1SUMMARY = "A full-featured SSL VPN solution via tun device."
2HOMEPAGE = "https://openvpn.net/"
3SECTION = "net"
4LICENSE = "GPL-2.0-only"
5LIC_FILES_CHKSUM = "file://COPYING;md5=89196bacc47ed37a5b242a535661a049"
6DEPENDS = "lzo lz4 openssl iproute2 libcap-ng ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
7
8inherit autotools systemd update-rc.d pkgconfig
9
10SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \
11           file://0001-configure.ac-eliminate-build-path-from-openvpn-versi.patch \
12           file://openvpn \
13          "
14
15UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads"
16
17SRC_URI[sha256sum] = "1993bbb7b9edb430626eaa24573f881fd3df642f427fcb824b1aed1fca1bcc9b"
18
19CVE_STATUS[CVE-2020-27569] = "not-applicable-config: Applies only Aviatrix OpenVPN client, not openvpn"
20
21INITSCRIPT_PACKAGES = "${PN}"
22INITSCRIPT_NAME:${PN} = "openvpn"
23INITSCRIPT_PARAMS:${PN} = "start 10 2 3 4 5 . stop 70 0 1 6 ."
24
25CFLAGS += "-fno-inline"
26
27# I want openvpn to be able to read password from file (hrw)
28EXTRA_OECONF += "--enable-iproute2"
29EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '--disable-plugin-auth-pam', d)}"
30
31# Explicitly specify IPROUTE to bypass the configure-time check for /sbin/ip on the host.
32EXTRA_OECONF += "IPROUTE=${base_sbindir}/ip"
33
34EXTRA_OECONF += "SYSTEMD_UNIT_DIR=${systemd_system_unitdir} \
35                 TMPFILES_DIR=${nonarch_libdir}/tmpfiles.d \
36                "
37
38PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
39                   ${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)} \
40                  "
41
42PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd"
43PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux"
44
45do_install:append() {
46    install -d ${D}/${sysconfdir}/init.d
47    install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d
48
49    install -d ${D}/${sysconfdir}/openvpn
50    install -d ${D}/${sysconfdir}/openvpn/server
51    install -d ${D}/${sysconfdir}/openvpn/client
52
53    install -d ${D}/${sysconfdir}/openvpn/sample
54    install -m 644 ${S}/sample/sample-config-files/loopback-server  ${D}${sysconfdir}/openvpn/sample/loopback-server.conf
55    install -m 644 ${S}/sample/sample-config-files/loopback-client  ${D}${sysconfdir}/openvpn/sample/loopback-client.conf
56    install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-config-files
57    install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys
58    install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-scripts
59    install -m 644 ${S}/sample/sample-config-files/* ${D}${sysconfdir}/openvpn/sample/sample-config-files
60    install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys
61    install -m 644 ${S}/sample/sample-scripts/* ${D}${sysconfdir}/openvpn/sample/sample-scripts
62
63    install -d -m 710 ${D}/${localstatedir}/lib/openvpn
64}
65
66PACKAGES =+ " ${PN}-sample "
67
68RRECOMMENDS:${PN} = "kernel-module-tun"
69
70FILES:${PN}-dbg += "${libdir}/openvpn/plugins/.debug"
71FILES:${PN} += "${systemd_system_unitdir}/openvpn-server@.service \
72                ${systemd_system_unitdir}/openvpn-client@.service \
73                ${nonarch_libdir}/tmpfiles.d \
74               "
75FILES:${PN}-sample = "${sysconfdir}/openvpn/sample/ \
76                     "
77