mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Cc: Andreas Helmcke <ahelmcke@ela-soft.com>
Subject: Re: [ptxdist] [APPLIED] openvpn: Version bump, 2.5.8 -> 2.6.6
Date: Fri, 10 Nov 2023 08:25:13 +0100	[thread overview]
Message-ID: <20231110072513.2858666-1-m.olbrich@pengutronix.de> (raw)
In-Reply-To: <20231102130401.38488-1-ahelmcke@ela-soft.com>

Thanks, applied as b80df9266fd9fa388878a136fd854ce3b943b4bb.

Michael

[sent from post-receive hook]

On Fri, 10 Nov 2023 08:25:13 +0100, Andreas Helmcke <ahelmcke@ela-soft.com> wrote:
> Upstream changes:
> - lots of bugfixes
> - OpenSSL V3 support
> - stronger security defaults
> - inetd suport removed
> 
> ptxdist changes:
> - new dependency: libcap_ng added
> - download url changed to gitub
> - some changes in licenses
> 
> Link: https://github.com/OpenVPN/openvpn/blob/v2.6.6/Changes.rst
> Signed-off-by: Andreas Helmcke <ahelmcke@ela-soft.com>
> Message-Id: <20231102130401.38488-1-ahelmcke@ela-soft.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/openvpn.in b/rules/openvpn.in
> index 568c8a9d2bc1..0ef6af5af475 100644
> --- a/rules/openvpn.in
> +++ b/rules/openvpn.in
> @@ -4,6 +4,7 @@ menuconfig OPENVPN
>  	tristate
>  	prompt "openvpn                       "
>  	select OPENSSL
> +	select LIBCAP_NG
>  	select LIBLZO			if OPENVPN_LZO
>  	select SYSTEMD			if OPENVPN_SYSTEMD
>  	select IPTABLES			if OPENVPN_INSTALL_SAMPLE_CONFIGS && RUNTIME
> diff --git a/rules/openvpn.make b/rules/openvpn.make
> index b71786d4fc5d..29a4b68e4111 100644
> --- a/rules/openvpn.make
> +++ b/rules/openvpn.make
> @@ -14,20 +14,21 @@ PACKAGES-$(PTXCONF_OPENVPN) += openvpn
>  #
>  # Paths and names
>  #
> -OPENVPN_VERSION		:= 2.5.8
> -OPENVPN_MD5		:= 8c1181a2baaa25b36e4aa67161c2829e
> +OPENVPN_VERSION		:= 2.6.6
> +OPENVPN_MD5		:= 660e71db3ed3161e33b4b649855c2477
>  OPENVPN			:= openvpn-$(OPENVPN_VERSION)
>  OPENVPN_SUFFIX		:= tar.gz
> -OPENVPN_URL		:= https://swupdate.openvpn.org/community/releases/$(OPENVPN).$(OPENVPN_SUFFIX)
> +OPENVPN_URL		:= https://github.com/OpenVPN/openvpn/releases/download/v$(OPENVPN_VERSION)/$(OPENVPN).$(OPENVPN_SUFFIX)
>  OPENVPN_SOURCE		:= $(SRCDIR)/$(OPENVPN).$(OPENVPN_SUFFIX)
>  OPENVPN_DIR		:= $(BUILDDIR)/$(OPENVPN)
> -OPENVPN_LICENSE		:= GPL-2.0-only WITH openvpn-openssl-exception AND BSD-2-Clause AND BSD-3-Clause
> +OPENVPN_LICENSE		:= GPL-2.0-only WITH (openvpn-openssl-exception AND custom-exception) AND BSD-2-Clause AND BSD-3-Clause AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT)
>  OPENVPN_LICENSE_FILES := \
> -	file://COPYING;md5=b76abd82c14ee01cc34c4ff5e3627b89 \
> +	file://COPYING;md5=d8d34ce6390552676e4ce8279f13c48a \
>  	file://COPYRIGHT.GPL;md5=52cadf4008002e3c314a47a54fa7306c \
> -	file://src/openvpn/openvpn.c;startline=2;endline=21;md5=82f794c2390084d34cb32d871c17b4be \
> +	file://src/openvpn/openvpn.c;startline=2;endline=21;md5=b9fb1976bc6d8ad5e02a251351dc58f2 \
>  	file://src/openvpn/base64.c;startline=2;endline=31;md5=f4debd767645b13107fc5912faf2ad8f \
> -	file://src/compat/compat-lz4.c;startline=13;endline=38;md5=5163f975ae122fe0c260002537edab22
> +	file://src/openvpn/ovpn_dco_linux.h;startline=1;endline=1;md5=b317f96dbe63f35baef28266acb68512 \
> +	file://src/openvpn/ovpn_dco_freebsd.h;startline=1;endline=1;md5=a7ba62aad20f9685c53b0565a263af30
>  
>  # ----------------------------------------------------------------------------
>  # Prepare
> @@ -64,13 +65,11 @@ OPENVPN_CONF_OPT	:= \
>  	--enable-management \
>  	--disable-pkcs11 \
>  	--enable-fragment \
> -	--enable-multihome \
>  	--enable-port-share \
>  	--disable-debug \
>  	--$(call ptx/endis, PTXCONF_OPENVPN_SMALL)-small \
> +	--disable-dco \
>  	--enable-iproute2 \
> -	--enable-def-auth \
> -	--enable-pf \
>  	--disable-plugin-auth-pam \
>  	--enable-plugin-down-root \
>  	--disable-pam-dlopen \
> @@ -81,13 +80,14 @@ OPENVPN_CONF_OPT	:= \
>  	--disable-selinux \
>  	--$(call ptx/endis, PTXCONF_OPENVPN_SYSTEMD)-systemd \
>  	--disable-async-push \
> +	--disable-wolfssl-options-h \
>  	--disable-unit-tests \
>  	--with-crypto-library=openssl \
>  	--with-openssl-engine
>  
>  OPENVPN_INSTALL_SAMPLE_CONFIG_FILES := \
>  	client.conf loopback-client loopback-server README server.conf \
> -	tls-home.conf tls-office.conf xinetd-client-config xinetd-server-config
> +	tls-home.conf tls-office.conf
>  
>  OPENVPN_INSTALL_SAMPLE_CONFIG_SCRIPTS := \
>  	firewall.sh home.up office.up openvpn-shutdown.sh openvpn-startup.sh



      reply	other threads:[~2023-11-10  7:26 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-11-02 13:04 [ptxdist] [PATCH v2] " Andreas Helmcke
2023-11-10  7:25 ` Michael Olbrich [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231110072513.2858666-1-m.olbrich@pengutronix.de \
    --to=m.olbrich@pengutronix.de \
    --cc=ahelmcke@ela-soft.com \
    --cc=ptxdist@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox