From matthias.andree@gmx.de  Thu Nov 10 11:12:53 2005
Return-Path: <matthias.andree@gmx.de>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 95C9E16A41F;
	Thu, 10 Nov 2005 11:12:53 +0000 (GMT)
	(envelope-from matthias.andree@gmx.de)
Received: from mail.dt.e-technik.uni-dortmund.de (krusty.dt.E-Technik.Uni-Dortmund.DE [129.217.163.1])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 42B4243D6B;
	Thu, 10 Nov 2005 11:12:30 +0000 (GMT)
	(envelope-from matthias.andree@gmx.de)
Received: from localhost (localhost [127.0.0.1])
	by mail.dt.e-technik.uni-dortmund.de (Postfix) with ESMTP id D561844547;
	Thu, 10 Nov 2005 12:12:25 +0100 (CET)
Received: from mail.dt.e-technik.uni-dortmund.de ([127.0.0.1])
 by localhost (krusty [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
 id 10303-04; Thu, 10 Nov 2005 12:12:23 +0100 (CET)
Received: from m2a2.dyndns.org (p509129E2.dip0.t-ipconnect.de [80.145.41.226])
	by mail.dt.e-technik.uni-dortmund.de (Postfix) with ESMTP id 4875F44093;
	Thu, 10 Nov 2005 12:12:23 +0100 (CET)
Received: from localhost (localhost [127.0.0.1])
	by merlin.emma.line.org (Postfix) with ESMTP id 9F55C2009B5;
	Thu, 10 Nov 2005 12:12:22 +0100 (CET)
Received: from m2a2.dyndns.org ([127.0.0.1])
 by localhost (m2a2.dyndns.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 23649-12; Thu, 10 Nov 2005 12:12:21 +0100 (CET)
Received: from libertas.emma.line.org (libertas.emma.line.org [192.168.1.2])
	by merlin.emma.line.org (Postfix) with ESMTP id 597772007AC;
	Thu, 10 Nov 2005 12:12:21 +0100 (CET)
Received: from emma by libertas.emma.line.org with local (Exim 4.54 (FreeBSD))
	id 1EaALt-0008w1-23; Thu, 10 Nov 2005 12:12:21 +0100
Message-Id: <E1EaALt-0008w1-23@libertas.emma.line.org>
Date: Thu, 10 Nov 2005 12:12:21 +0100
From: Matthias Andree <matthias.andree@gmx.de>
Sender: Matthias Andree <matthias.andree@gmx.de>
To: FreeBSD-gnats-submit@freebsd.org
Cc: dinoex@freebsd.org
Subject: [MAINTAINER] security/openvpn: minor polishing, fix jail builds
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         88785
>Category:       ports
>Synopsis:       [MAINTAINER] security/openvpn: minor polishing, fix jail builds
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    garga
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Nov 10 11:20:11 GMT 2005
>Closed-Date:    Thu Nov 10 15:05:55 GMT 2005
>Last-Modified:  Thu Nov 10 15:05:55 GMT 2005
>Originator:     Matthias Andree
>Release:        FreeBSD 6.0-RELEASE i386
>Organization:
>Environment:
System: FreeBSD libertas.emma.line.org 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Mon Nov  7 16:10:51 CET
>Description:
- CATEGORY CHANGE: add "net" secondary category
- fix jail build on FreeBSD 4 (no security.jail.jailed oid in sysctl)
- catch jail IP misconfiguration and print clear error message
- add SHA256 checksum
- revise pkg-message and pkg-descr

Generated with FreeBSD Port Tools 0.63
>How-To-Repeat:
>Fix:

--- openvpn-2.0.5_1.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/security/openvpn/Makefile /usr/home/emma/ports/security/openvpn/Makefile
--- /usr/ports/security/openvpn/Makefile	Mon Nov  7 09:09:02 2005
+++ /usr/home/emma/ports/security/openvpn/Makefile	Thu Nov 10 12:08:16 2005
@@ -8,7 +8,9 @@
 PORTNAME=	openvpn
 PORTVERSION=	2.0.5
 PORTREVISION=	1
-CATEGORIES=	security
+CATEGORIES=	security net
+# MASTER_SITES points to hosts in distinct data centers,
+# so just one MASTER_SITES entry should be OK.
 MASTER_SITES=	http://openvpn.net/release/
 
 MAINTAINER=	matthias.andree@gmx.de
diff -ruN --exclude=CVS /usr/ports/security/openvpn/distinfo /usr/home/emma/ports/security/openvpn/distinfo
--- /usr/ports/security/openvpn/distinfo	Fri Nov  4 11:43:09 2005
+++ /usr/home/emma/ports/security/openvpn/distinfo	Thu Nov 10 11:11:50 2005
@@ -1,2 +1,3 @@
 MD5 (openvpn-2.0.5.tar.gz) = 4bd7a42991c93db23842a0992debe53b
+SHA256 (openvpn-2.0.5.tar.gz) = d72d90ff9e915c3376c834ce33a0349de0a8eacb3f2b80be49696b72a1840a9f
 SIZE (openvpn-2.0.5.tar.gz) = 662647
diff -ruN --exclude=CVS /usr/ports/security/openvpn/files/patch-tests-for-jail /usr/home/emma/ports/security/openvpn/files/patch-tests-for-jail
--- /usr/ports/security/openvpn/files/patch-tests-for-jail	Sat Nov  5 02:24:15 2005
+++ /usr/home/emma/ports/security/openvpn/files/patch-tests-for-jail	Thu Nov 10 12:00:29 2005
@@ -1,7 +1,5 @@
-Index: t_lpback.sh
-===================================================================
---- t_lpback.sh	(revision 774)
-+++ t_lpback.sh	(working copy)
+--- t_lpback.sh~
++++ t_lpback.sh
 @@ -19,11 +19,13 @@
  # 02110-1301, USA.
  
@@ -18,15 +16,12 @@
 +rm key.$$ log.$$
 +trap 0
  exit $e
-Index: t_cltsrv.sh
-===================================================================
---- t_cltsrv.sh	(revision 774)
-+++ t_cltsrv.sh	(working copy)
-@@ -20,19 +20,33 @@
+--- t_cltsrv.sh~
++++ t_cltsrv.sh
+@@ -19,20 +19,41 @@
+ # 02110-1301, USA.
  
  set -e
- echo "the following test will run about two minutes..." >&2
--trap "rm -f log.$$ ; false" 1 2 3 15
 +trap "rm -f log.$$ log.$$.signal ; trap 0 ; exit 77" 1 2 15
 +trap "rm -f log.$$ log.$$.signal ; exit 1" 0 3
 +addopts=
@@ -34,11 +29,20 @@
 +    FreeBSD)
 +    # FreeBSD jails map the outgoing IP to the jail IP - we need to
 +    # allow the real IP unless we want the test to run forever.
-+    if test `sysctl -n security.jail.jailed` != 0 ; then
++    if test "`sysctl 2>/dev/null -n security.jail.jailed`" = 1 \
++    || `ps -ostate $$ | tail -n1 | grep >/dev/null J` ; then
 +	addopts="--float"
++	if test "x`ifconfig | grep inet`" = x ; then
++	    echo "###"
++	    echo "### To run the test in a FreeBSD jail, you MUST add an IP alias for the jail's IP."
++	    echo "###"
++	    exit 1
++	fi
 +    fi
 +    ;;
 +esac
+ echo "the following test will run about two minutes..." >&2
+-trap "rm -f log.$$ ; false" 1 2 3 15
  set +e
  (
 -./openvpn --cd "${srcdir}" --config sample-config-files/loopback-server &
diff -ruN --exclude=CVS /usr/ports/security/openvpn/files/pkg-message.in /usr/home/emma/ports/security/openvpn/files/pkg-message.in
--- /usr/ports/security/openvpn/files/pkg-message.in	Fri Aug 19 20:48:34 2005
+++ /usr/home/emma/ports/security/openvpn/files/pkg-message.in	Wed Nov  9 22:23:04 2005
@@ -1,9 +1,9 @@
 ### ------------------------------------------------------------------------
-###  The OpenVPN port, since v2.0.1, uses rcNG to start OpenVPN.
+###  The OpenVPN FreeBSD port, since v2.0.1, uses rcNG to start OpenVPN.
 ###  Edit /etc/rc.conf to start OpenVPN automatically at system startup.
 ###  See %%PREFIX%%/etc/rc.d/openvpn.sh for details.
 ### ------------------------------------------------------------------------
-###  To get OpenVPN 2.0 to talk with the 1.5/1.6 versions, you may need to
+###  To get OpenVPN 1.X to talk with the new 2.0 version, you may need to
 ###  edit the 1.X configuration file by adding these lines:
 ###    tun-mtu 1500
 ###    tun-mtu-extra 32
@@ -13,6 +13,8 @@
 ###  WARNING: THE DEFAULT PORT HAS CHANGED AND IS NOW 1194!
 ###  OpenVPN 1.6 and older used 5000 rather than 1194 as their default
 ###  port, so add the proper port options to your configuration file!
-### ------------------------------------------------------------------------
+### - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 ###  For further compatibility, see <http://openvpn.net/relnotes.html>
+### ------------------------------------------------------------------------
+###  If you want to donate to OpenVPN: <http://openvpn.net/donate.html>
 ### ------------------------------------------------------------------------
diff -ruN --exclude=CVS /usr/ports/security/openvpn/pkg-descr /usr/home/emma/ports/security/openvpn/pkg-descr
--- /usr/ports/security/openvpn/pkg-descr	Mon May 30 13:27:16 2005
+++ /usr/home/emma/ports/security/openvpn/pkg-descr	Wed Nov  9 21:02:39 2005
@@ -1,10 +1,10 @@
-OpenVPN is a robust and highly configurable VPN (Virtual Private
-Network) daemon which can be used to securely link two or more private
-networks using an encrypted tunnel over the internet. It uses UDP as its
-transport, avoiding TCP-over-TCP retransmission congestion. SSL can be
-used to authenticate the sites, or they can use a pre-shared secret.
+OpenVPN is a robust, scalable and highly configurable VPN (Virtual Private
+Network) daemon which can be used to securely link two or more private networks
+using an encrypted tunnel over the internet. It can operate over UDP or TCP,
+can use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one
+server can handle many clients.
 
-WWW: http://openvpn.sourceforge.net/
+WWW: http://openvpn.net/
 
 - Matthias Andree
 matthias.andree@gmx.de
--- openvpn-2.0.5_1.patch ends here ---

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->garga 
Responsible-Changed-By: garga 
Responsible-Changed-When: Thu Nov 10 13:19:32 GMT 2005 
Responsible-Changed-Why:  
Grabbed. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=88785 
State-Changed-From-To: open->closed 
State-Changed-By: garga 
State-Changed-When: Thu Nov 10 15:05:53 GMT 2005 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=88785 
>Unformatted:
