Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 1 | SUMMARY = "A full-featured SSL VPN solution via tun device." |
| 2 | HOMEPAGE = "https://openvpn.net/" |
| 3 | SECTION = "net" |
| 4 | LICENSE = "GPL-2.0-only" |
| 5 | LIC_FILES_CHKSUM = "file://COPYING;md5=b76abd82c14ee01cc34c4ff5e3627b89" |
| 6 | DEPENDS = "lzo openssl iproute2 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" |
| 7 | |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 8 | inherit autotools systemd update-rc.d pkgconfig |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 9 | |
| 10 | SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 11 | file://0001-configure.ac-eliminate-build-path-from-openvpn-versi.patch \ |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 12 | file://openvpn \ |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 13 | " |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 14 | |
| 15 | UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" |
| 16 | |
Andrew Geissler | 78b7279 | 2022-06-14 06:47:25 -0500 | [diff] [blame] | 17 | SRC_URI[sha256sum] = "08340a389905c84196b6cd750add1bc0fa2d46a1afebfd589c24120946c13e68" |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 18 | |
| 19 | # CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn. |
| 20 | CVE_CHECK_IGNORE += "CVE-2020-7224 CVE-2020-27569" |
| 21 | |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 22 | INITSCRIPT_PACKAGES = "${PN}" |
| 23 | INITSCRIPT_NAME:${PN} = "openvpn" |
| 24 | INITSCRIPT_PARAMS:${PN} = "start 10 2 3 4 5 . stop 70 0 1 6 ." |
| 25 | |
| 26 | CFLAGS += "-fno-inline" |
| 27 | |
| 28 | # I want openvpn to be able to read password from file (hrw) |
| 29 | EXTRA_OECONF += "--enable-iproute2" |
| 30 | EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '--disable-plugin-auth-pam', d)}" |
| 31 | |
| 32 | # Explicitly specify IPROUTE to bypass the configure-time check for /sbin/ip on the host. |
| 33 | EXTRA_OECONF += "IPROUTE=${base_sbindir}/ip" |
| 34 | |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 35 | EXTRA_OECONF += "SYSTEMD_UNIT_DIR=${systemd_system_unitdir} \ |
| 36 | TMPFILES_DIR=${nonarch_libdir}/tmpfiles.d \ |
| 37 | " |
| 38 | |
| 39 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ |
| 40 | ${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)} \ |
| 41 | " |
| 42 | |
| 43 | PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd" |
| 44 | PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux" |
| 45 | |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 46 | do_install:append() { |
| 47 | install -d ${D}/${sysconfdir}/init.d |
| 48 | install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d |
| 49 | |
| 50 | install -d ${D}/${sysconfdir}/openvpn |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 51 | install -d ${D}/${sysconfdir}/openvpn/server |
| 52 | install -d ${D}/${sysconfdir}/openvpn/client |
| 53 | |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 54 | install -d ${D}/${sysconfdir}/openvpn/sample |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 55 | install -m 644 ${S}/sample/sample-config-files/loopback-server ${D}${sysconfdir}/openvpn/sample/loopback-server.conf |
| 56 | install -m 644 ${S}/sample/sample-config-files/loopback-client ${D}${sysconfdir}/openvpn/sample/loopback-client.conf |
| 57 | install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-config-files |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 58 | install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 59 | install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-scripts |
| 60 | install -m 644 ${S}/sample/sample-config-files/* ${D}${sysconfdir}/openvpn/sample/sample-config-files |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 61 | install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 62 | install -m 644 ${S}/sample/sample-scripts/* ${D}${sysconfdir}/openvpn/sample/sample-scripts |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 63 | |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 64 | install -d -m 710 ${D}/${localstatedir}/lib/openvpn |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 65 | } |
| 66 | |
| 67 | PACKAGES =+ " ${PN}-sample " |
| 68 | |
| 69 | RRECOMMENDS:${PN} = "kernel-module-tun" |
| 70 | |
| 71 | FILES:${PN}-dbg += "${libdir}/openvpn/plugins/.debug" |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 72 | FILES:${PN} += "${systemd_system_unitdir}/openvpn-server@.service \ |
| 73 | ${systemd_system_unitdir}/openvpn-client@.service \ |
| 74 | ${nonarch_libdir}/tmpfiles.d \ |
Andrew Geissler | 9aee500 | 2022-03-30 16:27:02 +0000 | [diff] [blame] | 75 | " |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 76 | FILES:${PN}-sample = "${sysconfdir}/openvpn/sample/ \ |
| 77 | " |