From de8b7ddc8cacff4b0c575fc60f48129c72a56544 Mon Sep 17 00:00:00 2001 From: Luiz Angelo Daros de Luca Date: Mon, 7 Dec 2020 18:00:37 -0300 Subject: [PATCH] openvpn-easy-rsa: bump to 3.0.8 New easyrsa will look for missing vars and x509-types where easyrsa is located (following symlink). /usr/bin/easyrsa is now a link to /usr/lib/easyrsa/easyrsa and /usr/lib/easyrsa/{vars,x509-types} a link to /etc/easyrsa/{vars,x509-types}. This keeps the same previous OpenWrt easyrsa behavior which tries to use $PWD/pki and /etc/easyrsa/{vars,x509-types}, but without patching it. Easyrsa can also use env vars to set pki root path (instead of /usr/lib/easyrsa), pki path (instead of $PWD/pki) and vars path. Those variables are commented in /etc/profile.d/50-openvpn-easy-rsa.sh as an example of how to make easyrsa run independent of $PWD. That scriptlet also sets $EASYRSA_TEMP_DIR from $EASYRSA_PKI/tmp to /tmp in order to avoid writing to persistent media (normally flash). However, as a profile scriptlet, it will only be used after session is restarted. The "build" tgz was replaced by the "source" tar. "build" version has a different file structure, making any patch backports too complex. I'm also putting myself as maintainer. Closes openwrt/openwrt#2926, since it moved to openwrt/packages. Signed-off-by: Luiz Angelo Daros de Luca --- net/openvpn-easy-rsa/Makefile | 48 ++++++++++++++----- .../files/openvpn-easy-rsa.profile | 5 ++ .../patches/101-static_EASYRSA.patch | 22 --------- 3 files changed, 41 insertions(+), 34 deletions(-) create mode 100644 net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile delete mode 100644 net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch diff --git a/net/openvpn-easy-rsa/Makefile b/net/openvpn-easy-rsa/Makefile index 0cf73950a..464002b7d 100644 --- a/net/openvpn-easy-rsa/Makefile +++ b/net/openvpn-easy-rsa/Makefile @@ -9,14 +9,23 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn-easy-rsa -PKG_VERSION:=3.0.4 +PKG_VERSION:=3.0.8 PKG_RELEASE:=1 -PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa/releases/download/v$(PKG_VERSION)/ -PKG_SOURCE:=EasyRSA-$(PKG_VERSION).tgz -PKG_HASH:=472167f976c6cb7c860cec6150a5616e163ae20365c81f179811d6ee0779ec5a +PKG_SOURCE_URL:=https://codeload.github.com/OpenVPN/easy-rsa/tar.gz/v$(PKG_VERSION)? +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_HASH:=fd6b67d867c3b8afd53efa2ca015477f6658a02323e1799432083472ac0dd200 + +# For git snapshots +#PKG_SOURCE_PROTO:=git +#PKG_RELEASE=0git$(PKG_SOURCE_DATE) +#PKG_SOURCE_URL:=https://github.com/OpenVPN/easy-rsa.git +#PKG_SOURCE_DATE:=2020-03-30 +#PKG_SOURCE_VERSION:=945c9359f6ae3796df21e2986e49489718e0d5f8 +#PKG_MIRROR_HASH:= + PKG_LICENSE:=GPL-2.0 -PKG_BUILD_DIR:=$(BUILD_DIR)/EasyRSA-$(PKG_VERSION) -PKGARCH:=all +PKG_MAINTAINER:=Luiz Angelo Daros de Luca +PKG_BUILD_DIR:=$(BUILD_DIR)/easy-rsa-$(PKG_VERSION) include $(INCLUDE_DIR)/package.mk @@ -27,6 +36,7 @@ define Package/openvpn-easy-rsa URL:=http://openvpn.net SUBMENU:=VPN DEPENDS:=+openssl-util + PKGARCH:=all endef define Package/openvpn-easy-rsa/conffiles @@ -36,21 +46,31 @@ define Package/openvpn-easy-rsa/conffiles endef define Build/Configure - endef define Build/Compile - + cd $(PKG_BUILD_DIR); \ + $(PKG_BUILD_DIR)/build/build-dist.sh \ + --no-windows \ + --no-compress \ + --dist-clean \ + --version=$(PKG_VERSION) endef define Package/openvpn-easy-rsa/install + + $(INSTALL_DIR) $(1)/usr/lib/easy-rsa/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/easyrsa $(1)/usr/lib/easy-rsa/ + $(INSTALL_DIR) $(1)/usr/bin + $(LN) /usr/lib/easy-rsa/easyrsa $(1)/usr/bin/easyrsa - $(INSTALL_BIN) $(PKG_BUILD_DIR)/easyrsa $(1)/usr/bin/ $(INSTALL_DIR) $(1)/etc/easy-rsa - $(INSTALL_DATA) $(PKG_BUILD_DIR)/openssl-easyrsa.cnf $(1)/etc/easy-rsa/openssl-1.0.cnf + $(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/openssl-easyrsa.cnf $(1)/etc/easy-rsa/openssl-1.0.cnf $(LN) /etc/easy-rsa/openssl-1.0.cnf $(1)/etc/easy-rsa/openssl-easyrsa.cnf - $(INSTALL_DATA) $(PKG_BUILD_DIR)/vars.example $(1)/etc/easy-rsa/vars + $(LN) /etc/easy-rsa/openssl-easyrsa.cnf $(1)/usr/lib/easy-rsa/openssl-easyrsa.cnf + $(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/vars.example $(1)/etc/easy-rsa/vars + $(LN) /etc/easy-rsa/vars $(1)/usr/lib/easy-rsa/vars $(INSTALL_DIR) $(1)/etc/easy-rsa/pki chmod 700 $(1)/etc/easy-rsa/pki @@ -60,10 +80,14 @@ define Package/openvpn-easy-rsa/install chmod 700 $(1)/etc/easy-rsa/pki/reqs $(INSTALL_DIR) $(1)/etc/easy-rsa/x509-types - $(INSTALL_DATA) $(PKG_BUILD_DIR)/x509-types/* $(1)/etc/easy-rsa/x509-types/ + $(INSTALL_DATA) $(PKG_BUILD_DIR)/dist-staging/unix/EasyRSA-$(PKG_VERSION)/x509-types/* $(1)/etc/easy-rsa/x509-types/ + $(LN) /etc/easy-rsa/x509-types $(1)/usr/lib/easy-rsa/x509-types $(INSTALL_DIR) $(1)/lib/upgrade/keep.d $(INSTALL_DATA) files/openvpn-easy-rsa.upgrade $(1)/lib/upgrade/keep.d/$(PKG_NAME) + + $(INSTALL_DIR) $(1)/etc/profile.d + $(INSTALL_DATA) files/openvpn-easy-rsa.profile $(1)/etc/profile.d/50-$(PKG_NAME).sh endef $(eval $(call BuildPackage,openvpn-easy-rsa)) diff --git a/net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile b/net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile new file mode 100644 index 000000000..99a824ae5 --- /dev/null +++ b/net/openvpn-easy-rsa/files/openvpn-easy-rsa.profile @@ -0,0 +1,5 @@ +# default PKI dir +#export EASYRSA=${EASYRSA:-/etc/easy-rsa} +#export EASYRSA_PKI=${EASYRSA_PKI:-$EASYRSA/pki} +#export EASYRSA_VARS_FILE=${EASYRSA_VARS_FILE:-$EASYRSA/vars} +export EASYRSA_TEMP_DIR=${EASYRSA_TEMP_DIR:-${TMPDIR:-/tmp/}} diff --git a/net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch b/net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch deleted file mode 100644 index b81366c60..000000000 --- a/net/openvpn-easy-rsa/patches/101-static_EASYRSA.patch +++ /dev/null @@ -1,22 +0,0 @@ -Index: EasyRSA-3.0.4/easyrsa -=================================================================== ---- EasyRSA-3.0.4.orig/easyrsa -+++ EasyRSA-3.0.4/easyrsa -@@ -1033,7 +1033,7 @@ vars_setup() { - vars= - - # set up program path -- prog_vars="${0%/*}/vars" -+ prog_vars="/etc/easy-rsa/vars" - # set up PKI path - pki_vars="${EASYRSA_PKI:-$PWD/pki}/vars" - -@@ -1060,7 +1060,7 @@ Note: using Easy-RSA configuration from: - fi - - # Set defaults, preferring existing env-vars if present -- set_var EASYRSA "${0%/*}" -+ set_var EASYRSA "/etc/easy-rsa" - set_var EASYRSA_OPENSSL openssl - set_var EASYRSA_PKI "$PWD/pki" - set_var EASYRSA_DN cn_only