alex/genode-world
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Move OpenVPN from Genode repository to world

Browse Source 
Issue genodelabs/genode#3737
This commit is contained in:
Norman Feske
2020-04-22 16:43:47 +02:00
parent 3e1635dfda
commit dd15d65800
14 changed files with 1623 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ports/openvpn.hash Normal file
View File

@@ -0,0 +1 @@
c6b6a601bdd5ef3e92c9e367a5e3d932478f2652

10
ports/openvpn.port Normal file
View File

@@ -0,0 +1,10 @@
LICENSE := GPLv2
VERSION := 2.3.4
DOWNLOADS := openvpn.git
URL(openvpn) := https://github.com/OpenVPN/openvpn.git
REV(openvpn) := 024454a068a0dad1d0d872a91a5bdd7bee21a93f
DIR(openvpn) := src/app/openvpn
PATCHES := src/app/openvpn/patches/*.patch
PATCH_OPT := -N -p1 -d ${DIR(openvpn)}

796
src/app/openvpn/config.h Normal file
View File

@@ -0,0 +1,796 @@
/* config.h. Generated from config.h.in by configure. */
/* config.h.in. Generated from configure.ac by autoheader. */
/* Configuration settings */
#define CONFIGURE_DEFINES "enable_crypto=yes enable_debug=yes enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=yes enable_fragment=yes enable_http_proxy=yes enable_iproute2=no enable_libtool_lock=yes enable_lzo=yes enable_lzo_stub=no enable_management=yes enable_multi=yes enable_multihome=yes enable_pam_dlopen=no enable_password_save=no enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=no enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_small=no enable_socks=yes enable_ssl=yes enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=no enable_win32_dll=yes enable_x509_alt_username=no with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_plugindir='$(libdir)/openvpn/plugins' with_sysroot=no"
/* special build string */
/* #undef CONFIGURE_SPECIAL_BUILD */
/* Use memory debugging function in OpenSSL */
/* #undef CRYPTO_MDEBUG */
/* Use dmalloc memory debugging library */
/* #undef DMALLOC */
/* Dimension to use for empty array declaration */
#define EMPTY_ARRAY_SIZE 0
/* Enable client capability only */
#define ENABLE_CLIENT_ONLY 1
/* Enable client/server capability */
#define ENABLE_CLIENT_SERVER 1
/* Enable crypto library */
#define ENABLE_CRYPTO 1
/* Use OpenSSL library */
#define ENABLE_CRYPTO_OPENSSL 1
/* Use PolarSSL library */
/* #undef ENABLE_CRYPTO_POLARSSL */
/* Enable debugging support */
#define ENABLE_DEBUG 1
/* Enable deferred authentication */
#define ENABLE_DEF_AUTH 1
/* We have persist tun capability */
#define ENABLE_FEATURE_TUN_PERSIST 1
/* Enable internal fragmentation support */
#define ENABLE_FRAGMENT 1
/* Enable HTTP proxy support */
#define ENABLE_HTTP_PROXY 1
/* enable iproute2 support */
/* #undef ENABLE_IPROUTE */
/* Enable LZO compression library */
/* #undef ENABLE_LZO */
/* Enable LZO stub capability */
/* #undef ENABLE_LZO_STUB */
/* Enable management server capability */
#define ENABLE_MANAGEMENT 1
/* Enable multi-homed UDP server capability */
#define ENABLE_MULTIHOME 1
/* Allow --askpass and --auth-user-pass passwords to be read from a file */
/* #undef ENABLE_PASSWORD_SAVE */
/* Enable internal packet filter */
#define ENABLE_PF 1
/* Enable PKCS11 */
/* #undef ENABLE_PKCS11 */
/* Enable plug-in support */
#define ENABLE_PLUGIN 1
/* Enable TCP Server port sharing */
#define ENABLE_PORT_SHARE 1
/* SELinux support */
/* #undef ENABLE_SELINUX */
/* Enable smaller executable size */
/* #undef ENABLE_SMALL */
/* Enable Socks proxy support */
#define ENABLE_SOCKS 1
/* Enable ssl library */
#define ENABLE_SSL 1
/* Enable strict options check between peers */
/* #undef ENABLE_STRICT_OPTIONS_CHECK */
/* Enable systemd support */
/* #undef ENABLE_SYSTEMD */
/* Enable --x509-username-field feature */
/* #undef ENABLE_X509ALTUSERNAME */
/* Define to 1 if you have the `accept' function. */
#define HAVE_ACCEPT 1
/* Define to 1 if you have the `access' function. */
#define HAVE_ACCESS 1
/* Define to 1 if you have the <arpa/inet.h> header file. */
#define HAVE_ARPA_INET_H 1
/* Define to 1 if you have the `basename' function. */
#define HAVE_BASENAME 1
/* Define to 1 if you have the `bind' function. */
#define HAVE_BIND 1
/* Define to 1 if you have the `chdir' function. */
#define HAVE_CHDIR 1
/* Define to 1 if you have the `chroot' function. */
#define HAVE_CHROOT 1
/* Define to 1 if you have the `chsize' function. */
/* #undef HAVE_CHSIZE */
/* struct cmsghdr needed for extended socket error support */
#define HAVE_CMSGHDR 1
/* extra version available in config-version.h */
/* #undef HAVE_CONFIG_VERSION_H */
/* Define to 1 if you have the `connect' function. */
#define HAVE_CONNECT 1
/* Define to 1 if your compiler supports GNU GCC-style variadic macros */
#define HAVE_CPP_VARARG_MACRO_GCC 1
/* Define to 1 if your compiler supports ISO C99 variadic macros */
#define HAVE_CPP_VARARG_MACRO_ISO 1
/* Define to 1 if you have the `ctime' function. */
#define HAVE_CTIME 1
/* Define to 1 if you have the <ctype.h> header file. */
#define HAVE_CTYPE_H 1
/* Define to 1 if you have the `daemon' function. */
#define HAVE_DAEMON 1
/* Define to 1 if you have the declaration of `SIGHUP', and to 0 if you don't.
*/
#define HAVE_DECL_SIGHUP 1
/* Define to 1 if you have the declaration of `SIGINT', and to 0 if you don't.
*/
#define HAVE_DECL_SIGINT 1
/* Define to 1 if you have the declaration of `SIGTERM', and to 0 if you
don't. */
#define HAVE_DECL_SIGTERM 1
/* Define to 1 if you have the declaration of `SIGUSR1', and to 0 if you
don't. */
#define HAVE_DECL_SIGUSR1 1
/* Define to 1 if you have the declaration of `SIGUSR2', and to 0 if you
don't. */
#define HAVE_DECL_SIGUSR2 1
/* Define to 1 if you have the declaration of `SO_MARK', and to 0 if you
don't. */
#define HAVE_DECL_SO_MARK 1
/* Define to 1 if you have the declaration of `TUNSETPERSIST', and to 0 if you
don't. */
#define HAVE_DECL_TUNSETPERSIST 1
/* Define to 1 if you have the <direct.h> header file. */
/* #undef HAVE_DIRECT_H */
/* Define to 1 if you have the `dirname' function. */
#define HAVE_DIRNAME 1
/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1
/* Define to 1 if you have the `dup' function. */
#define HAVE_DUP 1
/* Define to 1 if you have the `dup2' function. */
#define HAVE_DUP2 1
/* Define to 1 if you have the `ENGINE_cleanup' function. */
#define HAVE_ENGINE_CLEANUP 1
/* Define to 1 if you have the `ENGINE_load_builtin_engines' function. */
#define HAVE_ENGINE_LOAD_BUILTIN_ENGINES 1
/* Define to 1 if you have the `ENGINE_register_all_complete' function. */
#define HAVE_ENGINE_REGISTER_ALL_COMPLETE 1
/* Define to 1 if you have the `epoll_create' function. */
/* #undef HAVE_EPOLL_CREATE */
/* Define to 1 if you have the <errno.h> header file. */
#define HAVE_ERRNO_H 1
/* Define to 1 if you have the <err.h> header file. */
#define HAVE_ERR_H 1
/* Define to 1 if you have the `EVP_CIPHER_CTX_set_key_length' function. */
#define HAVE_EVP_CIPHER_CTX_SET_KEY_LENGTH 1
/* Define to 1 if you have the `execve' function. */
#define HAVE_EXECVE 1
/* Define to 1 if you have the <fcntl.h> header file. */
#define HAVE_FCNTL_H 1
/* Define to 1 if you have the `flock' function. */
#define HAVE_FLOCK 1
/* Define to 1 if you have the `fork' function. */
#define HAVE_FORK 1
/* Define to 1 if you have the `ftruncate' function. */
#define HAVE_FTRUNCATE 1
/* Define to 1 if you have the `getgrnam' function. */
#define HAVE_GETGRNAM 1
/* Define to 1 if you have the `gethostbyname' function. */
#define HAVE_GETHOSTBYNAME 1
/* Define to 1 if you have the `getpass' function. */
#define HAVE_GETPASS 1
/* Define to 1 if you have the `getpeereid' function. */
/* #undef HAVE_GETPEEREID */
/* Define to 1 if you have the `getpeername' function. */
#define HAVE_GETPEERNAME 1
/* Define to 1 if you have the `getpid' function. */
#define HAVE_GETPID 1
/* Define to 1 if you have the `getpwnam' function. */
#define HAVE_GETPWNAM 1
/* Define to 1 if you have the `getsockname' function. */
#define HAVE_GETSOCKNAME 1
/* Define to 1 if you have the `getsockopt' function. */
#define HAVE_GETSOCKOPT 1
/* Define to 1 if you have the `gettimeofday' function. */
#define HAVE_GETTIMEOFDAY 1
/* Define to 1 if you have the <grp.h> header file. */
#define HAVE_GRP_H 1
/* Define to 1 if you have the `inet_ntoa' function. */
#define HAVE_INET_NTOA 1
/* Define to 1 if you have the `inet_ntop' function. */
#define HAVE_INET_NTOP 1
/* Define to 1 if you have the `inet_pton' function. */
#define HAVE_INET_PTON 1
/* Define to 1 if you have the <inttypes.h> header file. */
#define HAVE_INTTYPES_H 1
/* Define to 1 if the system has the type `in_addr_t'. */
#define HAVE_IN_ADDR_T 1
/* struct in_pktinfo needed for IP_PKTINFO support */
/* #undef HAVE_IN_PKTINFO */
/* struct iovec needed for IPv6 support */
#define HAVE_IOVEC 1
/* Define to 1 if you have the <io.h> header file. */
/* #undef HAVE_IO_H */
/* struct iphdr needed for IPv6 support */
#define HAVE_IPHDR 1
/* Define to 1 if you have the <libgen.h> header file. */
#define HAVE_LIBGEN_H 1
/* Define to 1 if you have the `polarssl' library (-lpolarssl). */
/* #undef HAVE_LIBPOLARSSL */
/* Define to 1 if you have the <limits.h> header file. */
#define HAVE_LIMITS_H 1
/* Define to 1 if you have the <linux/if_tun.h> header file. */
#define HAVE_LINUX_IF_TUN_H 1
/* Define to 1 if you have the <linux/sockios.h> header file. */
#define HAVE_LINUX_SOCKIOS_H 1
/* Define to 1 if you have the <linux/types.h> header file. */
#define HAVE_LINUX_TYPES_H 1
/* Define to 1 if you have the `listen' function. */
#define HAVE_LISTEN 1
/* Define to 1 if you have the <lzo1x.h> header file. */
/* #undef HAVE_LZO1X_H */
/* Define to 1 if you have the <lzoutil.h> header file. */
/* #undef HAVE_LZOUTIL_H */
/* Define to 1 if you have the <lzo/lzo1x.h> header file. */
/* #undef HAVE_LZO_LZO1X_H */
/* Define to 1 if you have the <lzo/lzoutil.h> header file. */
/* #undef HAVE_LZO_LZOUTIL_H */
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the `memset' function. */
#define HAVE_MEMSET 1
/* Define to 1 if you have the `mlockall' function. */
#define HAVE_MLOCKALL 1
/* struct msghdr needed for extended socket error support */
#define HAVE_MSGHDR 1
/* Define to 1 if you have the <netdb.h> header file. */
#define HAVE_NETDB_H 1
/* Define to 1 if you have the <netinet/if_ether.h> header file. */
#define HAVE_NETINET_IF_ETHER_H 1
/* Define to 1 if you have the <netinet/in.h> header file. */
#define HAVE_NETINET_IN_H 1
/* Define to 1 if you have the <netinet/in_systm.h> header file. */
#define HAVE_NETINET_IN_SYSTM_H 1
/* Define to 1 if you have the <netinet/ip.h> header file. */
#define HAVE_NETINET_IP_H 1
/* Define to 1 if you have the <netinet/tcp.h> header file. */
#define HAVE_NETINET_TCP_H 1
/* Define to 1 if you have the <net/if.h> header file. */
#define HAVE_NET_IF_H 1
/* Define to 1 if you have the <net/if_tun.h> header file. */
/* #undef HAVE_NET_IF_TUN_H */
/* Define to 1 if you have the <net/if_utun.h> header file. */
/* #undef HAVE_NET_IF_UTUN_H */
/* Define to 1 if you have the <net/tun/if_tun.h> header file. */
/* #undef HAVE_NET_TUN_IF_TUN_H */
/* Define to 1 if you have the `nice' function. */
#define HAVE_NICE 1
/* Define to 1 if you have the `openlog' function. */
#define HAVE_OPENLOG 1
/* Use crypto library */
#define HAVE_OPENSSL_ENGINE 1
/* Define to 1 if you have the `poll' function. */
#define HAVE_POLL 1
/* Define to 1 if you have the `putenv' function. */
#define HAVE_PUTENV 1
/* Define to 1 if you have the <pwd.h> header file. */
#define HAVE_PWD_H 1
/* Define to 1 if you have the `readv' function. */
#define HAVE_READV 1
/* Define to 1 if you have the `recv' function. */
#define HAVE_RECV 1
/* Define to 1 if you have the `recvfrom' function. */
#define HAVE_RECVFROM 1
/* Define to 1 if you have the `recvmsg' function. */
#define HAVE_RECVMSG 1
/* Define to 1 if you have the <resolv.h> header file. */
#define HAVE_RESOLV_H 1
/* Define to 1 if you have the `res_init' function. */
/* #undef HAVE_RES_INIT */
/* Define to 1 if you have the `select' function. */
#define HAVE_SELECT 1
/* Define to 1 if you have the `send' function. */
#define HAVE_SEND 1
/* Define to 1 if you have the `sendmsg' function. */
#define HAVE_SENDMSG 1
/* Define to 1 if you have the `sendto' function. */
#define HAVE_SENDTO 1
/* Define to 1 if you have the `setgid' function. */
#define HAVE_SETGID 1
/* Define to 1 if you have the `setgroups' function. */
#define HAVE_SETGROUPS 1
/* Define to 1 if you have the `setsid' function. */
#define HAVE_SETSID 1
/* Define to 1 if you have the `setsockopt' function. */
#define HAVE_SETSOCKOPT 1
/* Define to 1 if you have the `setuid' function. */
#define HAVE_SETUID 1
/* Define to 1 if you have the <signal.h> header file. */
#define HAVE_SIGNAL_H 1
/* Define to 1 if you have the `socket' function. */
#define HAVE_SOCKET 1
/* struct sock_extended_err needed for extended socket error support */
/* #undef HAVE_SOCK_EXTENDED_ERR */
/* Define to 1 if you have the `stat' function. */
#define HAVE_STAT 1
/* Define to 1 if you have the <stdarg.h> header file. */
#define HAVE_STDARG_H 1
/* Define to 1 if you have the <stdbool.h> header file. */
#define HAVE_STDBOOL_H 1
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1
/* Define to 1 if you have the <stdio.h> header file. */
#define HAVE_STDIO_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the `strdup' function. */
#define HAVE_STRDUP 1
/* Define to 1 if you have the `strerror' function. */
#define HAVE_STRERROR 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the <stropts.h> header file. */
#define HAVE_STROPTS_H 1
/* Define to 1 if you have the `syslog' function. */
#define HAVE_SYSLOG 1
/* Define to 1 if you have the <syslog.h> header file. */
#define HAVE_SYSLOG_H 1
/* Define to 1 if you have the `system' function. */
#define HAVE_SYSTEM 1
/* Define to 1 if you have the <sys/epoll.h> header file. */
/* #undef HAVE_SYS_EPOLL_H */
/* Define to 1 if you have the <sys/file.h> header file. */
#define HAVE_SYS_FILE_H 1
/* Define to 1 if you have the <sys/ioctl.h> header file. */
#define HAVE_SYS_IOCTL_H 1
/* Define to 1 if you have the <sys/kern_control.h> header file. */
/* #undef HAVE_SYS_KERN_CONTROL_H */
/* Define to 1 if you have the <sys/mman.h> header file. */
#define HAVE_SYS_MMAN_H 1
/* Define to 1 if you have the <sys/poll.h> header file. */
#define HAVE_SYS_POLL_H 1
/* Define to 1 if you have the <sys/socket.h> header file. */
#define HAVE_SYS_SOCKET_H 1
/* Define to 1 if you have the <sys/sockio.h> header file. */
/* #undef HAVE_SYS_SOCKIO_H */
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* Define to 1 if you have the <sys/time.h> header file. */
#define HAVE_SYS_TIME_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the <sys/uio.h> header file. */
#define HAVE_SYS_UIO_H 1
/* Define to 1 if you have the <sys/un.h> header file. */
#define HAVE_SYS_UN_H 1
/* Define to 1 if you have the <sys/wait.h> header file. */
#define HAVE_SYS_WAIT_H 1
/* Define to 1 if you have the <tap-windows.h> header file. */
/* #undef HAVE_TAP_WINDOWS_H */
/* Define to 1 if you have the `time' function. */
#define HAVE_TIME 1
/* Define to 1 if you have the <time.h> header file. */
#define HAVE_TIME_H 1
/* Define to 1 if you have the `umask' function. */
#define HAVE_UMASK 1
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
/* Define to 1 if you have the `unlink' function. */
#define HAVE_UNLINK 1
/* Define to 1 if you have the `vfork' function. */
#define HAVE_VFORK 1
/* Define to 1 if you have the <vfork.h> header file. */
/* #undef HAVE_VFORK_H */
/* Define to 1 if you have the `vsnprintf' function. */
#define HAVE_VSNPRINTF 1
/* Define to 1 if you have the <windows.h> header file. */
/* #undef HAVE_WINDOWS_H */
/* Define to 1 if you have the <winsock2.h> header file. */
/* #undef HAVE_WINSOCK2_H */
/* Define to 1 if `fork' works. */
#define HAVE_WORKING_FORK 1
/* Define to 1 if `vfork' works. */
/* #undef HAVE_WORKING_VFORK */
/* Define to 1 if you have the `writev' function. */
#define HAVE_WRITEV 1
/* Define to 1 if you have the <ws2tcpip.h> header file. */
/* #undef HAVE_WS2TCPIP_H */
/* Path to ifconfig tool */
#define IFCONFIG_PATH "/sbin/ifconfig"
/* Path to iproute tool */
#define IPROUTE_PATH "/bin/ip"
/* Define to the sub-directory in which libtool stores uninstalled libraries.
*/
#define LT_OBJDIR ".libs/"
/* Version in windows resource format */
#define OPENVPN_VERSION_RESOURCE 2,3,4,0
/* Name of package */
#define PACKAGE "openvpn"
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "openvpn-users@lists.sourceforge.net"
/* Define to the full name of this package. */
#define PACKAGE_NAME "OpenVPN"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING "OpenVPN 2.3.4"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "openvpn"
/* Define to the home page for this package. */
#define PACKAGE_URL ""
/* Define to the version of this package. */
#define PACKAGE_VERSION "2.3.4"
/* Path separator */
#define PATH_SEPARATOR '/'
/* Path separator */
#define PATH_SEPARATOR_STR "/"
/* Define as the return type of signal handlers (`int' or `void'). */
#define RETSIGTYPE void
/* Path to route tool */
#define ROUTE_PATH "/sbin/route"
/* SIGHUP replacement */
/* #undef SIGHUP */
/* SIGINT replacement */
/* #undef SIGINT */
/* SIGTERM replacement */
/* #undef SIGTERM */
/* SIGUSR1 replacement */
/* #undef SIGUSR1 */
/* SIGUSR2 replacement */
/* #undef SIGUSR2 */
/* The size of `unsigned int', as computed by sizeof. */
#define SIZEOF_UNSIGNED_INT 4
/* The size of `unsigned long', as computed by sizeof. */
/* #undef SIZEOF_UNSIGNED_LONG */
#include "config_sizeof_long.h"
/* Define to 1 if you have the ANSI C header files. */
#define STDC_HEADERS 1
/* The tap-windows id */
#define TAP_WIN_COMPONENT_ID "tap0901"
/* The tap-windows version number is required for OpenVPN */
#define TAP_WIN_MIN_MAJOR 9
/* The tap-windows version number is required for OpenVPN */
#define TAP_WIN_MIN_MINOR 9
/* A string representing our host */
#define TARGET_ALIAS "unknown-unknown-genode"
/* Are we running on Mac OS X? */
/* #undef TARGET_DARWIN */
/* Are we running on DragonFlyBSD? */
/* #undef TARGET_DRAGONFLY */
/* Are we running on FreeBSD? */
#define TARGET_FREEBSD 1
/* Are we running on Linux? */
/* #undef TARGET_LINUX */
/* Are we running NetBSD? */
/* #undef TARGET_NETBSD */
/* Are we running on OpenBSD? */
/* #undef TARGET_OPENBSD */
/* Target prefix */
#define TARGET_PREFIX "F"
/* Are we running on Solaris? */
/* #undef TARGET_SOLARIS */
/* Are we running WIN32? */
/* #undef TARGET_WIN32 */
/* dlopen libpam */
/* #undef USE_PAM_DLOPEN */
/* Enable extensions on AIX 3, Interix. */
#ifndef _ALL_SOURCE
# define _ALL_SOURCE 1
#endif
/* Enable GNU extensions on systems that have them. */
#ifndef _GNU_SOURCE
# define _GNU_SOURCE 1
#endif
/* Enable threading extensions on Solaris. */
#ifndef _POSIX_PTHREAD_SEMANTICS
# define _POSIX_PTHREAD_SEMANTICS 1
#endif
/* Enable extensions on HP NonStop. */
#ifndef _TANDEM_SOURCE
# define _TANDEM_SOURCE 1
#endif
/* Enable general extensions on Solaris. */
#ifndef __EXTENSIONS__
# define __EXTENSIONS__ 1
#endif
/* Use valgrind memory debugging library */
/* #undef USE_VALGRIND */
/* Version number of package */
#define VERSION "2.3.4"
/* Define to 1 if on MINIX. */
/* #undef _MINIX */
/* Define to 2 if the system does not provide POSIX.1 features except with
this defined. */
/* #undef _POSIX_1_SOURCE */
/* Define to 1 if you need to in order for `stat' and other things to work. */
/* #undef _POSIX_SOURCE */
/* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */
/* #undef _UINT32_T */
/* Define for Solaris 2.5.1 so the uint64_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */
/* #undef _UINT64_T */
/* Define for Solaris 2.5.1 so the uint8_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */
/* #undef _UINT8_T */
/* Define to empty if `const' does not conform to ANSI C. */
/* #undef const */
/* Define to `int' if <sys/types.h> doesn't define. */
/* #undef gid_t */
/* Workaround missing in_addr_t */
/* #undef in_addr_t */
/* Define to `__inline__' or `__inline' if that's what the C compiler
calls it, or to nothing if 'inline' is not supported under any name. */
#ifndef __cplusplus
/* #undef inline */
#endif
/* Define to the type of a signed integer type of width exactly 16 bits if
such a type exists and the standard includes do not define it. */
/* #undef int16_t */
/* Define to the type of a signed integer type of width exactly 32 bits if
such a type exists and the standard includes do not define it. */
/* #undef int32_t */
/* Define to the type of a signed integer type of width exactly 64 bits if
such a type exists and the standard includes do not define it. */
/* #undef int64_t */
/* Define to the type of a signed integer type of width exactly 8 bits if such
a type exists and the standard includes do not define it. */
/* #undef int8_t */
/* Define to `long int' if <sys/types.h> does not define. */
/* #undef off_t */
/* Define to `int' if <sys/types.h> does not define. */
/* #undef pid_t */
/* Define to `unsigned int' if <sys/types.h> does not define. */
/* #undef size_t */
/* type to use in place of socklen_t if not defined */
/* #undef socklen_t */
/* Define to `int' if <sys/types.h> doesn't define. */
/* #undef uid_t */
/* Define to the type of an unsigned integer type of width exactly 16 bits if
such a type exists and the standard includes do not define it. */
/* #undef uint16_t */
/* Define to the type of an unsigned integer type of width exactly 32 bits if
such a type exists and the standard includes do not define it. */
/* #undef uint32_t */
/* Define to the type of an unsigned integer type of width exactly 64 bits if
such a type exists and the standard includes do not define it. */
/* #undef uint64_t */
/* Define to the type of an unsigned integer type of width exactly 8 bits if
such a type exists and the standard includes do not define it. */
/* #undef uint8_t */
/* Define as `fork' if `vfork' does not work. */
/* #undef vfork */
/* Define to empty if the keyword `volatile' does not work. Warning: valid
code using `volatile' can become incorrect without. Disable with care. */
/* #undef volatile */

33
src/app/openvpn/dummies.c Normal file
View File

@@ -0,0 +1,33 @@
/*
* \brief Dummy functions
* \author Josef Soentgen
* \date 2014-05-19
*/
/*
* Copyright (C) 2014-2017 Genode Labs GmbH
*
* This file is distributed under the terms of the GNU General Public License
* version 2.
*/
/* Genode includes */
#include <stdio.h>
typedef long DUMMY;
enum {
SHOW_DUMMY = 0,
};
#define DUMMY(retval, name) \
DUMMY name(void) { \
if (SHOW_DUMMY) \
fprintf(stderr, #name " called (from %p) not implemented", __builtin_return_address(0)); \
return retval; \
}
DUMMY(-1, mlockall)
DUMMY(-1, if_indextoname)
DUMMY(-1, if_nametoindex)
DUMMY(-1, sendmsg)

280
src/app/openvpn/main.cc Normal file
View File

@@ -0,0 +1,280 @@
/*
* \brief TUN/TAP to Nic_session interface
* \author Josef Soentgen
* \date 2014-06-05
*/
/*
* Copyright (C) 2014-2017 Genode Labs GmbH
*
* This file is distributed under the terms of the GNU General Public License
* version 2.
*/
/* Genode includes */
#include <base/log.h>
#include <base/heap.h>
#include <os/static_root.h>
#include <nic/component.h>
#include <root/component.h>
#include <libc/component.h>
/* libc includes */
#include <unistd.h>
/* local includes */
#include "tuntap.h"
/* external symbols provided by Genode's startup code */
extern char **genode_argv;
extern int genode_argc;
/*********************************
** OpenVPN main thread wrapper **
*********************************/
extern "C" int openvpn_main(int, char*[]);
class Openvpn_thread : public Genode::Thread
{
private:
int _argc;
char **_argv;
int _exitcode;
public:
Openvpn_thread(Genode::Env &env, int argc, char *argv[])
:
Thread(env, "openvpn_main", 16UL * 1024 * sizeof (long)),
_argc(argc), _argv(argv),
_exitcode(-1)
{ }
void entry()
{
_exitcode = ::openvpn_main(_argc, _argv);
};
};
static Tuntap_device* _tuntap_dev;
Tuntap_device *tuntap_dev()
{
return _tuntap_dev;
}
/***************************************
** Implementation of the Nic service **
***************************************/
class Openvpn_component : public Tuntap_device,
public Nic::Session_component
{
private:
Nic::Mac_address _mac_addr;
char const *_packet;
enum { READ = 0, WRITE = 1 };
int _pipefd[2];
Genode::Semaphore _startup_lock;
Genode::Semaphore _tx_lock;
protected:
bool _send()
{
using namespace Genode;
if (!_tx.sink()->ready_to_ack())
return false;
if (!_tx.sink()->packet_avail())
return false;
Packet_descriptor packet = _tx.sink()->get_packet();
if (!packet.size()) {
Genode::warning("invalid tx packet");
return true;
}
_packet = _tx.sink()->packet_content(packet);
/* notify openvpn */
::write(_pipefd[WRITE], "1", 1);
/* block while openvpn handles the packet */
_tx_lock.down();
_tx.sink()->acknowledge_packet(packet);
return true;
}
void _handle_packet_stream() override
{
while (_rx.source()->ack_avail())
_rx.source()->release_packet(_rx.source()->get_acked_packet());
while (_send()) ;
}
public:
Openvpn_component(Genode::size_t const tx_buf_size,
Genode::size_t const rx_buf_size,
Genode::Allocator &rx_block_md_alloc,
Genode::Env &env)
: Session_component(tx_buf_size, rx_buf_size, Genode::CACHED,
rx_block_md_alloc, env)
{
char buf[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x01 };
_mac_addr = Nic::Mac_address((void*)buf);
if (pipe(_pipefd)) {
Genode::error("could not create pipe");
throw Genode::Exception();
}
}
/**************************************
** Nic::Session_component interface **
**************************************/
Nic::Mac_address mac_address() override { return _mac_addr; }
bool link_state() override
{
/* XXX always return true for now */
return true;
}
/***********************
** TUN/TAP interface **
***********************/
int fd() { return _pipefd[READ]; }
/* tx */
int read(char *buf, Genode::size_t len)
{
Genode::memcpy(buf, _packet, len);
_packet = 0;
/* unblock nic client */
_tx_lock.up();
return len;
}
/* rx */
int write(char const *buf, Genode::size_t len)
{
_handle_packet_stream();
if (!_rx.source()->ready_to_submit())
return 0;
try {
Genode::Packet_descriptor packet = _rx.source()->alloc_packet(len);
Genode::memcpy(_rx.source()->packet_content(packet), buf, len);
_rx.source()->submit_packet(packet);
} catch (...) { return 0; }
return len;
}
void up() { _startup_lock.up(); }
void down() { _startup_lock.down(); }
};
class Root : public Genode::Root_component<Openvpn_component, Genode::Single_client>
{
private:
Libc::Env &_env;
Genode::Heap _heap { _env.ram(), _env.rm() };
Openvpn_thread *_thread = nullptr;
protected:
Openvpn_component *_create_session(const char *args)
{
using namespace Genode;
using Genode::size_t;
size_t ram_quota = Arg_string::find_arg(args, "ram_quota" ).ulong_value(0);
size_t tx_buf_size = Arg_string::find_arg(args, "tx_buf_size").ulong_value(0);
size_t rx_buf_size = Arg_string::find_arg(args, "rx_buf_size").ulong_value(0);
/* deplete ram quota by the memory needed for the session structure */
size_t session_size = max(4096UL, (unsigned long)sizeof(Openvpn_component));
if (ram_quota < session_size)
throw Genode::Insufficient_ram_quota();
/*
* Check if donated ram quota suffices for both communication
* buffers and check for overflow
*/
if (tx_buf_size + rx_buf_size < tx_buf_size ||
tx_buf_size + rx_buf_size > ram_quota - session_size) {
Genode::error("insufficient 'ram_quota', got %ld, need %ld",
ram_quota, tx_buf_size + rx_buf_size + session_size);
throw Genode::Insufficient_ram_quota();
}
Openvpn_component *component = new (Root::md_alloc())
Openvpn_component(tx_buf_size,
rx_buf_size,
_heap, _env);
/**
* Setting the pointer in this manner is quite hackish but it has
* to be valid before OpenVPN calls open_tun(), which unfortunatly
* is early.
*/
_tuntap_dev = component;
_thread = new (_heap) Openvpn_thread(_env, genode_argc, genode_argv);
_thread->start();
/* wait until OpenVPN configured the TUN/TAP device for the first time */
_tuntap_dev->down();
return component;
}
void _destroy_session(Openvpn_component *session)
{
Genode::destroy(Root::md_alloc(), session);
Genode::destroy(Root::md_alloc(), _thread);
_thread = nullptr;
}
public:
Root(Libc::Env &env)
: Genode::Root_component<Openvpn_component, Genode::Single_client>(env.ep(), _heap),
_env(env)
{ }
};
/***************
** Component **
***************/
void Libc::Component::construct(Libc::Env &env)
{
static ::Root nic_root(env);
env.parent().announce(env.ep().manage(nic_root));
}

11
src/app/openvpn/patches/fdmisc.c.patch Normal file
View File

@@ -0,0 +1,11 @@
--- a/src/openvpn/fdmisc.c 2014-06-04 12:19:22.428224954 +0200
+++ b/src/openvpn/fdmisc.c 2014-06-04 15:14:38.660582474 +0200
@@ -54,7 +54,7 @@
bool
set_cloexec_action (int fd)
{
-#ifndef WIN32
+#if 0
if (fcntl (fd, F_SETFD, FD_CLOEXEC) < 0)
return false;
#endif

23
src/app/openvpn/patches/openvpn.c.patch Normal file
View File

@@ -0,0 +1,23 @@
--- a/src/openvpn/openvpn.c 2013-11-07 13:55:13.000000000 +0100
+++ b/src/openvpn/openvpn.c 2014-06-06 15:44:09.912735591 +0200
@@ -127,7 +127,6 @@
* @param argc - Commandline argument count.
* @param argv - Commandline argument values.
*/
-static
int
openvpn_main (int argc, char *argv[])
{
@@ -319,8 +318,8 @@
return ret;
}
#else
-int
-main (int argc, char *argv[]) {
- return openvpn_main(argc, argv);
-}
+//int
+//main (int argc, char *argv[]) {
+// return openvpn_main(argc, argv);
+//}
#endif

13
src/app/openvpn/patches/platform.c.patch Normal file
View File

@@ -0,0 +1,13 @@
Since the VFS is process-local on Genode, we have all the rights we
need.
--- a/src/openvpn/platform.c 2014-06-03 16:47:45.892653524 +0200
+++ b/src/openvpn/platform.c 2014-06-03 16:47:53.896653798 +0200
@@ -226,7 +226,7 @@
gc_free (&gc);
return ret;
#else
- return access (path, mode);
+ return 0;
#endif
}

11
src/app/openvpn/patches/syshead.h.patch Normal file
View File

@@ -0,0 +1,11 @@
--- a/src/openvpn/syshead.h 2014-05-16 17:22:04.000000000 +0200
+++ b/src/openvpn/syshead.h 2014-05-16 17:22:52.000000000 +0200
@@ -714,7 +714,7 @@
/*
* Do we support pushing peer info?
*/
-#if defined(ENABLE_CRYPTO) && defined(ENABLE_SSL)
+#if defined(ENABLE_CRYPTO) && defined(ENABLE_SSL) && !defined(ENABLE_CLIENT_ONLY)
#define ENABLE_PUSH_PEER_INFO
#endif

6
src/app/openvpn/spec/32bit/config_sizeof_long.h Normal file
View File

@@ -0,0 +1,6 @@
#ifndef _32BIT_CONFIG_SIZEOF_LONG_H_
#define _32BIT_CONFIG_SIZEOF_LONG_H_
#define SIZEOF_UNSIGNED_LONG 4
#endif /* _32BIT_CONFIG_SIZEOF_LONG_H_ */

6
src/app/openvpn/spec/64bit/config_sizeof_long.h Normal file
View File

@@ -0,0 +1,6 @@
#ifndef _32BIT_CONFIG_SIZEOF_LONG_H_
#define _32BIT_CONFIG_SIZEOF_LONG_H_
#define SIZEOF_UNSIGNED_LONG 8
#endif /* _32BIT_CONFIG_SIZEOF_LONG_H_ */

106
src/app/openvpn/target.mk Normal file
View File

@@ -0,0 +1,106 @@
TARGET = openvpn
LIBS += libc libc_pipe libcrypto libssl
OPENVPN_PORT_DIR := $(call select_from_ports,openvpn)
OPENVPN_DIR := $(OPENVPN_PORT_DIR)/src/app/openvpn
SRC_C_compat := compat-dirname.c \
compat-basename.c \
compat-gettimeofday.c \
compat-daemon.c \
compat-inet_ntop.c \
compat-inet_pton.c
SRC_C_openvpn := base64.c \
buffer.c \
clinat.c \
console.c \
crypto.c \
crypto_openssl.c \
cryptoapi.c \
dhcp.c \
error.c \
event.c \
fdmisc.c \
forward.c \
fragment.c \
gremlin.c \
helper.c \
httpdigest.c \
init.c \
interval.c \
list.c \
lladdr.c \
lzo.c \
manage.c \
mbuf.c \
misc.c \
mroute.c \
mss.c \
mstats.c \
mtcp.c \
mtu.c \
mudp.c \
multi.c \
ntlm.c \
occ.c \
openvpn.c \
options.c \
otime.c \
packet_id.c \
perf.c \
pf.c \
ping.c \
pkcs11.c \
pkcs11_openssl.c \
platform.c \
plugin.c \
pool.c \
proto.c \
proxy.c \
ps.c \
push.c \
reliable.c \
route.c \
schedule.c \
session_id.c \
shaper.c \
sig.c \
socket.c \
socks.c \
ssl.c \
ssl_openssl.c \
ssl_verify.c \
ssl_verify_openssl.c \
status.c
SRC_CC = main.cc tun_genode.cc
CC_CXX_OPT += -fpermissive
# too much to cope with...
CC_WARN =
SRC_C := $(SRC_C_compat) $(SRC_C_openvpn) dummies.c
CC_OPT += -DHAVE_CONFIG_H -DSELECT_PREFERRED_OVER_POLL
INC_DIR += $(OPENVPN_DIR)/include
INC_DIR += $(OPENVPN_DIR)/src/compat
INC_DIR += $(OPENVPN_DIR)/src/openvpn
# find 'config.h'
ifeq ($(filter-out $(SPECS),32bit),)
TARGET_CPUBIT=32bit
else ifeq ($(filter-out $(SPECS),64bit),)
TARGET_CPUBIT=64bit
endif
INC_DIR += $(REP_DIR)/src/app/openvpn/spec/$(TARGET_CPUBIT)
INC_DIR += $(REP_DIR)/src/app/openvpn/
vpath compat-%.c $(OPENVPN_DIR)/src/compat
vpath %.c $(OPENVPN_DIR)/src/openvpn
vpath %.cc $(REP_DIR)/src/app/openvpn
CC_CXX_WARN_STRICT =

274
src/app/openvpn/tun_genode.cc Normal file
View File

@@ -0,0 +1,274 @@
/*
* \brief TUN/TAP to Nic_session interface
* \author Josef Soentgen
* \date 2014-06-05
*/
/*
* Copyright (C) 2014-2017 Genode Labs GmbH
*
* This file is distributed under the terms of the GNU General Public License
* version 2.
*/
/* Genode includes */
#include <base/log.h>
#include <base/snprintf.h>
#include <nic_session/rpc_object.h>
#include <root/component.h>
#include <util/string.h>
/* local includes */
#include "tuntap.h"
/* OpenVPN includes */
extern "C" {
#include "config.h"
#include "syshead.h"
#include "socket.h"
#include "tun.h"
}
extern Tuntap_device *tuntap_dev();
static in_addr_t gen_broadcast_addr(in_addr_t local, in_addr_t netmask) {
return local | ~netmask; }
extern "C" void open_tun(char const *dev, char const *dev_type,
char const *dev_node, struct tuntap *tt)
{
/* start with a failed attempt to open tun/tap device */
tt->fd = -1;
if (tt->ipv6) {
Genode::error("IPv6 is currently not supported!");
return;
}
if (tt->type == DEV_TYPE_NULL) {
Genode::error("null device not supported");
return;
}
char name[256];
Genode::snprintf(name, sizeof (name), "/dev/%s", dev);
tt->actual_name = string_alloc(name, NULL);
tt->fd = tuntap_dev()->fd();
}
extern "C" void close_tun(struct tuntap *tt)
{
free(tt->actual_name);
free(tt);
}
extern "C" int write_tun(struct tuntap *tt, uint8_t *buf, int len)
{
if (len <= 0)
return -1;
switch (tt->type) {
case DEV_TYPE_TAP:
return tuntap_dev()->write(reinterpret_cast<char const*>(buf), len);
break;
case DEV_TYPE_TUN:
break;
}
return -1;
}
extern "C" int read_tun(struct tuntap *tt, uint8_t *buf, int len)
{
if (len <= 0)
return -1;
{
/* read from fd to prevent select() from triggering more than once */
char tmp[1];
::read(tt->fd, tmp, sizeof (tmp));
}
switch (tt->type) {
case DEV_TYPE_TAP:
return tuntap_dev()->read(reinterpret_cast<char*>(buf), len);
break;
case DEV_TYPE_TUN:
break;
}
return -1;
}
extern "C" void tuncfg(char const *dev, char const *dev_type,
char const *dev_node, int persist_mode,
char const *username, char const *groupname,
struct tuntap_options const *options) { }
extern "C" char const *guess_tuntap_dev(char const *dev, char const *dev_type,
char const *dev_node, struct gc_arena *gc)
{
return dev;
}
extern "C" struct tuntap *init_tun(char const *dev, char const *dev_type,
int topology, char const *ifconfig_local_parm,
char const *ifconfig_remote_netmask_parm,
char const *ifconfig_ipv6_local_parm,
int ifconfig_ipv6_netbits_parm,
char const *ifconfig_ipv6_remote_parm,
in_addr_t local_public, in_addr_t remote_public,
bool const strict_warn, struct env_set *es)
{
struct tuntap *tt;
ALLOC_OBJ(tt, struct tuntap);
Genode::memset(tt, 0, sizeof (struct tuntap));
tt->fd = -1;
tt->ipv6 = false;
tt->type = dev_type_enum(dev, dev_type);
tt->topology = topology;
if (ifconfig_local_parm && ifconfig_remote_netmask_parm) {
bool tun = is_tun_p2p(tt);
tt->local = getaddr(GETADDR_RESOLVE | GETADDR_HOST_ORDER |
GETADDR_FATAL_ON_SIGNAL | GETADDR_FATAL,
ifconfig_local_parm, 0, NULL, NULL);
tt->remote_netmask = getaddr((tun ? GETADDR_RESOLVE : 0) |
GETADDR_HOST_ORDER | GETADDR_FATAL_ON_SIGNAL |
GETADDR_FATAL, ifconfig_remote_netmask_parm,
0, NULL, NULL);
if (!tun) {
tt->broadcast = gen_broadcast_addr(tt->local, tt->remote_netmask);
}
tt->did_ifconfig_setup = true;
}
return tt;
}
extern "C" void init_tun_post(struct tuntap *tt, struct frame const *frame,
struct tuntap_options const *options) { }
extern "C" void do_ifconfig(struct tuntap *tt, char const *actual_name,
int tun_mtu, struct env_set const *es)
{
/**
* After OpenVPN has received a PUSH_REPLY it will configure
* the TUN/TAP device by calling this function. At this point
* it is save to actually announce the Nic_session. Therefore,
* we release the lock.
*/
tuntap_dev()->up();
}
extern "C" bool is_dev_type(char const *dev, char const *dev_type,
char const *match_type)
{
if (!dev)
return false;
if (dev_type)
return !Genode::strcmp(dev_type, match_type);
else
return !Genode::strcmp(dev, match_type, Genode::strlen(match_type));
}
extern "C" int dev_type_enum(char const *dev, char const *dev_type)
{
if (is_dev_type(dev, dev_type, "tap"))
return DEV_TYPE_TAP;
if (is_dev_type(dev, dev_type, "tun"))
return DEV_TYPE_TUN;
if (is_dev_type(dev, dev_type, "null"))
return DEV_TYPE_NULL;
return DEV_TYPE_UNDEF;
}
extern "C" char const *dev_type_string(char const *dev, char const *dev_type)
{
switch (dev_type_enum(dev, dev_type)) {
case DEV_TYPE_TAP:
return "tap";
case DEV_TYPE_TUN:
return "tun";
case DEV_TYPE_NULL:
return "null";
default:
return "[unknown-dev-type]";
}
}
extern "C" char const *ifconfig_options_string(struct tuntap const* tt,
bool remote, bool disable,
struct gc_arena *gc)
{
return 0;
}
extern "C" bool is_tun_p2p(struct tuntap const *tt)
{
bool tun = false;
if (tt->type == DEV_TYPE_TAP ||
(tt->type == DEV_TYPE_TUN && tt->topology == TOP_SUBNET))
tun = false;
else if (tt->type == DEV_TYPE_TUN)
tun = true;
else
Genode::error("problem with tun vs. tap setting");
return tun;
}
extern "C" void check_subnet_conflict(const in_addr_t, const in_addr_t,
char const *) { }
extern "C" void warn_on_use_of_common_subnets(void) { }
extern "C" char const *tun_stat(struct tuntap const *tt, unsigned rwflags,
struct gc_arena *gc)
{
struct buffer out = alloc_buf_gc(64, gc);
if (tt) {
if (rwflags & EVENT_READ) {
buf_printf(&out, "T%s", (tt->rwflags_debug & EVENT_READ) ? "R" : "r");
}
if (rwflags & EVENT_WRITE) {
buf_printf(&out, "T%s", (tt->rwflags_debug & EVENT_WRITE) ? "W" : "w");
}
}
else
buf_printf(&out, "T?");
return buf_str(&out);
}

53
src/app/openvpn/tuntap.h Normal file
View File

@@ -0,0 +1,53 @@
/*
* \brief TUN/TAP to Nic_session interface
* \author Josef Soentgen
* \date 2014-06-05
*/
/*
* Copyright (C) 2014-2017 Genode Labs GmbH
*
* This file is distributed under the terms of the GNU General Public License
* version 2.
*/
#ifndef _TUNTAP_H_
#define _TUNTAP_H_
#include <base/stdint.h>
/**
* This class handles the TUN/TAP access from OpenVPN's side
*/
struct Tuntap_device
{
/**
* Read from TUN/TAP device
*/
virtual int read(char *buf, Genode::size_t len) = 0;
/**
* Write to TUN/TAP device
*/
virtual int write(char const *buf, Genode::size_t len) = 0;
/**
* Get file descriptor used to notify OpenVPN about incoming packets
*/
virtual int fd() = 0;
/**
* Start-up lock up
*/
virtual void up() = 0;
/**
* Start-up lock down
*/
virtual void down() = 0;
};
#endif /* _TUNTAP_H_ */