##
##  openvpn.spec -- OpenPKG RPM Package Specification
##  Copyright (c) 2000-2006 OpenPKG Foundation e.V. <http://openpkg.net/>
##  Copyright (c) 2000-2006 Ralf S. Engelschall <http://engelschall.com/>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

#   package version
%define       V_dist 2.0.7
%define       V_opkg 2.0.7

#   package information
Name:         openvpn
Summary:      Virtual Private Network Facility
URL:          http://openvpn.sourceforge.net/
Vendor:       James Yonan
Packager:     OpenPKG
Distribution: OpenPKG
Class:        PLUS
Group:        Network
License:      GPL
Version:      %{V_opkg}
Release:      20060412

#   package options
%option       with_fsl  yes

#   list of sources
Source0:      http://openvpn.net/release/openvpn-%{V_dist}.tar.gz
Source1:      rc.openvpn
Source2:      fsl.openvpn
Source3:      openvpn.conf
Patch0:       openvpn.patch

#   build information
Prefix:       %{l_prefix}
BuildRoot:    %{l_buildroot}
BuildPreReq:  OpenPKG, openpkg >= 20040130
PreReq:       OpenPKG, openpkg >= 20040130, perl
BuildPreReq:  openssl, lzo >= 1.08
PreReq:       openssl, lzo >= 1.08
%if "%{with_fsl}" == "yes"
BuildPreReq:  fsl >= 1.3.0
PreReq:       fsl >= 1.3.0
%endif
AutoReq:      no
AutoReqProv:  no

%description
    OpenVPN is a robust and highly configurable VPN (Virtual Private
    Network) daemon which can be used to securely link two or more
    private networks using an encrypted tunnel over the internet.

%track
    prog openvpn = {
        version   = %{V_dist}
        url       = http://openvpn.net/release/
        regex     = openvpn-(\d+\.\d+(\.\d+)*)\.tar\.gz
    }

%prep
    %setup -q -n openvpn-%{V_dist}
    %patch -p0

%build
    #   configure program
    CC="%{l_cc}" \
    CFLAGS="%{l_cflags -O}" \
    CPPFLAGS="%{l_cppflags lzo openssl}" \
    LDFLAGS="%{l_ldflags} %{l_fsl_ldflags}" \
    LIBS="%{l_fsl_libs}" \
    ./configure \
        --prefix=%{l_prefix} \
        --with-ssl-headers=%{l_prefix}/include/openssl \
        --with-ssl-lib=%{l_prefix}/lib \
        --with-lzo-headers=%{l_prefix}/include/lzo \
        --with-lzo-lib=%{l_prefix}/lib

    #   build program
    %{l_make} %{l_mflags -O}

%install
    #   install program
    rm -rf $RPM_BUILD_ROOT
    %{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT"

    #   strip down installation files
    strip $RPM_BUILD_ROOT%{l_prefix}/sbin/* >/dev/null 2>&1 || true

    #   install additional files
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        -e 's;/usr/bin/perl;%{l_prefix}/bin/perl;' \
        sample-scripts/verify-cn $RPM_BUILD_ROOT%{l_prefix}/sbin/openvpn-verify-cn
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/man/cat8
    %{l_shtool} install -c -m 644 \
        management/management-notes.txt $RPM_BUILD_ROOT%{l_prefix}/man/cat8/openvpn-management.8

    #   install run-command script
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        %{SOURCE rc.openvpn} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/

    #   install default config file
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/openvpn
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE openvpn.conf} \
        $RPM_BUILD_ROOT%{l_prefix}/etc/openvpn/

    #   install OSSP fsl configuration
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/fsl
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE fsl.openvpn} \
        $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/

    #   create run-time directory
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/var/openvpn

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%not %dir %{l_prefix}/etc/fsl' \
        '%config %{l_prefix}/etc/fsl/fsl.openvpn' \
        '%config %{l_prefix}/etc/openvpn/openvpn.conf'

%files -f files

%clean
    rm -rf $RPM_BUILD_ROOT

%post
    #   on initial install, create a sample shared key
    if [ $1 -eq 1 ]; then
        if [ ! -f $RPM_INSTALL_PREFIX/etc/openvpn/openvpn.dh ]; then
            $RPM_INSTALL_PREFIX/bin/openssl dhparam \
                -out $RPM_INSTALL_PREFIX/etc/openvpn/openvpn.dh 1024
        fi
        if [ ! -f $RPM_INSTALL_PREFIX/etc/openvpn/openvpn.key ]; then
            $RPM_INSTALL_PREFIX/sbin/openvpn \
                --genkey --secret $RPM_INSTALL_PREFIX/etc/openvpn/openvpn.key
        fi
    fi

    #   after upgrade, restart service
    [ $1 -eq 2 ] || exit 0
    eval `%{l_rc} openvpn status 2>/dev/null`
    [ ".$openvpn_active" = .yes ] && %{l_rc} openvpn restart
    exit 0

%preun
    #   before erase, stop service and remove log files
    [ $1 -eq 0 ] || exit 0
    %{l_rc} openvpn stop 2>/dev/null
    rm -f $RPM_INSTALL_PREFIX/var/openvpn/*.log*   >/dev/null 2>&1 || true
    rm -f $RPM_INSTALL_PREFIX/var/openvpn/*.status >/dev/null 2>&1 || true
    exit 0