From dsh@vlink.ru  Fri Jan 26 12:53:58 2007
Return-Path: <dsh@vlink.ru>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 18C7516A400
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 26 Jan 2007 12:53:58 +0000 (UTC)
	(envelope-from dsh@vlink.ru)
Received: from rigel.internal.vlink.ru (rigel.internal.vlink.ru [85.172.168.9])
	by mx1.freebsd.org (Postfix) with ESMTP id 83A7E13C46B
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 26 Jan 2007 12:53:57 +0000 (UTC)
	(envelope-from dsh@vlink.ru)
Received: from smtp.smtp.vlink.ru (clamav.smtp.vlink.ru [192.168.4.1])
	by deliver.smtp.vlink.ru (Postfix) with ESMTP id C85D8FED6E4
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 26 Jan 2007 15:53:53 +0300 (MSK)
Received: from neva.vlink.ru (neva.vlink.ru [85.172.168.250])
	by smtp.smtp.vlink.ru (Postfix) with ESMTP id 89A2710098C2
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 26 Jan 2007 15:53:53 +0300 (MSK)
Received: from neva.vlink.ru (localhost [127.0.0.1])
	by neva.vlink.ru (8.13.8/8.13.8) with ESMTP id l0QCrqIx010803
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 26 Jan 2007 15:53:52 +0300 (MSK)
	(envelope-from dsh@neva.vlink.ru)
Received: (from dsh@localhost)
	by neva.vlink.ru (8.13.8/8.13.8/Submit) id l0QCrqkU010799;
	Fri, 26 Jan 2007 15:53:52 +0300 (MSK)
	(envelope-from dsh)
Message-Id: <200701261253.l0QCrqkU010799@neva.vlink.ru>
Date: Fri, 26 Jan 2007 15:53:52 +0300 (MSK)
From: Denis Shaposhnikov <dsh@vlink.ru>
Reply-To: Denis Shaposhnikov <dsh@vlink.ru>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Update port: security/openvpn (add profiles support to startup)
X-Send-Pr-Version: 3.113
X-GNATS-Notify: matthias.andree@gmx.de

>Number:         108371
>Category:       ports
>Synopsis:       Update port: security/openvpn (add profiles support to startup)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    vd
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jan 26 13:00:34 GMT 2007
>Closed-Date:    Fri Feb 23 08:40:53 GMT 2007
>Last-Modified:  Fri Feb 23 08:50:06 GMT 2007
>Originator:     Denis Shaposhnikov
>Release:        FreeBSD 7.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD neva.vlink.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #0: Thu Jan 4 15:33:39 MSK 2007 dsh@neva.vlink.ru:/var/FreeBSD/obj/var/FreeBSD/src/sys/MYNERIC i386


	
>Description:

This patch add ability to run several instances of the openvpn to the
startup script. In my situation I use openvpn via UDP mainly but some
of my collegs can use TCP only so I have to run second instance of the
openvpn.

>How-To-Repeat:
	
>Fix:

--- openvpn.orig/files/openvpn.sh.in	Fri Jan 26 14:18:49 2007
+++ openvpn/files/openvpn.sh.in	Fri Jan 26 14:16:25 2007
@@ -44,6 +44,18 @@
 # file and directory where keys and certificates reside differ from the above
 # settings.
 #
+# Add "openvpn_profiles" to run several instances of the openvpn with
+# different parameters. Consider the following example:
+#
+#     openvpn_enable="YES"
+#     openvpn_profiles="def tcp"
+#     openvpn_tcp_configfile="/usr/local/etc/openvpn/openvpn_tcp.conf"
+#     openvpn_tcp_pidfile="/var/run/openpvn_tcp.pid"
+#
+# This will run two instances of the openvpn with parameters taken
+# from appropriate openvpn_PROFILENAME_xxx variables. For unspecified
+# parameters openvpn_xxx varialbes will be used.
+#
 # Note that we deliberately refrain from unloading drivers.
 #
 # For further documentation, please see openvpn(8).
@@ -78,6 +90,36 @@
 	rm -f "$pidfile" || warn "Could not remove $pidfile."
 }
 
+setup_profile_vars()
+{
+	name=openvpn_$1
+	eval ": \${openvpn_${1}_configfile=${openvpn_configfile}}"
+	eval ": \${openvpn_${1}_dir=${openvpn_dir}}"
+	eval ": \${openvpn_${1}_flags=${openvpn_flags}}"
+	eval ": \${openvpn_${1}_pidfile=${pidfile}}"
+	eval "pidfile=\"\${openvpn_${1}_pidfile}\""
+	eval "required_files=\"\${openvpn_${1}_configfile}\""
+	eval "command_args=\"--cd \${openvpn_${1}_dir} --daemon --config \${openvpn_${1}_configfile} --writepid \${pidfile}\""
+}
+
+start_profiles()
+{
+	unset start_cmd start_precmd
+	for _profile in ${openvpn_profiles}; do
+		setup_profile_vars $_profile
+		run_rc_command "${rc_arg}"
+	done
+}
+
+stop_profiles()
+{
+	unset stop_cmd
+	for _profile in ${openvpn_profiles}; do
+		setup_profile_vars $_profile
+		run_rc_command "${rc_arg}"
+	done
+}
+
 # support SIGHUP to reparse configuration file
 extra_commands="reload"
 
@@ -93,11 +135,26 @@
 stop_postcmd="stop_postcmd"
 
 load_rc_config ${name}
+
 : ${openvpn_enable="NO"}
 : ${openvpn_flags=""}
 : ${openvpn_if=""}
 : ${openvpn_configfile="${prefix}/etc/openvpn/openvpn.conf"}
 : ${openvpn_dir="${prefix}/etc/openvpn"}
+
 required_files="${openvpn_configfile}"
 command_args="--cd ${openvpn_dir} --daemon --config ${openvpn_configfile} --writepid ${pidfile}"
-run_rc_command "$1"
+
+cmd="$1"
+if [ $# -gt 0 ]; then
+	shift
+fi
+
+[ -n "$*" ] && openvpn_profiles="$*"
+
+if [ "${openvpn_profiles}" ]; then
+	start_cmd="start_profiles"
+	stop_cmd="stop_profiles"
+fi
+
+run_rc_command "$cmd"
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: edwin 
State-Changed-When: Fri Jan 26 13:00:48 UTC 2007 
State-Changed-Why:  
Awaiting maintainers feedback 

http://www.freebsd.org/cgi/query-pr.cgi?pr=108371 
Responsible-Changed-From-To: freebsd-ports-bugs->vd 
Responsible-Changed-By: vd 
Responsible-Changed-When: Fri Jan 26 14:43:55 UTC 2007 
Responsible-Changed-Why:  
I will take it. This would be a great feature, missed for a long time. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=108371 

From: "Gleb Kozyrev" <gkozyrev@gmail.com>
To: bug-followup@FreeBSD.org, dsh@vlink.ru
Cc:  
Subject: Re: ports/108371: Update port: security/openvpn (add profiles support to startup)
Date: Thu, 1 Feb 2007 16:04:10 +0200

 ------=_Part_8848_14371431.1170338650541
 Content-Type: text/plain; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline
 
 I suggest a little modification to the patch that saves some typing in rc.conf.
 You only have to add
 openvpn_profiles="default tcp"
 and name your second config /usr/local/etc/openvpn/tcp.conf
 
 -- 
 With best regards, Gleb Kozyrev.
 
 ------=_Part_8848_14371431.1170338650541
 Content-Type: application/octet-stream; name=patch-2.diff
 Content-Transfer-Encoding: base64
 X-Attachment-Id: f_exn99w7j
 Content-Disposition: attachment; filename="patch-2.diff"
 
 LS0tIG9wZW52cG4ub3JpZwlUaHUgRmViICAxIDE1OjI1OjEwIDIwMDcKKysrIG9wZW52cG4JVGh1
 IEZlYiAgMSAxNTo1MzoxNSAyMDA3CkBAIC0zNyw2ICszNyw3IEBACiAjCiAjICMgb3B0aW9uYWw6
 CiAjIG9wZW52cG5fZmxhZ3M9IiIJIyBvcGVudnBuIGNvbW1hbmQgbGluZSBmbGFncworIyBvcGVu
 dnBuX2NvbmZpZ2Rpcj0iL3Vzci9sb2NhbC9ldGMvb3BlbnZwbiIJCSAJIyBjb25maWcgZGlyZWN0
 b3J5CiAjIG9wZW52cG5fY29uZmlnZmlsZT0iL3Vzci9sb2NhbC9ldGMvb3BlbnZwbi9vcGVudnBu
 LmNvbmYiIAkjIC0tY29uZmlnIGZpbGUKICMgb3BlbnZwbl9kaXI9Ii91c3IvbG9jYWwvZXRjL29w
 ZW52cG4iCQkJCSMgLS1jZCBkaXJlY3RvcnkKICMKQEAgLTQ0LDYgKzQ1LDIxIEBACiAjIGZpbGUg
 YW5kIGRpcmVjdG9yeSB3aGVyZSBrZXlzIGFuZCBjZXJ0aWZpY2F0ZXMgcmVzaWRlIGRpZmZlciBm
 cm9tIHRoZSBhYm92ZQogIyBzZXR0aW5ncy4KICMKKyMgQWRkICJvcGVudnBuX3Byb2ZpbGVzIiB0
 byBydW4gc2V2ZXJhbCBpbnN0YW5jZXMgb2Ygb3BlbnZwbiB3aXRoCisjIGRpZmZlcmVudCBwYXJh
 bWV0ZXJzLiBDb25zaWRlciB0aGUgZm9sbG93aW5nIGV4YW1wbGU6CisjCisjICAgICBvcGVudnBu
 X2VuYWJsZT0iWUVTIgorIyAgICAgb3BlbnZwbl9wcm9maWxlcz0iZGVmYXVsdCB0Y3AiCisjCisj
 IFRoaXMgd2lsbCBydW4gdHdvIGluc3RhbmNlcyBvZiBvcGVudnBuOiBvbmUgd2l0aCBkZWZhdWx0
 IGNvbmZpZyBhbmQgcGlkZmlsZQorIyBhbmQgdGhlIG90aGVyIHdpdGggY29uZmlnIGZpbGUgL3Vz
 ci9sb2NhbC9ldGMvb3BlbnZwbi90Y3AuY29uZgorIyBhbmQgcGlkZmlsZSAvdmFyL3J1bi9vcGVu
 dnBuX3RjcC5waWQKKyMKKyMgWW91IG1heSBzcGVjaWZ5IGRpZmZlcmVudCBsb2NhdGlvbnMgYnkg
 c2V0dGluZyBvcGVudnBuX05BTUVfeHh4IHZhcmlhYmxlczoKKyMKKyMgICAgIG9wZW52cG5fdGNw
 X2NvbmZpZ2ZpbGU9Ii91c3IvbG9jYWwvZXRjL290aGVyL29wZW52cG5fdGNwLmNvbmYiCisjICAg
 ICBvcGVudnBuX3RjcF9waWRmaWxlPSIvdmFyL3J1bi9vcGVucHZuX3RjcC5waWQiCisjCiAjIE5v
 dGUgdGhhdCB3ZSBkZWxpYmVyYXRlbHkgcmVmcmFpbiBmcm9tIHVubG9hZGluZyBkcml2ZXJzLgog
 IwogIyBGb3IgZnVydGhlciBkb2N1bWVudGF0aW9uLCBwbGVhc2Ugc2VlIG9wZW52cG4oOCkuCkBA
 IC03OCw2ICs5NCwzNiBAQAogCXJtIC1mICIkcGlkZmlsZSIgfHwgd2FybiAiQ291bGQgbm90IHJl
 bW92ZSAkcGlkZmlsZS4iCiB9CiAKK3NldHVwX3Byb2ZpbGVfdmFycygpCit7CisJbmFtZT1vcGVu
 dnBuXyQxCisJZXZhbCAiOiBcJHtvcGVudnBuXyR7MX1fY29uZmlnZmlsZT0ke29wZW52cG5fY29u
 ZmlnZGlyfS8kezF9LmNvbmZ9IgorCWV2YWwgIjogXCR7b3BlbnZwbl8kezF9X2Rpcj0ke29wZW52
 cG5fZGlyfX0iCisJZXZhbCAiOiBcJHtvcGVudnBuXyR7MX1fZmxhZ3M9JHtvcGVudnBuX2ZsYWdz
 fX0iCisJZXZhbCAiOiBcJHtvcGVudnBuXyR7MX1fcGlkZmlsZT0vdmFyL3J1bi9vcGVudnBuXyR7
 MX0ucGlkfSIKKwlldmFsICJwaWRmaWxlPVwiXCR7b3BlbnZwbl8kezF9X3BpZGZpbGV9XCIiCisJ
 ZXZhbCAicmVxdWlyZWRfZmlsZXM9XCJcJHtvcGVudnBuXyR7MX1fY29uZmlnZmlsZX1cIiIKKwll
 dmFsICJjb21tYW5kX2FyZ3M9XCItLWNkIFwke29wZW52cG5fJHsxfV9kaXJ9IC0tZGFlbW9uIC0t
 Y29uZmlnIFwke29wZW52cG5fJHsxfV9jb25maWdmaWxlfSAtLXdyaXRlcGlkIFwke3BpZGZpbGV9
 XCIiCit9CisKK3N0YXJ0X3Byb2ZpbGVzKCkKK3sKKwl1bnNldCBzdGFydF9jbWQgc3RhcnRfcHJl
 Y21kCisJZm9yIF9wcm9maWxlIGluICR7b3BlbnZwbl9wcm9maWxlc307IGRvCisJCXNldHVwX3By
 b2ZpbGVfdmFycyAkX3Byb2ZpbGUKKwkJcnVuX3JjX2NvbW1hbmQgIiR7cmNfYXJnfSIKKwlkb25l
 Cit9CisKK3N0b3BfcHJvZmlsZXMoKQoreworCXVuc2V0IHN0b3BfY21kCisJZm9yIF9wcm9maWxl
 IGluICR7b3BlbnZwbl9wcm9maWxlc307IGRvCisJCXNldHVwX3Byb2ZpbGVfdmFycyAkX3Byb2Zp
 bGUKKwkJcnVuX3JjX2NvbW1hbmQgIiR7cmNfYXJnfSIKKwlkb25lCit9CisKICMgc3VwcG9ydCBT
 SUdIVVAgdG8gcmVwYXJzZSBjb25maWd1cmF0aW9uIGZpbGUKIGV4dHJhX2NvbW1hbmRzPSJyZWxv
 YWQiCiAKQEAgLTkzLDExICsxMzksMzAgQEAKIHN0b3BfcG9zdGNtZD0ic3RvcF9wb3N0Y21kIgog
 CiBsb2FkX3JjX2NvbmZpZyAke25hbWV9CisKIDogJHtvcGVudnBuX2VuYWJsZT0iTk8ifQogOiAk
 e29wZW52cG5fZmxhZ3M9IiJ9CiA6ICR7b3BlbnZwbl9pZj0iIn0KKzogJHtvcGVudnBuX2NvbmZp
 Z2Rpcj0iJHtwcmVmaXh9L2V0Yy9vcGVudnBuIn0KIDogJHtvcGVudnBuX2NvbmZpZ2ZpbGU9IiR7
 cHJlZml4fS9ldGMvb3BlbnZwbi9vcGVudnBuLmNvbmYifQogOiAke29wZW52cG5fZGlyPSIke3By
 ZWZpeH0vZXRjL29wZW52cG4ifQorOiAke29wZW52cG5fcHJvZmlsZXM9ImRlZmF1bHQifQorOiAk
 e29wZW52cG5fZGVmYXVsdF9jb25maWdmaWxlPSIke29wZW52cG5fY29uZmlnZmlsZX0ifQorOiAk
 e29wZW52cG5fZGVmYXVsdF9waWRmaWxlPSIke3BpZGZpbGV9In0KKwogcmVxdWlyZWRfZmlsZXM9
 IiR7b3BlbnZwbl9jb25maWdmaWxlfSIKIGNvbW1hbmRfYXJncz0iLS1jZCAke29wZW52cG5fZGly
 fSAtLWRhZW1vbiAtLWNvbmZpZyAke29wZW52cG5fY29uZmlnZmlsZX0gLS13cml0ZXBpZCAke3Bp
 ZGZpbGV9IgotcnVuX3JjX2NvbW1hbmQgIiQxIgorCitjbWQ9IiQxIgoraWYgWyAkIyAtZ3QgMCBd
 OyB0aGVuCisJc2hpZnQKK2ZpCisKK1sgLW4gIiQqIiBdICYmIG9wZW52cG5fcHJvZmlsZXM9IiQq
 IgorCitpZiBbICIke29wZW52cG5fcHJvZmlsZXN9IiBdOyB0aGVuCisJc3RhcnRfY21kPSJzdGFy
 dF9wcm9maWxlcyIKKwlzdG9wX2NtZD0ic3RvcF9wcm9maWxlcyIKK2ZpCisKK3J1bl9yY19jb21t
 YW5kICIkY21kIgo=
 ------=_Part_8848_14371431.1170338650541--

From: "Gleb Kozyrev" <gkozyrev@gmail.com>
To: bug-followup@FreeBSD.org, dsh@vlink.ru
Cc:  
Subject: Re: ports/108371: Update port: security/openvpn (add profiles support to startup)
Date: Thu, 1 Feb 2007 16:07:10 +0200

 And please consider modifying the same way the security/openvpn-devel port.
 
 -- 
 With best regards, Gleb Kozyrev.

From: Gleb Kozyrev <gkozyrev@gmail.com>
To: <bug-followup@FreeBSD.org>
Cc:  
Subject: Re: ports/108371: Update port: security/openvpn (add profiles support to startup)
Date: Thu, 1 Feb 2007 17:23:18 +0200

 This is a multi-part message in MIME format.
 
 ------=_NextPart_000_0027_01C74625.AA652C80
 Content-Type: text/plain;
 	format=flowed;
 	charset="koi8-r";
 	reply-type=original
 Content-Transfer-Encoding: 7bit
 
 Sending the attachment again. Hope it works now...
 ------=_NextPart_000_0027_01C74625.AA652C80
 Content-Type: application/octet-stream;
 	name="patch-2.diff"
 Content-Transfer-Encoding: quoted-printable
 Content-Disposition: attachment;
 	filename="patch-2.diff"
 
 --- openvpn.orig	Thu Feb  1 15:25:10 2007=0A=
 +++ openvpn	Thu Feb  1 15:53:15 2007=0A=
 @@ -37,6 +37,7 @@=0A=
  #=0A=
  # # optional:=0A=
  # openvpn_flags=3D""	# openvpn command line flags=0A=
 +# openvpn_configdir=3D"/usr/local/etc/openvpn"		 	# config directory=0A=
  # openvpn_configfile=3D"/usr/local/etc/openvpn/openvpn.conf" 	# =
 --config file=0A=
  # openvpn_dir=3D"/usr/local/etc/openvpn"				# --cd directory=0A=
  #=0A=
 @@ -44,6 +45,21 @@=0A=
  # file and directory where keys and certificates reside differ from the =
 above=0A=
  # settings.=0A=
  #=0A=
 +# Add "openvpn_profiles" to run several instances of openvpn with=0A=
 +# different parameters. Consider the following example:=0A=
 +#=0A=
 +#     openvpn_enable=3D"YES"=0A=
 +#     openvpn_profiles=3D"default tcp"=0A=
 +#=0A=
 +# This will run two instances of openvpn: one with default config and =
 pidfile=0A=
 +# and the other with config file /usr/local/etc/openvpn/tcp.conf=0A=
 +# and pidfile /var/run/openvpn_tcp.pid=0A=
 +#=0A=
 +# You may specify different locations by setting openvpn_NAME_xxx =
 variables:=0A=
 +#=0A=
 +#     openvpn_tcp_configfile=3D"/usr/local/etc/other/openvpn_tcp.conf"=0A=
 +#     openvpn_tcp_pidfile=3D"/var/run/openpvn_tcp.pid"=0A=
 +#=0A=
  # Note that we deliberately refrain from unloading drivers.=0A=
  #=0A=
  # For further documentation, please see openvpn(8).=0A=
 @@ -78,6 +94,36 @@=0A=
  	rm -f "$pidfile" || warn "Could not remove $pidfile."=0A=
  }=0A=
  =0A=
 +setup_profile_vars()=0A=
 +{=0A=
 +	name=3Dopenvpn_$1=0A=
 +	eval ": \${openvpn_${1}_configfile=3D${openvpn_configdir}/${1}.conf}"=0A=
 +	eval ": \${openvpn_${1}_dir=3D${openvpn_dir}}"=0A=
 +	eval ": \${openvpn_${1}_flags=3D${openvpn_flags}}"=0A=
 +	eval ": \${openvpn_${1}_pidfile=3D/var/run/openvpn_${1}.pid}"=0A=
 +	eval "pidfile=3D\"\${openvpn_${1}_pidfile}\""=0A=
 +	eval "required_files=3D\"\${openvpn_${1}_configfile}\""=0A=
 +	eval "command_args=3D\"--cd \${openvpn_${1}_dir} --daemon --config =
 \${openvpn_${1}_configfile} --writepid \${pidfile}\""=0A=
 +}=0A=
 +=0A=
 +start_profiles()=0A=
 +{=0A=
 +	unset start_cmd start_precmd=0A=
 +	for _profile in ${openvpn_profiles}; do=0A=
 +		setup_profile_vars $_profile=0A=
 +		run_rc_command "${rc_arg}"=0A=
 +	done=0A=
 +}=0A=
 +=0A=
 +stop_profiles()=0A=
 +{=0A=
 +	unset stop_cmd=0A=
 +	for _profile in ${openvpn_profiles}; do=0A=
 +		setup_profile_vars $_profile=0A=
 +		run_rc_command "${rc_arg}"=0A=
 +	done=0A=
 +}=0A=
 +=0A=
  # support SIGHUP to reparse configuration file=0A=
  extra_commands=3D"reload"=0A=
  =0A=
 @@ -93,11 +139,30 @@=0A=
  stop_postcmd=3D"stop_postcmd"=0A=
  =0A=
  load_rc_config ${name}=0A=
 +=0A=
  : ${openvpn_enable=3D"NO"}=0A=
  : ${openvpn_flags=3D""}=0A=
  : ${openvpn_if=3D""}=0A=
 +: ${openvpn_configdir=3D"${prefix}/etc/openvpn"}=0A=
  : ${openvpn_configfile=3D"${prefix}/etc/openvpn/openvpn.conf"}=0A=
  : ${openvpn_dir=3D"${prefix}/etc/openvpn"}=0A=
 +: ${openvpn_profiles=3D"default"}=0A=
 +: ${openvpn_default_configfile=3D"${openvpn_configfile}"}=0A=
 +: ${openvpn_default_pidfile=3D"${pidfile}"}=0A=
 +=0A=
  required_files=3D"${openvpn_configfile}"=0A=
  command_args=3D"--cd ${openvpn_dir} --daemon --config =
 ${openvpn_configfile} --writepid ${pidfile}"=0A=
 -run_rc_command "$1"=0A=
 +=0A=
 +cmd=3D"$1"=0A=
 +if [ $# -gt 0 ]; then=0A=
 +	shift=0A=
 +fi=0A=
 +=0A=
 +[ -n "$*" ] && openvpn_profiles=3D"$*"=0A=
 +=0A=
 +if [ "${openvpn_profiles}" ]; then=0A=
 +	start_cmd=3D"start_profiles"=0A=
 +	stop_cmd=3D"stop_profiles"=0A=
 +fi=0A=
 +=0A=
 +run_rc_command "$cmd"=0A=
 
 ------=_NextPart_000_0027_01C74625.AA652C80--
 

From: Vasil Dimov <vd@FreeBSD.org>
To: matthias.andree@gmx.de, bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/108371: Update port: security/openvpn (add profiles support to startup)
Date: Thu, 1 Feb 2007 18:08:17 +0200

 --VS++wcV0S1rZb1Fb
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 Here is the patch proposed by Gleb.
 
 -- 
 Vasil Dimov
 gro.DSBeerF@dv
 %
 Sometimes I really think people ought to have to pass a proper exam
 before they're allowed to be parents. Not just the practical, I mean.
     -- (Terry Pratchett, Thief of Time)
 
 --VS++wcV0S1rZb1Fb
 Content-Type: text/x-diff; charset=us-ascii
 Content-Disposition: attachment; filename="patch-3.diff"
 
 --- openvpn.orig	Thu Feb  1 17:37:32 2007
 +++ openvpn	Thu Feb  1 17:43:39 2007
 @@ -37,6 +37,7 @@
  #
  # # optional:
  # openvpn_flags=""	# openvpn command line flags
 +# openvpn_configdir="/usr/local/etc/openvpn"		 	# config directory
  # openvpn_configfile="/usr/local/etc/openvpn/openvpn.conf" 	# --config file
  # openvpn_dir="/usr/local/etc/openvpn"				# --cd directory
  #
 @@ -44,6 +45,21 @@
  # file and directory where keys and certificates reside differ from the above
  # settings.
  #
 +# Add "openvpn_profiles" to run several instances of openvpn with
 +# different parameters. Consider the following example:
 +#
 +#     openvpn_enable="YES"
 +#     openvpn_profiles="default tcp"
 +#
 +# This will run two instances of openvpn: one with default config and pidfile
 +# and the other with config file /usr/local/etc/openvpn/tcp.conf
 +# and pidfile /var/run/openvpn_tcp.pid
 +#
 +# You may specify different locations by setting openvpn_NAME_xxx variables:
 +#
 +#     openvpn_tcp_configfile="/usr/local/etc/other/openvpn_tcp.conf"
 +#     openvpn_tcp_pidfile="/var/run/openpvn_tcp.pid"
 +#
  # Note that we deliberately refrain from unloading drivers.
  #
  # For further documentation, please see openvpn(8).
 @@ -78,6 +94,54 @@
  	rm -f "$pidfile" || warn "Could not remove $pidfile."
  }
  
 +setup_profile_vars()
 +{
 +	name=openvpn_$1
 +	eval ": \${openvpn_${1}_configfile=${openvpn_configdir}/${1}.conf}"
 +	eval ": \${openvpn_${1}_dir=${openvpn_dir}}"
 +	eval ": \${openvpn_${1}_flags=${openvpn_flags}}"
 +	eval ": \${openvpn_${1}_pidfile=/var/run/openvpn_${1}.pid}"
 +	eval "pidfile=\"\${openvpn_${1}_pidfile}\""
 +	eval "required_files=\"\${openvpn_${1}_configfile}\""
 +	eval "command_args=\"--cd \${openvpn_${1}_dir} --daemon --config \${openvpn_${1}_configfile} --writepid \${pidfile}\""
 +}
 +
 +start_profiles()
 +{
 +	unset start_cmd start_precmd
 +	for _profile in ${openvpn_profiles}; do
 +		setup_profile_vars $_profile
 +		run_rc_command "${rc_arg}"
 +	done
 +}
 +
 +stop_profiles()
 +{
 +	unset stop_cmd
 +	for _profile in ${openvpn_profiles}; do
 +		setup_profile_vars $_profile
 +		run_rc_command "${rc_arg}"
 +	done
 +}
 +
 +status_profiles()
 +{
 +	unset status_cmd
 +	for _profile in ${openvpn_profiles}; do
 +		setup_profile_vars $_profile
 +		run_rc_command "${rc_arg}"
 +	done
 +}
 +
 +reload_profiles()
 +{
 +	unset reload_cmd
 +	for _profile in ${openvpn_profiles}; do
 +		setup_profile_vars $_profile
 +		run_rc_command "${rc_arg}"
 +	done
 +}
 +
  # support SIGHUP to reparse configuration file
  extra_commands="reload"
  
 @@ -93,11 +157,32 @@
  stop_postcmd="stop_postcmd"
  
  load_rc_config ${name}
 +
  : ${openvpn_enable="NO"}
  : ${openvpn_flags=""}
  : ${openvpn_if=""}
 +: ${openvpn_configdir="${prefix}/etc/openvpn"}
  : ${openvpn_configfile="${prefix}/etc/openvpn/openvpn.conf"}
  : ${openvpn_dir="${prefix}/etc/openvpn"}
 +: ${openvpn_profiles="default"}
 +: ${openvpn_default_configfile="${openvpn_configfile}"}
 +: ${openvpn_default_pidfile="${pidfile}"}
 +
  required_files="${openvpn_configfile}"
  command_args="--cd ${openvpn_dir} --daemon --config ${openvpn_configfile} --writepid ${pidfile}"
 -run_rc_command "$1"
 +
 +cmd="$1"
 +if [ $# -gt 0 ]; then
 +	shift
 +fi
 +
 +[ -n "$*" ] && openvpn_profiles="$*"
 +
 +if [ -n "${openvpn_profiles}" -a "${openvpn_profiles}" != "default" ]; then
 +	start_cmd="start_profiles"
 +	stop_cmd="stop_profiles"
 +	status_cmd="status_profiles"
 +	reload_cmd="reload_profiles"
 +fi
 +
 +run_rc_command "$cmd"
 
 --VS++wcV0S1rZb1Fb--
State-Changed-From-To: feedback->closed 
State-Changed-By: vd 
State-Changed-When: Fri Feb 23 08:39:07 UTC 2007 
State-Changed-Why:  
I committed a patch that achieves the same goals but using slightly different 
approach. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=108371 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/108371: commit references a PR
Date: Fri, 23 Feb 2007 08:38:59 +0000 (UTC)

 vd          2007-02-23 08:38:53 UTC
 
   FreeBSD ports repository
 
   Modified files:
     security/openvpn     Makefile 
     security/openvpn/files openvpn.sh.in 
   Log:
   * Add support for running multiple instances of openvpn to the startup script
     Inspired by [1]
   * Bump PORTREVISION
   * Update the comment which says not to send notices about 2.0.8 to 2.0.9 since
     2.0.9 also introduces only Windows changes. Remove maintainer's name from
     this comment since he did not explicitly state this.
   
   PR:             ports/108371 [1]
   Submitted by:   Denis Shaposhnikov <dsh@vlink.ru>, Gleb Kozyrev <gkozyrev@gmail.com> [1]
   Approved by:    matthias.andree@gmx.de (maintainer timeout, 28 days)
   
   Revision  Changes    Path
   1.32      +3 -3      ports/security/openvpn/Makefile
   1.5       +37 -18    ports/security/openvpn/files/openvpn.sh.in
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
