# HG changeset patch
# User Michael Schloh von Bennewitz <michael@schloh.com>
# Date 1347037291 -7200
# Node ID 0c12a9c824a06cf1ed7a473be9000826ab27149e
# Parent  af9f2bac68b2766d7ae83b9780d3c9b42b8922a9
Import package vendor original specs for necessary manipulations.

diff -r af9f2bac68b2 -r 0c12a9c824a0 openvpn/fsl.openvpn
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/openvpn/fsl.openvpn	Fri Sep 07 19:01:31 2012 +0200
@@ -0,0 +1,16 @@
+##
+##  fsl.openvpn -- OSSP fsl configuration
+##
+
+ident (openvpn)/.+ q{
+    prefix(
+        prefix="%b %d %H:%M:%S %N <%L> $1[%P]: "
+    )
+    -> {
+        debug: file(
+            path="@l_prefix@/var/openvpn/openvpn.log",
+            perm=0644, jitter=1, monitor=3600
+        )
+    }
+};
+
diff -r af9f2bac68b2 -r 0c12a9c824a0 openvpn/openvpn.conf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/openvpn/openvpn.conf	Fri Sep 07 19:01:31 2012 +0200
@@ -0,0 +1,17 @@
+##
+##  openvpn.conf -- OpenVPN Server Configuration
+##
+
+#   use a dynamic tun(4) device
+dev tun
+
+#   the remote peer
+remote 192.168.0.1
+
+#   10.0.0.1 is the local  VPN endpoint
+#   10.0.0.2 is the remote VPN endpoint
+ifconfig 10.0.0.1 10.0.0.2
+
+#   the pre-shared static key
+secret openvpn.key
+
diff -r af9f2bac68b2 -r 0c12a9c824a0 openvpn/openvpn.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/openvpn/openvpn.patch	Fri Sep 07 19:01:31 2012 +0200
@@ -0,0 +1,13 @@
+Index: tun.c
+--- tun.c.orig	2011-04-06 18:05:52.000000000 +0200
++++ tun.c	2011-04-30 10:22:38.000000000 +0200
+@@ -1400,7 +1400,8 @@
+ #elif defined(TARGET_SOLARIS)
+ 
+ #ifndef TUNNEWPPA
+-#error I need the symbol TUNNEWPPA from net/if_tun.h
++#warning I usually need the symbol TUNNEWPPA from net/if_tun.h -- using a shameless local copy taken from TUN 1.1
++#define TUNNEWPPA   (('T'<<16) | 0x0001)
+ #endif
+ 
+ void
diff -r af9f2bac68b2 -r 0c12a9c824a0 openvpn/openvpn.spec
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/openvpn/openvpn.spec	Fri Sep 07 19:01:31 2012 +0200
@@ -0,0 +1,168 @@
+##
+##  openvpn.spec -- OpenPKG RPM Package Specification
+##  Copyright (c) 2000-2011 OpenPKG Foundation e.V. <http://openpkg.net/>
+##
+##  Permission to use, copy, modify, and distribute this software for
+##  any purpose with or without fee is hereby granted, provided that
+##  the above copyright notice and this permission notice appear in all
+##  copies.
+##
+##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
+##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+##  SUCH DAMAGE.
+##
+
+#   package version
+%define       V_dist 2.2.2
+%define       V_opkg 2.2.2
+
+#   package information
+Name:         openvpn
+Summary:      Virtual Private Network Facility
+URL:          http://openvpn.net/
+Vendor:       James Yonan
+Packager:     OpenPKG Foundation e.V.
+Distribution: OpenPKG Community
+Class:        BASE
+Group:        Network
+License:      GPL
+Version:      %{V_opkg}
+Release:      20111223
+
+#   package options
+%option       with_fsl  yes
+
+#   list of sources
+Source0:      http://swupdate.openvpn.net/community/releases/openvpn-%{V_dist}.tar.gz
+Source1:      rc.openvpn
+Source2:      fsl.openvpn
+Source3:      openvpn.conf
+Patch0:       openvpn.patch
+
+#   build information
+BuildPreReq:  OpenPKG, openpkg >= 20100101
+PreReq:       OpenPKG, openpkg >= 20100101, perl
+BuildPreReq:  openssl, lzo >= 1.08
+PreReq:       openssl, lzo >= 1.08
+%if "%{with_fsl}" == "yes"
+BuildPreReq:  fsl >= 1.3.0
+PreReq:       fsl >= 1.3.0
+%endif
+
+%description
+    OpenVPN is a robust and highly configurable VPN (Virtual Private
+    Network) daemon which can be used to securely link two or more
+    private networks using an encrypted tunnel over the internet.
+
+%track
+    prog openvpn = {
+        version   = %{V_dist}
+        url       = http://openvpn.net/index.php/open-source/downloads.html
+        regex     = openvpn-(2\.[1234](?:\.\d+|_rc\d+))\.tar\.gz
+    }
+
+%prep
+    %setup -q -n openvpn-%{V_dist}
+    %patch -p0
+
+%build
+    #   configure program
+    CC="%{l_cc}" \
+    CFLAGS="%{l_cflags -O}" \
+    CPPFLAGS="%{l_cppflags lzo openssl}" \
+    LDFLAGS="%{l_ldflags} %{l_fsl_ldflags}" \
+    LIBS="%{l_fsl_libs}" \
+    ./configure \
+        --prefix=%{l_prefix} \
+        --mandir=%{l_prefix}/man \
+        --with-ssl-headers=%{l_prefix}/include/openssl \
+        --with-ssl-lib=%{l_prefix}/lib \
+        --with-lzo-headers=%{l_prefix}/include/lzo \
+        --with-lzo-lib=%{l_prefix}/lib
+
+    #   build program
+    %{l_make} %{l_mflags -O}
+
+%install
+    #   install program
+    %{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT"
+
+    #   strip down installation files
+    strip $RPM_BUILD_ROOT%{l_prefix}/sbin/* >/dev/null 2>&1 || true
+    rm -rf $RPM_BUILD_ROOT%{l_prefix}/share/doc >/dev/null 2>&1 || true
+
+    #   install additional files
+    %{l_shtool} install -c -m 755 %{l_value -s -a} \
+        -e 's;/usr/bin/perl;%{l_prefix}/bin/perl;' \
+        sample-scripts/verify-cn $RPM_BUILD_ROOT%{l_prefix}/sbin/openvpn-verify-cn
+
+    #   install run-command script
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
+    %{l_shtool} install -c -m 755 %{l_value -s -a} \
+        %{SOURCE rc.openvpn} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
+
+    #   install default config file
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/openvpn
+    %{l_shtool} install -c -m 644 %{l_value -s -a} \
+        %{SOURCE openvpn.conf} \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/openvpn/
+
+    #   install OSSP fsl configuration
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/fsl
+    %{l_shtool} install -c -m 644 %{l_value -s -a} \
+        %{SOURCE fsl.openvpn} \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/
+
+    #   create run-time directory
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/var/openvpn
+
+    #   determine installation files
+    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
+        %{l_files_std} \
+        '%config %{l_prefix}/etc/fsl/fsl.openvpn' \
+        '%config %{l_prefix}/etc/openvpn/openvpn.conf'
+
+%files -f files
+
+%clean
+
+%post
+    #   on initial install, create a sample shared key
+    if [ $1 -eq 1 ]; then
+        if [ ! -f $RPM_INSTALL_PREFIX/etc/openvpn/openvpn.dh ]; then
+            $RPM_INSTALL_PREFIX/bin/openssl dhparam \
+                -out $RPM_INSTALL_PREFIX/etc/openvpn/openvpn.dh 1024
+        fi
+        if [ ! -f $RPM_INSTALL_PREFIX/etc/openvpn/openvpn.key ]; then
+            $RPM_INSTALL_PREFIX/sbin/openvpn \
+                --genkey --secret $RPM_INSTALL_PREFIX/etc/openvpn/openvpn.key
+        fi
+    fi
+
+    #   after upgrade, restart service
+    [ $1 -eq 2 ] || exit 0
+    eval `%{l_rc} openvpn status 2>/dev/null`
+    [ ".$openvpn_active" = .yes ] && %{l_rc} openvpn restart
+    exit 0
+
+%preun
+    #   before erase, stop service and remove log files
+    [ $1 -eq 0 ] || exit 0
+    %{l_rc} openvpn stop 2>/dev/null
+    rm -f $RPM_INSTALL_PREFIX/var/openvpn/*.log*   >/dev/null 2>&1 || true
+    rm -f $RPM_INSTALL_PREFIX/var/openvpn/*.status >/dev/null 2>&1 || true
+    exit 0
+
diff -r af9f2bac68b2 -r 0c12a9c824a0 openvpn/rc.openvpn
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/openvpn/rc.openvpn	Fri Sep 07 19:01:31 2012 +0200
@@ -0,0 +1,110 @@
+#!@l_prefix@/bin/openpkg rc
+##
+##  rc.openvpn -- Run-Commands
+##
+
+%config
+    openvpn_enable="$openpkg_rc_def"
+    openvpn_log_prolog="true"
+    openvpn_log_epilog="true"
+    openvpn_log_numfiles="10"
+    openvpn_log_minsize="1M"
+    openvpn_log_complevel="9"
+
+%common
+    openvpn_etcdir="@l_prefix@/etc/openvpn"
+    openvpn_vardir="@l_prefix@/var/openvpn"
+    openvpn_signal () {
+        [ -f $openvpn_vardir/$1.pid ] && kill -$2 `cat $openvpn_vardir/$1.pid`
+    }
+
+%status -u @l_susr@ -o
+    openvpn_usable="unknown"
+    openvpn_active="yes"
+    if rcService openvpn enable yes; then
+        for cfgfile in $openvpn_etcdir/*.conf; do
+            [ ".`grep '^disable' $cfgfile`" != . ] && continue
+            name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+            openvpn_signal $name 0
+            if [ $? -ne 0 ]; then
+                openvpn_active="no"
+                break
+            fi
+        done
+    fi
+    echo "openvpn_enable=\"$openvpn_enable\""
+    echo "openvpn_usable=\"$openvpn_usable\""
+    echo "openvpn_active=\"$openvpn_active\""
+
+%start -p 200 -u @l_susr@
+    rcService openvpn enable yes || exit 0
+    rcService openvpn active yes && exit 0
+    if [ -f $openvpn_etcdir/openvpn.sh ]; then
+        sh $openvpn_etcdir/openvpn.sh start || exit $?
+    fi
+    for cfgfile in $openvpn_etcdir/*.conf; do
+        [ ".`grep '^disable' $cfgfile`" != . ] && continue
+        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+        if [ -f $openvpn_etcdir/$name.sh -a ".$name" != .openvpn ]; then
+            sh $openvpn_etcdir/$name.sh start || exit $?
+        fi
+        @l_prefix@/sbin/openvpn \
+            --daemon "$name" \
+            --log-append $openvpn_vardir/$name.log \
+            --writepid $openvpn_vardir/$name.pid \
+            --status $openvpn_vardir/$name.status 60 \
+            --config $cfgfile \
+            --cd $openvpn_etcdir || exit $?
+    done
+
+%stop -p 800 -u @l_susr@
+    rcService openvpn enable yes || exit 0
+    rcService openvpn active no && exit 0
+    for cfgfile in $openvpn_etcdir/*.conf; do
+        [ ".`grep '^disable' $cfgfile`" != . ] && continue
+        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+        openvpn_signal $name TERM
+    done
+    sleep 1
+    for cfgfile in $openvpn_etcdir/*.conf; do
+        [ ".`grep '^disable' $cfgfile`" != . ] && continue
+        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+        if [ -f $openvpn_etcdir/$name.sh -a ".$name" != .openvpn ]; then
+            sh $openvpn_etcdir/$name.sh stop || true
+        fi
+    done
+    if [ -f $openvpn_etcdir/openvpn.sh ]; then
+        sh $openvpn_etcdir/openvpn.sh stop || true
+    fi
+    rm -f $openvpn_vardir/*.pid 2>/dev/null || true
+
+%restart -u @l_susr@
+    rcService openvpn enable yes || exit 0
+    rcService openvpn active no && exit 0
+    rc openvpn stop start
+
+%reload -u @l_susr@
+    rcService openvpn enable yes || exit 0
+    rcService openvpn active no && exit 0
+    for cfgfile in $openvpn_etcdir/*.conf; do
+        [ ".`grep '^disable' $cfgfile`" != . ] && continue
+        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+        openvpn_signal $name USR1
+        if [ -f $openvpn_etcdir/$name.sh ]; then
+            sh $openvpn_etcdir/$name.sh reload || true
+        fi
+    done
+
+%daily -u @l_susr@
+    rcService openvpn enable yes || exit 0
+    for cfgfile in $openvpn_etcdir/*.conf; do
+        [ ".`grep '^disable' $cfgfile`" != . ] && continue
+        name=`echo "$cfgfile" | sed -e 's;^.*/\([^/]*\)\.conf;\1;'`
+        shtool rotate -f \
+            -n ${openvpn_log_numfiles} -s ${openvpn_log_minsize} -d \
+            -z ${openvpn_log_complevel} -o @l_rusr@ -g @l_rgrp@ -m 644 \
+            -P "${openvpn_log_prolog}" \
+            -E "${openvpn_log_epilog}; rc openvpn reload" \
+            $openvpn_vardir/$name.log
+    done
+