Bug 10036 - Compile additional option --enable-password-save to openvpn binary
Summary: Compile additional option --enable-password-save to openvpn binary
Alias: None
Product: IPFire
Classification: Unclassified
Component: openvpn (show other bugs)
Version: 2
Hardware: unspecified Unspecified
: - Unknown - - Unknown -
Assignee: Michael Tremer
QA Contact:
Depends on:
Reported: 2012-02-20 10:45 UTC by Erik Kapfer
Modified: 2012-05-15 23:09 UTC (History)
1 user (show)

See Also:

Diff from the openvpn lfs file (1.25 KB, application/octet-stream)
2012-02-20 10:45 UTC, Erik Kapfer
The patch for lfs/openvpn (1.80 KB, application/octet-stream)
2012-02-24 11:06 UTC, Erik Kapfer
Patch for the openvpn rootfile (501 bytes, application/octet-stream)
2012-02-24 11:07 UTC, Erik Kapfer

Note You need to log in before you can comment on or make changes to this bug.
Description Erik Kapfer 2012-02-20 10:45:39 UTC
Created attachment 20 [details]
Diff from the openvpn lfs file

Regarding to a thread in the forum (--> http://forum.ipfire.org/index.php/topic,5995.msg41498/topicseen.html#msg41498) i have compiled now the new version 2.2.2 of the openvpn binary (change log information from OpenVPN http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html ) with an additional option called --enable-password-save. With this option it is possible to use alternative authentication methods --> http://openvpn.net/index.php/open-source/documentation/howto.html#auth .
I modified therefor the openvpn lfs file, i downloaded the newest openvpn version http://swupdate.openvpn.org/community/releases/openvpn-2.2.2.tar.gz and compiled it. 
To get a better clarity in the ovpn directory, i created also a new directory called "scripts" in /var/ipfire/ovpn, cause the new option needs scripts to execute the authentication.

For an overview of the changes i made a diff, which is findable in the attachment.

Best regards

Comment 1 Michael Tremer 2012-02-20 11:25:28 UTC
To merge the changes an update of the openvpn rootfile is missing.

We could target this change for core update 58.
Comment 2 Erik Kapfer 2012-02-24 11:06:40 UTC
Created attachment 23 [details]
The patch for lfs/openvpn
Comment 3 Erik Kapfer 2012-02-24 11:07:08 UTC
Created attachment 24 [details]
Patch for the openvpn rootfile
Comment 4 Erik Kapfer 2012-02-24 11:15:56 UTC
Hello Michael,
i have modified now also some other things in the openvpn/lfs. I added a new directory under /usr/lib named openvpn. This is the plugin directory, i thought this might be a good idea cause OpenVPN have a lot of plugins.

Also the existing plugins down-root.so and auth-pam.so are copied to this directory.

The next thing i created a scripts folder under /var/ipfire/ovpn. The new --enable-password-save function can requires scripts, also the down-root.so works with an up/down script, so for a better overview i created this directory with root.root 755 .

As mentioned above i used the new openvpn-2.2.2.tar.gz from http://openvpn.net/index.php/download.html where the change log for 2.2.2 can also be overviewed

The patch for openvpn/lfs and the rootfile are attached

Best regards

Comment 5 Erik Kapfer 2012-02-24 12:20:39 UTC
If have seen there is one line in the LFS file too much 
chmod 755 /usr/lib/openvpn
one time is enough :-)

Comment 6 Michael Tremer 2012-02-24 21:01:34 UTC
So why did the path of the plugins change?
Comment 7 Erik Kapfer 2012-02-25 07:37:18 UTC
I have copied them in there cause of a previouse thread http://forum.ipfire.org/index.php/topic,4521.msg33496.html#msg33496 where we spoke also about that. I think this path is also in other distributions well known.
Comment 8 Michael Tremer 2012-02-25 11:43:50 UTC
I really like the plugins in /usr. That's where they should have been in the frist place. But we need to check if it does not break anything.

I will merge these patches as soon as possible.
Comment 10 Erik Kapfer 2012-02-29 11:15:40 UTC
Hi Michael,
i have compiled it now also with your modified lfs file and after a few tests it works quiet round for me.
Comment 11 Michael Tremer 2012-05-15 23:09:22 UTC
Released with Core Update 58.