openvpn: remove

This will be moved to packages.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Paul Spooren <mail@aparcar.org>

6 files changed, 0 insertions, 299 deletions

diff --git a/package/network/services/openvpn/patches/001-reproducible-remove_DATE.patch b/package/network/services/openvpn/patches/001-reproducible-remove_DATE.patch
deleted file mode 100644
index 101fa12ba2..0000000000
--- a/package/network/services/openvpn/patches/001-reproducible-remove_DATE.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/src/openvpn/options.c
-+++ b/src/openvpn/options.c
-@@ -106,7 +106,6 @@ const char title_string[] =
- #ifdef HAVE_AEAD_CIPHER_MODES
-     " [AEAD]"
- #endif
--    " built on " __DATE__
- ;
- 
- #ifndef ENABLE_SMALL
diff --git a/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch b/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
deleted file mode 100644
index cb16a906fe..0000000000
--- a/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/src/openvpn/ssl_mbedtls.c
-+++ b/src/openvpn/ssl_mbedtls.c
-@@ -1415,7 +1415,7 @@ const char *
- get_ssl_library_version(void)
- {
-     static char mbedtls_version[30];
--    unsigned int pv = mbedtls_version_get_number();
-+    unsigned int pv = MBEDTLS_VERSION_NUMBER;
-     sprintf( mbedtls_version, "mbed TLS %d.%d.%d",
-              (pv>>24)&0xff, (pv>>16)&0xff, (pv>>8)&0xff );
-     return mbedtls_version;
diff --git a/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch b/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch
deleted file mode 100644
index c7faf7c0c0..0000000000
--- a/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From 17a476fd5c8cc49f1d103a50199e87ede76b1b67 Mon Sep 17 00:00:00 2001
-From: Steffan Karger <steffan@karger.me>
-Date: Sun, 26 Nov 2017 16:04:00 +0100
-Subject: [PATCH] openssl: don't use deprecated SSLEAY/SSLeay symbols
-
-Compiling our current master against OpenSSL 1.1 with
--DOPENSSL_API_COMPAT=0x10100000L screams bloody murder.  This patch fixes
-the errors about the deprecated SSLEAY/SSLeay symbols and defines.
-
-Signed-off-by: Steffan Karger <steffan@karger.me>
-Acked-by: Gert Doering <gert@greenie.muc.de>
-Message-Id: <20171126150401.28565-1-steffan@karger.me>
-URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15934.html
-Signed-off-by: Gert Doering <gert@greenie.muc.de>
----
- configure.ac                 | 1 +
- src/openvpn/openssl_compat.h | 8 ++++++++
- src/openvpn/ssl_openssl.c    | 2 +-
- 3 files changed, 10 insertions(+), 1 deletion(-)
-
---- a/configure.ac
-+++ b/configure.ac
-@@ -904,6 +904,7 @@ if test "${enable_crypto}" = "yes" -a "$
- 			EVP_MD_CTX_free \
- 			EVP_MD_CTX_reset \
- 			EVP_CIPHER_CTX_reset \
-+			OpenSSL_version \
- 			SSL_CTX_get_default_passwd_cb \
- 			SSL_CTX_get_default_passwd_cb_userdata \
- 			SSL_CTX_set_security_level \
---- a/src/openvpn/openssl_compat.h
-+++ b/src/openvpn/openssl_compat.h
-@@ -689,6 +689,14 @@ EC_GROUP_order_bits(const EC_GROUP *grou
- #endif
- 
- /* SSLeay symbols have been renamed in OpenSSL 1.1 */
-+#ifndef OPENSSL_VERSION
-+#define OPENSSL_VERSION SSLEAY_VERSION
-+#endif
-+
-+#ifndef HAVE_OPENSSL_VERSION
-+#define OpenSSL_version SSLeay_version
-+#endif
-+
- #if !defined(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT)
- #define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT       RSA_F_RSA_EAY_PRIVATE_ENCRYPT
- #endif
---- a/src/openvpn/ssl_openssl.c
-+++ b/src/openvpn/ssl_openssl.c
-@@ -2008,7 +2008,7 @@ get_highest_preference_tls_cipher(char *
- const char *
- get_ssl_library_version(void)
- {
--    return SSLeay_version(SSLEAY_VERSION);
-+    return OpenSSL_version(OPENSSL_VERSION);
- }
- 
- #endif /* defined(ENABLE_CRYPTO) && defined(ENABLE_CRYPTO_OPENSSL) */
diff --git a/package/network/services/openvpn/patches/111-openssl-add-missing-include-statements.patch b/package/network/services/openvpn/patches/111-openssl-add-missing-include-statements.patch
deleted file mode 100644
index 6a62b16500..0000000000
--- a/package/network/services/openvpn/patches/111-openssl-add-missing-include-statements.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-From 1987498271abadf042d8bb3feee1fe0d877a9d55 Mon Sep 17 00:00:00 2001
-From: Steffan Karger <steffan@karger.me>
-Date: Sun, 26 Nov 2017 16:49:12 +0100
-Subject: [PATCH] openssl: add missing #include statements
-
-Compiling our current master against OpenSSL 1.1 with
--DOPENSSL_API_COMPAT=0x10100000L screams bloody murder.  This patch fixes
-the errors caused by missing includes.  Previous openssl versions would
-usually include 'the rest of the world', but they're fixing that.  So we
-should no longer rely on it.
-
-(And sneaking in alphabetic ordering of the includes while touching them.)
-
-Signed-off-by: Steffan Karger <steffan@karger.me>
-Acked-by: Gert Doering <gert@greenie.muc.de>
-Message-Id: <20171126154912.13283-1-steffan@karger.me>
-URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15936.html
-Signed-off-by: Gert Doering <gert@greenie.muc.de>
----
- src/openvpn/openssl_compat.h     | 1 +
- src/openvpn/ssl_openssl.c        | 6 +++++-
- src/openvpn/ssl_verify_openssl.c | 3 ++-
- 3 files changed, 8 insertions(+), 2 deletions(-)
-
---- a/src/openvpn/openssl_compat.h
-+++ b/src/openvpn/openssl_compat.h
-@@ -42,6 +42,7 @@
- 
- #include "buffer.h"
- 
-+#include <openssl/rsa.h>
- #include <openssl/ssl.h>
- #include <openssl/x509.h>
- 
---- a/src/openvpn/ssl_openssl.c
-+++ b/src/openvpn/ssl_openssl.c
-@@ -52,10 +52,14 @@
- 
- #include "ssl_verify_openssl.h"
- 
-+#include <openssl/bn.h>
-+#include <openssl/crypto.h>
-+#include <openssl/dh.h>
-+#include <openssl/dsa.h>
- #include <openssl/err.h>
- #include <openssl/pkcs12.h>
-+#include <openssl/rsa.h>
- #include <openssl/x509.h>
--#include <openssl/crypto.h>
- #ifndef OPENSSL_NO_EC
- #include <openssl/ec.h>
- #endif
---- a/src/openvpn/ssl_verify_openssl.c
-+++ b/src/openvpn/ssl_verify_openssl.c
-@@ -44,8 +44,9 @@
- #include "ssl_verify_backend.h"
- #include "openssl_compat.h"
- 
--#include <openssl/x509v3.h>
-+#include <openssl/bn.h>
- #include <openssl/err.h>
-+#include <openssl/x509v3.h>
- 
- int
- verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
diff --git a/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch b/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch
deleted file mode 100644
index 5cf5174a9d..0000000000
--- a/package/network/services/openvpn/patches/210-build_always_use_internal_lz4.patch
+++ /dev/null
@@ -1,74 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -1080,68 +1080,15 @@ dnl
- AC_ARG_VAR([LZ4_CFLAGS], [C compiler flags for lz4])
- AC_ARG_VAR([LZ4_LIBS], [linker flags for lz4])
- if test "$enable_lz4" = "yes" && test "$enable_comp_stub" = "no"; then
--    if test -z "${LZ4_CFLAGS}" -a -z "${LZ4_LIBS}"; then
--	# if the user did not explicitly specify flags, try to autodetect
--	PKG_CHECK_MODULES([LZ4],
--			  [liblz4 >= 1.7.1 liblz4 < 100],
--			  [have_lz4="yes"],
--			  [LZ4_LIBS="-llz4"] # If this fails, we will do another test next.
--					     # We also add set LZ4_LIBS otherwise the
--					     # linker will not know about the lz4 library
--	)
--    fi
- 
-     saved_CFLAGS="${CFLAGS}"
-     saved_LIBS="${LIBS}"
-     CFLAGS="${CFLAGS} ${LZ4_CFLAGS}"
-     LIBS="${LIBS} ${LZ4_LIBS}"
- 
--    # If pkgconfig check failed or LZ4_CFLAGS/LZ4_LIBS env vars
--    # are used, check the version directly in the LZ4 include file
--    if test "${have_lz4}" != "yes"; then
--	AC_CHECK_HEADERS([lz4.h],
--			 [have_lz4h="yes"],
--			 [])
--
--	if test "${have_lz4h}" = "yes" ; then
--	    AC_MSG_CHECKING([additionally if system LZ4 version >= 1.7.1])
--	    AC_COMPILE_IFELSE(
--		[AC_LANG_PROGRAM([[
--#include <lz4.h>
--				 ]],
--				 [[
--/* Version encoding: MMNNPP (Major miNor Patch) - see lz4.h for details */
--#if LZ4_VERSION_NUMBER < 10701L
--#error LZ4 is too old
--#endif
--				 ]]
--				)],
--		[
--		    AC_MSG_RESULT([ok])
--		    have_lz4="yes"
--		],
--		[AC_MSG_RESULT([system LZ4 library is too old])]
--	    )
--	fi
--    fi
--
--    # Double check we have a few needed functions
--    if test "${have_lz4}" = "yes" ; then
--	AC_CHECK_LIB([lz4],
--		     [LZ4_compress_default],
--		     [],
--		     [have_lz4="no"])
--	AC_CHECK_LIB([lz4],
--		     [LZ4_decompress_safe],
--		     [],
--		     [have_lz4="no"])
--    fi
--
--    if test "${have_lz4}" != "yes" ; then
--	AC_MSG_RESULT([		usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
--	AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
--	LZ4_LIBS=""
--    fi
-+    AC_MSG_RESULT([		usable LZ4 library or header not found, using version in src/compat/compat-lz4.*])
-+    AC_DEFINE([NEED_COMPAT_LZ4], [1], [use copy of LZ4 source in compat/])
-+    LZ4_LIBS=""
-     OPTIONAL_LZ4_CFLAGS="${LZ4_CFLAGS}"
-     OPTIONAL_LZ4_LIBS="${LZ4_LIBS}"
-     AC_DEFINE(ENABLE_LZ4, [1], [Enable LZ4 compression library])
diff --git a/package/network/services/openvpn/patches/220-disable_des.patch b/package/network/services/openvpn/patches/220-disable_des.patch
deleted file mode 100644
index 2b8f47a802..0000000000
--- a/package/network/services/openvpn/patches/220-disable_des.patch
+++ /dev/null
@@ -1,81 +0,0 @@
---- a/src/openvpn/syshead.h
-+++ b/src/openvpn/syshead.h
-@@ -597,11 +597,11 @@ socket_defined(const socket_descriptor_t
- /*
-  * Should we include NTLM proxy functionality
-  */
--#if defined(ENABLE_CRYPTO)
--#define NTLM 1
--#else
-+//#if defined(ENABLE_CRYPTO)
-+//#define NTLM 1
-+//#else
- #define NTLM 0
--#endif
-+//#endif
- 
- /*
-  * Should we include proxy digest auth functionality
---- a/src/openvpn/crypto_mbedtls.c
-+++ b/src/openvpn/crypto_mbedtls.c
-@@ -319,6 +319,7 @@ int
- key_des_num_cblocks(const mbedtls_cipher_info_t *kt)
- {
-     int ret = 0;
-+#ifdef MBEDTLS_DES_C
-     if (kt->type == MBEDTLS_CIPHER_DES_CBC)
-     {
-         ret = 1;
-@@ -331,6 +332,7 @@ key_des_num_cblocks(const mbedtls_cipher
-     {
-         ret = 3;
-     }
-+#endif
- 
-     dmsg(D_CRYPTO_DEBUG, "CRYPTO INFO: n_DES_cblocks=%d", ret);
-     return ret;
-@@ -339,6 +341,7 @@ key_des_num_cblocks(const mbedtls_cipher
- bool
- key_des_check(uint8_t *key, int key_len, int ndc)
- {
-+#ifdef MBEDTLS_DES_C
-     int i;
-     struct buffer b;
- 
-@@ -367,11 +370,15 @@ key_des_check(uint8_t *key, int key_len,
- 
- err:
-     return false;
-+#else
-+    return true;
-+#endif
- }
- 
- void
- key_des_fixup(uint8_t *key, int key_len, int ndc)
- {
-+#ifdef MBEDTLS_DES_C
-     int i;
-     struct buffer b;
- 
-@@ -386,6 +393,7 @@ key_des_fixup(uint8_t *key, int key_len,
-         }
-         mbedtls_des_key_set_parity(key);
-     }
-+#endif
- }
- 
- /*
-@@ -705,10 +713,12 @@ cipher_des_encrypt_ecb(const unsigned ch
-                        unsigned char *src,
-                        unsigned char *dst)
- {
-+#ifdef MBEDTLS_DES_C
-     mbedtls_des_context ctx;
- 
-     ASSERT(mbed_ok(mbedtls_des_setkey_enc(&ctx, key)));
-     ASSERT(mbed_ok(mbedtls_des_crypt_ecb(&ctx, src, dst)));
-+#endif
- }
- 
-