diff options
author | Alan Hicks <alan@lizella.net> | 2010-05-11 15:01:33 +0200 |
---|---|---|
committer | Alan Hicks <alan@lizella.net> | 2010-05-11 15:01:33 +0200 |
commit | c7083434c531beb867188af7bc79e99b2420decf (patch) | |
tree | e4648f34323766291c0aba414a0b3c61bf2763e4 /network | |
parent | ff9b7ad258b1f6f0b13e8584ce1213f997e5253a (diff) |
network/openvpn: Initial import
Diffstat (limited to 'network')
-rw-r--r-- | network/openvpn/README | 26 | ||||
-rw-r--r-- | network/openvpn/openvpn.SlackBuild | 86 | ||||
-rw-r--r-- | network/openvpn/openvpn.info | 8 | ||||
-rw-r--r-- | network/openvpn/slack-desc | 11 |
4 files changed, 131 insertions, 0 deletions
diff --git a/network/openvpn/README b/network/openvpn/README new file mode 100644 index 000000000000..7afb4c0f2837 --- /dev/null +++ b/network/openvpn/README @@ -0,0 +1,26 @@ +OpenVPN is a full-featured SSL VPN solution which can accomodate a wide +range of configurations, including remote access, site-to-site VPNs, +WiFi security, and enterprise-scale remote access solutions with load +balancing, failover, and fine-grained access-controls. + +OpenVPN implements OSI layer 2 or 3 secure network extension using the +industry standard SSL/TLS protocol, supports flexible client +authentication methods based on certificates, smart cards, and/or +2-factor authentication, and allows user or group-specific access +control policies using firewall rules applied to the VPN virtual +interface. + +Naturally OpenVPN depends upon having openssl (not just openssl-solibs) +installed on your computer. However, this script does not include +support for LZO compression. + +Please note that there is no default config file for OpenVPN. This is +by design. OpenVPN can technically use any config file in any location. +However, this script does create an /etc/openvpn/ directory with certs/ +and keys/ subdirectories. Feel free to place config files, keys, and +certificates in these directories. certs/ and keys/ are owned by user +root and group nobody and are not world readable nor writable. +Additionally, they are not writable by group nobody. It is recommended +that you run openvpn nobody:nobody, but you may use another +non-privilaged user and group at your option. Just change the +permissions on these permissions to reflect that if you do. diff --git a/network/openvpn/openvpn.SlackBuild b/network/openvpn/openvpn.SlackBuild new file mode 100644 index 000000000000..f91077047d75 --- /dev/null +++ b/network/openvpn/openvpn.SlackBuild @@ -0,0 +1,86 @@ +#!/bin/sh +# Copyright 2006, Alan Hicks, Lizella, GA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PRGNAM=openvpn +VERSION=2.0.9 +ARCH=${ARCH:-i486} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} +CWD=`pwd` +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/pkg-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP || exit 1 +rm -rf $PRGNAM-$VERSION +tar xzvf $CWD/$PRGNAM-$VERSION.tar.gz || exit 1 +cd $PRGNAM-$VERSION || exit 1 + +# Fix ownership and permissions inside the source tarball. +# It's appalling how many projects have 777 permissions or +# even suid, sgid, and sticky bits set on things. +chown -R root:root . +chmod -R u+w,go+r-w,a-s . + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc/openvpn \ + --localstatedir=/var \ + --disable-lzo \ + || exit 1 + +make || exit 1 +make install-strip DESTDIR=$PKG || exit 1 + +# Create a decent config directory. openvpn doesn't have one by +# default, nor does it have a single config file. +mkdir -p $PKG/etc/openvpn/{certs,keys} +chown root:nobody $PKG/etc/openvpn/{certs,keys} +chmod 750 $PKG/etc/openvpn/{certs,keys} + +if [ -d $PKG/usr/man ]; then +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in `find . -type l` ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +) +fi + +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a AUTHORS COPYING COPYRIGHT.GPL ChangeLog INSTALL INSTALL-win32.txt \ + NEWS PORTS README sample-config-files sample-keys sample-scripts easy-rsa \ + $PKG/usr/doc/$PRGNAM-$VERSION +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz diff --git a/network/openvpn/openvpn.info b/network/openvpn/openvpn.info new file mode 100644 index 000000000000..ba1bc8df971f --- /dev/null +++ b/network/openvpn/openvpn.info @@ -0,0 +1,8 @@ +PRGNAM="openvpn" +VERSION="2.0.9" +HOMEPAGE="http://www.openvpn.net/" +DOWNLOAD="http://openvpn.net/release/openvpn-2.0.9.tar.gz" +MD5SUM="60745008b90b7dbe25fe8337c550fec6" +MAINTAINER="Alan Hicks" +EMAIL="alan@lizella.net" +APPROVED="Alan_Hicks,robw810" diff --git a/network/openvpn/slack-desc b/network/openvpn/slack-desc new file mode 100644 index 000000000000..7d187d4b955d --- /dev/null +++ b/network/openvpn/slack-desc @@ -0,0 +1,11 @@ +openvpn: OpenVPN is a full-featured SSL VPN solution which can accomodate a +openvpn: wide range of configurations, including remote access, site-to-site +openvpn: VPNs, WiFi security, and enterprise-scale remote access solutions +openvpn: with load balancing, failover, and fine-grained access-controls. +openvpn: +openvpn: OpenVPN implements OSI layer 2 or 3 secure network extension using +openvpn: the industry standard SSL/TLS protocol, supports flexible client +openvpn: authentication methods based on certificates, smart cards, and/or +openvpn: 2-factor authentication, and allows user or group-specific access +openvpn: control policies using firewall rules applied to the VPN virtual +openvpn: interface. SlackBuild script written by Alan Hicks <alan@lizella.net> |