From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Cc: Andreas Helmcke <ahelmcke@ela-soft.com>
Subject: Re: [ptxdist] [APPLIED] openvpn: Version bump, 2.5.8 -> 2.6.6
Date: Fri, 10 Nov 2023 08:25:13 +0100 [thread overview]
Message-ID: <20231110072513.2858666-1-m.olbrich@pengutronix.de> (raw)
In-Reply-To: <20231102130401.38488-1-ahelmcke@ela-soft.com>
Thanks, applied as b80df9266fd9fa388878a136fd854ce3b943b4bb.
Michael
[sent from post-receive hook]
On Fri, 10 Nov 2023 08:25:13 +0100, Andreas Helmcke <ahelmcke@ela-soft.com> wrote:
> Upstream changes:
> - lots of bugfixes
> - OpenSSL V3 support
> - stronger security defaults
> - inetd suport removed
>
> ptxdist changes:
> - new dependency: libcap_ng added
> - download url changed to gitub
> - some changes in licenses
>
> Link: https://github.com/OpenVPN/openvpn/blob/v2.6.6/Changes.rst
> Signed-off-by: Andreas Helmcke <ahelmcke@ela-soft.com>
> Message-Id: <20231102130401.38488-1-ahelmcke@ela-soft.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/rules/openvpn.in b/rules/openvpn.in
> index 568c8a9d2bc1..0ef6af5af475 100644
> --- a/rules/openvpn.in
> +++ b/rules/openvpn.in
> @@ -4,6 +4,7 @@ menuconfig OPENVPN
> tristate
> prompt "openvpn "
> select OPENSSL
> + select LIBCAP_NG
> select LIBLZO if OPENVPN_LZO
> select SYSTEMD if OPENVPN_SYSTEMD
> select IPTABLES if OPENVPN_INSTALL_SAMPLE_CONFIGS && RUNTIME
> diff --git a/rules/openvpn.make b/rules/openvpn.make
> index b71786d4fc5d..29a4b68e4111 100644
> --- a/rules/openvpn.make
> +++ b/rules/openvpn.make
> @@ -14,20 +14,21 @@ PACKAGES-$(PTXCONF_OPENVPN) += openvpn
> #
> # Paths and names
> #
> -OPENVPN_VERSION := 2.5.8
> -OPENVPN_MD5 := 8c1181a2baaa25b36e4aa67161c2829e
> +OPENVPN_VERSION := 2.6.6
> +OPENVPN_MD5 := 660e71db3ed3161e33b4b649855c2477
> OPENVPN := openvpn-$(OPENVPN_VERSION)
> OPENVPN_SUFFIX := tar.gz
> -OPENVPN_URL := https://swupdate.openvpn.org/community/releases/$(OPENVPN).$(OPENVPN_SUFFIX)
> +OPENVPN_URL := https://github.com/OpenVPN/openvpn/releases/download/v$(OPENVPN_VERSION)/$(OPENVPN).$(OPENVPN_SUFFIX)
> OPENVPN_SOURCE := $(SRCDIR)/$(OPENVPN).$(OPENVPN_SUFFIX)
> OPENVPN_DIR := $(BUILDDIR)/$(OPENVPN)
> -OPENVPN_LICENSE := GPL-2.0-only WITH openvpn-openssl-exception AND BSD-2-Clause AND BSD-3-Clause
> +OPENVPN_LICENSE := GPL-2.0-only WITH (openvpn-openssl-exception AND custom-exception) AND BSD-2-Clause AND BSD-3-Clause AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT)
> OPENVPN_LICENSE_FILES := \
> - file://COPYING;md5=b76abd82c14ee01cc34c4ff5e3627b89 \
> + file://COPYING;md5=d8d34ce6390552676e4ce8279f13c48a \
> file://COPYRIGHT.GPL;md5=52cadf4008002e3c314a47a54fa7306c \
> - file://src/openvpn/openvpn.c;startline=2;endline=21;md5=82f794c2390084d34cb32d871c17b4be \
> + file://src/openvpn/openvpn.c;startline=2;endline=21;md5=b9fb1976bc6d8ad5e02a251351dc58f2 \
> file://src/openvpn/base64.c;startline=2;endline=31;md5=f4debd767645b13107fc5912faf2ad8f \
> - file://src/compat/compat-lz4.c;startline=13;endline=38;md5=5163f975ae122fe0c260002537edab22
> + file://src/openvpn/ovpn_dco_linux.h;startline=1;endline=1;md5=b317f96dbe63f35baef28266acb68512 \
> + file://src/openvpn/ovpn_dco_freebsd.h;startline=1;endline=1;md5=a7ba62aad20f9685c53b0565a263af30
>
> # ----------------------------------------------------------------------------
> # Prepare
> @@ -64,13 +65,11 @@ OPENVPN_CONF_OPT := \
> --enable-management \
> --disable-pkcs11 \
> --enable-fragment \
> - --enable-multihome \
> --enable-port-share \
> --disable-debug \
> --$(call ptx/endis, PTXCONF_OPENVPN_SMALL)-small \
> + --disable-dco \
> --enable-iproute2 \
> - --enable-def-auth \
> - --enable-pf \
> --disable-plugin-auth-pam \
> --enable-plugin-down-root \
> --disable-pam-dlopen \
> @@ -81,13 +80,14 @@ OPENVPN_CONF_OPT := \
> --disable-selinux \
> --$(call ptx/endis, PTXCONF_OPENVPN_SYSTEMD)-systemd \
> --disable-async-push \
> + --disable-wolfssl-options-h \
> --disable-unit-tests \
> --with-crypto-library=openssl \
> --with-openssl-engine
>
> OPENVPN_INSTALL_SAMPLE_CONFIG_FILES := \
> client.conf loopback-client loopback-server README server.conf \
> - tls-home.conf tls-office.conf xinetd-client-config xinetd-server-config
> + tls-home.conf tls-office.conf
>
> OPENVPN_INSTALL_SAMPLE_CONFIG_SCRIPTS := \
> firewall.sh home.up office.up openvpn-shutdown.sh openvpn-startup.sh
prev parent reply other threads:[~2023-11-10 7:26 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-02 13:04 [ptxdist] [PATCH v2] " Andreas Helmcke
2023-11-10 7:25 ` Michael Olbrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231110072513.2858666-1-m.olbrich@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=ahelmcke@ela-soft.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox