openvpn-easy-rsa: bump to 3.0.8

New easyrsa will look for missing vars and x509-types where easyrsa
is located (following symlink). /usr/bin/easyrsa is now a link
to /usr/lib/easyrsa/easyrsa and /usr/lib/easyrsa/{vars,x509-types} a
link to /etc/easyrsa/{vars,x509-types}. This keeps the same previous
OpenWrt easyrsa behavior which tries to use $PWD/pki and
/etc/easyrsa/{vars,x509-types}, but without patching it.

Easyrsa can also use env vars to set pki root path (instead of
/usr/lib/easyrsa), pki path (instead of $PWD/pki) and vars path.
Those variables are commented in /etc/profile.d/50-openvpn-easy-rsa.sh
as an example of how to make easyrsa run independent of $PWD. That
scriptlet also sets $EASYRSA_TEMP_DIR from $EASYRSA_PKI/tmp to /tmp
in order to avoid writing to persistent media (normally flash). However,
as a profile scriptlet, it will only be used after session is restarted.

The "build" tgz was replaced by the "source" tar. "build" version has a
different file structure, making any patch backports too complex.

I'm also putting myself as maintainer.

Closes openwrt/openwrt#2926, since it moved to openwrt/packages.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

diff --git a/net/openvpn-easy-rsa/Makefile b/net/openvpn-easy-rsa/Makefile
index 0cf73950a614354ff2643446633dae3d6f633dad..464002b7d42c7504266551f464d260233fd30bec 100644 (file)
--- a/net/openvpn-easy-rsa/Makefile
+++ b/net/openvpn-easy-rsa/Makefile
@@ -9,14 +9,23 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openvpn-easy-rsa
 
-PKG_VERSION:=3.0.4
+PKG_VERSION:=3.0.8
 PKG_RELEASE:=1
-PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa/releases/download/v$(PKG_VERSION)/
-PKG_SOURCE:=EasyRSA-$(PKG_VERSION).tgz
-PKG_HASH:=472167f976c6cb7c860cec6150a5616e163ae20365c81f179811d6ee0779ec5a
+PKG_SOURCE_URL:=https://codeload.github.com/OpenVPN/easy-rsa/tar.gz/v$(PKG_VERSION)?
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=fd6b67d867c3b8afd53efa2ca015477f6658a02323e1799432083472ac0dd200
+
+# For git snapshots
+#PKG_SOURCE_PROTO:=git
+#PKG_RELEASE=0git$(PKG_SOURCE_DATE)
+#PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa.git
+#PKG_SOURCE_DATE:=2020-03-30
+#PKG_SOURCE_VERSION:=945c9359f6ae3796df21e2986e49489718e0d5f8
+#PKG_MIRROR_HASH:=
+
 PKG_LICENSE:=GPL-2.0
-PKG_BUILD_DIR:=$(BUILD_DIR)/EasyRSA-$(PKG_VERSION)
-PKGARCH:=all
+PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca@gmail.com>
+PKG_BUILD_DIR:=$(BUILD_DIR)/easy-rsa-$(PKG_VERSION)
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -27,6 +36,7 @@ define Package/openvpn-easy-rsa
   URL:=http://openvpn.net
   SUBMENU:=VPN
   DEPENDS:=+openssl-util
+  PKGARCH:=all
 endef
 
 define Package/openvpn-easy-rsa/conffiles
@@ -36,21 +46,31 @@ define Package/openvpn-easy-rsa/conffiles
 endef
 
 define Build/Configure
-
 endef
 
 define Build/Compile
-
+       cd $(PKG_BUILD_DIR); \
+       $(PKG_BUILD_DIR)/build/build-dist.sh \
+               --no-windows \
+               --no-compress \
+               --dist-clean \
+               --version=$(PKG_VERSION)
 endef
 
 define Package/openvpn-easy-rsa/install
+
+       $(INSTALL_DIR) $(1)/usr/lib/easy-rsa/
+       $(INSTALL_BIN) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/easyrsa $(1)/usr/lib/easy-rsa/
+
        $(INSTALL_DIR) $(1)/usr/bin
+       $(LN) /usr/lib/easy-rsa/easyrsa $(1)/usr/bin/easyrsa
 
-       $(INSTALL_BIN) $(PKG_BUILD_DIR)/easyrsa $(1)/usr/bin/
        $(INSTALL_DIR) $(1)/etc/easy-rsa
-       $(INSTALL_DATA) $(PKG_BUILD_DIR)/openssl-easyrsa.cnf $(1)/etc/easy-rsa/openssl-1.0.cnf
+       $(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/openssl-easyrsa.cnf $(1)/etc/easy-rsa/openssl-1.0.cnf
        $(LN) /etc/easy-rsa/openssl-1.0.cnf $(1)/etc/easy-rsa/openssl-easyrsa.cnf
-       $(INSTALL_DATA) $(PKG_BUILD_DIR)/vars.example $(1)/etc/easy-rsa/vars
+       $(LN) /etc/easy-rsa/openssl-easyrsa.cnf $(1)/usr/lib/easy-rsa/openssl-easyrsa.cnf
+       $(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/vars.example $(1)/etc/easy-rsa/vars
+       $(LN) /etc/easy-rsa/vars $(1)/usr/lib/easy-rsa/vars
 
        $(INSTALL_DIR) $(1)/etc/easy-rsa/pki
        chmod 700 $(1)/etc/easy-rsa/pki
@@ -60,10 +80,14 @@ define Package/openvpn-easy-rsa/install
        chmod 700 $(1)/etc/easy-rsa/pki/reqs
 
        $(INSTALL_DIR) $(1)/etc/easy-rsa/x509-types
-       $(INSTALL_DATA) $(PKG_BUILD_DIR)/x509-types/* $(1)/etc/easy-rsa/x509-types/
+       $(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/x509-types/* $(1)/etc/easy-rsa/x509-types/
+       $(LN) /etc/easy-rsa/x509-types $(1)/usr/lib/easy-rsa/x509-types
 
        $(INSTALL_DIR) $(1)/lib/upgrade/keep.d
        $(INSTALL_DATA) files/openvpn-easy-rsa.upgrade $(1)/lib/upgrade/keep.d/$(PKG_NAME)
+
+       $(INSTALL_DIR) $(1)/etc/profile.d
+       $(INSTALL_DATA) files/openvpn-easy-rsa.profile $(1)/etc/profile.d/50-$(PKG_NAME).sh
 endef
 
 $(eval $(call BuildPackage,openvpn-easy-rsa))

diff --git a/net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile b/net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile
new file mode 100644 (file)
index 0000000..99a824a
--- /dev/null
+++ b/net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile
@@ -0,0 +1,5 @@
+# default PKI dir
+#export EASYRSA=${EASYRSA:-/etc/easy-rsa}
+#export EASYRSA_PKI=${EASYRSA_PKI:-$EASYRSA/pki}
+#export EASYRSA_VARS_FILE=${EASYRSA_VARS_FILE:-$EASYRSA/vars}
+export EASYRSA_TEMP_DIR=${EASYRSA_TEMP_DIR:-${TMPDIR:-/tmp/}}

diff --git a/net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch b/net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch
deleted file mode 100644 (file)
index b81366c..0000000
--- a/net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Index: EasyRSA-3.0.4/easyrsa
-===================================================================
---- EasyRSA-3.0.4.orig/easyrsa
-+++ EasyRSA-3.0.4/easyrsa
-@@ -1033,7 +1033,7 @@ vars_setup() {
-       vars=
- 
-       # set up program path
--      prog_vars="${0%/*}/vars"
-+      prog_vars="/etc/easy-rsa/vars"
-       # set up PKI path
-       pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars"
- 
-@@ -1060,7 +1060,7 @@ Note: using Easy-RSA configuration from:
-       fi
-       
-       # Set defaults, preferring existing env-vars if present
--      set_var EASYRSA         "${0%/*}"
-+      set_var EASYRSA         "/etc/easy-rsa"
-       set_var EASYRSA_OPENSSL openssl
-       set_var EASYRSA_PKI     "$PWD/pki"
-       set_var EASYRSA_DN      cn_only