git: 9364842b3b08 - main - security/openvpn-devel: switch to Gitlab and new maintainer

Sat May 29 10:51:55 UTC 2021

The branch main has been updated by mandree:

URL: https://cgit.FreeBSD.org/ports/commit/?id=9364842b3b08f9eaa49bf80c7c14550c2689ab7f

commit 9364842b3b08f9eaa49bf80c7c14550c2689ab7f
Author:     Matthias Andree <mandree at FreeBSD.org>
AuthorDate: 2021-05-29 09:48:46 +0000
Commit:     Matthias Andree <mandree at FreeBSD.org>
CommitDate: 2021-05-29 10:51:00 +0000

    security/openvpn-devel: switch to Gitlab and new maintainer
    
    The previous maintainer asked that the port be removed, but
    we seem to have found a better solution. Gert Doering volunteered
    to take over the port and reference Git directly.
    
    Import security/openvpn fix for leftover .orig files.
    
    PR:             256209
    Maintainer change implicitly
    Approved by:    ecrist at secure-computing.net (removal request)
    New contents reviewed and
    Approved by:    gert at greenie.muc.de (new maintainer, by IRC/mail)
---
 security/openvpn-devel/Makefile                    | 122 +++++++++++----------
 security/openvpn-devel/distinfo                    |   6 +-
 .../files/patch-src_openvpn_openssl__compat.h      |  20 ----
 3 files changed, 68 insertions(+), 80 deletions(-)

diff --git a/security/openvpn-devel/Makefile b/security/openvpn-devel/Makefile
index f942b69ff7e6..842e7f77fe82 100644
--- a/security/openvpn-devel/Makefile
+++ b/security/openvpn-devel/Makefile
@@ -1,94 +1,101 @@
 # Created by: Matthias Andree <mandree at FreeBSD.org>
 
-PORTNAME=		openvpn
-DISTVERSION=		202113
-CATEGORIES=		security net net-vpn
-MASTER_SITES=		https://secure-computing.net/files/openvpn/
-PKGNAMESUFFIX=		-devel
+PORTNAME=	openvpn
+DISTVERSION=	g20210527
+PORTEPOCH=	1
+CATEGORIES=	security net net-vpn
+PKGNAMESUFFIX=	-devel
 
-MAINTAINER=		ecrist at secure-computing.net
+MAINTAINER=	gert at greenie.muc.de
 # let's use ?= in spite of portlint WARNings because this might become
 # security/openvpn one day which would then have a slave port:
-COMMENT?=		Secure IP/Ethernet tunnel daemon
+COMMENT?=	Secure IP/Ethernet tunnel daemon
 
-LICENSE=		GPLv2
+LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/COPYRIGHT.GPL
 
-IGNORE_SSL=		libressl libressl-devel
+BUILD_DEPENDS+=	cmocka>=0:sysutils/cmocka \
+		rst2man:textproc/py-docutils
+LIB_DEPENDS+=	liblzo2.so:archivers/lzo2
 
-USES=			cpe libtool pkgconfig shebangfix tar:xz
+USES=		autoreconf cpe libtool pkgconfig shebangfix tar:xz
+IGNORE_SSL=	libressl libressl-devel
+USE_GITLAB=	yes
+GL_COMMIT=	890225c1783d0f11b2092495ff902a46d7d0d4cd
+USE_RC_SUBR=	openvpn
+
+SHEBANG_FILES=	sample/sample-scripts/auth-pam.pl sample/sample-scripts/ucn.pl \
+		sample/sample-scripts/verify-cn
 
-CONFLICTS_INSTALL?=	openvpn-2.[!4].* openvpn-[!2].* openvpn-beta-[0-9]* openvpn-devel-[0-9]* openvpn-mbedtls-[0-9]*
 GNU_CONFIGURE=		yes
-WRKSRC=			${WRKDIR}/${PORTNAME}${PKGNAMESUFFIX}
-SHEBANG_FILES=		sample/sample-scripts/verify-cn \
-			sample/sample-scripts/auth-pam.pl \
-			sample/sample-scripts/ucn.pl
 CONFIGURE_ARGS+=	--enable-strict
 # set PLUGIN_LIBDIR so that unqualified plugin paths are found:
 CONFIGURE_ENV+=		PLUGINDIR="${PREFIX}/lib/openvpn/plugins"
 
 # let OpenVPN's configure script pick up the requisite libraries,
 # but do not break the plugin build if an older version is installed
-CPPFLAGS+=		-I${WRKSRC}/include -I${LOCALBASE}/include
-LDFLAGS+=		-L${LOCALBASE}/lib
-
-OPTIONS_DEFINE=		PKCS11 EASYRSA DOCS EXAMPLES X509ALTUSERNAME \
-			TEST LZ4 SMALL TUNNELBLICK
-OPTIONS_DEFAULT=	EASYRSA OPENSSL TEST LZ4
-OPTIONS_SINGLE=		SSL
-OPTIONS_SINGLE_SSL=	OPENSSL MBEDTLS
-PKCS11_DESC=		Use security/pkcs11-helper
-EASYRSA_DESC=		Install security/easy-rsa RSA helper package
-MBEDTLS_DESC=		SSL/TLS via mbedTLS (lacks TLS v1.3)
-TUNNELBLICK_DESC=	Tunnelblick XOR scramble patch (READ HELP!)
-X509ALTUSERNAME_DESC=	Enable --x509-username-field (OpenSSL only)
-SMALL_DESC=		Build a smaller executable with fewer features
+.ifdef (LOG_OPENVPN)
+CFLAGS+=	-DLOG_OPENVPN=${LOG_OPENVPN}
+.endif
 
-EASYRSA_RUN_DEPENDS=	easy-rsa>=0:security/easy-rsa
+CPPFLAGS+=	-I${WRKSRC}/include -I${LOCALBASE}/include -DCONFIGURE_GIT_REVISION='\"${GL_COMMIT}\"' -DCONFIGURE_GIT_FLAGS=
+LDFLAGS+=	-L${LOCALBASE}/lib
 
-PKCS11_LIB_DEPENDS=	libpkcs11-helper.so:security/pkcs11-helper
-PKCS11_CONFIGURE_ENABLE=	pkcs11
-PKCS11_PREVENTS=	MBEDTLS
-PKCS11_PREVENTS_MSG=	OpenVPN cannot use pkcs11-helper with mbedTLS. Disable PKCS11, or use OpenSSL instead
+CONFLICTS_INSTALL?=	openvpn-2.[!4].* openvpn-[!2].* openvpn-beta-[0-9]* \
+			openvpn-devel-[0-9]* openvpn-mbedtls-[0-9]*
 
-TUNNELBLICK_EXTRA_PATCHES=	${FILESDIR}/extra-tunnelblick-openvpn_xorpatch
+SUB_FILES=	openvpn-client pkg-message
 
-X509ALTUSERNAME_CONFIGURE_ENABLE=	x509-alt-username
+PORTDOCS=	*
+PORTEXAMPLES=	*
 
+OPTIONS_DEFINE=		DOCS EASYRSA EXAMPLES LZ4 PKCS11 SMALL TEST TUNNELBLICK \
+			X509ALTUSERNAME
+OPTIONS_DEFAULT=	EASYRSA LZ4 OPENSSL TEST
+OPTIONS_SINGLE=		SSL
+OPTIONS_SINGLE_SSL=	MBEDTLS OPENSSL
+
+# option descriptions and interdependencies
+
+EASYRSA_DESC=			Install security/easy-rsa RSA helper package
+MBEDTLS_DESC=			SSL/TLS via mbedTLS (lacks TLS v1.3)
+PKCS11_DESC=			Use security/pkcs11-helper
+PKCS11_PREVENTS=		MBEDTLS
+PKCS11_PREVENTS_MSG=		OpenVPN cannot use pkcs11-helper with mbedTLS. \
+				Disable PKCS11, or use OpenSSL instead
+SMALL_DESC=			Build a smaller executable with fewer features
+TUNNELBLICK_DESC=		Tunnelblick XOR scramble patch (READ HELP!)
+X509ALTUSERNAME_DESC=		Enable --x509-username-field (OpenSSL only)
 X509ALTUSERNAME_PREVENTS=	MBEDTLS
-X509ALTUSERNAME_PREVENTS_MSG=	OpenVPN ${DISTVERSION} cannot use --x509-username-field with mbedTLS. Disable X509ALTUSERNAME, or use OpenSSL instead
+X509ALTUSERNAME_PREVENTS_MSG=	OpenVPN ${DISTVERSION} cannot use \
+				--x509-username-field with mbedTLS. Disable \
+				X509ALTUSERNAME, or use OpenSSL instead
 
-OPENSSL_USES=		ssl
-OPENSSL_CONFIGURE_ON=	--with-crypto-library=openssl
+# option implementations
 
-LZ4_CONFIGURE_OFF=	--disable-lz4
+EASYRSA_RUN_DEPENDS=	easy-rsa>=0:security/easy-rsa
 
-SMALL_CONFIGURE_ON=	--enable-small
+LZ4_LIB_DEPENDS+=	liblz4.so:archivers/liblz4
+LZ4_CONFIGURE_OFF=	--disable-lz4
 
 MBEDTLS_LIB_DEPENDS=	libmbedtls.so:security/mbedtls
 MBEDTLS_CONFIGURE_ON=	--with-crypto-library=mbedtls
 
-USE_RC_SUBR=		openvpn
-
-SUB_FILES=		pkg-message openvpn-client
-
-.ifdef (LOG_OPENVPN)
-CFLAGS+=		-DLOG_OPENVPN=${LOG_OPENVPN}
-.endif
-
-BUILD_DEPENDS+=		cmocka>=0:sysutils/cmocka \
-			rst2man:textproc/py-docutils
-LIB_DEPENDS+=		liblzo2.so:archivers/lzo2
+OPENSSL_USES=		ssl
+OPENSSL_CONFIGURE_ON=	--with-crypto-library=openssl
 
-LZ4_LIB_DEPENDS+=	liblz4.so:archivers/liblz4
+PKCS11_LIB_DEPENDS=		libpkcs11-helper.so:security/pkcs11-helper
+PKCS11_CONFIGURE_ENABLE=	pkcs11
 
-PORTDOCS=		*
-PORTEXAMPLES=		*
+SMALL_CONFIGURE_ON=	--enable-small
 
 TEST_ALL_TARGET=	check
 TEST_TEST_TARGET_OFF=	check
 
+TUNNELBLICK_EXTRA_PATCHES=	${FILESDIR}/extra-tunnelblick-openvpn_xorpatch
+
+X509ALTUSERNAME_CONFIGURE_ENABLE=	x509-alt-username
+
 pre-configure:
 .ifdef (LOG_OPENVPN)
 	@${ECHO} "Building with LOG_OPENVPN=${LOG_OPENVPN}"
@@ -109,10 +116,10 @@ post-configure:
 .include <bsd.port.options.mk>
 
 .if ${PORT_OPTIONS:MMBEDTLS}
-_tlslibs=libmbedtls libmbedx509 libmbedcrypto
+_tlslibs=	libmbedtls libmbedx509 libmbedcrypto
 .else
 # OpenSSL
-_tlslibs=libssl libcrypto
+_tlslibs=	libssl libcrypto
 .endif
 
 # sanity check that we don't inherit incompatible SSL libs through,
@@ -140,5 +147,6 @@ post-install-DOCS-on:
 post-install-EXAMPLES-on:
 	(cd ${WRKSRC}/sample && ${COPYTREE_SHARE} \* ${STAGEDIR}${EXAMPLESDIR}/)
 	${CHMOD} ${BINMODE} ${STAGEDIR}${EXAMPLESDIR}/sample-scripts/*
+	${RM} ${STAGEDIR}${EXAMPLESDIR}/sample-config-files/*.orig
 
 .include <bsd.port.mk>
diff --git a/security/openvpn-devel/distinfo b/security/openvpn-devel/distinfo
index a811b8535a88..8b9af1ac43cb 100644
--- a/security/openvpn-devel/distinfo
+++ b/security/openvpn-devel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1617626192
-SHA256 (openvpn-202113.tar.xz) = 54e5b6870855138fdc92e19354fb03665dde4dd7b899b1672a8fbd85d9b926e5
-SIZE (openvpn-202113.tar.xz) = 1065804
+TIMESTAMP = 1622278095
+SHA256 (openvpn-openvpn-890225c1783d0f11b2092495ff902a46d7d0d4cd_GL0.tar.gz) = 0677e95122f96634ad8b8215052f5cd51ccd554bbd70ab53a05f33c157b27554
+SIZE (openvpn-openvpn-890225c1783d0f11b2092495ff902a46d7d0d4cd_GL0.tar.gz) = 1133002
diff --git a/security/openvpn-devel/files/patch-src_openvpn_openssl__compat.h b/security/openvpn-devel/files/patch-src_openvpn_openssl__compat.h
deleted file mode 100644
index 4f72e79ef421..000000000000
--- a/security/openvpn-devel/files/patch-src_openvpn_openssl__compat.h
+++ /dev/null
@@ -1,20 +0,0 @@
---- src/openvpn/openssl_compat.h.orig	2019-02-20 12:28:23 UTC
-+++ src/openvpn/openssl_compat.h
-@@ -735,7 +735,7 @@ SSL_CTX_get_max_proto_version(SSL_CTX *ctx)
- }
- #endif /* SSL_CTX_get_max_proto_version */
- 
--#ifndef SSL_CTX_set_min_proto_version
-+#if !defined(SSL_CTX_set_min_proto_version) && !defined(LIBRESSL_VERSION_NUMBER)
- /** Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1 */
- static inline int
- SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min)
-@@ -764,7 +764,7 @@ SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_v
- }
- #endif /* SSL_CTX_set_min_proto_version */
- 
--#ifndef SSL_CTX_set_max_proto_version
-+#if !defined(SSL_CTX_set_max_proto_version) && !defined(LIBRESSL_VERSION_NUMBER)
- /** Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1 */
- static inline int
- SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max)
