[v2] OpenVPN: Update to version 2.4.4
Commit Message
Changed LFS and ROOTFILE for OpenVPN 2.4.4 update.
Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
---
config/rootfiles/common/openvpn | 5 ++++-
lfs/openvpn | 8 +++++---
2 files changed, 9 insertions(+), 4 deletions(-)
Comments
Hi,
there was one line for the script left in the rootfile.
I removed that myself and merged the patch into the OpenSSL 1.1.0 branch. I will
build this now and see if everything goes through. If it does I suppose we will
be able to ship OpenSSL very soon.
Please keep working on the other patches in the meantime.
Best,
-Michael
On Wed, 2018-01-31 at 10:34 +0100, Erik Kapfer wrote:
> Changed LFS and ROOTFILE for OpenVPN 2.4.4 update.
>
> Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
> ---
> config/rootfiles/common/openvpn | 5 ++++-
> lfs/openvpn | 8 +++++---
> 2 files changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/config/rootfiles/common/openvpn b/config/rootfiles/common/openvpn
> index b58e30c..cbfd03e 100644
> --- a/config/rootfiles/common/openvpn
> +++ b/config/rootfiles/common/openvpn
> @@ -1,3 +1,5 @@
> +etc/fcron.daily/ovpn_crl_updater.sh
> +#usr/include/openvpn-msg.h
> #usr/include/openvpn-plugin.h
> #usr/lib/openvpn
> #usr/lib/openvpn/plugins
> @@ -10,11 +12,12 @@ usr/sbin/openvpn
> #usr/share/doc/openvpn
> #usr/share/doc/openvpn/COPYING
> #usr/share/doc/openvpn/COPYRIGHT.GPL
> +#usr/share/doc/openvpn/Changes.rst
> #usr/share/doc/openvpn/README
> #usr/share/doc/openvpn/README.IPv6
> #usr/share/doc/openvpn/README.auth-pam
> #usr/share/doc/openvpn/README.down-root
> -#usr/share/doc/openvpn/README.polarssl
> +#usr/share/doc/openvpn/README.mbedtls
> #usr/share/doc/openvpn/management-notes.txt
> #usr/share/man/man8/openvpn.8
> var/ipfire/ovpn/ca
> diff --git a/lfs/openvpn b/lfs/openvpn
> index 8307d01..a925f78 100644
> --- a/lfs/openvpn
> +++ b/lfs/openvpn
> @@ -1,7 +1,7 @@
> #############################################################################
> ##
> #
> #
> # IPFire.org - A linux based
> firewall #
> -# Copyright (C) 2017 IPFire Team <info@ipfire.org>
> #
> +# Copyright (C) 2018 IPFire Team <info@ipfire.org>
> #
> #
> #
> # This program is free software: you can redistribute it and/or
> modify #
> # it under the terms of the GNU General Public License as published
> by #
> @@ -24,7 +24,7 @@
>
> include Config
>
> -VER = 2.3.18
> +VER = 2.4.4
>
> THISAPP = openvpn-$(VER)
> DL_FILE = $(THISAPP).tar.xz
> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>
> -$(DL_FILE)_MD5 = 844ec9c64aae62051478784b8562f881
> +$(DL_FILE)_MD5 = 7a2002aad1671b24457bc9432a0c5c52
>
> install : $(TARGET)
>
> @@ -96,5 +96,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> mv -v /var/ipfire/ovpn/verify /usr/lib/openvpn/verify
> chown root:root /usr/lib/openvpn/verify
> chmod 755 /usr/lib/openvpn/verify
> +
> @rm -rf $(DIR_APP)
> @$(POSTBUILD)
> +
Hi,
thanks for corrections. Do you keep the openssl-11 branch up to date then so i could pull all changes from there or do you want to use the next branch ?
Greetings,
Erik
Am 31.01.2018 um 17:41 schrieb Michael Tremer:
> Hi,
>
> there was one line for the script left in the rootfile.
>
> I removed that myself and merged the patch into the OpenSSL 1.1.0 branch. I will
> build this now and see if everything goes through. If it does I suppose we will
> be able to ship OpenSSL very soon.
>
> Please keep working on the other patches in the meantime.
>
> Best,
> -Michael
>
> On Wed, 2018-01-31 at 10:34 +0100, Erik Kapfer wrote:
>> Changed LFS and ROOTFILE for OpenVPN 2.4.4 update.
>>
>> Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
>> ---
>> config/rootfiles/common/openvpn | 5 ++++-
>> lfs/openvpn | 8 +++++---
>> 2 files changed, 9 insertions(+), 4 deletions(-)
>>
>> diff --git a/config/rootfiles/common/openvpn b/config/rootfiles/common/openvpn
>> index b58e30c..cbfd03e 100644
>> --- a/config/rootfiles/common/openvpn
>> +++ b/config/rootfiles/common/openvpn
>> @@ -1,3 +1,5 @@
>> +etc/fcron.daily/ovpn_crl_updater.sh
>> +#usr/include/openvpn-msg.h
>> #usr/include/openvpn-plugin.h
>> #usr/lib/openvpn
>> #usr/lib/openvpn/plugins
>> @@ -10,11 +12,12 @@ usr/sbin/openvpn
>> #usr/share/doc/openvpn
>> #usr/share/doc/openvpn/COPYING
>> #usr/share/doc/openvpn/COPYRIGHT.GPL
>> +#usr/share/doc/openvpn/Changes.rst
>> #usr/share/doc/openvpn/README
>> #usr/share/doc/openvpn/README.IPv6
>> #usr/share/doc/openvpn/README.auth-pam
>> #usr/share/doc/openvpn/README.down-root
>> -#usr/share/doc/openvpn/README.polarssl
>> +#usr/share/doc/openvpn/README.mbedtls
>> #usr/share/doc/openvpn/management-notes.txt
>> #usr/share/man/man8/openvpn.8
>> var/ipfire/ovpn/ca
>> diff --git a/lfs/openvpn b/lfs/openvpn
>> index 8307d01..a925f78 100644
>> --- a/lfs/openvpn
>> +++ b/lfs/openvpn
>> @@ -1,7 +1,7 @@
>> #############################################################################
>> ##
>> #
>> #
>> # IPFire.org - A linux based
>> firewall #
>> -# Copyright (C) 2017 IPFire Team <info@ipfire.org>
>> #
>> +# Copyright (C) 2018 IPFire Team <info@ipfire.org>
>> #
>> #
>> #
>> # This program is free software: you can redistribute it and/or
>> modify #
>> # it under the terms of the GNU General Public License as published
>> by #
>> @@ -24,7 +24,7 @@
>>
>> include Config
>>
>> -VER = 2.3.18
>> +VER = 2.4.4
>>
>> THISAPP = openvpn-$(VER)
>> DL_FILE = $(THISAPP).tar.xz
>> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>>
>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>
>> -$(DL_FILE)_MD5 = 844ec9c64aae62051478784b8562f881
>> +$(DL_FILE)_MD5 = 7a2002aad1671b24457bc9432a0c5c52
>>
>> install : $(TARGET)
>>
>> @@ -96,5 +96,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>> mv -v /var/ipfire/ovpn/verify /usr/lib/openvpn/verify
>> chown root:root /usr/lib/openvpn/verify
>> chmod 755 /usr/lib/openvpn/verify
>> +
>> @rm -rf $(DIR_APP)
>> @$(POSTBUILD)
>> +
Hi,
yes I will keep the openssl-11 branch up to date. Make sure that you rebase any
local branches on it instead of merging it because I might remove commits in
between.
I do not know when I am going to merge everything into next. So far at least the
OpenVPN stuff in the webUI are missing and I haven't really done any testing
with the new OpenSSL library, yet. I just built it. Therefore I have no idea
what bugs we might still find.
Best,
-Michael
On Thu, 2018-02-01 at 09:35 +0100, ummeegge wrote:
> Hi,
> thanks for corrections. Do you keep the openssl-11 branch up to date then so i
> could pull all changes from there or do you want to use the next branch ?
>
> Greetings,
>
> Erik
>
>
>
> Am 31.01.2018 um 17:41 schrieb Michael Tremer:
>
> > Hi,
> >
> > there was one line for the script left in the rootfile.
> >
> > I removed that myself and merged the patch into the OpenSSL 1.1.0 branch. I
> > will
> > build this now and see if everything goes through. If it does I suppose we
> > will
> > be able to ship OpenSSL very soon.
> >
> > Please keep working on the other patches in the meantime.
> >
> > Best,
> > -Michael
> >
> > On Wed, 2018-01-31 at 10:34 +0100, Erik Kapfer wrote:
> > > Changed LFS and ROOTFILE for OpenVPN 2.4.4 update.
> > >
> > > Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
> > > ---
> > > config/rootfiles/common/openvpn | 5 ++++-
> > > lfs/openvpn | 8 +++++---
> > > 2 files changed, 9 insertions(+), 4 deletions(-)
> > >
> > > diff --git a/config/rootfiles/common/openvpn
> > > b/config/rootfiles/common/openvpn
> > > index b58e30c..cbfd03e 100644
> > > --- a/config/rootfiles/common/openvpn
> > > +++ b/config/rootfiles/common/openvpn
> > > @@ -1,3 +1,5 @@
> > > +etc/fcron.daily/ovpn_crl_updater.sh
> > > +#usr/include/openvpn-msg.h
> > > #usr/include/openvpn-plugin.h
> > > #usr/lib/openvpn
> > > #usr/lib/openvpn/plugins
> > > @@ -10,11 +12,12 @@ usr/sbin/openvpn
> > > #usr/share/doc/openvpn
> > > #usr/share/doc/openvpn/COPYING
> > > #usr/share/doc/openvpn/COPYRIGHT.GPL
> > > +#usr/share/doc/openvpn/Changes.rst
> > > #usr/share/doc/openvpn/README
> > > #usr/share/doc/openvpn/README.IPv6
> > > #usr/share/doc/openvpn/README.auth-pam
> > > #usr/share/doc/openvpn/README.down-root
> > > -#usr/share/doc/openvpn/README.polarssl
> > > +#usr/share/doc/openvpn/README.mbedtls
> > > #usr/share/doc/openvpn/management-notes.txt
> > > #usr/share/man/man8/openvpn.8
> > > var/ipfire/ovpn/ca
> > > diff --git a/lfs/openvpn b/lfs/openvpn
> > > index 8307d01..a925f78 100644
> > > --- a/lfs/openvpn
> > > +++ b/lfs/openvpn
> > > @@ -1,7 +1,7 @@
> > > ##########################################################################
> > > ###
> > > ##
> > > #
> > >
> > > #
> > > # IPFire.org - A linux based
> > > firewall #
> > > -# Copyright (C) 2017 IPFire Team <info@ipfire.org>
> > >
> > > #
> > > +# Copyright (C) 2018 IPFire Team <info@ipfire.org>
> > >
> > > #
> > > #
> > >
> > > #
> > > # This program is free software: you can redistribute it and/or
> > > modify #
> > > # it under the terms of the GNU General Public License as published
> > > by #
> > > @@ -24,7 +24,7 @@
> > >
> > > include Config
> > >
> > > -VER = 2.3.18
> > > +VER = 2.4.4
> > >
> > > THISAPP = openvpn-$(VER)
> > > DL_FILE = $(THISAPP).tar.xz
> > > @@ -40,7 +40,7 @@ objects = $(DL_FILE)
> > >
> > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> > >
> > > -$(DL_FILE)_MD5 = 844ec9c64aae62051478784b8562f881
> > > +$(DL_FILE)_MD5 = 7a2002aad1671b24457bc9432a0c5c52
> > >
> > > install : $(TARGET)
> > >
> > > @@ -96,5 +96,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> > > mv -v /var/ipfire/ovpn/verify /usr/lib/openvpn/verify
> > > chown root:root /usr/lib/openvpn/verify
> > > chmod 755 /usr/lib/openvpn/verify
> > > +
> > > @rm -rf $(DIR_APP)
> > > @$(POSTBUILD)
> > > +
>
>
Hi Michael,
did a rebase of the branch but it seems that the ROOTFILE changes are not integrated in the CRL updater commit --> https://lists.ipfire.org/pipermail/development/2018-February/003997.html even i have added it to the commit. Can you may integrate the line
etc/fcron.daily/ovpn_crl_updater.sh
again to the OpenVPN ROOTFILE ?
Thanks and greetings,
Erik
Am 01.02.2018 um 12:33 schrieb Michael Tremer:
> Hi,
>
> yes I will keep the openssl-11 branch up to date. Make sure that you rebase any
> local branches on it instead of merging it because I might remove commits in
> between.
>
> I do not know when I am going to merge everything into next. So far at least the
> OpenVPN stuff in the webUI are missing and I haven't really done any testing
> with the new OpenSSL library, yet. I just built it. Therefore I have no idea
> what bugs we might still find.
>
> Best,
> -Michael
@@ -1,3 +1,5 @@
+etc/fcron.daily/ovpn_crl_updater.sh
+#usr/include/openvpn-msg.h
#usr/include/openvpn-plugin.h
#usr/lib/openvpn
#usr/lib/openvpn/plugins
@@ -10,11 +12,12 @@ usr/sbin/openvpn
#usr/share/doc/openvpn
#usr/share/doc/openvpn/COPYING
#usr/share/doc/openvpn/COPYRIGHT.GPL
+#usr/share/doc/openvpn/Changes.rst
#usr/share/doc/openvpn/README
#usr/share/doc/openvpn/README.IPv6
#usr/share/doc/openvpn/README.auth-pam
#usr/share/doc/openvpn/README.down-root
-#usr/share/doc/openvpn/README.polarssl
+#usr/share/doc/openvpn/README.mbedtls
#usr/share/doc/openvpn/management-notes.txt
#usr/share/man/man8/openvpn.8
var/ipfire/ovpn/ca
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2017 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2018 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 2.3.18
+VER = 2.4.4
THISAPP = openvpn-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 844ec9c64aae62051478784b8562f881
+$(DL_FILE)_MD5 = 7a2002aad1671b24457bc9432a0c5c52
install : $(TARGET)
@@ -96,5 +96,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
mv -v /var/ipfire/ovpn/verify /usr/lib/openvpn/verify
chown root:root /usr/lib/openvpn/verify
chmod 755 /usr/lib/openvpn/verify
+
@rm -rf $(DIR_APP)
@$(POSTBUILD)
+