diff options
| author | Rene Ladan <rene@FreeBSD.org> | 2013-09-01 15:06:45 +0000 |
|---|---|---|
| committer | Rene Ladan <rene@FreeBSD.org> | 2013-09-01 15:06:45 +0000 |
| commit | 27abcfb125b957a3b2ea92c3a3447e162febcd88 (patch) | |
| tree | c3cd600bf732276ea53c01aeb9ac670282ee253b /security | |
| parent | fff0ec48b7d159a57542b153b21c286badc0987d (diff) | |
Notes
Diffstat (limited to 'security')
| -rw-r--r-- | security/Makefile | 1 | ||||
| -rw-r--r-- | security/openvpn22/Makefile | 129 | ||||
| -rw-r--r-- | security/openvpn22/distinfo | 2 | ||||
| -rw-r--r-- | security/openvpn22/files/openvpn.in | 125 | ||||
| -rw-r--r-- | security/openvpn22/files/patch-CVE-2013-2061 | 74 | ||||
| -rw-r--r-- | security/openvpn22/files/patch-selftest-ports | 26 | ||||
| -rw-r--r-- | security/openvpn22/files/patch-socket.h | 11 | ||||
| -rw-r--r-- | security/openvpn22/files/patch-syshead.h | 16 | ||||
| -rw-r--r-- | security/openvpn22/files/patch-t_cltsrv.sh | 21 | ||||
| -rw-r--r-- | security/openvpn22/files/pkg-message.in | 7 | ||||
| -rw-r--r-- | security/openvpn22/pkg-descr | 7 | ||||
| -rw-r--r-- | security/openvpn22/pkg-plist | 81 |
12 files changed, 0 insertions, 500 deletions
diff --git a/security/Makefile b/security/Makefile index f0799e5677f1..8d0c545a2e04 100644 --- a/security/Makefile +++ b/security/Makefile @@ -369,7 +369,6 @@ SUBDIR += openvpn-auth-radius SUBDIR += openvpn-beta SUBDIR += openvpn-devel - SUBDIR += openvpn22 SUBDIR += ophcrack SUBDIR += opieprint SUBDIR += orthrus diff --git a/security/openvpn22/Makefile b/security/openvpn22/Makefile deleted file mode 100644 index 76f75b66e4b2..000000000000 --- a/security/openvpn22/Makefile +++ /dev/null @@ -1,129 +0,0 @@ -# Created by: Matthias Andree <matthias.andree@gmx.de> -# $FreeBSD$ - -PORTNAME= openvpn -DISTVERSION= 2.2.2 -PORTREVISION= 2 -CATEGORIES= security net -# MASTER_SITES points to hosts in distinct data centers, -# so just one MASTER_SITES entry should be OK. -MASTER_SITES= http://swupdate.openvpn.net/community/releases/ \ - ${MASTER_SITE_LOCAL:S,$,mandree/,} - -MAINTAINER= mandree@FreeBSD.org -COMMENT= Secure IP/Ethernet tunnel daemon - -LICENSE= GPLv2 - -LATEST_LINK= openvpn22 -CONFLICTS_INSTALL= openvpn-devel-[0-9]* openvpn-2.[!2]* openvpn-beta-[0-9]* - -DEPRECATED= Please migrate to a newer OpenVPN version -EXPIRATION_DATE= 2013-09-01 - -NO_PACKAGE= do not build package for obsolete OpenVPN version - -PORTSCOUT= limit:^2\.2\. - -GNU_CONFIGURE= yes -USE_OPENSSL= yes -USE_XZ= yes -CONFIGURE_ARGS= --with-lzo-lib=${LOCALBASE}/lib \ - --with-lzo-headers=${LOCALBASE}/include - -OPTIONS_DEFINE= PW_SAVE PKCS11 -PW_SAVE_DESC= Interactive passwords may be read from a file -PKCS11_DESC= Use security/pkcs11-helper - -.include <bsd.port.options.mk> - -.if ${PORT_OPTIONS:MDOCS} -INSTALL_TARGET= install -.else -INSTALL_TARGET= install-exec install-man -.endif - -INSTALL_TARGET+= mandir=${MANPREFIX}/man -MAN8= openvpn.8 - -USE_RC_SUBR= openvpn -USE_LDCONFIG= ${PREFIX}/lib - -SUB_FILES= pkg-message -SUB_LIST+= OSVERSION=${OSVERSION} - -.include <bsd.port.pre.mk> - -.ifdef (LOG_OPENVPN) -CFLAGS+= -DLOG_OPENVPN=${LOG_OPENVPN} -.endif - -LIB_DEPENDS+= lzo2:${PORTSDIR}/archivers/lzo2 - -.if ${PORT_OPTIONS:MPW_SAVE} -CONFIGURE_ARGS+= --enable-password-save -.else -CONFIGURE_ARGS+= --disable-password-save -.endif - -.if ${PORT_OPTIONS:MPKCS11} -LIB_DEPENDS+= pkcs11-helper:${PORTSDIR}/security/pkcs11-helper -.else -CONFIGURE_ARGS+= --disable-pkcs11 -.endif - -post-patch: - @${FIND} ${WRKSRC}/easy-rsa/?.0 -type f \ - -exec ${REINPLACE_CMD} -e 's;#!/bin/bash;#!/bin/sh;' \ - -e 's,source ./vars,. ./vars,' \{\} + - @${FIND} ${WRKSRC}/plugin -name Makefile \ - -exec ${REINPLACE_CMD} -e 's;gcc;${CC};g' '{}' + - @${FIND} ${WRKSRC} \( -name \*.orig -o -name \*.bak \) -delete - -pre-configure: -.ifdef (LOG_OPENVPN) - @${ECHO} "Building with LOG_OPENVPN=${LOG_OPENVPN}" -.else - @${ECHO} "" - @${ECHO} "You may use the following build options:" - @${ECHO} "" - @${ECHO} " LOG_OPENVPN={Valid syslog facility, default LOG_DAEMON}" - @${ECHO} " EXAMPLE: make LOG_OPENVPN=LOG_DAEMON" - @${ECHO} "" -.endif - -post-build: - cd ${WRKSRC}/plugin/down-root && ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} ${MAKE_ARGS} - cd ${WRKSRC}/plugin/auth-pam && ${CC} ${CPPFLAGS} -I../.. -DDLOPEN_PAM=0 ${CFLAGS} -fPIC -shared -Wl,-soname,openvpn-auth-pam.so -o openvpn-auth-pam.so auth-pam.c pamdl.c -lc -lpam - @# self-tests here -.if !defined(WITHOUT_CHECK) - @${ECHO} ; ${ECHO} "### Note that you can skip these lengthy selftests with WITHOUT_CHECK=yes ###" ; ${ECHO} - cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} ${MAKE_ARGS} check -.endif - -post-install: - ${MKDIR} ${PREFIX}/lib - ${INSTALL_PROGRAM} ${WRKSRC}/plugin/down-root/openvpn-down-root.so ${PREFIX}/lib/ - ${INSTALL_PROGRAM} ${WRKSRC}/plugin/auth-pam/openvpn-auth-pam.so ${PREFIX}/lib/ -.if ${PORT_OPTIONS:MDOCS} - ${MKDIR} ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/plugin/down-root/README ${DOCSDIR}/README.openvpn-down-root - ${INSTALL_DATA} ${WRKSRC}/plugin/auth-pam/README ${DOCSDIR}/README.openvpn-auth-pam -.for docs in AUTHORS COPYING COPYRIGHT.GPL ChangeLog INSTALL \ - PORTS README - ${INSTALL_DATA} ${WRKSRC}/${docs} ${DOCSDIR}/ -.endfor -.for dir in easy-rsa easy-rsa/1.0 easy-rsa/2.0 sample-config-files - ${MKDIR} ${DOCSDIR}/${dir} - ${FIND} ${WRKSRC}/${dir}/ -maxdepth 1 -type f -exec ${INSTALL_DATA} \{\} ${DOCSDIR}/${dir} \; -.endfor -.for dir in sample-scripts - ${MKDIR} ${DOCSDIR}/${dir} - ${FIND} ${WRKSRC}/${dir}/ -maxdepth 1 -type f -exec ${INSTALL_SCRIPT} \{\} ${DOCSDIR}/${dir} \; -.endfor -.else - -@${RMDIR} ${DOCSDIR} -.endif - @${CAT} ${PKGMESSAGE} - -.include <bsd.port.post.mk> diff --git a/security/openvpn22/distinfo b/security/openvpn22/distinfo deleted file mode 100644 index a9bca63e4151..000000000000 --- a/security/openvpn22/distinfo +++ /dev/null @@ -1,2 +0,0 @@ -SHA256 (openvpn-2.2.2.tar.xz) = a694b9f661a0db30c048c94a4b4fc63d1460aea4dbc504a4f233f3c15997f4cd -SIZE (openvpn-2.2.2.tar.xz) = 649356 diff --git a/security/openvpn22/files/openvpn.in b/security/openvpn22/files/openvpn.in deleted file mode 100644 index f4f1dbdbb7ad..000000000000 --- a/security/openvpn22/files/openvpn.in +++ /dev/null @@ -1,125 +0,0 @@ -#!/bin/sh -# -# openvpn.sh - load tun/tap driver and start OpenVPN daemon -# -# (C) Copyright 2005 - 2008, 2010 by Matthias Andree -# based on suggestions by Matthias Grimm and Dirk Gouders -# with multi-instance contribution from Denis Shaposhnikov, Gleb Kozyrev -# and Vasil Dimov -# softrestart feature suggested by Nick Hibma -# -# $FreeBSD$ -# -# This program is free software; you can redistribute it and/or modify it under -# the terms of the GNU General Public License as published by the Free Software -# Foundation; either version 2 of the License, or (at your option) any later -# version. -# -# This program is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more -# details. -# -# You should have received a copy of the GNU General Public License along with -# this program; if not, write to the Free Software Foundation, Inc., 51 Franklin -# Street, Fifth Floor, Boston, MA 02110-1301, USA. - -# PROVIDE: openvpn -# REQUIRE: DAEMON -# KEYWORD: shutdown - -# ----------------------------------------------------------------------------- -# -# This script supports running multiple instances of openvpn. -# To run additional instances link this script to something like -# % ln -s openvpn openvpn_foo -# and define additional openvpn_foo_* variables in one of -# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/openvpn_foo -# -# Below NAME should be substituted with the name of this script. By default -# it is openvpn, so read as openvpn_enable. If you linked the script to -# openvpn_foo, then read as openvpn_foo_enable etc. -# -# The following variables are supported (defaults are shown). -# You can place them in any of -# /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/NAME -# -# NAME_enable="NO" # set to YES to enable openvpn -# NAME_if= # driver(s) to load, set to "tun", "tap" or "tun tap" -# # it is OK to specify the if_ prefix. -# -# # optional: -# NAME_flags= # additional command line arguments -# NAME_configfile="%%PREFIX%%/etc/openvpn/NAME.conf" # --config file -# NAME_dir="%%PREFIX%%/etc/openvpn" # --cd directory -# -# You also need to set NAME_configfile and NAME_dir, if the configuration -# file and directory where keys and certificates reside differ from the above -# settings. -# -# Note that we deliberately refrain from unloading drivers. -# -# For further documentation, please see openvpn(8). -# - -. /etc/rc.subr - -case "$0" in -/etc/rc*) - # during boot (shutdown) $0 is /etc/rc (/etc/rc.shutdown), - # so get the name of the script from $_file - name="$_file" - ;; -*) - name="$0" - ;; -esac - -name="${name##*/}" -rcvar=${name}_enable - -stop_postcmd() -{ - rm -f "$pidfile" || warn "Could not remove $pidfile." -} - -softrestart() -{ - sig_reload=USR1 run_rc_command reload - exit $? -} - -# reload: support SIGHUP to reparse configuration file -# softrestart: support SIGUSR1 to reconnect without superuser privileges -extra_commands="reload softrestart" -softrestart_cmd="softrestart" - -# pidfile -pidfile="/var/run/${name}.pid" - -# command and arguments -command="%%PREFIX%%/sbin/openvpn" - -# run this last -stop_postcmd="stop_postcmd" - -load_rc_config ${name} - -eval ": \${${name}_enable:=\"NO\"}" -eval ": \${${name}_configfile:=\"%%PREFIX%%/etc/openvpn/${name}.conf\"}" -eval ": \${${name}_dir:=\"%%PREFIX%%/etc/openvpn\"}" - -configfile="$(eval echo \${${name}_configfile})" -dir="$(eval echo \${${name}_dir})" -interfaces="$(eval echo \${${name}_if})" - -required_modules= -for i in $interfaces ; do - required_modules="$required_modules${required_modules:+" "}if_${i#if_}" -done - -required_files=${configfile} - -command_args="--cd ${dir} --daemon ${name} --config ${configfile} --writepid ${pidfile}" - -run_rc_command "$1" diff --git a/security/openvpn22/files/patch-CVE-2013-2061 b/security/openvpn22/files/patch-CVE-2013-2061 deleted file mode 100644 index fc622b37a131..000000000000 --- a/security/openvpn22/files/patch-CVE-2013-2061 +++ /dev/null @@ -1,74 +0,0 @@ -commit 11d21349a4e7e38a025849479b36ace7c2eec2ee -Author: Steffan Karger <steffan.karger@fox-it.com> -Date: Tue Mar 19 13:01:50 2013 +0100 - - Use constant time memcmp when comparing HMACs in openvpn_decrypt. - - Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> - Acked-by: Gert Doering <gert@greenie.muc.de> - Signed-off-by: Gert Doering <gert@greenie.muc.de> - -diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h -index 7cae733..93efb09 100644 ---- ./buffer.h~ -+++ ./buffer.h -@@ -668,6 +668,10 @@ buf_read_u32 (struct buffer *buf, bool *good) - } - } - -+/** -+ * Compare src buffer contents with match. -+ * *NOT* constant time. Do not use when comparing HMACs. -+ */ - static inline bool - buf_string_match (const struct buffer *src, const void *match, int size) - { -@@ -676,6 +680,10 @@ buf_string_match (const struct buffer *src, const void *match, int size) - return memcmp (BPTR (src), match, size) == 0; - } - -+/** -+ * Compare first size bytes of src buffer contents with match. -+ * *NOT* constant time. Do not use when comparing HMACs. -+ */ - static inline bool - buf_string_match_head (const struct buffer *src, const void *match, int size) - { -diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c -index 405c0aa..d9adf5b 100644 ---- ./crypto.c~ -+++ ./crypto.c -@@ -65,6 +65,24 @@ - #define CRYPT_ERROR(format) \ - do { msg (D_CRYPT_ERRORS, "%s: " format, error_prefix); goto error_exit; } while (false) - -+/** -+ * As memcmp(), but constant-time. -+ * Returns 0 when data is equal, non-zero otherwise. -+ */ -+static int -+memcmp_constant_time (const void *a, const void *b, size_t size) { -+ const uint8_t * a1 = a; -+ const uint8_t * b1 = b; -+ int ret = 0; -+ size_t i; -+ -+ for (i = 0; i < size; i++) { -+ ret |= *a1++ ^ *b1++; -+ } -+ -+ return ret; -+} -+ - void - openvpn_encrypt (struct buffer *buf, struct buffer work, - const struct crypto_options *opt, -@@ -244,7 +262,7 @@ openvpn_decrypt (struct buffer *buf, struct buffer work, - hmac_ctx_final (ctx->hmac, local_hmac); - - /* Compare locally computed HMAC with packet HMAC */ -- if (memcmp (local_hmac, BPTR (buf), hmac_len)) -+ if (memcmp_constant_time (local_hmac, BPTR (buf), hmac_len)) - CRYPT_ERROR ("packet HMAC authentication failed"); - - ASSERT (buf_advance (buf, hmac_len)); diff --git a/security/openvpn22/files/patch-selftest-ports b/security/openvpn22/files/patch-selftest-ports deleted file mode 100644 index 5e195261eecb..000000000000 --- a/security/openvpn22/files/patch-selftest-ports +++ /dev/null @@ -1,26 +0,0 @@ ---- sample-config-files/loopback-client.orig Mon Oct 16 00:30:20 2006 -+++ sample-config-files/loopback-client Wed Apr 4 00:51:31 2007 -@@ -9,8 +9,8 @@ - # ./openvpn --config sample-config-files/loopback-client (In one window) - # ./openvpn --config sample-config-files/loopback-server (Simultaneously in another window) - --rport 16000 --lport 16001 -+rport 16100 -+lport 16101 - remote localhost - local localhost - dev null ---- sample-config-files/loopback-server.orig Mon Oct 16 00:30:20 2006 -+++ sample-config-files/loopback-server Wed Apr 4 00:51:31 2007 -@@ -9,8 +9,8 @@ - # ./openvpn --config sample-config-files/loopback-client (In one window) - # ./openvpn --config sample-config-files/loopback-server (Simultaneously in another window) - --rport 16001 --lport 16000 -+rport 16101 -+lport 16100 - remote localhost - local localhost - dev null diff --git a/security/openvpn22/files/patch-socket.h b/security/openvpn22/files/patch-socket.h deleted file mode 100644 index 657069e17c3c..000000000000 --- a/security/openvpn22/files/patch-socket.h +++ /dev/null @@ -1,11 +0,0 @@ ---- ./socket.h.orig 2011-12-13 17:58:56.000000000 +0100 -+++ ./socket.h 2013-01-11 21:50:11.000000000 +0100 -@@ -225,7 +225,7 @@ - - #if PASSTOS_CAPABILITY - /* used to get/set TOS. */ -- uint8_t ptos; -+ int ptos; - bool ptos_defined; - #endif - diff --git a/security/openvpn22/files/patch-syshead.h b/security/openvpn22/files/patch-syshead.h deleted file mode 100644 index 8f050287569f..000000000000 --- a/security/openvpn22/files/patch-syshead.h +++ /dev/null @@ -1,16 +0,0 @@ -Work around "missing" TCP_NODELAY, -obtained from: http://community.openvpn.net/openvpn/ticket/158 - ---- ./syshead.h.orig 2012-11-22 13:07:51.000000000 +0100 -+++ ./syshead.h 2013-01-11 21:30:07.000000000 +0100 -@@ -298,6 +298,10 @@ - #include <netinet/ip.h> - #endif - -+#ifdef HAVE_NETINET_TCP_H -+#include <netinet/tcp.h> -+#endif -+ - #ifdef HAVE_NET_IF_TUN_H - #include <net/if_tun.h> - #endif diff --git a/security/openvpn22/files/patch-t_cltsrv.sh b/security/openvpn22/files/patch-t_cltsrv.sh deleted file mode 100644 index fbb05b3bd162..000000000000 --- a/security/openvpn22/files/patch-t_cltsrv.sh +++ /dev/null @@ -1,21 +0,0 @@ ---- ./t_cltsrv.sh.orig 2011-05-16 14:21:55.000000000 +0200 -+++ ./t_cltsrv.sh 2011-08-17 00:25:49.000000000 +0200 -@@ -26,14 +26,14 @@ - FreeBSD) - # FreeBSD jails map the outgoing IP to the jail IP - we need to - # allow the real IP unless we want the test to run forever. -- if test "`sysctl 2>/dev/null -n security.jail.jailed`" = 1 \ -- || ps -ostate= -p $$ | grep -q J; then -+ if true ; then - addopts="--float" - if test "x`ifconfig | grep inet`" = x ; then - echo "###" -- echo "### To run the test in a FreeBSD jail, you MUST add an IP alias for the jail's IP." -+ echo "### To run this test, it needs an inet/IP address. Skipping." - echo "###" -- exit 1 -+ trap 0 -+ exit 77 - fi - fi - ;; diff --git a/security/openvpn22/files/pkg-message.in b/security/openvpn22/files/pkg-message.in deleted file mode 100644 index 57da107dbe67..000000000000 --- a/security/openvpn22/files/pkg-message.in +++ /dev/null @@ -1,7 +0,0 @@ -### ------------------------------------------------------------------------ -### Edit /etc/rc.conf[.local] to start OpenVPN automatically at system -### startup. See %%PREFIX%%/etc/rc.d/openvpn for details. -### ------------------------------------------------------------------------ -### For compatibility notes when interoperating with older OpenVPN -### versions, please, see <http://openvpn.net/relnotes.html> -### ------------------------------------------------------------------------ diff --git a/security/openvpn22/pkg-descr b/security/openvpn22/pkg-descr deleted file mode 100644 index 751e62d362d1..000000000000 --- a/security/openvpn22/pkg-descr +++ /dev/null @@ -1,7 +0,0 @@ -OpenVPN is a robust, scalable and highly configurable VPN (Virtual Private -Network) daemon which can be used to securely link two or more private networks -using an encrypted tunnel over the internet. It can operate over UDP or TCP, -can use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one -server can handle many clients. - -WWW: http://openvpn.net/index.php/open-source.html diff --git a/security/openvpn22/pkg-plist b/security/openvpn22/pkg-plist deleted file mode 100644 index 7200816ad93e..000000000000 --- a/security/openvpn22/pkg-plist +++ /dev/null @@ -1,81 +0,0 @@ -sbin/openvpn -lib/openvpn-auth-pam.so -lib/openvpn-down-root.so -%%PORTDOCS%%%%DOCSDIR%%/AUTHORS -%%PORTDOCS%%%%DOCSDIR%%/COPYING -%%PORTDOCS%%%%DOCSDIR%%/COPYRIGHT.GPL -%%PORTDOCS%%%%DOCSDIR%%/ChangeLog -%%PORTDOCS%%%%DOCSDIR%%/INSTALL -%%PORTDOCS%%%%DOCSDIR%%/PORTS -%%PORTDOCS%%%%DOCSDIR%%/README -%%PORTDOCS%%%%DOCSDIR%%/README.openvpn-auth-pam -%%PORTDOCS%%%%DOCSDIR%%/README.openvpn-down-root -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/README -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-ca -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-dh -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-inter -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-key -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-key-pass -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-key-pkcs12 -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-key-server -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-req -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/build-req-pass -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/clean-all -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/list-crl -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/make-crl -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/openssl.cnf -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/revoke-crt -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/revoke-full -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/sign-req -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/1.0/vars -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/Makefile -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/README -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-ca -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-dh -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-inter -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-key -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-key-pass -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-key-pkcs12 -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-key-server -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-req -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/build-req-pass -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/clean-all -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/inherit-inter -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/list-crl -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/openssl-0.9.6.cnf -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/openssl-0.9.8.cnf -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/openssl-1.0.0.cnf -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/pkitool -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/revoke-full -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/sign-req -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/vars -%%PORTDOCS%%%%DOCSDIR%%/easy-rsa/2.0/whichopensslcnf -%%PORTDOCS%%%%DOCSDIR%%/management-notes.txt -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/README -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/client.conf -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/firewall.sh -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/home.up -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/loopback-client -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/loopback-server -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/office.up -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/openvpn-shutdown.sh -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/openvpn-startup.sh -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/server.conf -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/static-home.conf -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/static-office.conf -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/tls-home.conf -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/tls-office.conf -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/xinetd-client-config -%%PORTDOCS%%%%DOCSDIR%%/sample-config-files/xinetd-server-config -%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/auth-pam.pl -%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/bridge-start -%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/bridge-stop -%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/openvpn.init -%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/ucn.pl -%%PORTDOCS%%%%DOCSDIR%%/sample-scripts/verify-cn -%%PORTDOCS%%@dirrm %%DOCSDIR%%/sample-scripts -%%PORTDOCS%%@dirrm %%DOCSDIR%%/sample-config-files -%%PORTDOCS%%@dirrm %%DOCSDIR%%/easy-rsa/2.0 -%%PORTDOCS%%@dirrm %%DOCSDIR%%/easy-rsa/1.0 -%%PORTDOCS%%@dirrm %%DOCSDIR%%/easy-rsa -%%PORTDOCS%%@dirrm %%DOCSDIR%% |