openvpn: bump to 2.6.8, add new Haiku tunnel design

* There's still more work to do here. You have to manually ifconfig tun/0 up before running openvpn * You also have to manually still tune routes, openvpn needs route detection. * This won't work until Gerrit 7143 is merged
2026-04-08 21:00:05 +02:00 · 2023-11-30 08:54:04 -06:00
parent bed1caf994
commit 83dd3e4312
2 changed files with 188 additions and 0 deletions
--- a/net-vpn/openvpn/openvpn-2.6.8.recipe
+++ b/net-vpn/openvpn/openvpn-2.6.8.recipe
@@ -0,0 +1,84 @@
+SUMMARY="A Secure tunneling daemon"
+DESCRIPTION="OpenVPN is a robust and highly flexible tunneling application that uses all of the \
+encryption, authentication, and certification features of the OpenSSL library to securely tunnel \
+IP networks over a single UDP or TCPport.
+It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for compression."
+HOMEPAGE="https://openvpn.net"
+COPYRIGHT="2002-2023 OpenVPN Inc"
+LICENSE="OpenVPN
+	GNU GPL v2"
+REVISION="3"
+SOURCE_URI="https://github.com/OpenVPN/openvpn/archive/refs/tags/v$portVersion.tar.gz"
+CHECKSUM_SHA256="36fe5399b59a00932b8c3919c76203176b79125f9023046d3db35a701be891f8"
+SOURCE_FILENAME="openvpn-$portVersion.tar.gz"
+PATCHES="
+	openvpn-$portVersion.patchset
+	"
+
+ARCHITECTURES="all !x86_gcc2"
+SECONDARY_ARCHITECTURES="x86"
+
+commandBinDir=$binDir
+commandSuffix=$secondaryArchSuffix
+if [ "$targetArchitecture" = x86_gcc2 ]; then
+	commandSuffix=
+	commandBinDir=$prefix/bin
+fi
+
+PROVIDES="
+	openvpn$secondaryArchSuffix = $portVersion
+	cmd:openvpn = $portVersion
+	"
+REQUIRES="
+	haiku$secondaryArchSuffix
+	lib:libcrypto$secondaryArchSuffix
+	lib:liblzo2$secondaryArchSuffix
+	lib:liblz4$secondaryArchSuffix
+#	lib:libpkcs11$secondaryArchSuffix
+	lib:libssl$secondaryArchSuffix
+	"
+
+defineDebugInfoPackage openvpn$secondaryArchSuffix \
+	$commandBinDir/openvpn \
+	$libDir/openvpn/plugins/openvpn-plugin-auth-pam.so \
+	$libDir/openvpn/plugins/openvpn-plugin-down-root.so
+
+BUILD_REQUIRES="
+	haiku${secondaryArchSuffix}_devel
+	devel:liblzo2$secondaryArchSuffix
+	devel:liblz4$secondaryArchSuffix
+	devel:libpam$secondaryArchSuffix
+	devel:libpkcs11_helper$secondaryArchSuffix
+	devel:libssl$secondaryArchSuffix
+	"
+BUILD_PREREQUIRES="
+	cmd:aclocal
+	cmd:autoreconf
+	cmd:gcc$secondaryArchSuffix
+	cmd:libtoolize$secondaryArchSuffix
+	cmd:make
+	cmd:pkg_config$secondaryArchSuffix
+	docutils_python39
+	"
+
+BUILD()
+{
+	autoreconf -fi
+	LDFLAGS="-lnetwork" runConfigure --omit-dirs sbinDir ./configure \
+		--sbindir=$commandBinDir \
+		--disable-static
+	make $jobArgs
+}
+
+INSTALL()
+{
+	make install
+
+	# remove libtool files
+	find $libDir -name '*.la' -delete
+}
+
+TEST()
+{
+	make check
+}
--- a/net-vpn/openvpn/patches/openvpn-2.6.8.patchset
+++ b/net-vpn/openvpn/patches/openvpn-2.6.8.patchset
@@ -0,0 +1,104 @@
+From 7a9918bd66d0d8cef4f8ab751436835772231c3d Mon Sep 17 00:00:00 2001
+From: Alexander von Gluck IV <kallisti5@unixzen.com>
+Date: Fri, 17 Nov 2023 14:39:01 -0600
+Subject: [PATCH] Haiku: Introduce basic platform support
+
+* Missing gateway detection in route.c
+* Missing ipv6 routing calls
+---
+ configure.ac        |  4 ++++
+ src/openvpn/route.c | 15 +++++++++++++++
+ src/openvpn/tun.c   | 18 +++++++++++++++++-
+ 3 files changed, 36 insertions(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 84eaad60..4ca8f4f0 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -373,6 +373,10 @@ case "$host" in
+ 		have_tap_header="yes"
+ 		ac_cv_header_net_if_h="no"	# exists, but breaks things
+ 		;;
+	*-*-haiku*)
+		AC_DEFINE([TARGET_HAIKU], [1], [Are we running Haiku?])
+		AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["H"], [Target prefix])
+		;;
+ 	*)
+ 		AC_DEFINE_UNQUOTED([TARGET_PREFIX], ["X"], [Target prefix])
+ 		have_tap_header="yes"
+diff --git a/src/openvpn/route.c b/src/openvpn/route.c
+index ff64938a..85b542c5 100644
+--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
+@@ -1842,6 +1842,21 @@ add_route(struct route_ipv4 *r,
+         status = ret ? RTA_SUCCESS : RTA_ERROR;
+     }
+ 
+#elif defined(TARGET_HAIKU)
+
+    {
+        /* ex: route add /dev/net/ipro1000/0 default gw 192.168.1.1 netmask 255.255.255.0 */
+        argv_printf(&argv, "route add %s inet default gw %s netmask %s",
+                    rgi->iface,
+                    gateway,
+                    netmask);
+
+        argv_msg(D_ROUTE, &argv);
+        bool ret = openvpn_execve_check(&argv, es, 0,
+                                        "ERROR: Haiku route add command failed");
+        status = ret ? RTA_SUCCESS : RTA_ERROR;
+    }
+
+ #else  /* if defined(TARGET_LINUX) */
+     msg(M_FATAL, "Sorry, but I don't know how to do 'route' commands on this operating system.  Try putting your routes in a --route-up script");
+ #endif /* if defined(TARGET_LINUX) */
+diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
+index 82ab6c05..0abd0e46 100644
+--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
+@@ -1643,6 +1643,16 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu,
+     {
+         windows_set_mtu(tt->adapter_index, AF_INET, tun_mtu);
+     }
+#elif defined(TARGET_HAIKU)
+    {
+        /* example: ifconfig tun/0 inet 1.1.1.1 255.255.255.0 mtu 1450 up */
+        // Need to add ifconfig_remote_netmask since right now it is just NULL
+        argv_printf(&argv, "%s %s inet %s %s mtu %d up", IFCONFIG_PATH,
+            ifname, ifconfig_local, ifconfig_remote_netmask, tun_mtu);
+
+        argv_msg(M_INFO, &argv);
+        openvpn_execve_check(&argv, es, S_FATAL, "Haiku ifconfig failed");
+    }
+ #else  /* if defined(TARGET_LINUX) */
+     msg(M_FATAL, "Sorry, but I don't know how to do 'ifconfig' commands on this operating system.  You should ifconfig your TUN/TAP device manually or use an --up script.");
+ #endif /* if defined(TARGET_LINUX) */
+@@ -1899,7 +1909,6 @@ tun_dco_enabled(struct tuntap *tt)
+ }
+ #endif
+ 
+-
+ #if !(defined(_WIN32) || defined(TARGET_LINUX))
+ static void
+ open_tun_generic(const char *dev, const char *dev_type, const char *dev_node,
+@@ -1934,10 +1943,17 @@ open_tun_generic(const char *dev, const char *dev_type, const char *dev_node,
+             {
+                 for (int i = 0; i < 256; ++i)
+                 {
+#if defined(TARGET_HAIKU)
+                    openvpn_snprintf(tunname, sizeof(tunname),
+                                     "/dev/%s/%d", dev, i);
+                    openvpn_snprintf(dynamic_name, sizeof(dynamic_name),
+                                     "%s/%d", dev, i);
+#else
+                     openvpn_snprintf(tunname, sizeof(tunname),
+                                      "/dev/%s%d", dev, i);
+                     openvpn_snprintf(dynamic_name, sizeof(dynamic_name),
+                                      "%s%d", dev, i);
+#endif
+                     if ((tt->fd = open(tunname, O_RDWR)) > 0)
+                     {
+                         dynamic_opened = true;
+-- 
+2.42.1
+