Commit Graph

36 Commits

Author SHA1 Message Date
Kier Davis
397daef205
openvpn: make systemd dependency optional
systemd is a fairly large dependency, and it doesn't appear to
be necessary in all circumstances - e.g. when openvpn is
not run as a systemd service (as is usually the case when it is
run in a Docker container).

This change makes the dependency on systemd optional, controlled
by a new argument `useSystemd`. The default behaviour remains
the same as it was before this change: enabled only on Linux systems.

For me, this change reduces the size of my container image (dominated
by the closure of openvpn) from about 110 MB to 45 MB.

Version 2: rename argument to `useSystemd` (was `systemdSupport`), and
rebase onto master
2018-01-06 15:05:44 +00:00
Franz Pletz
8e4586d077
openvpn: 2.4.3 -> 2.4.4 for CVE-2017-12166
https://community.openvpn.net/openvpn/wiki/CVE-2017-12166
2017-09-28 12:27:01 +02:00
Franz Pletz
5521b542a2
openvpn: 2.4.2 -> 2.4.3
See https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243

Fixed:

  * CVE-2017-7508
  * CVE-2017-7520
  * CVE-2017-7521
  * CVE-2017-7512
  * CVE-2017-7522
2017-06-21 13:36:10 +02:00
Peter Simons
ae6f9324cd openvpn: update to version 2.4.2 to fix CVE-2017-7478 and CVE-2017-7479 2017-05-12 13:35:37 +02:00
Jörg Thalheim
e09b950f54
openvpn: remove no longer correct systemd-notify.patch
This patch was only necessary for 2.3.x, while 2.4.0 improved
its own systemd notify support.

See: https://github.com/NixOS/nixpkgs/issues/24817
2017-04-11 08:51:56 +02:00
Michael Raskin
277e7119be openvpn: 2.3.13 -> 2.4.0 2017-01-02 15:38:46 +01:00
Hendrik Schaeidt
d6d12ebc55
openvpn: disable libpam support on OSX to enable build 2016-10-06 20:24:02 +02:00
Tim Steinbach
244aee5cd1
openvpn: 2.3.11 -> 2.3.12 2016-09-23 09:24:00 -04:00
John Ericson
ea1caf9272 openvpn: Optional pkcs11 support 2016-09-16 07:24:03 -07:00
Matthias Beyer
340a5d6fbf openvpn: 2.3.10 -> 2.3.11
Taken from #15856.
2016-07-09 15:04:55 +02:00
Franz Pletz
4962f52b88 openvpn: --enable-password-save was removed 2016-05-26 19:17:39 +02:00
Franz Pletz
bf12560053 openvpn: Fix build for systemd 230 2016-05-26 19:16:45 +02:00
Eelco Dolstra
38afa836b3 openvpn: 2.3.8 -> 2.3.10
In particular, this fixes the systemd-ask-password regression
re-introduced by cb1c818491.
2016-03-27 23:29:53 +02:00
John Wiegley
31e5abf788 openvpn: Enable building on Darwin 2015-12-03 13:12:49 -05:00
John Wiegley
cb1c818491 openvpn: 2.3.7 -> 2.3.8 2015-11-25 12:54:02 -08:00
John Wiegley
17044e0e71 openvpn: Allow building on non-Linux systems 2015-11-16 20:34:56 -08:00
Eelco Dolstra
9000ddce90 openvpn: Update to 2.3.7 2015-08-31 17:54:56 +02:00
Eelco Dolstra
a88b9bf19e Revert "openvpn: 2.3.6 -> 2.3.8"
This reverts commit f547eaab44 because
it breaks asking passphrased via systemd.
2015-08-31 17:54:56 +02:00
Edward Tjörnhammar
f547eaab44 openvpn: 2.3.6 -> 2.3.8 2015-08-26 13:00:23 +02:00
Domen Kožar
f57d22fd05 openvpn: fix build 2014-12-02 15:30:25 +01:00
Domen Kožar
cc0d52846e openvpn: 2.3.4 -> 2.3.6 (CVE-2014-8104) 2014-12-02 13:11:37 +01:00
Mateusz Kowalczyk
7a45996233 Turn some license strings into lib.licenses values 2014-07-28 11:31:14 +02:00
William A. Kennington III
6ddafad82a openvpn: Update 2.3.3 -> 2.3.4 2014-05-13 16:49:31 -05:00
Eelco Dolstra
27a8cada79 openvpn: Add systemd startup notification
This causes OpenVPN services to reach the "active" state when the VPN
connection is up (i.e., after OpenVPN prints "Initialization Sequence
Completed"). This allows units to be ordered correctly after openvpn-*
units, and makes systemctl present a password prompt:

  $ start openvpn-foo
  Enter Private Key Password: *************

(I first tried to implement this by calling "systemd-notify --ready"
from the "up" script, but systemd-notify is not reliable.)
2014-04-22 13:14:58 +02:00
Eelco Dolstra
33b4ab3ac1 openvpn: Update to 2.3.3 2014-04-22 13:14:58 +02:00
Eelco Dolstra
6c03d641fa openvpn: Update to 2.3.1 2013-05-28 14:48:56 +02:00
Russell O'Connor
2c99cdce3e Adding examples to share directory
The easy-rsa example contains scripts for generating certificates.

svn path=/nixpkgs/trunk/; revision=33550
2012-04-02 22:05:02 +00:00
Peter Simons
8b3dd70553 openvpn: use iproute2 instead of net-tools
for setting up tunnel/routes.
I had some issues with ipv6, iproute2 fixed those.

Both are equally well supported by upstream.

svn path=/nixpkgs/trunk/; revision=31660
2012-01-18 20:38:27 +00:00
Peter Simons
3dd02a75ef openvpn: upgraded to latest version
svn path=/nixpkgs/trunk/; revision=31647
2012-01-18 20:32:17 +00:00
Rob Vermaas
e2fd2c4e23 openvpn: enable option to use password files
svn path=/nixpkgs/trunk/; revision=30461
2011-11-18 02:10:14 +00:00
Lluís Batlle i Rossell
e169ba953d Updating openvpn
svn path=/nixpkgs/trunk/; revision=27153
2011-05-04 18:58:53 +00:00
Lluís Batlle i Rossell
a34fd23fc1 Fixing the openvpn url.
svn path=/nixpkgs/trunk/; revision=25239
2010-12-22 14:03:55 +00:00
Lluís Batlle i Rossell
9b59178909 Updating openvpn
svn path=/nixpkgs/trunk/; revision=25237
2010-12-22 13:34:19 +00:00
Lluís Batlle i Rossell
8bfde9d310 Updating openvpn to a non-release_candidate newer version, and becoming maintainer.
svn path=/nixpkgs/trunk/; revision=19941
2010-02-11 16:45:19 +00:00
Marc Weber
48216ba01a fix openvpn making it find ifonfig
svn path=/nixpkgs/trunk/; revision=15380
2009-04-28 15:37:52 +00:00
Marc Weber
0311bb19c8 adding openvpn
svn path=/nixpkgs/trunk/; revision=14901
2009-04-06 13:07:18 +00:00