Update of /cvsroot/leaf/src/bering-uclibc/apps/openvpn In directory sc8-pr-cvs1:/tmp/cvs-serv13710/openvpn
Added Files: buildtool.cfg buildtool.mk iproute.patch openvpn openvpn-1.6_beta1.tar.gz openvpn.conf Log Message: Initial setup/config for an OpenVPN version which no longer requires ifconfig/route --- NEW FILE: buildtool.cfg --- <Server cvs-sourceforge> Type = viewcvs Name = cvs.sourceforge.net/cgi-bin/viewcvs.cgi Serverpath = /leaf/src/bering-uclibc/apps </Server> <File buildtool.mk> Server = cvs-sourceforge Directory = openvpn revision = HEAD </File> <File openvpn-1.6_beta1.tar.gz> Server = cvs-sourceforge envname = OPENVPN_SOURCE directory = openvpn revision = HEAD </File> <File iproute.patch> Server = cvs-sourceforge envname = OPENVPN_PATCH1 directory = openvpn revision = HEAD </File> <File openvpn.conf> Server = cvs-sourceforge directory = openvpn revision = HEAD </File> <File openvpn> Server = cvs-sourceforge directory = openvpn revision = HEAD </File> <Package> <openvpn> Version = 1.6_beta1 Revision = 1 Help <<EOF Easy-to-use, robust, and highly configurable VPN daemon OpenVPN is an easy-to-use, robust, and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the internet See: http://openvpn.sf.net Requires: libcrpto.lrp libssl.lrp LEAF package by __PACKAGER__, __BUILDDATE__ EOF <Permissions> Files = 644 Directories = 755 </Permissions> <Owner> Files = root:root Directories = root:root </Owner> <Contents> <File> Filename = etc/openvpn Type = list </File> <File> Filename = etc/openvpn/openvpn.conf Source = etc/openvpn/openvpn.conf Description = openvpn config Type = conf Type = binary </File> <File> Filename = usr/sbin/openvpn Source = usr/sbin/openvpn Type = binary Permissions = 755 </File> <File> Filename = etc/init.d/openvpn Source = etc/init.d/openvpn Type = binary Permissions = 755 </File> </Contents> </openvpn> </Package> --- NEW FILE: buildtool.mk --- include $(MASTERMAKEFILE) OPENVPN_DIR:=openvpn-1.6_beta1 OPENVPN_TARGET_DIR:=$(BT_BUILD_DIR)/openvpn STRIP_OPTIONS=-s --remove-section=.note --remove-section=.comment source: zcat $(OPENVPN_SOURCE) | tar -xvf - cat $(OPENVPN_PATCH1) | patch -d $(OPENVPN_DIR) -p1 (cd $(OPENVPN_DIR); aclocal ); (cd $(OPENVPN_DIR); libtoolize --copy --force ); (cd $(OPENVPN_DIR); autoheader ); (cd $(OPENVPN_DIR); automake --add-missing --copy --foreign ); (cd $(OPENVPN_DIR); autoconf ); (cd $(OPENVPN_DIR); aclocal); (cd $(OPENVPN_DIR); autoconf); (cd $(OPENVPN_DIR); autoheader ); (cd $(OPENVPN_DIR); automake); (cd $(OPENVPN_DIR); \ rm -rf config.cache; \ CFLAGS=-O2 \ CC=$(TARGET_CC) \ LD=$(TARGET_LD) \ ./configure \ --build=i386-pc-linux-gnu \ --host=i386-pc-linux-gnu \ --target=i386-pc-linux-gnu \ --with-ssl-headers=$(BT_STAGING_DIR)/include/openssl \ --with-ssl-lib=$(BT_STAGING_DIR)/lib \ --disable-dependency-tracking \ --disable-lzo \ --enable-ssl \ --enable-iproute2 \ --with-iproute-path=/sbin/ip \ --includedir=$(BT_STAGING_DIR)/include \ --disable-pthread \ --prefix=/usr \ --libdir=$(BT_STAGING_DIR)/lib ); build: mkdir -p $(OPENVPN_TARGET_DIR)/etc/openvpn mkdir -p $(OPENVPN_TARGET_DIR)/etc/init.d mkdir -p $(OPENVPN_TARGET_DIR)/usr/sbin mkdir -p $(BT_STAGING_DIR)/etc/openvpn mkdir -p $(BT_STAGING_DIR)/etc/init.d mkdir -p $(BT_STAGING_DIR)/usr/sbin make CC=$(TARGET_CC) -C $(OPENVPN_DIR) $(BT_STRIP) $(STRIP_OPTIONS) $(OPENVPN_DIR)/openvpn make DESTDIR=$(OPENVPN_TARGET_DIR) -C $(OPENVPN_DIR) install cp openvpn.conf $(OPENVPN_TARGET_DIR)/etc/openvpn/ cp openvpn $(OPENVPN_TARGET_DIR)/etc/init.d cp openvpn.conf $(BT_STAGING_DIR)/etc/openvpn/ cp openvpn $(BT_STAGING_DIR)/etc/init.d/ cp $(OPENVPN_TARGET_DIR)/usr/sbin/i386-pc-linux-gnu-openvpn $(BT_STAGING_DIR)/usr/sbin/openvpn clean: make -C $(OPENVPN_DIR) clean rm -rf $(OPENVPN_TARGET_DIR) srcclean: rm -rf $(OPENVPN_DIR) --- NEW FILE: iproute.patch --- diff -N -u -r -b openvpn-1.6_beta1/misc.c openvpn-1.6_beta1.hejl/misc.c --- openvpn-1.6_beta1/misc.c Wed Jan 14 07:54:34 2004 +++ openvpn-1.6_beta1.new/misc.c Thu Jan 15 11:33:07 2004 @@ -680,3 +680,29 @@ ++cp; } } + + +/* + * 'stolen' from busybox networking/ifupdown.c + */ +unsigned int count_bits(unsigned int a) +{ + unsigned int result; + result = (a & 0x55) + ((a >> 1) & 0x55); + result = (result & 0x33) + ((result >> 2) & 0x33); + return((result & 0x0F) + ((result >> 4) & 0x0F)); +} + +int count_netmask_bits(const char *dotted_quad) +{ + unsigned int result, a, b, c, d; + /* Found a netmask... Check if it is dotted quad */ + if (sscanf(dotted_quad, "%u.%u.%u.%u", &a, &b, &c, &d) != 4) + return -1; + result = count_bits(a); + result += count_bits(b); + result += count_bits(c); + result += count_bits(d); + return ((int)result); +} + diff -N -u -r -b openvpn-1.6_beta1/misc.h openvpn-1.6_beta1.hejl/misc.h --- openvpn-1.6_beta1/misc.h Thu Nov 6 14:45:12 2003 +++ openvpn-1.6_beta1.hejl/misc.h Thu Jan 15 09:38:32 2004 @@ -138,6 +139,10 @@ void setenv_int (const char *name, int value); void setenv_del (const char *name); +/* convert netmasks for iproute2 */ +int count_netmask_bits(const char *); +unsigned int count_bits(unsigned int ); + /* make cp safe to be passed to system() or set as an environmental variable */ void safe_string (char *cp); @@ -171,3 +176,4 @@ } #endif + diff -N -u -r -b openvpn-1.6_beta1/route.c openvpn-1.6_beta1.hejl/route.c --- openvpn-1.6_beta1/route.c Thu Nov 6 14:45:12 2003 +++ openvpn-1.6_beta1.hejl/route.c Thu Jan 15 09:32:30 2004 @@ -525,6 +525,7 @@ setenv_route (&rl->routes[i], i + 1); } + static void add_route (struct route *r) { @@ -545,14 +546,22 @@ gateway = print_in_addr_t (r->gateway, false); #if defined(TARGET_LINUX) +#ifdef CONFIG_FEATURE_IPROUTE + buf_printf (&buf, IPROUTE_PATH " route add %s/%d via %s", + network, + count_netmask_bits(netmask), + gateway); + if (r->metric_defined) + buf_printf (&buf, " metric %d", r->metric); +#else buf_printf (&buf, ROUTE_PATH " add -net %s netmask %s gw %s", network, netmask, gateway); if (r->metric_defined) buf_printf (&buf, " metric %d", r->metric); - +#endif /*CONFIG_FEATURE_IPROUTE*/ msg (D_ROUTE, "%s", BSTR (&buf)); status = system_check (BSTR (&buf), "ERROR: Linux route add command failed", false); @@ -650,11 +659,16 @@ gateway = print_in_addr_t (r->gateway, false); #if defined(TARGET_LINUX) +#ifdef CONFIG_FEATURE_IPROUTE + buf_printf (&buf, IPROUTE_PATH " route del %s/%d", + network, + count_netmask_bits(netmask)); +#else buf_printf (&buf, ROUTE_PATH " del -net %s netmask %s", network, netmask); - +#endif /*CONFIG_FEATURE_IPROUTE*/ msg (D_ROUTE, "%s", BSTR (&buf)); system_check (BSTR (&buf), "ERROR: Linux route delete command failed", false); diff -N -u -r -b openvpn-1.6_beta1/tun.c openvpn-1.6_beta1.hejl/tun.c --- openvpn-1.6_beta1/tun.c Thu Nov 6 14:45:12 2003 +++ openvpn-1.6_beta1.hejl/tun.c Thu Jan 15 09:52:58 2004 @@ -451,7 +451,46 @@ ifconfig_broadcast = print_in_addr_t (tt->broadcast, false); #if defined(TARGET_LINUX) +#ifdef CONFIG_FEATURE_IPROUTE + /* + * Set the MTU for the device + */ + openvpn_snprintf (command_line, sizeof (command_line), + IPROUTE_PATH " link set dev %s up mtu %d", + actual, + tun_mtu + ); + msg (M_INFO, "%s", command_line); + system_check (command_line, "Linux ip link set failed", true); + + if (tun) { + + /* + * Set the address for the device + */ + openvpn_snprintf (command_line, sizeof (command_line), + IPROUTE_PATH " addr add dev %s local %s peer %s", + actual, + ifconfig_local, + ifconfig_remote_netmask + ); + msg (M_INFO, "%s", command_line); + system_check (command_line, "Linux ip addr add failed", true); + } else { + openvpn_snprintf (command_line, sizeof (command_line), + IPROUTE_PATH " addr add dev %s %s/%s broadcast %s", + actual, + ifconfig_local, + count_netmask_bits(ifconfig_remote_netmask), + ifconfig_broadcast + ); + msg (M_INFO, "%s", command_line); + system_check (command_line, "Linux ip addr add failed", true); + + } + tt->did_ifconfig = true; +#else if (tun) openvpn_snprintf (command_line, sizeof (command_line), IFCONFIG_PATH " %s %s pointopoint %s mtu %d", @@ -472,7 +511,7 @@ msg (M_INFO, "%s", command_line); system_check (command_line, "Linux ifconfig failed", true); tt->did_ifconfig = true; - +#endif /*CONFIG_FEATURE_IPROUTE*/ #elif defined(TARGET_SOLARIS) /* example: ifconfig tun2 10.2.0.2 10.2.0.1 mtu 1450 netmask 255.255.255.255 up */ --- openvpn-1.6_beta1/configure.ac Wed Jan 14 21:30:21 2004 +++ openvpn-1.6_beta1.new/configure.ac Thu Jan 15 11:33:43 2004 @@ -106,6 +106,14 @@ ) AC_DEFINE_UNQUOTED(IFCONFIG_PATH, "$IFCONFIG", [Path to ifconfig tool]) +AC_ARG_WITH(iproute-path, + [ --with-iproute-path=PATH Path to iproute tool], + [IPROUTE="$withval"], + [AC_PATH_PROG([IPROUTE], [ip], [ip], [$PATH:/usr/local/sbin:/usr/sbin:/sbin])] +) +AC_DEFINE_UNQUOTED(IPROUTE_PATH, "$IPROUTE", [Path to iproute tool]) + + AC_ARG_WITH(route-path, [ --with-route-path=PATH Path to route tool], [ROUTE="$withval"], @@ -118,6 +126,13 @@ [LEAK="$withval"] ) +AC_ARG_ENABLE(iproute2, + [ --enable-iproute2 Enable support for iproute2], + AC_DEFINE(CONFIG_FEATURE_IPROUTE, 1, [enable iproute2 support]) + +) + + dnl Guess host type. AC_CANONICAL_HOST AC_CANONICAL_SYSTEM --- NEW FILE: openvpn --- #!/bin/sh -e # # Original version by Robert Leslie # <[EMAIL PROTECTED]>, edited by iwj and cs # Modified for openvpn by Alberto Gonzalez Iniesta <[EMAIL PROTECTED]> RCDLINKS="0,K20 1,K20 2,S20 3,S20 4,S20 5,S20 6,K20" DAEMON=/usr/sbin/openvpn CONFIG_DIR=/etc/openvpn test -x $DAEMON || exit 0 test -d $CONFIG_DIR || exit 0 start_vpn () { $DAEMON --daemon --writepid /var/run/openvpn.$NAME.pid \ --config $CONFIG_DIR/$NAME.conf --cd $CONFIG_DIR || echo -n " FAILED->" echo -n " $NAME" } stop_vpn () { kill `cat $PIDFILE` || true rm $PIDFILE } case "$1" in start) echo -n "Starting openvpn:" for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do NAME=${CONFIG%%.conf} start_vpn done echo "." ;; stop) echo -n "Stopping openvpn:" for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do NAME=`echo $PIDFILE | cut -c18-` NAME=${NAME%%.pid} stop_vpn echo -n " $NAME" done echo "." ;; # We only 'reload' for running VPNs. New ones will only start with 'start' or 'restart'. reload|force-reload) echo -n "Reloading openvpn:" for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do NAME=`echo $PIDFILE | cut -c18-` NAME=${NAME%%.pid} # If openvpn if running under a different user than root we'll need to restart if egrep '^( |\t)*user' $CONFIG_DIR/$NAME.conf > /dev/null 2>&1 ; then stop_vpn sleep 1 start_vpn echo -n "(restarted)" else kill -HUP `cat $PIDFILE` || true # start-stop-daemon --stop --signal HUP --quiet --oknodo \ # --exec $DAEMON --pidfile $PIDFILE echo -n " $NAME" fi done echo "." ;; restart) $0 stop sleep 1 $0 start ;; *) echo "Usage: $0 {start|stop|reload|restart|force-reload}" >&2 exit 1 ;; esac exit 0 # vim:set ai et sts=2 sw=2 tw=0: --- NEW FILE: openvpn-1.6_beta1.tar.gz --- (This appears to be a binary file; contents omitted.) --- NEW FILE: openvpn.conf --- # # Sample OpenVPN configuration file for # using a pre-shared static key. # # ' or ';' may be used to delimit comments. # Use a dynamic tun device. dev tun # Our remote peer # remote mypeer.mydomain # listen on this IP Address local 1.2.3.4 # 10.1.0.1 is our local VPN endpoint # 10.1.0.2 is our remote VPN endpoint ifconfig 10.1.0.1 10.1.0.2 # Our pre-shared static key secret static.key ------------------------------------------------------- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html _______________________________________________ Leaf-cvs-commits mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-cvs-commits