xref: /OK3568_Linux_fs/yocto/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1SUMMARY = "A full-featured SSL VPN solution via tun device."
2HOMEPAGE = "https://openvpn.net/"
3SECTION = "net"
4LICENSE = "GPL-2.0-only"
5LIC_FILES_CHKSUM = "file://COPYING;md5=b76abd82c14ee01cc34c4ff5e3627b89"
6DEPENDS = "lzo openssl iproute2 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
7
8inherit autotools systemd update-rc.d
9
10SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \
11           file://openvpn \
12           file://openvpn@.service \
13           file://openvpn-volatile.conf"
14
15UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads"
16
17SRC_URI[sha256sum] = "333a7ef3d5b317968aca2c77bdc29aa7c6d6bb3316eb3f79743b59c53242ad3d"
18
19# CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn.
20CVE_CHECK_IGNORE += "CVE-2020-7224 CVE-2020-27569"
21
22SYSTEMD_SERVICE:${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service"
23SYSTEMD_AUTO_ENABLE = "disable"
24
25INITSCRIPT_PACKAGES = "${PN}"
26INITSCRIPT_NAME:${PN} = "openvpn"
27INITSCRIPT_PARAMS:${PN} = "start 10 2 3 4 5 . stop 70 0 1 6 ."
28
29CFLAGS += "-fno-inline"
30
31# I want openvpn to be able to read password from file (hrw)
32EXTRA_OECONF += "--enable-iproute2"
33EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '--disable-plugin-auth-pam', d)}"
34
35# Explicitly specify IPROUTE to bypass the configure-time check for /sbin/ip on the host.
36EXTRA_OECONF += "IPROUTE=${base_sbindir}/ip"
37
38do_install:append() {
39    install -d ${D}/${sysconfdir}/init.d
40    install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d
41
42    install -d ${D}/${sysconfdir}/openvpn
43    install -d ${D}/${sysconfdir}/openvpn/sample
44    install -m 755 ${S}/sample/sample-config-files/loopback-server  ${D}${sysconfdir}/openvpn/sample/loopback-server.conf
45    install -m 755 ${S}/sample/sample-config-files/loopback-client  ${D}${sysconfdir}/openvpn/sample/loopback-client.conf
46    install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys
47    install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys
48
49    if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
50        install -d ${D}/${systemd_unitdir}/system
51        install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system
52        install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-server.service
53        install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-client.service
54
55        install -d ${D}/${localstatedir}
56        install -d ${D}/${localstatedir}/lib
57        install -d -m 710 ${D}/${localstatedir}/lib/openvpn
58
59        install -d ${D}${sysconfdir}/tmpfiles.d
60        install -m 0644 ${WORKDIR}/openvpn-volatile.conf ${D}${sysconfdir}/tmpfiles.d/openvpn.conf
61        sed -i -e 's#@LOCALSTATEDIR@#${localstatedir}#g' ${D}${sysconfdir}/tmpfiles.d/openvpn.conf
62    fi
63}
64
65PACKAGES =+ " ${PN}-sample "
66
67RRECOMMENDS:${PN} = "kernel-module-tun"
68
69FILES:${PN}-dbg += "${libdir}/openvpn/plugins/.debug"
70FILES:${PN} += "${systemd_unitdir}/system/openvpn@.service \
71                ${sysconfdir}/tmpfiles.d \
72               "
73FILES:${PN}-sample += "${systemd_unitdir}/system/openvpn@loopback-server.service \
74                       ${systemd_unitdir}/system/openvpn@loopback-client.service \
75                       ${sysconfdir}/openvpn/sample/"
76