openvpn: update to 2.4.6

Update the OpenVPN package to version 2.4.6, refresh patches and drop menuconfig options which are not supported upstream anymore. Also fix the x509-alt-username configure flag - it is not supported by mbedtls and was syntactically wrong in the Makefile - and the port-share option which has been present in menuconfig but not been used in the Makefile. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years ago · 3082370551
parent 56378bc12d
commit 3082370551
5 changed files with 8 additions and 37 deletions
--- a/package/network/services/openvpn/Config-mbedtls.in
+++ b/package/network/services/openvpn/Config-mbedtls.in
@ -8,10 +8,6 @@ config OPENVPN_mbedtls_ENABLE_LZ4
 	bool "Enable LZ4 compression support"
 	default y

-config OPENVPN_mbedtls_ENABLE_X509_ALT_USERNAME
-	bool "Enable the --x509-username-field feature"
-	default n
-
 config OPENVPN_mbedtls_ENABLE_SERVER
 	bool "Enable server support (otherwise only client mode is support)"
 	default y
@ -28,14 +24,6 @@ config OPENVPN_mbedtls_ENABLE_MANAGEMENT
 #	bool "Enable pkcs11 support"
 #	default n

-config OPENVPN_mbedtls_ENABLE_HTTP
-	bool "Enable HTTP proxy support"
-	default y
-
-config OPENVPN_mbedtls_ENABLE_SOCKS
-	bool "Enable SOCKS proxy support"
-	default y
-
 config OPENVPN_mbedtls_ENABLE_FRAGMENT
 	bool "Enable internal fragmentation support (--fragment)"
 	default y
--- a/package/network/services/openvpn/Config-nossl.in
+++ b/package/network/services/openvpn/Config-nossl.in
@ -16,14 +16,6 @@ config OPENVPN_nossl_ENABLE_MANAGEMENT
 	bool "Enable management server support"
 	default n

-config OPENVPN_nossl_ENABLE_HTTP
-	bool "Enable HTTP proxy support"
-	default y
-
-config OPENVPN_nossl_ENABLE_SOCKS
-	bool "Enable SOCKS proxy support"
-	default y
-
 config OPENVPN_nossl_ENABLE_FRAGMENT
 	bool "Enable internal fragmentation support (--fragment)"
 	default y
--- a/package/network/services/openvpn/Config-openssl.in
+++ b/package/network/services/openvpn/Config-openssl.in
@ -28,14 +28,6 @@ config OPENVPN_openssl_ENABLE_MANAGEMENT
 #	bool "Enable pkcs11 support"
 #	default n

-config OPENVPN_openssl_ENABLE_HTTP
-	bool "Enable HTTP proxy support"
-	default y
-
-config OPENVPN_openssl_ENABLE_SOCKS
-	bool "Enable SOCKS proxy support"
-	default y
-
 config OPENVPN_openssl_ENABLE_FRAGMENT
 	bool "Enable internal fragmentation support (--fragment)"
 	default y
--- a/package/network/services/openvpn/Makefile
+++ b/package/network/services/openvpn/Makefile
@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=openvpn

-PKG_VERSION:=2.4.5
-PKG_RELEASE:=7
+PKG_VERSION:=2.4.6
+PKG_RELEASE:=1

 PKG_SOURCE_URL:=\
 	https://build.openvpn.net/downloads/releases/ \
 	https://swupdate.openvpn.net/community/releases/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=43c0a363a332350f620d1cd93bb431e082bedbc93d4fb872f758650d53c1d29e
+PKG_HASH:=4f6434fa541cc9e363434ea71a16a62cf2615fb2f16af5b38f43ab5939998c26

 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
@ -86,17 +86,16 @@ define Build/Configure
 		--disable-pkcs11 \
 		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_LZO),--enable,--disable)-lzo \
 		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_LZ4),--enable,--disable)-lz4 \
-		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_X509_ALT_USERNAME),enable,disable-x509-alt-username)-ssl \
+		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_X509_ALT_USERNAME),--enable,--disable)-x509-alt-username \
 		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_SERVER),--enable,--disable)-server \
 		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_MANAGEMENT),--enable,--disable)-management \
-		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_SOCKS),--enable,--disable)-socks \
-		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_HTTP),--enable,--disable)-http-proxy \
 		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_FRAGMENT),--enable,--disable)-fragment \
 		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_MULTIHOME),--enable,--disable)-multihome \
 		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_IPROUTE2),--enable,--disable)-iproute2 \
 		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_DEF_AUTH),--enable,--disable)-def-auth \
 		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_PF),--enable,--disable)-pf \
-		$(if $(CONFIG_OPENVPN_NOSSL),--disable-ssl --disable-crypto,--enable-ssl --enable-crypto) \
+		$(if $(CONFIG_OPENVPN_$(BUILD_VARIANT)_ENABLE_PORT_SHARE),--enable,--disable)-port-share \
+		$(if $(CONFIG_OPENVPN_NOSSL),--disable-crypto,--enable-crypto) \
 		$(if $(CONFIG_OPENVPN_OPENSSL),--with-crypto-library=openssl) \
 		$(if $(CONFIG_OPENVPN_MBEDTLS),--with-crypto-library=mbedtls) \
 	)
--- a/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch
+++ b/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch
@ -14,12 +14,12 @@
 -					     # linker will not know about the lz4 library
 -	)
 -    fi
-
+ 
     saved_CFLAGS="${CFLAGS}"
     saved_LIBS="${LIBS}"
     CFLAGS="${CFLAGS} ${LZ4_CFLAGS}"
     LIBS="${LIBS} ${LZ4_LIBS}"
-
+ 
 -    # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars
 -    # are used, check the version directly in the LZ4 include file
 -    if test "${have_lz4}" != "yes"; then