ports/111997: [MAINTAINER] security/openvpn: add multiple-profile feature to rc script

Matthias Andree matthias.andree at gmx.de
Sun Apr 22 07:50:04 UTC 2007 

>Number:         111997
>Category:       ports
>Synopsis:       [MAINTAINER] security/openvpn: add multiple-profile feature to rc script
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Sun Apr 22 07:50:03 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Matthias Andree
>Release:        FreeBSD 6.2-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD merlin.emma.line.org 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #18: Sun Jan 14 13:10:49 CET 2007
>Description:
- Add multiple profile support to rc script (backwards compatible).
- Bump portrevision.
- Update note about OpenVPN 2.0.X newer releases.

This is a revised edition of Gleb Kozyrev's patch (vd: patch-3.diff)

Supersedes: ports/108371
Submitted by: Denis Shaposhnikov and Gleb Kozyrev

Generated with FreeBSD Port Tools 0.77
>How-To-Repeat:
>Fix:

--- openvpn-2.0.6_5.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/security/openvpn/Makefile /root/ports/security/openvpn/Makefile
--- /usr/ports/security/openvpn/Makefile	Sun Feb  4 20:14:20 2007
+++ /root/ports/security/openvpn/Makefile	Sun Feb  4 22:36:03 2007
@@ -7,13 +7,13 @@
 
 PORTNAME=	openvpn
 # -----------------------------------------------------
-# DO NOT BOTHER TO SEND NOTICES ABOUT 2.0.8 AS IT FIXES
+# DO NOT BOTHER TO SEND NOTICES ABOUT 2.0.9 AS IT FIXES
 # WINDOWS-ONLY BUGS THAT DON'T AFFECT *BSD AND THUS
 # DOES NOT WARRANT A PORT UPGRADE! AND UPGRADE REQUESTS
-# WILL BE DROPPED.       -- Matthias Andree, 2006-10-01
+# WILL BE DROPPED.       -- Matthias Andree, 2007-02-04
 # -----------------------------------------------------
 PORTVERSION=	2.0.6
-PORTREVISION=	4
+PORTREVISION=	5
 CATEGORIES=	security net
 # MASTER_SITES points to hosts in distinct data centers,
 # so just one MASTER_SITES entry should be OK.
diff -ruN --exclude=CVS /usr/ports/security/openvpn/files/openvpn.sh.in /root/ports/security/openvpn/files/openvpn.sh.in
--- /usr/ports/security/openvpn/files/openvpn.sh.in	Mon Feb 20 21:47:39 2006
+++ /root/ports/security/openvpn/files/openvpn.sh.in	Sun Feb  4 23:01:09 2007
@@ -1,11 +1,12 @@
 #!/bin/sh
 #
-# openvpn.sh - load tun/tap driver and start OpenVPN daemon
+# openvpn.sh - load tun/tap driver and start OpenVPN daemon(s)
 #
-# (C) Copyright 2005 by Matthias Andree
-# based on suggestions by Matthias Grimm and Dirk Gouders
+# (C) Copyright 2005,2007 by Matthias Andree
+# based on suggestions by Matthias Grimm, Dirk Gouders,
+# profiles feature by Denis Shaposhnikov and Gleb Kozyrev
 #
-# Made in Northrhine-Westphalia, Germany
+# This script is under the new BSD license.
 #
 # $FreeBSD: ports/security/openvpn/files/openvpn.sh.in,v 1.4 2006/02/20 20:47:39 dougb Exp $
 # 
@@ -37,6 +38,7 @@
 #
 # # optional:
 # openvpn_flags=""	# openvpn command line flags
+# openvpn_configdir="%%PREFIX%%/etc/openvpn"			# config directory
 # openvpn_configfile="%%PREFIX%%/etc/openvpn/openvpn.conf" 	# --config file
 # openvpn_dir="%%PREFIX%%/etc/openvpn"				# --cd directory
 #
@@ -44,6 +46,21 @@
 # file and directory where keys and certificates reside differ from the above
 # settings.
 #
+# Add "openvpn_profiles" to run several instances of openvpn with
+# different parameters. Consider the following example:
+#
+#     openvpn_enable="YES"
+#     openvpn_profiles="default tcp"
+#
+# This will run two instances of openvpn: one with default config and pidfile
+# and the other with config file %%PREFIX%%/etc/openvpn/tcp.conf
+# and pidfile /var/run/openvpn_tcp.pid
+#
+# You may specify different locations by setting openvpn_NAME_xxx variables:
+#
+#     openvpn_tcp_configfile="%%PREFIX%%/etc/other/openvpn_tcp.conf"
+#     openvpn_tcp_pidfile="/var/run/openpvn_tcp.pid"
+#
 # Note that we deliberately refrain from unloading drivers.
 #
 # For further documentation, please see openvpn(8).
@@ -78,6 +95,54 @@
 	rm -f "$pidfile" || warn "Could not remove $pidfile."
 }
 
+setup_profile_vars()
+{
+	name=openvpn_$1
+	eval ": \${openvpn_${1}_configfile=${openvpn_configdir}/${1}.conf}"
+	eval ": \${openvpn_${1}_dir=${openvpn_dir}}"
+	eval ": \${openvpn_${1}_flags=${openvpn_flags}}"
+	eval ": \${openvpn_${1}_pidfile=/var/run/openvpn_${1}.pid}"
+	eval "pidfile=\"\${openvpn_${1}_pidfile}\""
+	eval "required_files=\"\${openvpn_${1}_configfile}\""
+	eval "command_args=\"--cd \${openvpn_${1}_dir} --daemon --config \${openvpn_${1}_configfile} --writepid \${pidfile}\""
+}
+
+start_profiles()
+{
+	unset start_cmd start_precmd
+	for _profile in ${openvpn_profiles}; do
+		setup_profile_vars $_profile
+		run_rc_command "${rc_arg}"
+	done
+}
+
+stop_profiles()
+{
+	unset stop_cmd
+	for _profile in ${openvpn_profiles}; do
+		setup_profile_vars $_profile
+		run_rc_command "${rc_arg}"
+	done
+}
+
+status_profiles()
+{
+	unset status_cmd
+	for _profile in ${openvpn_profiles}; do
+		setup_profile_vars $_profile
+		run_rc_command "${rc_arg}"
+	done
+}
+
+reload_profiles()
+{
+	unset reload_cmd
+	for _profile in ${openvpn_profiles}; do
+		setup_profile_vars $_profile
+		run_rc_command "${rc_arg}"
+	done
+}
+
 # support SIGHUP to reparse configuration file
 extra_commands="reload"
 
@@ -93,11 +158,32 @@
 stop_postcmd="stop_postcmd"
 
 load_rc_config ${name}
+
 : ${openvpn_enable="NO"}
 : ${openvpn_flags=""}
 : ${openvpn_if=""}
+: ${openvpn_configdir="${prefix}/etc/openvpn"}
 : ${openvpn_configfile="${prefix}/etc/openvpn/openvpn.conf"}
 : ${openvpn_dir="${prefix}/etc/openvpn"}
+: ${openvpn_profiles="default"}
+: ${openvpn_default_configfile="${openvpn_configfile}"}
+: ${openvpn_default_pidfile="${pidfile}"}
+
 required_files="${openvpn_configfile}"
 command_args="--cd ${openvpn_dir} --daemon --config ${openvpn_configfile} --writepid ${pidfile}"
-run_rc_command "$1"
+
+cmd="$1"
+if [ $# -gt 0 ]; then
+	shift
+fi
+
+[ -n "$*" ] && openvpn_profiles="$*"
+
+if [ -n "${openvpn_profiles}" -a "${openvpn_profiles}" != "default" ]; then
+	start_cmd="start_profiles"
+	stop_cmd="stop_profiles"
+	status_cmd="status_profiles"
+	reload_cmd="reload_profiles"
+fi
+
+run_rc_command "$cmd"
--- openvpn-2.0.6_5.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list