+stop() {
+ # If we are re-called by the openvpn gentoo-down.sh script
+ # then we don't actually want to stop openvpn
+ if [ "${IN_BACKGROUND}" = "true" ] ; then
+ mark_service_inactive "${SVCNAME}"
+ return 0
+ fi
+
+ ebegin "Stopping ${SVCNAME}"
+ start-stop-daemon --stop --quiet \
+ --exec /usr/sbin/openvpn --pidfile "${VPNPID}"
+ eend $?
+}
+
+# vim: set ts=4 :
diff --git a/net-misc/openvpn/files/openvpn.init b/net-misc/openvpn/files/openvpn.init
new file mode 100644
index 0000000..489ab49
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn.init
@@ -0,0 +1,63 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+VPNDIR="/etc/openvpn"
+VPN="${SVCNAME#*.}"
+if [ -n "${VPN}" ] && [ "${SVCNAME}" != "openvpn" ]; then
+ VPNPID="/var/run/openvpn.${VPN}.pid"
+else
+ VPNPID="/var/run/openvpn.pid"
+fi
+VPNCONF="${VPNDIR}/${VPN}.conf"
+
+depend() {
+ need localmount net
+ before netmount
+ after bootmisc
+}
+
+checktundevice() {
+ if [ ! -e /dev/net/tun ]; then
+ if ! modprobe tun ; then
+ eerror "TUN/TAP support is not available in this kernel"
+ return 1
+ fi
+ fi
+ if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then
+ ebegin "Detected broken /dev/net/tun symlink, fixing..."
+ rm -f /dev/net/tun
+ ln -s /dev/misc/net/tun /dev/net/tun
+ eend $?
+ fi
+}
+
+start() {
+ ebegin "Starting ${SVCNAME}"
+
+ checktundevice || return 1
+
+ if [ ! -e "${VPNCONF}" ]; then
+ eend 1 "${VPNCONF} does not exist"
+ return 1
+ fi
+
+ local args=""
+ # If the config file does not specify the cd option, we do
+ # But if we specify it, we override the config option which we do not want
+ if ! grep -q "^[ ]*cd[ ].*" "${VPNCONF}" ; then
+ args="${args} --cd ${VPNDIR}"
+ fi
+
+ start-stop-daemon --start --exec /usr/sbin/openvpn --pidfile "${VPNPID}" \
+ -- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args}
+ eend $? "Check your logs to see why startup failed"
+}
+
+stop() {
+ ebegin "Stopping ${SVCNAME}"
+ start-stop-daemon --stop --exec /usr/sbin/openvpn --pidfile "${VPNPID}"
+ eend $?
+}
+
+# vim: ts=4
diff --git a/net-misc/openvpn/files/openvpn.service b/net-misc/openvpn/files/openvpn.service
new file mode 100644
index 0000000..358dcb7
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OpenVPN Robust And Highly Flexible Tunneling Application On %I
+After=syslog.target network.target
+
+[Service]
+PrivateTmp=true
+Type=forking
+PIDFile=/var/run/openvpn/%i.pid
+ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-misc/openvpn/files/openvpn.tmpfile b/net-misc/openvpn/files/openvpn.tmpfile
new file mode 100644
index 0000000..d5fca71
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn.tmpfile
@@ -0,0 +1 @@
+D /var/run/openvpn 0710 root openvpn -
diff --git a/net-misc/openvpn/files/up.sh b/net-misc/openvpn/files/up.sh
new file mode 100644
index 0000000..6ce82d6
--- /dev/null
+++ b/net-misc/openvpn/files/up.sh
@@ -0,0 +1,100 @@
+#!/bin/sh
+# Copyright (c) 2006-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# Contributed by Roy Marples (uberlord@gentoo.org)
+
+# Setup our resolv.conf
+# Vitally important that we use the domain entry in resolv.conf so we
+# can setup the nameservers are for the domain ONLY in resolvconf if
+# we're using a decent dns cache/forwarder like dnsmasq and NOT nscd/libc.
+# nscd/libc users will get the VPN nameservers before their other ones
+# and will use the first one that responds - maybe the LAN ones?
+# non resolvconf users just the the VPN resolv.conf
+
+# FIXME:- if we have >1 domain, then we have to use search :/
+# We need to add a flag to resolvconf to say
+# "these nameservers should only be used for the listed search domains
+# if other global nameservers are present on other interfaces"
+# This however, will break compatibility with Debians resolvconf
+# A possible workaround would be to just list multiple domain lines
+# and try and let resolvconf handle it
+
+min_route() {
+ local n=1
+ local m
+ local r
+
+ eval m="\$route_metric_$n"
+ while [ -n "${m}" ]; do
+ if [ -z "$r" ] || [ "$r" -gt "$m" ]; then
+ r="$m"
+ fi
+ n="$(($n+1))"
+ eval m="\$route_metric_$n"
+ done
+
+ echo "$r"
+}
+
+if [ "${PEER_DNS}" != "no" ]; then
+ NS=
+ DOMAIN=
+ SEARCH=
+ i=1
+ while true ; do
+ eval opt=\$foreign_option_${i}
+ [ -z "${opt}" ] && break
+ if [ "${opt}" != "${opt#dhcp-option DOMAIN *}" ] ; then
+ if [ -z "${DOMAIN}" ] ; then
+ DOMAIN="${opt#dhcp-option DOMAIN *}"
+ else
+ SEARCH="${SEARCH}${SEARCH:+ }${opt#dhcp-option DOMAIN *}"
+ fi
+ elif [ "${opt}" != "${opt#dhcp-option DNS *}" ] ; then
+ NS="${NS}nameserver ${opt#dhcp-option DNS *}\n"
+ fi
+ i=$((${i} + 1))
+ done
+
+ if [ -n "${NS}" ] ; then
+ DNS="# Generated by openvpn for interface ${dev}\n"
+ if [ -n "${SEARCH}" ] ; then
+ DNS="${DNS}search ${DOMAIN} ${SEARCH}\n"
+ elif [ -n "${DOMAIN}" ]; then
+ DNS="${DNS}domain ${DOMAIN}\n"
+ fi
+ DNS="${DNS}${NS}"
+ if [ -x /sbin/resolvconf ] ; then
+ metric="$(min_route)"
+ printf "${DNS}" | /sbin/resolvconf -a "${dev}" ${metric:+-m ${metric}}
+ else
+ # Preserve the existing resolv.conf
+ if [ -e /etc/resolv.conf ] ; then
+ cp /etc/resolv.conf /etc/resolv.conf-"${dev}".sv
+ fi
+ printf "${DNS}" > /etc/resolv.conf
+ chmod 644 /etc/resolv.conf
+ fi
+ fi
+fi
+
+# Below section is Gentoo specific
+# Quick summary - our init scripts are re-entrant and set the SVCNAME env var
+# as we could have >1 openvpn service
+
+if [ -n "${SVCNAME}" ]; then
+ # If we have a service specific script, run this now
+ if [ -x /etc/openvpn/"${SVCNAME}"-up.sh ] ; then
+ /etc/openvpn/"${SVCNAME}"-up.sh "$@"
+ fi
+
+ # Re-enter the init script to start any dependant services
+ if ! /etc/init.d/"${SVCNAME}" --quiet status ; then
+ export IN_BACKGROUND=true
+ /etc/init.d/${SVCNAME} --quiet start
+ fi
+fi
+
+exit 0
+
+# vim: ts=4 :
diff --git a/net-misc/openvpn/metadata.xml b/net-misc/openvpn/metadata.xml
new file mode 100644
index 0000000..7f3d1f9
--- /dev/null
+++ b/net-misc/openvpn/metadata.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>djc@gentoo.org</email>
+ <name>Dirkjan Ochtman</name>
+ </maintainer>
+ <longdescription>OpenVPN is an easy-to-use, robust and highly
+configurable VPN daemon which can be used to securely link two or more
+networks using an encrypted tunnel.</longdescription>
+ <use>
+ <flag name="down-root">Enable the down-root plugin</flag>
+ <flag name="iproute2">Enabled iproute2 support instead of net-tools</flag>
+ <flag name="passwordsave">Enables openvpn to save passwords</flag>
+ <flag name="polarssl">Use PolarSSL instead of OpenSSL</flag>
+ <flag name="pkcs11">Enable PKCS#11 smartcard support</flag>
+ <flag name="plugins">Enable the OpenVPN plugin system</flag>
+ <flag name="socks">Enable socks support</flag>
+ </use>
+ <upstream>
+ <remote-id type="cpe">cpe:/a:openvpn:openvpn</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-misc/openvpn/openvpn-2.3.8-r1.ebuild b/net-misc/openvpn/openvpn-2.3.8-r1.ebuild
new file mode 100644
index 0000000..8658417
--- /dev/null
+++ b/net-misc/openvpn/openvpn-2.3.8-r1.ebuild
@@ -0,0 +1,138 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit eutils autotools multilib flag-o-matic user systemd
+
+DESCRIPTION="Robust and highly flexible tunneling application compatible with many OSes"
+SRC_URI="http://swupdate.openvpn.net/community/releases/${P}.tar.gz"
+HOMEPAGE="http://openvpn.net/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~arm-linux ~x86-linux"
+IUSE="examples down-root iproute2 libressl +lzo pam passwordsave pkcs11 +plugins polarssl selinux socks +ssl static systemd userland_BSD"
+
+REQUIRED_USE="static? ( !plugins !pkcs11 )
+ polarssl? ( ssl !libressl )
+ pkcs11? ( ssl )
+ !plugins? ( !pam !down-root )"
+
+DEPEND="
+ kernel_linux? (
+ iproute2? ( sys-apps/iproute2[-minimal] ) !iproute2? ( sys-apps/net-tools )
+ )
+ pam? ( virtual/pam )
+ ssl? (
+ !polarssl? (
+ !libressl? ( >=dev-libs/openssl-0.9.7:* )
+ libressl? ( dev-libs/libressl )
+ )
+ polarssl? ( >=net-libs/polarssl-1.2.10 )
+ )
+ lzo? ( >=dev-libs/lzo-1.07 )
+ pkcs11? ( >=dev-libs/pkcs11-helper-1.11 )
+ systemd? ( sys-apps/systemd )"
+RDEPEND="${DEPEND}
+ selinux? ( sec-policy/selinux-openvpn )
+"
+
+src_prepare() {
+ epatch "${FILESDIR}/2.3.6-vlan-support.patch"
+ eautoreconf
+}
+
+src_configure() {
+ use static && LDFLAGS="${LDFLAGS} -Xcompiler -static"
+ local myconf
+ use polarssl && myconf="--with-crypto-library=polarssl"
+ econf \
+ ${myconf} \
+ --docdir="${EPREFIX}/usr/share/doc/${PF}" \
+ --with-plugindir="${ROOT}/usr/$(get_libdir)/$PN" \
+ $(use_enable passwordsave password-save) \
+ $(use_enable ssl) \
+ $(use_enable ssl crypto) \
+ $(use_enable lzo) \
+ $(use_enable pkcs11) \
+ $(use_enable plugins) \
+ $(use_enable iproute2) \
+ $(use_enable socks) \
+ $(use_enable pam plugin-auth-pam) \
+ $(use_enable down-root plugin-down-root) \
+ $(use_enable systemd)
+}
+
+src_install() {
+ default
+ find "${ED}/usr" -name '*.la' -delete
+ # install documentation
+ dodoc AUTHORS ChangeLog PORTS README README.IPv6
+
+ # Install some helper scripts
+ keepdir /etc/openvpn
+ exeinto /etc/openvpn
+ doexe "${FILESDIR}/up.sh"
+ doexe "${FILESDIR}/down.sh"
+
+ # Install the init script and config file
+ newinitd "${FILESDIR}/${PN}-2.1.init" openvpn
+ newconfd "${FILESDIR}/${PN}-2.1.conf" openvpn
+
+ # install examples, controlled by the respective useflag
+ if use examples ; then
+ # dodoc does not supportly support directory traversal, #15193
+ insinto /usr/share/doc/${PF}/examples
+ doins -r sample contrib
+ fi
+
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfile ${PN}.conf
+ systemd_newunit distro/systemd/openvpn-client@.service openvpn-client@.service
+ systemd_newunit distro/systemd/openvpn-server@.service openvpn-server@.service
+}
+
+pkg_postinst() {
+ # Add openvpn user so openvpn servers can drop privs
+ # Clients should run as root so they can change ip addresses,
+ # dns information and other such things.
+ enewgroup openvpn
+ enewuser openvpn "" "" "" openvpn
+
+ if [ path_exists -o "${ROOT}/etc/openvpn/*/local.conf" ] ; then
+ ewarn "WARNING: The openvpn init script has changed"
+ ewarn ""
+ fi
+
+ elog "The openvpn init script expects to find the configuration file"
+ elog "openvpn.conf in /etc/openvpn along with any extra files it may need."
+ elog ""
+ elog "To create more VPNs, simply create a new .conf file for it and"
+ elog "then create a symlink to the openvpn init script from a link called"
+ elog "openvpn.newconfname - like so"
+ elog " cd /etc/openvpn"
+ elog " ${EDITOR##*/} foo.conf"
+ elog " cd /etc/init.d"
+ elog " ln -s openvpn openvpn.foo"
+ elog ""
+ elog "You can then treat openvpn.foo as any other service, so you can"
+ elog "stop one vpn and start another if you need to."
+
+ if grep -Eq "^[ \t]*(up|down)[ \t].*" "${ROOT}/etc/openvpn"/*.conf 2>/dev/null ; then
+ ewarn ""
+ ewarn "WARNING: If you use the remote keyword then you are deemed to be"
+ ewarn "a client by our init script and as such we force up,down scripts."
+ ewarn "These scripts call /etc/openvpn/\$SVCNAME-{up,down}.sh where you"
+ ewarn "can move your scripts to."
+ fi
+
+ if use plugins ; then
+ einfo ""
+ einfo "plugins have been installed into /usr/$(get_libdir)/${PN}"
+ fi
+
+ einfo ""
+ einfo "OpenVPN 2.3.x no longer includes the easy-rsa suite of utilities."
+ einfo "They can now be emerged via app-crypt/easy-rsa."
+}
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2015-12-16 21:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-12-16 21:54 [gentoo-commits] dev/ikelos:master commit in: net-misc/openvpn/files/, net-misc/openvpn/ Mike Auty
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox