From: Jo-Philipp Wich Date: Wed, 28 Nov 2018 20:23:03 +0000 (+0100) Subject: openvpn: update to 2.4.6 X-Git-Tag: v19.07.0-rc1~2058 X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=3082370551e78195def4b3989eba60bc6149cf6d;p=openwrt%2Fstaging%2Fhauke.git openvpn: update to 2.4.6 Update the OpenVPN package to version 2.4.6, refresh patches and drop menuconfig options which are not supported upstream anymore. Also fix the x509-alt-username configure flag - it is not supported by mbedtls and was syntactically wrong in the Makefile - and the port-share option which has been present in menuconfig but not been used in the Makefile. Signed-off-by: Jo-Philipp Wich --- diff --git a/package/network/services/openvpn/Config-mbedtls.in b/package/network/services/openvpn/Config-mbedtls.in index c1c8c7ac10..beac492022 100644 --- a/package/network/services/openvpn/Config-mbedtls.in +++ b/package/network/services/openvpn/Config-mbedtls.in @@ -8,10 +8,6 @@ config OPENVPN_mbedtls_ENABLE_LZ4 bool "Enable LZ4 compression support" default y -config OPENVPN_mbedtls_ENABLE_X509_ALT_USERNAME - bool "Enable the --x509-username-field feature" - default n - config OPENVPN_mbedtls_ENABLE_SERVER bool "Enable server support (otherwise only client mode is support)" default y @@ -28,14 +24,6 @@ config OPENVPN_mbedtls_ENABLE_MANAGEMENT # bool "Enable pkcs11 support" # default n -config OPENVPN_mbedtls_ENABLE_HTTP - bool "Enable HTTP proxy support" - default y - -config OPENVPN_mbedtls_ENABLE_SOCKS - bool "Enable SOCKS proxy support" - default y - config OPENVPN_mbedtls_ENABLE_FRAGMENT bool "Enable internal fragmentation support (--fragment)" default y diff --git a/package/network/services/openvpn/Config-nossl.in b/package/network/services/openvpn/Config-nossl.in index 199cda0159..79140ad5d1 100644 --- a/package/network/services/openvpn/Config-nossl.in +++ b/package/network/services/openvpn/Config-nossl.in @@ -16,14 +16,6 @@ config OPENVPN_nossl_ENABLE_MANAGEMENT bool "Enable management server support" default n -config OPENVPN_nossl_ENABLE_HTTP - bool "Enable HTTP proxy support" - default y - -config OPENVPN_nossl_ENABLE_SOCKS - bool "Enable SOCKS proxy support" - default y - config OPENVPN_nossl_ENABLE_FRAGMENT bool "Enable internal fragmentation support (--fragment)" default y diff --git a/package/network/services/openvpn/Config-openssl.in b/package/network/services/openvpn/Config-openssl.in index a2bc3de2a2..f2b618eff1 100644 --- a/package/network/services/openvpn/Config-openssl.in +++ b/package/network/services/openvpn/Config-openssl.in @@ -28,14 +28,6 @@ config OPENVPN_openssl_ENABLE_MANAGEMENT # bool "Enable pkcs11 support" # default n -config OPENVPN_openssl_ENABLE_HTTP - bool "Enable HTTP proxy support" - default y - -config OPENVPN_openssl_ENABLE_SOCKS - bool "Enable SOCKS proxy support" - default y - config OPENVPN_openssl_ENABLE_FRAGMENT bool "Enable internal fragmentation support (--fragment)" default y diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile index e0c9d4b3ce..efaccaae29 100644 --- a/package/network/services/openvpn/Makefile +++ b/package/network/services/openvpn/Makefile @@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn -PKG_VERSION:=2.4.5 -PKG_RELEASE:=7 +PKG_VERSION:=2.4.6 +PKG_RELEASE:=1 PKG_SOURCE_URL:=\ https://build.openvpn.net/downloads/releases/ \ https://swupdate.openvpn.net/community/releases/ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_HASH:=43c0a363a332350f620d1cd93bb431e082bedbc93d4fb872f758650d53c1d29e +PKG_HASH:=4f6434fa541cc9e363434ea71a16a62cf2615fb2f16af5b38f43ab5939998c26 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) PKG_MAINTAINER:=Felix Fietkau @@ -86,17 +86,16 @@ define Build/Configure --disable-pkcs11 \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_LZO),--enable,--disable)-lzo \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_LZ4),--enable,--disable)-lz4 \ - $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_X509_ALT_USERNAME),enable,disable-x509-alt-username)-ssl \ + $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_X509_ALT_USERNAME),--enable,--disable)-x509-alt-username \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_SERVER),--enable,--disable)-server \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_MANAGEMENT),--enable,--disable)-management \ - $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_SOCKS),--enable,--disable)-socks \ - $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_HTTP),--enable,--disable)-http-proxy \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_FRAGMENT),--enable,--disable)-fragment \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_MULTIHOME),--enable,--disable)-multihome \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_IPROUTE2),--enable,--disable)-iproute2 \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_DEF_AUTH),--enable,--disable)-def-auth \ $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_PF),--enable,--disable)-pf \ - $(if $(CONFIG_OPENVPN_NOSSL),--disable-ssl --disable-crypto,--enable-ssl --enable-crypto) \ + $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_PORT_SHARE),--enable,--disable)-port-share \ + $(if $(CONFIG_OPENVPN_NOSSL),--disable-crypto,--enable-crypto) \ $(if $(CONFIG_OPENVPN_OPENSSL),--with-crypto-library=openssl) \ $(if $(CONFIG_OPENVPN_MBEDTLS),--with-crypto-library=mbedtls) \ ) diff --git a/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch b/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch index b3eb7c742a..a99f923644 100644 --- a/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch +++ b/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch @@ -14,12 +14,12 @@ - # linker will not know about the lz4 library - ) - fi - + saved_CFLAGS="${CFLAGS}" saved_LIBS="${LIBS}" CFLAGS="${CFLAGS} ${LZ4_CFLAGS}" LIBS="${LIBS} ${LZ4_LIBS}" - + - # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars - # are used, check the version directly in the LZ4 include file - if test "${have_lz4}" != "yes"; then