From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Thu, 02 Nov 2023 14:09:07 +0100 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qyXRb-00FMmj-KY for lore@lore.pengutronix.de; Thu, 02 Nov 2023 14:09:07 +0100 Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1qyXRa-0002sS-P9; Thu, 02 Nov 2023 14:09:06 +0100 Received: from mail.ela-soft.com ([213.23.49.162]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qyXRP-0002rd-Ft; Thu, 02 Nov 2023 14:08:59 +0100 Received: from [10.0.1.140] (tupai.ela-bln.local [10.0.1.140]) by mail.ela-soft.com (mailsystem) with ESMTPSA id D1A6414805; Thu, 2 Nov 2023 14:08:54 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ela-soft.com; s=2021; t=1698930534; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:autocrypt:autocrypt; bh=Bwg0QTKo4fW4QGoYnisZ6XNX8wZLkVfu6ts3Prfs6bw=; b=A78Ui6wsqNV/jYZ7a4GQ5ye76BGVMybjrfxHGak+we30ttXA77PAxlWPCuJCfIdWA/JLc8 09J3xZ7G6IyDNPRDMWXCYgtG0zj8XPIZZjPJGaOzoO1ELdDdg/PljOZ8UB6Mk8dJbpsyxV eUIqIwt1/8eOeZ7s0ZgfGsECYN75CPpVAzIv9YyzGE5SgscEa5IWxarT49shZxkv16RcHM rGq65nZkfIYONfTjy339W/T2alenvxphkaT9785EATniFuSUSyHODENVRXX4EoxnABmtKS EpPs/NxLGL1euY7aCf7WbrB8f8mQsisnTnN0VyFWQdT3Lm5Az2XKToeuWuEgjg== Message-ID: Date: Thu, 2 Nov 2023 14:08:54 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: Michael Olbrich References: <20231020112620.77490-1-ahelmcke@ela-soft.com> Content-Language: de-DE, en-US From: Andreas Helmcke Autocrypt: addr=ahelmcke@ela-soft.com; keydata= xsDiBDqtzDQRBADYJNLjNC+RK93Lhqx89UudxF0GIBfb+7AzjKRMe1aWRB5o3a14vm7ScQh+ xFIw8j2jaxM1jNZ/6eZw3nT8vy/3gRVazBnJg/JXKxU0axpvCwioodS8UKy82Wp89Gya+yhF IH10Q/2Rp2Y33oxbmwAl/YSS8eqN2oPjCrnCbEWcQQCg/w2d6Pwilu2ajlxtNby1lXOs7R0E AIveEzbSpi5hFsUgRz3MEnvBxTYvP3F0yU8x/LPl08FTa+0kNb+8FVqPxNPenBAtX0mRPLLA BRknO9xEQ8Zi1bnQ3/1Gcj1W+92XIClMkFJWTxPn5lmHOLsH1K/FaWEDS9z1+usxgPVDUVxT MbPSxhXxJU7S9tC02noI0rB1/0WLBACGNP3II9pZ5cZJP7ZBje/LtZCMK+anx6Ix9DHBpedL kkPYFBwSCEB9AciFtPa0IVkuvynqnyeiyfdwQK7ul9nMowjSWarnmWcdQkByfMNzEdVQF1oy IV+FJCx3bPYc6Bxb8mRmwEK7s6i8Y3qdgFwyyphGTWkMcFtvTr/Tknf3L80nQW5kcmVhcyBI ZWxtY2tlIDxhaGVsbWNrZUBlbGEtc29mdC5jb20+wn0EExEIAD0CGwMGCwkIBwMCBBUCCAME FgIDAQIeAQIXgBYhBFA9ZZ0xTAe07lSeJg1WleJJOvBfBQJiuyA3BQkrwowDAAoJEA1WleJJ OvBfdCgAoNRkGKBA2rMuyYhUv99ZxZMvqyd7AJ9PeDsEDdRcbUtuXHVy9G1O8Daz687BTQQ6 rcw0EAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt 90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/ Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8 Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaG xAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAggAwYsD zwilCtMj1WbBxKHhjyLf57L0AJsHx1SB8gixbvSS9Z1lvWri7UXwljvI747af56DgwxWs+/p c/voH/xkVHdgSEf4AuUc2lWQcoFmNHo8QJKN4An1j1H7DvJXKyffRLHj7YsgQ7NPs8/FsPm9 69oHX61xuzRiY7ndi34DduMjChFvoWV/ddQjitjvekP5gCm64TGQg23mUMGixuTWXAgUmgN0 fHPieqYXqVvEgwChgm1iZQJDSQ0sYRfOqfMK4vvwQCp6aSlRPrd06EKaOvxCL8HWUWX7tPzt n3BwxNU8uWqXFejPTymRry3WsoABRgpBvAhO8+ByoRA1ZV9EK8JpBBgRCAApBRsMAAAAFiEE UD1lnTFMB7TuVJ4mDVaV4kk68F8FAmK7IDgFCSvCjAMACgkQDVaV4kk68F971QCfdAx/iSSd dAtyCVc29GEW8zOnNikAnRd3L/RtOOHEcA01APdZ9+uQrKUM In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.whiteo.stw.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-102.1 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_WELCOMELIST,USER_IN_WHITELIST autolearn=ham autolearn_force=no version=3.4.2 Subject: Re: [ptxdist] [PATCH] openvpn: Version bump, 2.5.8 -> 2.6.6 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: ptxdist@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false Am 02.11.23 um 12:53 schrieb Michael Olbrich: > On Fri, Oct 20, 2023 at 01:26:20PM +0200, Andreas Helmcke wrote: >> Upstream changes: >> - lots of bugfixes >> - OpenSSL V3 support >> - stronger security defaults >> >> ptxdist changes: >> - new dependency: libcap_ng added >> - download url changed to gitub >> - some changes in licenses > > With all sub-options enabled, targetinstall fails with: > > No suitable file '/usr/share/openvpn/sample-config-files/xinetd-client-config' could be found in any of these locations: > .../build-target/openvpn-2.6.6/sample/sample-config-files/xinetd-client-config.arm-hf > .../build-target/openvpn-2.6.6/sample/sample-config-files/xinetd-client-config > > Error: install_file failed! This is due to the removal of inetd support. Fixed with PATCH v2 > Michael > >> Link: https://github.com/OpenVPN/openvpn/blob/v2.6.6/Changes.rst >> Signed-off-by: Andreas Helmcke >> --- >> rules/openvpn.in | 1 + >> rules/openvpn.make | 20 ++++++++++---------- >> 2 files changed, 11 insertions(+), 10 deletions(-) >> >> diff --git a/rules/openvpn.in b/rules/openvpn.in >> index 568c8a9d2..0ef6af5af 100644 >> --- a/rules/openvpn.in >> +++ b/rules/openvpn.in >> @@ -4,6 +4,7 @@ menuconfig OPENVPN >> tristate >> prompt "openvpn " >> select OPENSSL >> + select LIBCAP_NG >> select LIBLZO if OPENVPN_LZO >> select SYSTEMD if OPENVPN_SYSTEMD >> select IPTABLES if OPENVPN_INSTALL_SAMPLE_CONFIGS && RUNTIME >> diff --git a/rules/openvpn.make b/rules/openvpn.make >> index b71786d4f..17dbd08a3 100644 >> --- a/rules/openvpn.make >> +++ b/rules/openvpn.make >> @@ -14,20 +14,21 @@ PACKAGES-$(PTXCONF_OPENVPN) += openvpn >> # >> # Paths and names >> # >> -OPENVPN_VERSION := 2.5.8 >> -OPENVPN_MD5 := 8c1181a2baaa25b36e4aa67161c2829e >> +OPENVPN_VERSION := 2.6.6 >> +OPENVPN_MD5 := 660e71db3ed3161e33b4b649855c2477 >> OPENVPN := openvpn-$(OPENVPN_VERSION) >> OPENVPN_SUFFIX := tar.gz >> -OPENVPN_URL := https://swupdate.openvpn.org/community/releases/$(OPENVPN).$(OPENVPN_SUFFIX) >> +OPENVPN_URL := https://github.com/OpenVPN/openvpn/releases/download/v$(OPENVPN_VERSION)/$(OPENVPN).$(OPENVPN_SUFFIX) >> OPENVPN_SOURCE := $(SRCDIR)/$(OPENVPN).$(OPENVPN_SUFFIX) >> OPENVPN_DIR := $(BUILDDIR)/$(OPENVPN) >> -OPENVPN_LICENSE := GPL-2.0-only WITH openvpn-openssl-exception AND BSD-2-Clause AND BSD-3-Clause >> +OPENVPN_LICENSE := GPL-2.0-only WITH (openvpn-openssl-exception AND custom-exception) AND BSD-2-Clause AND BSD-3-Clause AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) >> OPENVPN_LICENSE_FILES := \ >> - file://COPYING;md5=b76abd82c14ee01cc34c4ff5e3627b89 \ >> + file://COPYING;md5=d8d34ce6390552676e4ce8279f13c48a \ >> file://COPYRIGHT.GPL;md5=52cadf4008002e3c314a47a54fa7306c \ >> - file://src/openvpn/openvpn.c;startline=2;endline=21;md5=82f794c2390084d34cb32d871c17b4be \ >> + file://src/openvpn/openvpn.c;startline=2;endline=21;md5=b9fb1976bc6d8ad5e02a251351dc58f2 \ >> file://src/openvpn/base64.c;startline=2;endline=31;md5=f4debd767645b13107fc5912faf2ad8f \ >> - file://src/compat/compat-lz4.c;startline=13;endline=38;md5=5163f975ae122fe0c260002537edab22 >> + file://src/openvpn/ovpn_dco_linux.h;startline=1;endline=1;md5=b317f96dbe63f35baef28266acb68512 \ >> + file://src/openvpn/ovpn_dco_freebsd.h;startline=1;endline=1;md5=a7ba62aad20f9685c53b0565a263af30 >> >> # ---------------------------------------------------------------------------- >> # Prepare >> @@ -64,13 +65,11 @@ OPENVPN_CONF_OPT := \ >> --enable-management \ >> --disable-pkcs11 \ >> --enable-fragment \ >> - --enable-multihome \ >> --enable-port-share \ >> --disable-debug \ >> --$(call ptx/endis, PTXCONF_OPENVPN_SMALL)-small \ >> + --disable-dco \ >> --enable-iproute2 \ >> - --enable-def-auth \ >> - --enable-pf \ >> --disable-plugin-auth-pam \ >> --enable-plugin-down-root \ >> --disable-pam-dlopen \ >> @@ -81,6 +80,7 @@ OPENVPN_CONF_OPT := \ >> --disable-selinux \ >> --$(call ptx/endis, PTXCONF_OPENVPN_SYSTEMD)-systemd \ >> --disable-async-push \ >> + --disable-wolfssl-options-h \ >> --disable-unit-tests \ >> --with-crypto-library=openssl \ >> --with-openssl-engine >> -- >> 2.40.1 >> >> >> > -- Mit freundlichen Grüßen / Best regards i. A. Andreas Helmcke Hard- und Softwareentwickler / Hard- and Software Developer ela-soft GmbH Entwicklung|GEMOS access / Development|GEMOS access Breitenbachstraße 10 13509 Berlin Germany Phone  +49 30 891003-0 Fax      +49 30 891003-22 ahelmcke@ela-soft.com http://www.ela-soft.com ela-soft GmbH / Company of limited liability Sitz der Gesellschaft: Berlin / Place of residence: Berlin Handelsregistereintrag / Commercial Register entry: Amtsgericht Bln Charlottenburg, HRB 114128 B GF: Julius von Resch / Board of directors: Julius von Resch