| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 1 | SUMMARY = "A full-featured SSL VPN solution via tun device." |
| 2 | HOMEPAGE = "https://openvpn.net/" |
| 3 | SECTION = "net" |
| 4 | LICENSE = "GPLv2" |
| Andrew Geissler | 6972109 | 2021-07-23 12:57:00 -0400 | [diff] [blame] | 5 | LIC_FILES_CHKSUM = "file://COPYING;md5=377a495e6f12b2a3adcee797e59540b8" |
| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 6 | DEPENDS = "lzo openssl iproute2 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" |
| 7 | |
| 8 | inherit autotools systemd update-rc.d |
| 9 | |
| 10 | SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ |
| 11 | file://openvpn \ |
| 12 | file://openvpn@.service \ |
| 13 | file://openvpn-volatile.conf" |
| 14 | |
| 15 | UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" |
| 16 | |
| Andrew Geissler | 6972109 | 2021-07-23 12:57:00 -0400 | [diff] [blame] | 17 | SRC_URI[md5sum] = "08895fd1142f25fdd94a98315632e1bf" |
| 18 | SRC_URI[sha256sum] = "75f0044df449430555ca7b995a2b77ab24f2946fdc3668301b8edc23986a5f7e" |
| 19 | |
| 20 | # CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn. |
| 21 | CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569" |
| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 22 | |
| Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 23 | SYSTEMD_SERVICE:${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service" |
| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 24 | SYSTEMD_AUTO_ENABLE = "disable" |
| 25 | |
| 26 | INITSCRIPT_PACKAGES = "${PN}" |
| Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 27 | INITSCRIPT_NAME:${PN} = "openvpn" |
| 28 | INITSCRIPT_PARAMS:${PN} = "start 10 2 3 4 5 . stop 70 0 1 6 ." |
| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 29 | |
| 30 | CFLAGS += "-fno-inline" |
| 31 | |
| 32 | # I want openvpn to be able to read password from file (hrw) |
| 33 | EXTRA_OECONF += "--enable-iproute2" |
| 34 | EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '--disable-plugin-auth-pam', d)}" |
| 35 | |
| 36 | # Explicitly specify IPROUTE to bypass the configure-time check for /sbin/ip on the host. |
| 37 | EXTRA_OECONF += "IPROUTE=${base_sbindir}/ip" |
| 38 | |
| Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 39 | do_install:append() { |
| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 40 | install -d ${D}/${sysconfdir}/init.d |
| 41 | install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d |
| 42 | |
| 43 | install -d ${D}/${sysconfdir}/openvpn |
| 44 | install -d ${D}/${sysconfdir}/openvpn/sample |
| 45 | install -m 755 ${S}/sample/sample-config-files/loopback-server ${D}${sysconfdir}/openvpn/sample/loopback-server.conf |
| 46 | install -m 755 ${S}/sample/sample-config-files/loopback-client ${D}${sysconfdir}/openvpn/sample/loopback-client.conf |
| 47 | install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys |
| 48 | install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys |
| 49 | |
| 50 | if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then |
| 51 | install -d ${D}/${systemd_unitdir}/system |
| 52 | install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system |
| 53 | install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-server.service |
| 54 | install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-client.service |
| 55 | |
| 56 | install -d ${D}/${localstatedir} |
| 57 | install -d ${D}/${localstatedir}/lib |
| 58 | install -d -m 710 ${D}/${localstatedir}/lib/openvpn |
| 59 | |
| 60 | install -d ${D}${sysconfdir}/tmpfiles.d |
| 61 | install -m 0644 ${WORKDIR}/openvpn-volatile.conf ${D}${sysconfdir}/tmpfiles.d/openvpn.conf |
| 62 | sed -i -e 's#@LOCALSTATEDIR@#${localstatedir}#g' ${D}${sysconfdir}/tmpfiles.d/openvpn.conf |
| 63 | fi |
| 64 | } |
| 65 | |
| 66 | PACKAGES =+ " ${PN}-sample " |
| 67 | |
| Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 68 | RRECOMMENDS:${PN} = "kernel-module-tun" |
| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 69 | |
| Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 70 | FILES:${PN}-dbg += "${libdir}/openvpn/plugins/.debug" |
| 71 | FILES:${PN} += "${systemd_unitdir}/system/openvpn@.service \ |
| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 72 | ${sysconfdir}/tmpfiles.d \ |
| 73 | " |
| Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 74 | FILES:${PN}-sample += "${systemd_unitdir}/system/openvpn@loopback-server.service \ |
| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 75 | ${systemd_unitdir}/system/openvpn@loopback-client.service \ |
| 76 | ${sysconfdir}/openvpn/sample/" |