Update net/openvpn to 2.0.2. Changes from version 2.0.1 include:

* Fixed bug in route.c in FreeBSD, Darwin, OpenBSD and NetBSD version of get_default_gateway. Allocated socket for route manipulation is never freed so number of mbufs continuously grow and exhaust system resources after a while (Jaroslav Klaus). * Fixed bug where "--proto tcp-server --mode p2p --management host port" would cause the management port to not respond until the OpenVPN peer connects.
2005-09-01 03:40:42 +00:00 · 2005-09-01 03:40:42 +00:00 · 0078530d42
commit 0078530d42
parent cc27231a6c
5 changed files with 8 additions and 155 deletions
--- a/doc/CHANGES
+++ b/doc/CHANGES
@ -1,4 +1,4 @@
-$NetBSD: CHANGES,v 1.10992 2005/08/31 09:44:56 seb Exp $
+$NetBSD: CHANGES,v 1.10993 2005/09/01 03:40:45 jlam Exp $

 Changes to the packages collection and infrastructure in 2005:

@ -3868,3 +3868,4 @@ Changes to the packages collection and infrastructure in 2005:
 	Updated lang/tcl83 to 8.3.4nb2 [seb 2005-08-31]
 	Updated x11/tk to 8.4.11nb1 [seb 2005-08-31]
 	Updated x11/tk83 to 8.3.4nb1 [seb 2005-08-31]
+	Updated net/openvpn to 2.0.2 [jlam 2005-09-01]
--- a/net/openvpn/Makefile
+++ b/net/openvpn/Makefile
@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.8 2005/08/17 19:55:57 jlam Exp $
+# $NetBSD: Makefile,v 1.9 2005/09/01 03:40:42 jlam Exp $
 #

-DISTNAME=	openvpn-2.0.1
+DISTNAME=	openvpn-2.0.2
 PKGNAME=	${DISTNAME:S/_//}
 CATEGORIES=	net
 MASTER_SITES=	http://openvpn.net/release/ \
--- a/net/openvpn/distinfo
+++ b/net/openvpn/distinfo
@ -1,7 +1,5 @@
-$NetBSD: distinfo,v 1.4 2005/08/17 19:55:57 jlam Exp $
+$NetBSD: distinfo,v 1.5 2005/09/01 03:40:42 jlam Exp $

-SHA1 (openvpn-2.0.1.tar.gz) = d0ce0f41c8832e96511761ba4db1d209267c2caa
-RMD160 (openvpn-2.0.1.tar.gz) = ced7028e996f119ce1b0e21305aaa744d2181fd9
-Size (openvpn-2.0.1.tar.gz) = 662428 bytes
-SHA1 (patch-aa) = c28596050d1f5850219816ea2d855eeda6f37d12
-SHA1 (patch-ab) = d5f9d23078607adbc1bfe23960da6b87725df122
+SHA1 (openvpn-2.0.2.tar.gz) = b1a86e189007dccb969da7e39b18c32819faa9cf
+RMD160 (openvpn-2.0.2.tar.gz) = 0a7a5d73ffda93862d71dd4d61d4e29a0a5d99e3
+Size (openvpn-2.0.2.tar.gz) = 663246 bytes
--- a/net/openvpn/patches/patch-aa
+++ b/net/openvpn/patches/patch-aa
@ -1,14 +0,0 @@
-$NetBSD: patch-aa,v 1.2 2005/08/17 19:55:57 jlam Exp $
-
--- easy-rsa/2.0/README.orig	2005-07-17 16:13:42.000000000 -0400
-+++ easy-rsa/2.0/README
-@@ -46,9 +46,6 @@ Release Notes for easy-rsa-2.0
- 
- * This release only affects the Linux/Unix version of easy-rsa.
-   The Windows version (written to use the Windows shell) is unchanged.
-  Note that the new pkitool script is written in bash, and will not
-  run on Windows unless bash is installed.  To install bash on Windows,
-  see the MSYS package available here: http://www.mingw.org/
- 
- INSTALL easy-rsa
- 
--- a/net/openvpn/patches/patch-ab
+++ b/net/openvpn/patches/patch-ab
@ -1,132 +0,0 @@
-$NetBSD: patch-ab,v 1.2 2005/08/17 19:55:57 jlam Exp $
-
--- easy-rsa/2.0/pkitool.orig	2005-07-15 14:38:14.000000000 -0400
-+++ easy-rsa/2.0/pkitool
-@@ -1,4 +1,4 @@
-#!/bin/bash
-+#!/bin/sh
- 
- #  OpenVPN -- An application to securely tunnel IP networks
- #             over a single TCP/UDP port, with support for SSL/TLS-based
-@@ -31,7 +31,10 @@ PROGNAME=pkitool
- VERSION=2.0
- DEBUG=0
- 
-function need_vars
-+GREP=grep
-+OPENSSL=openssl
-+
-+need_vars()
- {
-     echo '  Please edit the vars script to reflect your configuration,'
-     echo '  then source it with "source ./vars".'
-@@ -40,7 +43,7 @@ function need_vars
-     echo "  Finally, you can run this tool ($PROGNAME) to build certificates/keys."
- }
- 
-function usage
-+usage()
- {
-     echo "$PROGNAME $VERSION"
-     echo "Usage: $PROGNAME [options...] [common-name]"
-@@ -103,7 +106,7 @@ BATCH="-batch"
- CA="ca"
- 
- # Process options
-while [ "$1" ] && [ "${1:0:2}" = "--" ]; do
-+while [ $# -gt 0 ]; do
-     case "$1" in
- 	--server   ) REQ_EXT="$REQ_EXT -extensions server"
- 	             CA_EXT="$CA_EXT -extensions server" ;;
-@@ -115,8 +118,9 @@ while [ "$1" ] && [ "${1:0:2}" = "--" ];
-         --csr      ) DO_CA="0" ;;
-         --sign     ) DO_REQ="0" ;;
-         --pkcs12   ) DO_P12="1" ;;
-	*  )       echo "$PROGNAME: unknown option: $1"
-	           exit 1
-+	--*        ) echo "$PROGNAME: unknown option: $1"
-+	             exit 1 ;;
-+	*          ) break ;;
-     esac
-     shift   
- done
-@@ -128,25 +132,25 @@ if [ $DO_P12 -eq 1 ]; then
- fi
- 
- # If undefined, set default key expiration intervals
-if [ -z $KEY_EXPIRE ]; then
-    export KEY_EXPIRE=3650
-+if [ -z "$KEY_EXPIRE" ]; then
-+    KEY_EXPIRE=3650
- fi
-if [ -z $CA_EXPIRE ]; then
-    export CA_EXPIRE=3650
-+if [ -z "$CA_EXPIRE" ]; then
-+    CA_EXPIRE=3650
- fi
- 
- # Set organizational unit to empty string if undefined
- if [ -z "$KEY_OU" ]; then
-    export KEY_OU=""
-+    KEY_OU=""
- fi
- 
- # Set KEY_CN
- if [ $DO_ROOT -eq 1 ]; then
-     if [ -z "$KEY_CN" ]; then
- 	if [ "$1" ]; then
-	    export KEY_CN="$1"
-+	    KEY_CN="$1"
- 	elif [ "$KEY_ORG" ]; then
-	    export KEY_CN="$KEY_ORG CA"
-+	    KEY_CN="$KEY_ORG CA"
- 	fi
-     fi
-     if [ $BATCH ] && [ "$KEY_CN" ]; then
-@@ -159,9 +163,10 @@ else
- 	usage
- 	exit 1
-     else
-	export KEY_CN="$1"
-+	KEY_CN="$1"
-     fi
- fi
-+export CA_EXPIRE KEY_EXPIRE KEY_OU KEY_CN
- 
- # Show parameters (debugging)
- if [ $DEBUG -eq 1 ]; then
-@@ -186,7 +191,9 @@ if [ -d "$KEY_DIR" ] && [ "$KEY_CONFIG" 
- 
-     # Make sure $KEY_CONFIG points to the correct version
-     # of openssl.cnf
-    if ! grep -Eqi 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" ; then
-+    if $GREP -i 'easy-rsa version 2\.[0-9]' "$KEY_CONFIG" >/dev/null; then
-+	:
-+    else
- 	echo "$PROGNAME: KEY_CONFIG (set by the ./vars script) is pointing to the wrong"
-         echo "version of openssl.cnf: $KEY_CONFIG"
- 	echo "The correct version should have a comment that says: easy-rsa version 2.x";
-@@ -195,7 +202,7 @@ if [ -d "$KEY_DIR" ] && [ "$KEY_CONFIG" 
- 
-     # Build root CA
-     if [ $DO_ROOT -eq 1 ]; then
-	openssl req $BATCH -days $CA_EXPIRE $NODES_REQ -new -x509 \
-+	$OPENSSL req $BATCH -days $CA_EXPIRE $NODES_REQ -new -x509 \
- 	    -keyout "$CA.key" -out "$CA.crt" -config "$KEY_CONFIG" && \
- 	    chmod 0600 "$CA.key"
-     else        
-@@ -209,11 +216,11 @@ if [ -d "$KEY_DIR" ] && [ "$KEY_CONFIG" 
- 	fi
- 
-         # Build cert/key
-	( [ $DO_REQ -eq 0 ] || openssl req $BATCH -days $KEY_EXPIRE $NODES_REQ -new \
-+	( [ $DO_REQ -eq 0 ] || $OPENSSL req $BATCH -days $KEY_EXPIRE $NODES_REQ -new \
- 	        -keyout "$KEY_CN.key" -out "$KEY_CN.csr" $REQ_EXT -config "$KEY_CONFIG" ) && \
-	    ( [ $DO_CA -eq 0 ]  || openssl ca $BATCH -days $KEY_EXPIRE -out "$KEY_CN.crt" \
-+	    ( [ $DO_CA -eq 0 ]  || $OPENSSL ca $BATCH -days $KEY_EXPIRE -out "$KEY_CN.crt" \
- 	        -in "$KEY_CN.csr" $CA_EXT -config "$KEY_CONFIG" ) && \
-	    ( [ $DO_P12 -eq 0 ] || openssl pkcs12 -export -inkey "$KEY_CN.key" \
-+	    ( [ $DO_P12 -eq 0 ] || $OPENSSL pkcs12 -export -inkey "$KEY_CN.key" \
- 	        -in "$KEY_CN.crt" -certfile "$CA.crt" -out "$KEY_CN.p12" $NODES_P12 ) && \
- 	    ( [ $DO_CA -eq 0 ]  || chmod 0600 "$KEY_CN.key" ) && \
- 	    ( [ $DO_P12 -eq 0 ] || chmod 0600 "$KEY_CN.p12" )