[openwrt/openwrt] openvpn: update to 2.4.5
LEDE Commits
lede-commits at lists.infradead.org
Fri Mar 9 16:17:04 PST 2018
hauke pushed a commit to openwrt/openwrt.git, branch master:
https://git.lede-project.org/ffbe51b2948a3270b25b8bd8bb5e6cea3e76af64
commit ffbe51b2948a3270b25b8bd8bb5e6cea3e76af64
Author: Magnus Kroken <mkroken at gmail.com>
AuthorDate: Sat Mar 3 01:11:07 2018 +0100
openvpn: update to 2.4.5
Signed-off-by: Magnus Kroken <mkroken at gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte at ncentric.com>
---
package/network/services/openvpn/Makefile | 6 +++---
...100-mbedtls-disable-runtime-version-check.patch | 2 +-
.../210-build_always_use_internal_lz4.patch | 24 ++++++++++++++--------
...edtls_dont_use_deprecated_sha256_function.patch | 11 ----------
4 files changed, 19 insertions(+), 24 deletions(-)
diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile
index ec48e73..bab426a 100644
--- a/package/network/services/openvpn/Makefile
+++ b/package/network/services/openvpn/Makefile
@@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openvpn
-PKG_VERSION:=2.4.4
-PKG_RELEASE:=2
+PKG_VERSION:=2.4.5
+PKG_RELEASE:=1
PKG_SOURCE_URL:=\
https://build.openvpn.net/downloads/releases/ \
https://swupdate.openvpn.net/community/releases/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=96cd1b8fe1e8cb2920f07c3fd3985faea756e16fdeebd11d3e146d5bd2b04a80
+PKG_HASH:=43c0a363a332350f620d1cd93bb431e082bedbc93d4fb872f758650d53c1d29e
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=Felix Fietkau <nbd at nbd.name>
diff --git a/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch b/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
index 8209bca..5608fa4 100644
--- a/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
+++ b/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
@@ -1,6 +1,6 @@
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
-@@ -1336,7 +1336,7 @@ const char *
+@@ -1394,7 +1394,7 @@ const char *
get_ssl_library_version(void)
{
static char mbedtls_version[30];
diff --git a/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch b/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch
index d49e0bf..b3eb7c7 100644
--- a/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch
+++ b/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch
@@ -1,15 +1,17 @@
--- a/configure.ac
+++ b/configure.ac
-@@ -1068,62 +1068,15 @@ dnl
+@@ -1077,68 +1077,15 @@ dnl
AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
- if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
- # if the user did not explicitly specify flags, try to autodetect
- PKG_CHECK_MODULES([LZ4],
-- [liblz4 >= 1.7.1],
+- [liblz4 >= 1.7.1 liblz4 < 100],
- [have_lz4="yes"],
-- [] # If this fails, we will do another test next
+- [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
+- # We also add set LZ4_LIBS otherwise the
+- # linker will not know about the lz4 library
- )
- fi
@@ -47,20 +49,24 @@
- fi
- fi
-
-- # if LZ4_LIBS is set, we assume it will work, otherwise test
-- if test -z "${LZ4_LIBS}"; then
+- # Double check we have a few needed functions
+- if test "${have_lz4}" = "yes" ; then
- AC_CHECK_LIB([lz4],
-- [LZ4_compress],
-- [LZ4_LIBS="-llz4"],
+- [LZ4_compress_default],
+- [],
+- [have_lz4="no"])
+- AC_CHECK_LIB([lz4],
+- [LZ4_decompress_safe],
+- [],
- [have_lz4="no"])
- fi
-
- if test "${have_lz4}" != "yes" ; then
-- AC_MSG_RESULT([ usuable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
+- AC_MSG_RESULT([ usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
- AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
- LZ4_LIBS=""
- fi
-+ AC_MSG_RESULT([ usuable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
++ AC_MSG_RESULT([ usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
+ AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
+ LZ4_LIBS=""
OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
diff --git a/package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch b/package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch
deleted file mode 100644
index b9201a5..0000000
--- a/package/network/services/openvpn/patches/300-mbedtls_dont_use_deprecated_sha256_function.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/src/openvpn/ssl_mbedtls.c
-+++ b/src/openvpn/ssl_mbedtls.c
-@@ -803,7 +803,7 @@ tls_ctx_personalise_random(struct tls_ro
- {
- mbedtls_x509_crt *cert = ctx->crt_chain;
-
-- mbedtls_sha256(cert->tbs.p, cert->tbs.len, sha256_hash, false);
-+ mbedtls_sha256_ret(cert->tbs.p, cert->tbs.len, sha256_hash, false);
- if (0 != memcmp(old_sha256_hash, sha256_hash, sizeof(sha256_hash)))
- {
- mbedtls_ctr_drbg_update(cd_ctx, sha256_hash, 32);
More information about the lede-commits
mailing list