openvpn: update to 2.4.6
authorJo-Philipp Wich <jo@mein.io>
Wed, 28 Nov 2018 20:23:03 +0000 (21:23 +0100)
committerJo-Philipp Wich <jo@mein.io>
Tue, 18 Dec 2018 16:48:19 +0000 (17:48 +0100)
Update the OpenVPN package to version 2.4.6, refresh patches and drop
menuconfig options which are not supported upstream anymore.

Also fix the x509-alt-username configure flag - it is not supported
by mbedtls and was syntactically wrong in the Makefile - and the
port-share option which has been present in menuconfig but not been
used in the Makefile.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from 3082370551e78195def4b3989eba60bc6149cf6d)

package/network/services/openvpn/Config-mbedtls.in
package/network/services/openvpn/Config-nossl.in
package/network/services/openvpn/Config-openssl.in
package/network/services/openvpn/Makefile
package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch

index c1c8c7ac1088c48945479918f0eb536abbcb6895..beac4920229c3c42bd29c3d897505ef2b969cc2a 100644 (file)
@@ -8,10 +8,6 @@ config OPENVPN_mbedtls_ENABLE_LZ4
        bool "Enable LZ4 compression support"
        default y
 
-config OPENVPN_mbedtls_ENABLE_X509_ALT_USERNAME
-       bool "Enable the --x509-username-field feature"
-       default n
-
 config OPENVPN_mbedtls_ENABLE_SERVER
        bool "Enable server support (otherwise only client mode is support)"
        default y
@@ -28,14 +24,6 @@ config OPENVPN_mbedtls_ENABLE_MANAGEMENT
 #      bool "Enable pkcs11 support"
 #      default n
 
-config OPENVPN_mbedtls_ENABLE_HTTP
-       bool "Enable HTTP proxy support"
-       default y
-
-config OPENVPN_mbedtls_ENABLE_SOCKS
-       bool "Enable SOCKS proxy support"
-       default y
-
 config OPENVPN_mbedtls_ENABLE_FRAGMENT
        bool "Enable internal fragmentation support (--fragment)"
        default y
index 199cda01595466d0f8a6f62d59604caadd61904f..79140ad5d1a06c27400db51ea0b1bd9158aca928 100644 (file)
@@ -16,14 +16,6 @@ config OPENVPN_nossl_ENABLE_MANAGEMENT
        bool "Enable management server support"
        default n
 
-config OPENVPN_nossl_ENABLE_HTTP
-       bool "Enable HTTP proxy support"
-       default y
-
-config OPENVPN_nossl_ENABLE_SOCKS
-       bool "Enable SOCKS proxy support"
-       default y
-
 config OPENVPN_nossl_ENABLE_FRAGMENT
        bool "Enable internal fragmentation support (--fragment)"
        default y
index a2bc3de2a2939bccf2be91780dbf1e7f919aeede..f2b618eff1e55923438e61bf2f02b9942115543e 100644 (file)
@@ -28,14 +28,6 @@ config OPENVPN_openssl_ENABLE_MANAGEMENT
 #      bool "Enable pkcs11 support"
 #      default n
 
-config OPENVPN_openssl_ENABLE_HTTP
-       bool "Enable HTTP proxy support"
-       default y
-
-config OPENVPN_openssl_ENABLE_SOCKS
-       bool "Enable SOCKS proxy support"
-       default y
-
 config OPENVPN_openssl_ENABLE_FRAGMENT
        bool "Enable internal fragmentation support (--fragment)"
        default y
index 360ee56fa71e2599f637c157ed859dd9b38e5093..efaccaae29975e7877011b64c3f771f9d7e87ea8 100644 (file)
@@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openvpn
 
-PKG_VERSION:=2.4.5
-PKG_RELEASE:=4.2
+PKG_VERSION:=2.4.6
+PKG_RELEASE:=1
 
 PKG_SOURCE_URL:=\
        https://build.openvpn.net/downloads/releases/ \
        https://swupdate.openvpn.net/community/releases/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=43c0a363a332350f620d1cd93bb431e082bedbc93d4fb872f758650d53c1d29e
+PKG_HASH:=4f6434fa541cc9e363434ea71a16a62cf2615fb2f16af5b38f43ab5939998c26
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
@@ -86,17 +86,16 @@ define Build/Configure
                --disable-pkcs11 \
                $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_LZO),--enable,--disable)-lzo \
                $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_LZ4),--enable,--disable)-lz4 \
-               $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_X509_ALT_USERNAME),enable,disable-x509-alt-username)-ssl \
+               $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_X509_ALT_USERNAME),--enable,--disable)-x509-alt-username \
                $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_SERVER),--enable,--disable)-server \
                $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_MANAGEMENT),--enable,--disable)-management \
-               $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_SOCKS),--enable,--disable)-socks \
-               $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_HTTP),--enable,--disable)-http-proxy \
                $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_FRAGMENT),--enable,--disable)-fragment \
                $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_MULTIHOME),--enable,--disable)-multihome \
                $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_IPROUTE2),--enable,--disable)-iproute2 \
                $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_DEF_AUTH),--enable,--disable)-def-auth \
                $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_PF),--enable,--disable)-pf \
-               $(if $(CONFIG_OPENVPN_NOSSL),--disable-ssl --disable-crypto,--enable-ssl --enable-crypto) \
+               $(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_PORT_SHARE),--enable,--disable)-port-share \
+               $(if $(CONFIG_OPENVPN_NOSSL),--disable-crypto,--enable-crypto) \
                $(if $(CONFIG_OPENVPN_OPENSSL),--with-crypto-library=openssl) \
                $(if $(CONFIG_OPENVPN_MBEDTLS),--with-crypto-library=mbedtls) \
        )
index b3eb7c742af61a7b5ba0aa9f1c0abac41f97d66f..a99f9236443f68017db6f98cd333bb3ce7f85c37 100644 (file)
 -                                           # linker will not know about the lz4 library
 -      )
 -    fi
-
      saved_CFLAGS="${CFLAGS}"
      saved_LIBS="${LIBS}"
      CFLAGS="${CFLAGS} ${LZ4_CFLAGS}"
      LIBS="${LIBS} ${LZ4_LIBS}"
-
 -    # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars
 -    # are used, check the version directly in the LZ4 include file
 -    if test "${have_lz4}" != "yes"; then