aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services/openvpn/Makefile
Commit message (Collapse)AuthorAgeFilesLines
* openvpn: move list of params and bools to a separate fileYousong Zhou2017-03-071-1/+5
| | | | | | | So that future patches for addition/removal of them can be more readable Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* openvpn: ssl-enabled variants also provide a virtual openvpn-crypto packageSven Roederer2017-01-261-1/+5
| | | | | | | | | | When relying on x.509 certs for auth and / or encryption of traffic you can't use package openvpn-nossl. Just have your package depend on openvpn-crypto to have SSL-encryption and X.509-support enabled in OpenVPN. If encryption / X.509 is not a must, use virtual packge openvpn, which is provided by all OpenVPN-variants. Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
* openvpn: let all openvpn variants provide a virtual openvpn packageJo-Philipp Wich2017-01-211-1/+2
| | | | | | | | | | Add PROVIDES:=openvpn to the default recipe in order to let all build variants provide a virtual openvpn package. The advantage of this approach is that downstream packages can depend on just "openvpn" without having to require a specific flavor. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* openvpn: update to 2.4.0Magnus Kroken2016-12-301-2/+2
| | | | Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* openvpn: use conditional dependencies to avoid pulling in unused ssl librariesFelix Fietkau2016-12-221-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: reduce binary size using --gc-sections on linkingFelix Fietkau2016-12-221-0/+3
| | | | | | Saves around 9kb gzipped on MIPS Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: update to 2.4_rc2Magnus Kroken2016-12-221-8/+9
| | | | | | | | | | | | | | | | | OpenVPN 2.4 builds with mbedTLS 2.x, rename openvpn-polarssl variant to openvpn-mbedtls. Some feature highlights: * Data channel cipher negotiation * AEAD cipher support for data channel encryption (currently only * AES-GCM) * ECDH key exchange for control channel * LZ4 compression support See https://github.com/OpenVPN/openvpn/blob/master/Changes.rst for additional change notes. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* treewide: clean up download hashesFelix Fietkau2016-12-161-1/+1
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: update to 2.3.13Magnus Kroken2016-11-211-2/+2
| | | | | | Changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.13 Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* openvpn: update to 2.3.12Magnus Kroken2016-08-241-3/+3
| | | | | | | | | 300-upstream-fix-polarssl-mbedtls-builds.patch has been applied upstream. Replaced 101-remove_polarssl_debug_call.patch with upstream backport. Changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.12 Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* openvpn: fix missing cipher list for polarssl in v2.3.11Jo-Philipp Wich2016-06-281-1/+1
| | | | | | | | | | | Upstream OpenSSL hardening work introduced a change in shared code that causes polarssl / mbedtls builds to break when no --tls-cipher is specified. Import the upstream fix commit as patch until the next OpenVPN release gets released and packaged. Reported-by: Sebastian Koch <seb@metafly.info> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* openvpn: update to 2.3.11Magnus Kroken2016-06-131-3/+3
| | | | | | | | | | Security fixes: * Fixed port-share bug with DoS potential * Fix buffer overflow by user supplied data Full changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.11 Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* openvpn: add support for tls-version-minMatteo Panella2016-06-071-1/+1
| | | | | | | | | | | | | Currently, the uci data model does not provide support for specifying the minimum TLS version supported in an OpenVPN instance (be it server or client). This patch adds support for writing the relevant option to the openvpn configuration file at service startup. Signed-off-by: Matteo Panella <morpheus@level28.org> [Jo-Philipp Wich: shorten commit title, bump pkg release] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* openvpn: remove unrecognized optionDirk Neukirchen2016-06-011-1/+0
| | | | | | | | removed upstream in https://github.com/OpenVPN/openvpn/commit/9ffd00e7541d83571b9eec087c6b3545ff68441f now its always on Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
* openvpn: update to version 2.3.10Felix Fietkau2016-01-111-3/+3
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48201
* openvpn: fix configure optionsJohn Crispin2015-12-231-2/+1
| | | | | | | | | | | | | | | - eurephia: commit: Remove the --disable-eurephia configure option - fix option name: http proxy option is now called http-proxy (see configure.ac) fixes: configure: WARNING: unrecognized options: --disable-nls, --disable-eurephia, --enable-http Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de> SVN-Revision: 47979
* package: replace ifconfig-usage with ipSteven Barth2015-09-081-1/+1
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 46832
* openvpn: bump to 2.3.7.Felix Fietkau2015-06-181-3/+3
| | | | | | | | Two patches are dropped as they were already applied upstream. Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> SVN-Revision: 46027
* openvpn: bump PKG_RELEASE.Felix Fietkau2015-06-141-1/+1
| | | | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> SVN-Revision: 45962
* openvpn: disable CBC record splitting in PolarSSL/mbedTLS (#19101)Jo-Philipp Wich2015-05-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | OpenVPN assumes that its control channel messages are sent and received unfragmented, this assumption is broken when CBC record splitting is enabled in mbedTLS. The record splitting is intended as countermeasure against BEAST attacks which do not apply to OpenVPN, therefore we simply disable it until upstream OpenVPN gains the ability to process fragmented control messages. Disabling the splitting also works around a (not remotely triggerable) segmentation fault in mbedTLS. References: * https://dev.openwrt.org/ticket/19101 * https://community.openvpn.net/openvpn/ticket/524 * https://github.com/ARMmbed/mbedtls/pull/185 Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 45602
* openvpn: autostart openvpn instances for each .conf file in /etc/openvpnJo-Philipp Wich2015-02-071-1/+1
| | | | | | | | | | | | | | | Align init behaviour with other distros by starting an OpenVPN instance for each config file found in /etc/openvpn/. This removes the additional requirement to "register" the configs with uci and thus simplifies the setup. Make sure to respect the disabled state in uci to not suddenly autostart instances which have been previously set to disabled, also skip configs which are already started due to uci configuration. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44310
* openvpn: bump PKG_REVISION and copyright yearJo-Philipp Wich2015-01-061-2/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43859
* openvpn: update to 2.3.6, fixes CVE-2014-8104Felix Fietkau2014-12-011-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43482
* license info - revert r43155John Crispin2014-11-031-3/+0
| | | | | | | | turns out that r43155 adds duplicate info. Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 43167
* Add more license tags with SPDX identifiersJohn Crispin2014-11-031-0/+3
| | | | | | | | | | | | | | | | | | Note, that licensing stuff is a nightmare: many packages does not clearly state their licenses, and often multiple source files are simply copied together - each with different licensing information in the file headers. I tried hard to ensure, that the license information extracted into the OpenWRT's makefiles fit the "spirit" of the packages, e.g. such small packages which come without a dedicated source archive "inherites" the OpenWRT's own license in my opinion. However, I can not garantee that I always picked the correct information and/or did not miss license information. Signed-off-by: Michael Heimpold <mhei@heimpold.de> SVN-Revision: 43155
* Add a few SPDX tagsSteven Barth2014-11-021-0/+1
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 43151
* openvpn: update to version 2.3.4Felix Fietkau2014-06-301-3/+3
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 41416
* openvpn: make size optimization configurableFelix Fietkau2014-03-111-1/+1
| | | | | | Signed-off-by: Christoph Kottke <christoph.kottke@gmx.de> SVN-Revision: 39872
* openvpn: make comp_lzo a parameterLuka Perkov2013-10-151-1/+1
| | | | | | | | Possible parameters are yes, no and adaptive. See manpage for more information. Signed-off-by: Philipp Borgers <borgers@mi.fu-berlin.de> SVN-Revision: 38412
* openvpn: switch to new procd init script styleLuka Perkov2013-10-071-2/+2
| | | | | | Signed-off-by: Luka Perkov <luka@openwrt.org> SVN-Revision: 38331
* openvpn: update to 2.3.2Felix Fietkau2013-07-261-1/+2
| | | | | | | | | | | | this patches updates openvpn to v2.3.2 and adds a PKG_MD5SUM to the Makefile This release fixes a memory access violation when cipher none is used on ar71xx - at least with my config Signed-off-by: Peter Wagner <tripolar@gmx.at> SVN-Revision: 37560
* openvpn: enable password save support (#13245)Felix Fietkau2013-04-011-0/+1
| | | | SVN-Revision: 36144
* openvpn: remove the stale PKG_REV variableFelix Fietkau2013-02-051-1/+0
| | | | SVN-Revision: 35499
* openvpn: split easy-rsa into a separate package, it is no longer bundled ↵Felix Fietkau2013-02-051-25/+0
| | | | | | with the release tarball SVN-Revision: 35498
* openvpn: add from openvpn-devel from /packages, fix support for current polarsslFelix Fietkau2013-01-301-0/+148
SVN-Revision: 35412
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-02 04:04:35 +0000