From ac96db49fcbbebcdc837ff026cde4d7cd63cb4df Mon Sep 17 00:00:00 2001
From: Bertrand Jacquin <beber@meleeweb.net>
Date: Tue, 26 Jul 2011 20:47:11 +0200
Subject: net-misc/openvpn: win32 build need to rework

---
 net-misc/openvpn/Manifest                          |  13 +-
 net-misc/openvpn/files/65openvpn                   |   1 +
 net-misc/openvpn/files/openvpn-2.1.init            |  22 +--
 .../openvpn/files/openvpn-2.1_rc13-peercred.patch  |  10 ++
 .../openvpn/files/openvpn-2.1_rc20-pkcs11.patch    |  18 ++
 .../openvpn/files/openvpn-2.2.0-BJA-win-ipv6.diff  |  18 ++
 net-misc/openvpn/files/openvpn-2.2.0-BJA-win.diff  |   8 +
 net-misc/openvpn/files/openvpn.init                |  63 +++++++
 net-misc/openvpn/files/up.sh                       |   4 +-
 net-misc/openvpn/openvpn-2.2.0-r1.ebuild           | 194 +++++++++++++++++++++
 10 files changed, 337 insertions(+), 14 deletions(-)
 create mode 100644 net-misc/openvpn/files/65openvpn
 create mode 100644 net-misc/openvpn/files/openvpn-2.1_rc13-peercred.patch
 create mode 100644 net-misc/openvpn/files/openvpn-2.1_rc20-pkcs11.patch
 create mode 100644 net-misc/openvpn/files/openvpn-2.2.0-BJA-win-ipv6.diff
 create mode 100644 net-misc/openvpn/files/openvpn-2.2.0-BJA-win.diff
 create mode 100644 net-misc/openvpn/files/openvpn.init
 create mode 100644 net-misc/openvpn/openvpn-2.2.0-r1.ebuild

(limited to 'net-misc')

diff --git a/net-misc/openvpn/Manifest b/net-misc/openvpn/Manifest
index a6d3345b..cab208fc 100644
--- a/net-misc/openvpn/Manifest
+++ b/net-misc/openvpn/Manifest
@@ -1,8 +1,17 @@
+AUX 65openvpn 45 RMD160 580e7f52f0c5ba91d3bc91f1155afc43fb153a96 SHA1 0d58cc3a3093e8df4b6e423934e93691722739b3 SHA256 d5758e39fdc75dcbb5a788b1afa743c3c1f08c63c535aa32c300b965474d765c
 AUX down.sh 943 RMD160 db43a525c9eb2ccb538e938e0b7f4359af22e4de SHA1 261acc68a24108526345a7d117bba15dbcebaa6e SHA256 39debebcd8c899f20e6d355cbc8eaab46e28b83a9f6c33a94c065688a4f3d2c7
 AUX openvpn-2.1.conf 892 RMD160 687a747ed2f801b051438d02da8fcd44c6954484 SHA1 e65db7d972483c9391ef92d2931d9db7b69e4329 SHA256 330149a83684ddabe413d134d4c8efad4c88b18c2ab67165014deff5f7fffad2
-AUX openvpn-2.1.init 4084 RMD160 1f815a77c3d89ee55d568e8dce582020fd68fc39 SHA1 811db5279b360f8d95bfbcd460a85bbf2c65ecbf SHA256 d844103cd67717ce505e191a3b4a1835b7fafbb856de7540791cf0e5fe017ec9
+AUX openvpn-2.1.init 4186 RMD160 e71c8cb5abee5d1b7c6485fc910f35822330a853 SHA1 a25b319834208d7ac65b090f85ee500f5e752cdc SHA256 d1b1f8a00935d77521bceb62535350444df3470fa45f4d33c3934051a1bb595b
+AUX openvpn-2.1_rc13-peercred.patch 251 RMD160 26123eedc9b685fb01de93c1141588f8008562f5 SHA1 8132510ebbd891ec55ef36d0cb8a86cb64a0145f SHA256 e7c2025ec49d3a5c2d95d80ee3c26ed9ccd0587d1664860b3a1eceb2bb7c778f
+AUX openvpn-2.1_rc20-pkcs11.patch 622 RMD160 7d7a41796096ed8f54f646f4ce57cf91b53cad2e SHA1 1748474195bc318c5232290fca5a9d6edaf95e1c SHA256 f972c473645f880c27b3c72379c49183f1e27d352f401d5ea7e734fad99f2d6c
 AUX openvpn-2.1_rc6-udp6.patch 76842 RMD160 533ca831972ec759b39b1d0f94380091d2214242 SHA1 83caf4224d06d4ccd26e990fe0e2388e4a0e600a SHA256 0886a848f7fe52d0394bf51da814f9772ada6c14c682396a8e36085c1cd99c48
 AUX openvpn-2.1_rc7-tap.patch 1474 RMD160 a200e42f1fd224e9d0f02eb59ab6371224245715 SHA1 1453666b79208d528880b95e324900605172a420 SHA256 f26a2ccad67a23c863241ca64c110c36601d70a0e6e0d6d626c02d176c36a2db
-AUX up.sh 2560 RMD160 34c2f0845a2c3b2eebb20da5a5c316e81cd1ef5a SHA1 d7026eeb7586fb931e5f938ca00fcc63c63923ad SHA256 3a7cedba5909fa06d0eb36b3426f0e5bc21bdc28943beaaa241ab651b4388218
+AUX openvpn-2.2.0-BJA-win-ipv6.diff 462 RMD160 eb07658005d562b07b9e628d5d03f455ea7e0ba2 SHA1 4871f078e5e5e16d4aa22ae80a7735326e9d2276 SHA256 560ea9753c05a1472b98ebee945b983d9040a92229318396645fef6a68d26df1
+AUX openvpn-2.2.0-BJA-win.diff 226 RMD160 430af04e6dae04c178da9811c10aa7c8feb95c59 SHA1 7ec90e1ca4cf5819686ea259d64cf773c7f509f9 SHA256 946449ae548c7a4b05214b063db5a6c3ee7e004f76a95c472e805a18106b9daa
+AUX openvpn.init 1486 RMD160 7005230b0dc3ea400aa22c9a01c2aa034d8baace SHA1 1670c08a2bec65c2e3529aec8d377bad6cb2e0e5 SHA256 c4b9e0899fa5ee0b90c5100da7711dc7a6a5658f10042b0feda9e7efb90a11cf
+AUX up.sh 2594 RMD160 17576f73e6de08828aeda2a8776b4a36331fa855 SHA1 4eb4d1e857053f86ea886dec8e8e6f45174df774 SHA256 848da0929c37b2112769232fbbdf61961b6107c6726d4b74d1ceb034b39ad5dd
 DIST openvpn-2.1_rc7.tar.gz 787379 RMD160 67e80d7bfb554046c71c95ec15d478504057f903 SHA1 f9f57a8ef3af8ab51924784ad2aab5d5f5798581 SHA256 c07fcbc41465bf508caff70dcc4238b8c95e9b2f35bec7bf891f7164027ecbf8
+DIST openvpn-2.2.0.tar.gz 898381 RMD160 32aa52c886d98b6b92150dfc64d3a9c07f6e8b30 SHA1 97e3389814a1bcef5a6d22774534a30e41d48bff SHA256 71ebeaaba1641e6d1454ae0f10f986002e5c6afdcd09da659122e3e5c74a2567
+DIST openvpn-2.2RC2-ipv6-20110424-2.patch.gz 35519 RMD160 a553399ffe3b6cf0c116b92399df7d801972e3ca SHA1 d7ce041c4e7f0186091e17a2d178bd12e7a4696d SHA256 e2bf528771412f2aaf96cf87f07bf0d6cba5e3bf0565f8bc082be1cbeae64d21
 EBUILD openvpn-2.1_rc7.ebuild 4472 RMD160 8305d69c254db1c55edaad7459169f31c5b5f7b3 SHA1 0868cf478f1ff2cf32f0354a72af6e1026ad6e53 SHA256 c513ac09ccf925b04c91609a1fe588f4c5bbebfb1dead66f0c22ea4f759b80f3
+EBUILD openvpn-2.2.0-r1.ebuild 5764 RMD160 12f190d52f9949318f3c64485fd26a997d26dc85 SHA1 dcc83adbc5d05e318177a117181390a7991e4f38 SHA256 7bbe7eb942798bf5959c24ed3879b1986f56a2c0b9b88845829e661844b904be
diff --git a/net-misc/openvpn/files/65openvpn b/net-misc/openvpn/files/65openvpn
new file mode 100644
index 00000000..4ddb0343
--- /dev/null
+++ b/net-misc/openvpn/files/65openvpn
@@ -0,0 +1 @@
+CONFIG_PROTECT="/usr/share/openvpn/easy-rsa"
diff --git a/net-misc/openvpn/files/openvpn-2.1.init b/net-misc/openvpn/files/openvpn-2.1.init
index 633cae00..d65e6f8b 100755
--- a/net-misc/openvpn/files/openvpn-2.1.init
+++ b/net-misc/openvpn/files/openvpn-2.1.init
@@ -69,7 +69,7 @@ start() {
 	local args="" reenter=${RE_ENTER:-no}
 	# If the config file does not specify the cd option, we do
 	# But if we specify it, we override the config option which we do not want
-	if ! grep -q "^[ \t]*cd[ \t].*" "${VPNCONF}" ; then
+	if ! grep -q "^[ 	]*cd[ 	].*" "${VPNCONF}" ; then
 		args="${args} --cd ${VPNDIR}"
 	fi
 	
@@ -77,14 +77,15 @@ start() {
 	# When we get an authenticated packet from the peer then we run our script
 	# which configures our DNS if any and marks us as up.
 	if [ "${DETECT_CLIENT:-yes}" = "yes" ] && \
-	grep -q "^[ \t]*remote[ \t].*" "${VPNCONF}" ; then
+	grep -q "^[ 	]*remote[ 	].*" "${VPNCONF}" ; then
 		reenter="yes"
-		args="${args} --nobind --up-delay --up-restart"
+		args="${args} --up-delay --up-restart"
+		args="${args} --script-security 2"
 		args="${args} --up /etc/openvpn/up.sh"
 		args="${args} --down-pre --down /etc/openvpn/down.sh"
 
-		# Warn about setting scripts as we override them 
-		if grep -Eq "^[ \t]*(up|down)[ \t].*" "${VPNCONF}" ; then
+		# Warn about setting scripts as we override them
+		if grep -Eq "^[ 	]*(up|down)[ 	].*" "${VPNCONF}" ; then
 			ewarn "WARNING: You have defined your own up/down scripts"
 			ewarn "As you're running as a client, we now force Gentoo specific"
 			ewarn "scripts to be run for up and down events."
@@ -94,23 +95,24 @@ start() {
 
 		# Warn about the inability to change ip/route/dns information when
 		# dropping privs
-		if grep -q "^[ \t]*user[ \t].*" "${VPNCONF}" ; then
+		if grep -q "^[ 	]*user[ 	].*" "${VPNCONF}" ; then
 			ewarn "WARNING: You are dropping root privileges!"
 			ewarn "As such openvpn may not be able to change ip, routing"
 			ewarn "or DNS configuration."
 		fi
 	else
 		# So we're a server. Run as openvpn unless otherwise specified
-		grep -q "^[ \t]*user[ \t].*" "${VPNCONF}" || args="${args} --user openvpn"
-		grep -q "^[ \t]*group[ \t].*" "${VPNCONF}" || args="${args} --group openvpn"
+		grep -q "^[ 	]*user[ 	].*" "${VPNCONF}" || args="${args} --user openvpn"
+		grep -q "^[ 	]*group[ 	].*" "${VPNCONF}" || args="${args} --group openvpn"
 	fi
 
 	# Ensure that our scripts get the PEER_DNS variable
-	export PEER_DNS
+	[ -n "${PEER_DNS}" ] && args="${args} --setenv PEER_DNS ${PEER_DNS}"
 
 	[ "${reenter}" = "yes" ] && mark_service_inactive "${SVCNAME}"
 	start-stop-daemon --start --exec /usr/sbin/openvpn --pidfile "${VPNPID}" \
-		-- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args}
+		-- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon \
+		--setenv SVCNAME "${SVCNAME}" ${args}
 	eend $? "Check your logs to see why startup failed"
 }
 
diff --git a/net-misc/openvpn/files/openvpn-2.1_rc13-peercred.patch b/net-misc/openvpn/files/openvpn-2.1_rc13-peercred.patch
new file mode 100644
index 00000000..6592cf19
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn-2.1_rc13-peercred.patch
@@ -0,0 +1,10 @@
+--- socket.c~	2008-11-02 01:39:00.406009999 +0100
++++ socket.c	2008-11-02 01:39:00.406009999 +0100
+@@ -22,6 +22,7 @@
+  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+  */
+ 
++#define _GNU_SOURCE
+ #include "syshead.h"
+ 
+ #include "socket.h"
diff --git a/net-misc/openvpn/files/openvpn-2.1_rc20-pkcs11.patch b/net-misc/openvpn/files/openvpn-2.1_rc20-pkcs11.patch
new file mode 100644
index 00000000..cebb5927
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn-2.1_rc20-pkcs11.patch
@@ -0,0 +1,18 @@
+diff -ru openvpn-2.1_rc20~/easy-rsa/2.0/openssl.cnf openvpn-2.1_rc20/easy-rsa/2.0/openssl.cnf
+--- openvpn-2.1_rc20~/easy-rsa/2.0/openssl.cnf	2009-10-11 01:04:36.000000000 +0200
++++ openvpn-2.1_rc20/easy-rsa/2.0/openssl.cnf	2009-10-11 01:05:53.000000000 +0200
+@@ -283,9 +283,9 @@
+ #pkcs11 = pkcs11_section
+ 
+ [ pkcs11_section ]
+-engine_id = pkcs11
+-dynamic_path = /usr/lib/engines/engine_pkcs11.so
+-MODULE_PATH = $ENV::PKCS11_MODULE_PATH
+-PIN = $ENV::PKCS11_PIN
+-init = 0
++#engine_id = pkcs11
++#dynamic_path = /usr/lib/engines/engine_pkcs11.so
++#MODULE_PATH = $ENV::PKCS11_MODULE_PATH
++#PIN = $ENV::PKCS11_PIN
++#init = 0
+ 
diff --git a/net-misc/openvpn/files/openvpn-2.2.0-BJA-win-ipv6.diff b/net-misc/openvpn/files/openvpn-2.2.0-BJA-win-ipv6.diff
new file mode 100644
index 00000000..7d35754e
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn-2.2.0-BJA-win-ipv6.diff
@@ -0,0 +1,18 @@
+--- socket.c.ori	2011-07-04 19:51:34.000000000 +0200
++++ socket.c	2011-07-04 19:51:26.000000000 +0200
+@@ -2075,9 +2075,13 @@
+ #ifndef s6_addr32
+ # ifdef TARGET_SOLARIS
+ #  define s6_addr32 _S6_un._S6_u32
+-# else
+-#  define s6_addr32 __u6_addr.__u6_addr32
+ # endif
++# ifdef TARGET_WIN32
++#  define s6_addr32 _S6_un._S6_u8
++# endif
++#endif
++#ifndef s6_addr32
++# define s6_addr32 __u6_addr.__u6_addr32
+ #endif
+ #ifndef UINT32_MAX
+ # define UINT32_MAX (4294967295U)
diff --git a/net-misc/openvpn/files/openvpn-2.2.0-BJA-win.diff b/net-misc/openvpn/files/openvpn-2.2.0-BJA-win.diff
new file mode 100644
index 00000000..cec62218
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn-2.2.0-BJA-win.diff
@@ -0,0 +1,8 @@
+--- configure.ac.ori	2011-07-04 01:24:57.000000000 +0200
++++ configure.ac	2011-07-04 01:21:07.000000000 +0200
+@@ -913,4 +913,5 @@
+ 	service-win32/Makefile
+ 	install-win32/Makefile
+ 	install-win32/settings
++	win/autodefs.h
+ ])
diff --git a/net-misc/openvpn/files/openvpn.init b/net-misc/openvpn/files/openvpn.init
new file mode 100644
index 00000000..489ab497
--- /dev/null
+++ b/net-misc/openvpn/files/openvpn.init
@@ -0,0 +1,63 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+VPNDIR="/etc/openvpn"
+VPN="${SVCNAME#*.}"
+if [ -n "${VPN}" ] && [ "${SVCNAME}" != "openvpn" ]; then
+	VPNPID="/var/run/openvpn.${VPN}.pid"
+else
+	VPNPID="/var/run/openvpn.pid"
+fi
+VPNCONF="${VPNDIR}/${VPN}.conf"
+
+depend() {
+	need localmount net
+	before netmount
+	after bootmisc
+}
+
+checktundevice() {
+	if [ ! -e /dev/net/tun ]; then
+		if ! modprobe tun ; then
+			eerror "TUN/TAP support is not available in this kernel"
+			return 1
+		fi
+	fi
+	if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then
+		ebegin "Detected broken /dev/net/tun symlink, fixing..."
+		rm -f /dev/net/tun
+		ln -s /dev/misc/net/tun /dev/net/tun
+		eend $?
+	fi
+}
+
+start() {
+	ebegin "Starting ${SVCNAME}"
+
+	checktundevice || return 1
+
+	if [ ! -e "${VPNCONF}" ]; then
+		eend 1 "${VPNCONF} does not exist"
+		return 1
+	fi
+
+	local args=""
+	# If the config file does not specify the cd option, we do
+	# But if we specify it, we override the config option which we do not want
+	if ! grep -q "^[ 	]*cd[ 	].*" "${VPNCONF}" ; then
+		args="${args} --cd ${VPNDIR}"
+	fi
+
+	start-stop-daemon --start --exec /usr/sbin/openvpn --pidfile "${VPNPID}" \
+		-- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args}
+	eend $? "Check your logs to see why startup failed"
+}
+
+stop() {
+	ebegin "Stopping ${SVCNAME}"
+	start-stop-daemon --stop --exec /usr/sbin/openvpn --pidfile "${VPNPID}"
+	eend $?
+}
+
+# vim: ts=4
diff --git a/net-misc/openvpn/files/up.sh b/net-misc/openvpn/files/up.sh
index d0879b83..4a886870 100755
--- a/net-misc/openvpn/files/up.sh
+++ b/net-misc/openvpn/files/up.sh
@@ -31,7 +31,7 @@ if [ "${PEER_DNS}" != "no" ]; then
 			if [ -z "${DOMAIN}" ] ; then
 				DOMAIN="${opt#dhcp-option DOMAIN *}"
 			else
-				SEARCH="${SEARCH:+ }${opt#dhcp-option DOMAIN *}"
+				SEARCH="${SEARCH}${SEARCH:+ }${opt#dhcp-option DOMAIN *}"
 			fi
 		elif [ "${opt}" != "${opt#dhcp-option DNS *}" ] ; then
 			NS="${NS}nameserver ${opt#dhcp-option DNS *}\n"
@@ -43,7 +43,7 @@ if [ "${PEER_DNS}" != "no" ]; then
 		DNS="# Generated by openvpn for interface ${dev}\n"
 		if [ -n "${SEARCH}" ] ; then
 			DNS="${DNS}search ${DOMAIN} ${SEARCH}\n"
-		else
+		elif [ -n "${DOMAIN}" ]; then
 			DNS="${DNS}domain ${DOMAIN}\n"
 		fi
 		DNS="${DNS}${NS}"
diff --git a/net-misc/openvpn/openvpn-2.2.0-r1.ebuild b/net-misc/openvpn/openvpn-2.2.0-r1.ebuild
new file mode 100644
index 00000000..c362eb79
--- /dev/null
+++ b/net-misc/openvpn/openvpn-2.2.0-r1.ebuild
@@ -0,0 +1,194 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openvpn/openvpn-2.2.0-r1.ebuild,v 1.1 2011/05/01 10:40:19 djc Exp $
+
+EAPI=4
+
+inherit eutils multilib toolchain-funcs autotools flag-o-matic
+
+IPV6_VERSION="2.2RC2-ipv6-20110424-2"
+GUI_VERSION="1.0.3"
+
+DESCRIPTION="OpenVPN is a robust and highly flexible tunneling application compatible with many OSes."
+SRC_URI="http://swupdate.openvpn.net/community/releases/${P}.tar.gz
+		ipv6? (
+			http://www.greenie.net/ipv6/openvpn-${IPV6_VERSION}.patch.gz
+		)"
+HOMEPAGE="http://openvpn.net/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd"
+IUSE="examples iproute2 ipv6 minimal pam passwordsave selinux ssl static pkcs11 userland_BSD"
+
+CDEPEND=">=dev-libs/lzo-1.07
+	!minimal? ( pam? ( virtual/pam ) )
+	selinux? ( sec-policy/selinux-openvpn )
+	ssl? ( >=dev-libs/openssl-0.9.6 )
+	pkcs11? ( >=dev-libs/pkcs11-helper-1.05 )"
+DEPEND="${CDEPEND}
+	elibc_mingw32? ( app-text/man2html )"
+RDEPEND="${CDEPEND}
+	kernel_linux? (
+		iproute2?  ( sys-apps/iproute2[-minimal] )
+		!iproute2? ( sys-apps/net-tools )
+	)"
+
+src_prepare() {
+	epatch "${FILESDIR}/${PN}-2.1_rc20-pkcs11.patch"
+	use ipv6 && {
+	  epatch "${WORKDIR}/${PN}-${IPV6_VERSION}.patch" ;
+	  epatch  "${FILESDIR}/openvpn-2.2.0-BJA-win-ipv6.diff" ;
+	}
+	sed -i \
+		-e "s/gcc \${CC_FLAGS}/\${CC} \${CFLAGS} -Wall/" \
+		-e "s/-shared/-shared \${LDFLAGS}/" \
+		plugin/*/Makefile || die "sed failed"
+	if use ipv6; then
+		eautoreconf
+	fi
+}
+
+src_configure() {
+	# basic.h defines a type 'bool' that conflicts with the altivec
+	# keyword bool which has to be fixed upstream, see bugs #293840
+	# and #297854.
+	# For now, filter out -maltivec on ppc and append -mno-altivec, as
+	# -maltivec is enabled implicitly by -mcpu and similar flags.
+	(use ppc || use ppc64) && filter-flags -maltivec && append-flags -mno-altivec
+
+	local myconf=""
+
+	if use minimal ; then
+		myconf="${myconf} --disable-plugins"
+		myconf="${myconf} --disable-pkcs11"
+	else
+		myconf="$(use_enable pkcs11)"
+	fi
+
+	[[ ${CHOST} = *mingw* ]] && export MAN2HTML=/bin/true #"/etc/cron.daily/man2html" ;;
+
+	econf ${myconf} \
+		$(use_enable passwordsave password-save) \
+		$(use_enable ssl) \
+		$(use_enable ssl crypto) \
+		$(use_enable iproute2) \
+		--docdir="${DESTDIR}/usr/share/doc/${PF}"
+}
+
+src_compile() {
+
+	if use static ; then
+		sed -i -e '/^LIBS/s/LIBS = /LIBS = -static /' Makefile || die "sed failed"
+	fi
+
+	emake || die "make failed"
+
+	if ! use minimal ; then
+		cd plugin
+		for i in *; do
+			[[ ${i} == "README" || ${i} == "examples" || ${i} == "defer" ]] && continue
+			[[ ${i} == "auth-pam" ]] && ! use pam && continue
+			[[ ${CHOST} = *mingw* ]] && [[ ${i} == "down-root" ]] && continue
+
+			einfo "Building ${i} plugin"
+			emake -C "${i}" CC=$(tc-getCC) || die "make failed"
+		done
+		cd ..
+	fi
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "make install failed"
+
+	# install documentation
+	dodoc AUTHORS ChangeLog PORTS README
+
+	# Install some helper scripts
+	keepdir /etc/openvpn
+	exeinto /etc/openvpn
+	doexe "${FILESDIR}/up.sh" || die "doexe failed"
+	doexe "${FILESDIR}/down.sh" || die "doexe failed"
+
+	# Install the init script and config file
+	newinitd "${FILESDIR}/${PN}-2.1.init" openvpn || die "newinitd failed"
+	newconfd "${FILESDIR}/${PN}-2.1.conf" openvpn || die "newconfd failed"
+
+	# install examples, controlled by the respective useflag
+	if use examples ; then
+		# dodoc does not supportly support directory traversal, #15193
+		insinto /usr/share/doc/${PF}/examples
+		doins -r sample-{config-files,keys,scripts} contrib
+	fi
+
+	# Install plugins and easy-rsa
+	doenvd "${FILESDIR}/65openvpn" # config-protect easy-rsa
+
+	case "${CHOST}" in
+		*mingw*)	ext="dll"	;;
+		*)			ext="so"	;;
+	esac
+
+	if ! use minimal ; then
+		case "${CHOST}" in
+			*mingw*) ;;
+			*)
+				cd easy-rsa/2.0
+				make install "DESTDIR=${D}/usr/share/${PN}/easy-rsa"
+				cd ../..
+				;;
+		esac
+
+		if [ -e "plugin/*/*.${ext}" ] ; then
+			exeinto "/usr/$(get_libdir)/${PN}"
+			doexe plugin/*/*.${ext}
+		fi
+	fi
+}
+
+pkg_postinst() {
+	# Add openvpn user so openvpn servers can drop privs
+	# Clients should run as root so they can change ip addresses,
+	# dns information and other such things.
+	enewgroup openvpn
+	enewuser openvpn "" "" "" openvpn
+
+	if [ path_exists -o "${ROOT}/etc/openvpn/*/local.conf" ] ; then
+		ewarn "WARNING: The openvpn init script has changed"
+		ewarn ""
+	fi
+
+	elog "The openvpn init script expects to find the configuration file"
+	elog "openvpn.conf in /etc/openvpn along with any extra files it may need."
+	elog ""
+	elog "To create more VPNs, simply create a new .conf file for it and"
+	elog "then create a symlink to the openvpn init script from a link called"
+	elog "openvpn.newconfname - like so"
+	elog "   cd /etc/openvpn"
+	elog "   ${EDITOR##*/} foo.conf"
+	elog "   cd /etc/init.d"
+	elog "   ln -s openvpn openvpn.foo"
+	elog ""
+	elog "You can then treat openvpn.foo as any other service, so you can"
+	elog "stop one vpn and start another if you need to."
+
+	if grep -Eq "^[ \t]*(up|down)[ \t].*" "${ROOT}/etc/openvpn"/*.conf 2>/dev/null ; then
+		ewarn ""
+		ewarn "WARNING: If you use the remote keyword then you are deemed to be"
+		ewarn "a client by our init script and as such we force up,down scripts."
+		ewarn "These scripts call /etc/openvpn/\$SVCNAME-{up,down}.sh where you"
+		ewarn "can move your scripts to."
+	fi
+
+	if ! use minimal ; then
+		einfo ""
+		einfo "plugins have been installed into /usr/$(get_libdir)/${PN}"
+	fi
+
+	if use ipv6 ; then
+		einfo ""
+		einfo "This build contains a community-maintained IPv6 patch."
+		einfo "For more information please visit:"
+		einfo "http://www.greenie.net/ipv6/openvpn.html"
+	fi
+}
-- 
cgit v1.2.3