summaryrefslogtreecommitdiffstats
path: root/distro
diff options
context:
space:
mode:
authorAlon Bar-Lev <alon.barlev@gmail.com>2012-02-29 22:11:59 +0200
committerDavid Sommerseth <davids@redhat.com>2012-03-22 22:07:08 +0100
commit34cb9132ef2dae08f91a66015ea5437539a4b557 (patch)
treeedd69bb83cc490a47692cb847d066231cd6146fd /distro
parentfcff80aac1f71ebf881fbc269fb3c4df0789de6b (diff)
downloadopenvpn-34cb9132ef2dae08f91a66015ea5437539a4b557.zip
openvpn-34cb9132ef2dae08f91a66015ea5437539a4b557.tar.gz
openvpn-34cb9132ef2dae08f91a66015ea5437539a4b557.tar.xz
build: standard directory layout
Suitable for mature project. root - administrative stuff doc - documents src - sources tests - tests distro - distro specific files sample - samples SIDE EFFECT: many changes to rpm spec. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Adriaan de Jong <dejong@fox-it.com> Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'distro')
-rw-r--r--distro/Makefile.am15
-rw-r--r--distro/rpm/Makefile.am18
-rwxr-xr-xdistro/rpm/openvpn.init.d.rhel244
-rw-r--r--distro/rpm/openvpn.init.d.suse264
-rw-r--r--distro/rpm/openvpn.spec.in287
5 files changed, 828 insertions, 0 deletions
diff --git a/distro/Makefile.am b/distro/Makefile.am
new file mode 100644
index 0000000..2dd6a6e
--- /dev/null
+++ b/distro/Makefile.am
@@ -0,0 +1,15 @@
+#
+# OpenVPN -- An application to securely tunnel IP networks
+# over a single UDP port, with support for SSL/TLS-based
+# session authentication and key exchange,
+# packet encryption, packet authentication, and
+# packet compression.
+#
+# Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
+# Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com>
+#
+
+MAINTAINERCLEANFILES = \
+ $(srcdir)/Makefile.in
+
+SUBDIRS = rpm
diff --git a/distro/rpm/Makefile.am b/distro/rpm/Makefile.am
new file mode 100644
index 0000000..536061d
--- /dev/null
+++ b/distro/rpm/Makefile.am
@@ -0,0 +1,18 @@
+#
+# OpenVPN -- An application to securely tunnel IP networks
+# over a single UDP port, with support for SSL/TLS-based
+# session authentication and key exchange,
+# packet encryption, packet authentication, and
+# packet compression.
+#
+# Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
+# Copyright (C) 2006-2012 Alon Bar-Lev <alon.barlev@gmail.com>
+#
+
+MAINTAINERCLEANFILES = \
+ $(srcdir)/Makefile.in
+
+dist_noinst_DATA = \
+ openvpn.spec \
+ openvpn.init.d.rhel \
+ openvpn.init.d.suse
diff --git a/distro/rpm/openvpn.init.d.rhel b/distro/rpm/openvpn.init.d.rhel
new file mode 100755
index 0000000..821abd5
--- /dev/null
+++ b/distro/rpm/openvpn.init.d.rhel
@@ -0,0 +1,244 @@
+#!/bin/sh
+#
+# openvpn This shell script takes care of starting and stopping
+# openvpn on RedHat or other chkconfig-based system.
+#
+# chkconfig: 345 24 76
+#
+# description: OpenVPN is a robust and highly flexible tunneling application \
+# that uses all of the encryption, authentication, and \
+# certification features of the OpenSSL library to securely \
+# tunnel IP networks over a single UDP port.
+#
+
+# Contributed to the OpenVPN project by
+# Douglas Keller <doug@voidstar.dyndns.org>
+# 2002.05.15
+
+# To install:
+# copy this file to /etc/rc.d/init.d/openvpn
+# shell> chkconfig --add openvpn
+# shell> mkdir /etc/openvpn
+# make .conf or .sh files in /etc/openvpn (see below)
+
+# To uninstall:
+# run: chkconfig --del openvpn
+
+# Author's Notes:
+#
+# I have created an /etc/init.d init script and enhanced openvpn.spec to
+# automatically register the init script. Once the RPM is installed you
+# can start and stop OpenVPN with "service openvpn start" and "service
+# openvpn stop".
+#
+# The init script does the following:
+#
+# - Starts an openvpn process for each .conf file it finds in
+# /etc/openvpn.
+#
+# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
+# it before starting openvpn (useful for doing openvpn --mktun...).
+#
+# - In addition to start/stop you can do:
+#
+# service openvpn reload - SIGHUP
+# service openvpn reopen - SIGUSR1
+# service openvpn status - SIGUSR2
+#
+# Modifications:
+#
+# 2003.05.02
+# * Changed == to = for sh compliance (Bishop Clark).
+# * If condrestart|reload|reopen|status, check that we were
+# actually started (James Yonan).
+# * Added lock, piddir, and work variables (James Yonan).
+# * If start is attempted twice, without an intervening stop, or
+# if start is attempted when previous start was not properly
+# shut down, then kill any previously started processes, before
+# commencing new start operation (James Yonan).
+# * Do a better job of flagging errors on start, and properly
+# returning success or failure status to caller (James Yonan).
+#
+# 2005.04.04
+# * Added openvpn-startup and openvpn-shutdown script calls
+# (James Yonan).
+#
+
+# Location of openvpn binary
+openvpn=""
+openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn"
+for location in $openvpn_locations
+do
+ if [ -f "$location" ]
+ then
+ openvpn=$location
+ fi
+done
+
+# Lockfile
+lock="/var/lock/subsys/openvpn"
+
+# PID directory
+piddir="/var/run/openvpn"
+
+# Our working directory
+work=/etc/openvpn
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+# Check that networking is up.
+if [ ${NETWORKING} = "no" ]
+then
+ echo "Networking is down"
+ exit 0
+fi
+
+# Check that binary exists
+if ! [ -f $openvpn ]
+then
+ echo "openvpn binary not found"
+ exit 0
+fi
+
+# See how we were called.
+case "$1" in
+ start)
+ echo -n $"Starting openvpn: "
+
+ /sbin/modprobe tun >/dev/null 2>&1
+
+ # From a security perspective, I think it makes
+ # sense to remove this, and have users who need
+ # it explictly enable in their --up scripts or
+ # firewall setups.
+
+ #echo 1 > /proc/sys/net/ipv4/ip_forward
+
+ # Run startup script, if defined
+ if [ -f $work/openvpn-startup ]; then
+ $work/openvpn-startup
+ fi
+
+ if [ ! -d $piddir ]; then
+ mkdir $piddir
+ fi
+
+ if [ -f $lock ]; then
+ # we were not shut down correctly
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill `cat $pidf` >/dev/null 2>&1
+ fi
+ rm -f $pidf
+ done
+ rm -f $lock
+ sleep 2
+ fi
+
+ rm -f $piddir/*.pid
+ cd $work
+
+ # Start every .conf in $work and run .sh if exists
+ errors=0
+ successes=0
+ for c in `/bin/ls *.conf 2>/dev/null`; do
+ bn=${c%%.conf}
+ if [ -f "$bn.sh" ]; then
+ . $bn.sh
+ fi
+ rm -f $piddir/$bn.pid
+ $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work
+ if [ $? = 0 ]; then
+ successes=1
+ else
+ errors=1
+ fi
+ done
+
+ if [ $errors = 1 ]; then
+ failure; echo
+ else
+ success; echo
+ fi
+
+ if [ $successes = 1 ]; then
+ touch $lock
+ fi
+ ;;
+ stop)
+ echo -n $"Shutting down openvpn: "
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill `cat $pidf` >/dev/null 2>&1
+ fi
+ rm -f $pidf
+ done
+
+ # Run shutdown script, if defined
+ if [ -f $work/openvpn-shutdown ]; then
+ $work/openvpn-shutdown
+ fi
+
+ success; echo
+ rm -f $lock
+ ;;
+ restart)
+ $0 stop
+ sleep 2
+ $0 start
+ ;;
+ reload)
+ if [ -f $lock ]; then
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill -HUP `cat $pidf` >/dev/null 2>&1
+ fi
+ done
+ else
+ echo "openvpn: service not started"
+ exit 1
+ fi
+ ;;
+ reopen)
+ if [ -f $lock ]; then
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill -USR1 `cat $pidf` >/dev/null 2>&1
+ fi
+ done
+ else
+ echo "openvpn: service not started"
+ exit 1
+ fi
+ ;;
+ condrestart)
+ if [ -f $lock ]; then
+ $0 stop
+ # avoid race
+ sleep 2
+ $0 start
+ fi
+ ;;
+ status)
+ if [ -f $lock ]; then
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill -USR2 `cat $pidf` >/dev/null 2>&1
+ fi
+ done
+ echo "Status written to /var/log/messages"
+ else
+ echo "openvpn: service not started"
+ exit 1
+ fi
+ ;;
+ *)
+ echo "Usage: openvpn {start|stop|restart|condrestart|reload|reopen|status}"
+ exit 1
+ ;;
+esac
+exit 0
diff --git a/distro/rpm/openvpn.init.d.suse b/distro/rpm/openvpn.init.d.suse
new file mode 100644
index 0000000..2bac7f3
--- /dev/null
+++ b/distro/rpm/openvpn.init.d.suse
@@ -0,0 +1,264 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: openvpn
+# Required-Start: $network
+# Required-Stop: $network
+# Default-Start: 3 5
+# Default-Stop: 0 1 2 6
+# Short-Description: This shell script takes care of starting and stopping OpenVPN.
+# Description: OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP port.
+### END INIT INFO
+
+# Contributed to the OpenVPN project by
+# Douglas Keller <doug@voidstar.dyndns.org>
+# 2002.05.15
+
+# Modified for SuSE by
+# Frank Plohmann <openvpn@franks-planet.de>
+# 2003.08.24
+# Please feel free to contact me if you have problems or suggestions
+# using this script.
+
+# To install:
+# copy this file to /etc/rc.d/init.d/openvpn
+# use the runlevel editor in Yast to add it to runlevel 3 and/or 5
+# shell> mkdir /etc/openvpn
+# make .conf or .sh files in /etc/openvpn (see below)
+
+# To uninstall:
+# use also Yast and the runlevel editor to uninstall
+
+# Author's Notes:
+#
+# I have created an /etc/init.d init script and enhanced openvpn.spec to
+# automatically register the init script. Once the RPM is installed you
+# can start and stop OpenVPN with "service openvpn start" and "service
+# openvpn stop".
+#
+# The init script does the following:
+#
+# - Starts an openvpn process for each .conf file it finds in
+# /etc/openvpn.
+#
+# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
+# it before starting openvpn (useful for doing openvpn --mktun...).
+#
+# - In addition to start/stop you can do:
+#
+# /etc/init.d/openvpn reload - SIGHUP
+# /etc/init.d/openvpn reopen - SIGUSR1
+# /etc/init.d/openvpn status - SIGUSR2
+
+# Modifications 2003.05.02
+# * Changed == to = for sh compliance (Bishop Clark).
+# * If condrestart|reload|reopen|status, check that we were
+# actually started (James Yonan).
+# * Added lock, piddir, and work variables (James Yonan).
+# * If start is attempted twice, without an intervening stop, or
+# if start is attempted when previous start was not properly
+# shut down, then kill any previously started processes, before
+# commencing new start operation (James Yonan).
+# * Do a better job of flagging errors on start, and properly
+# returning success or failure status to caller (James Yonan).
+#
+# Modifications 2003.08.24
+# * Converted the script for SuSE Linux distribution.
+# Tested with version 8.2 (Frank Plohmann).
+# - removed "chkconfig" header
+# - added Yast header
+# - changed installation notes
+# - corrected path to openvpn binary
+# - removes sourcing "functions"
+# - removed sourcing "network"
+# - removed network checking. it seemed not to work with SuSE.
+# - added sourcing "rc.status", comments and "rc_reset" command
+# - removed "succes; echo" and "failure; echo" lines
+# - added "rc_status" lines at the end of each section
+# - changed "service" to "/etc/init.d/" in "In addition to start/stop"
+# section above.
+#
+# Modifications 2005.04.04
+# * Added openvpn-startup and openvpn-shutdown script calls (James Yonan).
+#
+
+# Location of openvpn binary
+openvpn="/usr/sbin/openvpn"
+
+# Lockfile
+lock="/var/lock/subsys/openvpn"
+
+# PID directory
+piddir="/var/run/openvpn"
+
+# Our working directory
+work=/etc/openvpn
+
+# Source rc functions
+. /etc/rc.status
+
+# Shell functions sourced from /etc/rc.status:
+# rc_check check and set local and overall rc status
+# rc_status check and set local and overall rc status
+# rc_status -v ditto but be verbose in local rc status
+# rc_status -v -r ditto and clear the local rc status
+# rc_failed set local and overall rc status to failed
+# rc_reset clear local rc status (overall remains)
+# rc_exit exit appropriate to overall rc status
+
+# rc_status check and set local and overall rc status
+# rc_status -v ditto but be verbose in local rc status
+# rc_status -v -r ditto and clear the local rc status
+# rc_failed set local and overall rc status to failed
+# rc_reset clear local rc status (overall remains)
+# rc_exit exit appropriate to overall rc status
+
+# First reset status of this service
+rc_reset
+
+[ -f $openvpn ] || exit 0
+
+# See how we were called.
+case "$1" in
+ start)
+ echo -n $"Starting openvpn: "
+
+ /sbin/modprobe tun >/dev/null 2>&1
+
+ # From a security perspective, I think it makes
+ # sense to remove this, and have users who need
+ # it explictly enable in their --up scripts or
+ # firewall setups.
+
+ #echo 1 > /proc/sys/net/ipv4/ip_forward
+
+ # Run startup script, if defined
+ if [ -f $work/openvpn-startup ]; then
+ $work/openvpn-startup
+ fi
+
+ if [ ! -d $piddir ]; then
+ mkdir $piddir
+ fi
+
+ if [ -f $lock ]; then
+ # we were not shut down correctly
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill `cat $pidf` >/dev/null 2>&1
+ fi
+ rm -f $pidf
+ done
+ rm -f $lock
+ sleep 2
+ fi
+
+ rm -f $piddir/*.pid
+ cd $work
+
+ # Start every .conf in $work and run .sh if exists
+ errors=0
+ successes=0
+ for c in `/bin/ls *.conf 2>/dev/null`; do
+ bn=${c%%.conf}
+ if [ -f "$bn.sh" ]; then
+ . $bn.sh
+ fi
+ rm -f $piddir/$bn.pid
+ $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work
+ if [ $? = 0 ]; then
+ successes=1
+ else
+ errors=1
+ fi
+ done
+
+ if [ $successes = 1 ]; then
+ touch $lock
+ fi
+
+ rc_status -v
+ ;;
+ stop)
+ echo -n $"Shutting down openvpn: "
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill `cat $pidf` >/dev/null 2>&1
+ fi
+ rm -f $pidf
+ done
+
+ # Run shutdown script, if defined
+ if [ -f $work/openvpn-shutdown ]; then
+ $work/openvpn-shutdown
+ fi
+
+ rm -f $lock
+
+ rc_status -v
+ ;;
+ restart)
+ $0 stop
+ sleep 2
+ $0 start
+
+ rc_status
+ ;;
+ reload)
+ if [ -f $lock ]; then
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill -HUP `cat $pidf` >/dev/null 2>&1
+ fi
+ done
+ else
+ echo "openvpn: service not started"
+ exit 1
+ fi
+
+ rc_status -v
+ ;;
+ reopen)
+ if [ -f $lock ]; then
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill -USR1 `cat $pidf` >/dev/null 2>&1
+ fi
+ done
+ else
+ echo "openvpn: service not started"
+ exit 1
+ fi
+
+ rc_status -v
+ ;;
+ condrestart)
+ if [ -f $lock ]; then
+ $0 stop
+ # avoid race
+ sleep 2
+ $0 start
+ fi
+
+ rc_status
+ ;;
+ status)
+ if [ -f $lock ]; then
+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+ if [ -s $pidf ]; then
+ kill -USR2 `cat $pidf` >/dev/null 2>&1
+ fi
+ done
+ echo "Status written to /var/log/messages"
+ else
+ echo "openvpn: service not started"
+ exit 1
+ fi
+
+ rc_status -v
+ ;;
+ *)
+ echo "Usage: openvpn {start|stop|restart|condrestart|reload|reopen|status}"
+ exit 1
+esac
+
+exit 0
diff --git a/distro/rpm/openvpn.spec.in b/distro/rpm/openvpn.spec.in
new file mode 100644
index 0000000..455f739
--- /dev/null
+++ b/distro/rpm/openvpn.spec.in
@@ -0,0 +1,287 @@
+# OpenVPN spec file, used to drive rpmbuild
+
+# OPTIONS
+#
+# Disable LZO
+# rpmbuild -tb [openvpn.x.tar.gz] --define 'without_lzo 1'
+#
+# Disable PAM plugin
+# rpmbuild -tb [openvpn.x.tar.gz] --define 'without_pam 1'
+#
+# Allow passwords to be read from files
+# rpmbuild -tb [openvpn.x.tar.gz] --define 'with_password_save 1'
+#
+# Use this on RH9 and RHEL3
+# rpmbuild -tb [openvpn.x.tar.gz] --define 'with_kerberos 1'
+
+Summary: OpenVPN is a robust and highly flexible VPN daemon by James Yonan.
+Name: @PACKAGE@
+Version: @VERSION@
+Release: 1
+URL: http://openvpn.net/
+Source0: http://prdownloads.sourceforge.net/openvpn/%{name}-%{version}.tar.gz
+
+License: GPL
+Group: Applications/Internet
+Vendor: James Yonan <jim@yonan.net>
+Packager: James Yonan <jim@yonan.net>
+BuildRoot: %{_tmppath}/%{name}-%(id -un)
+
+#
+# Include dependencies manually
+#
+
+AutoReq: 0
+
+BuildRequires: openssl-devel >= 0.9.6
+Requires: openssl >= 0.9.6
+
+%if "%{_vendor}" == "Mandrakesoft"
+%{!?without_lzo:BuildRequires: liblzo1-devel >= 1.07}
+%{!?without_lzo:Requires: liblzo1 >= 1.07}
+%else
+%if "%{_vendor}" == "MandrakeSoft"
+%{!?without_lzo:BuildRequires: liblzo1-devel >= 1.07}
+%{!?without_lzo:Requires: liblzo1 >= 1.07}
+%else
+%{!?without_lzo:BuildRequires: lzo-devel >= 1.07}
+%{!?without_lzo:Requires: lzo >= 1.07}
+%endif
+%endif
+
+%{!?without_pam:BuildRequires: pam-devel}
+%{!?without_pam:Requires: pam}
+
+%{!?with_pkcs11:BuildRequires: pkcs11-helper-devel}
+%{!?with_pkcs11:Requires: pkcs11-helper}
+
+#
+# Description
+#
+
+%description
+OpenVPN is a robust and highly flexible VPN daemon by James Yonan.
+OpenVPN supports SSL/TLS security,
+ethernet bridging,
+TCP or UDP tunnel transport through proxies or NAT,
+support for dynamic IP addresses and DHCP,
+scalability to hundreds or thousands of users,
+and portability to most major OS platforms.
+
+%package devel
+Summary: OpenVPN is a robust and highly flexible VPN daemon by James Yonan.
+Group: Applications/Internet
+Requires: %{name}
+%description devel
+Development support for OpenVPN.
+
+#
+# Define vendor type
+#
+
+%if "%{_vendor}" == "suse" || "%{_vendor}" == "pc"
+%define VENDOR SuSE
+%else
+%define VENDOR %_vendor
+%endif
+
+#
+# Should we build the auth-pam module?
+#
+
+%define build_auth_pam 1
+%{?without_pam:%define build_auth_pam 0}
+
+#
+# Other definitions
+#
+
+%define debug_package %{nil}
+
+#
+# Build OpenVPN binary
+#
+
+%prep
+%setup -q
+
+%build
+%configure \
+ --disable-dependency-tracking \
+ --docdir="%{_docdir}/%{name}-%{version}" \
+ %{?with_password_save:--enable-password-save} \
+ %{?without_lzo:--disable-lzo} \
+ %{?with_kerberos:--with-ssl-headers=/usr/kerberos/include}
+%__make
+
+# Build down-root plugin
+pushd src/plugins/down-root
+%__make
+popd
+
+# Build auth-pam plugin
+%if %{build_auth_pam}
+pushd src/plugins/auth-pam
+%__make
+popd
+%endif
+
+#
+# Installation section
+#
+
+%install
+[ %{buildroot} != "/" ] && rm -rf %{buildroot}
+%__make install DESTDIR="%{buildroot}"
+
+# Install init script
+%if "%{VENDOR}" == "SuSE"
+%__install -c -d -m 755 "%{buildroot}/etc/init.d"
+%__install -c -m 755 "distro/rpm/%{name}.init.d.suse" "%{buildroot}/etc/init.d/%{name}"
+%else
+%__install -c -d -m 755 "%{buildroot}/etc/rc.d/init.d"
+%__install -c -m 755 distro/rpm/%{name}.init.d.rhel "%{buildroot}/etc/rc.d/init.d/%{name}"
+%endif
+
+# Install /etc/openvpn
+%__install -c -d -m 755 "%{buildroot}/etc/%{name}"
+
+#
+# Build /usr/share/openvpn
+#
+
+%__mkdir_p %{buildroot}%{_datadir}/%{name}
+
+#
+# Install the plugins
+#
+
+%__mkdir_p "%{buildroot}%{_datadir}/%{name}/plugins/lib"
+
+for pi in auth-pam down-root; do
+ %__mv -f src/plugins/$pi/README src/plugins/README.$pi
+ if [ -e src/plugins/$pi/openvpn-$pi.so ]; then
+ %__install -c -m 755 src/plugins/$pi/openvpn-$pi.so "%{buildroot}%{_datadir}/openvpn/plugins/lib/openvpn-$pi.so"
+ fi
+done
+
+%__mv -f src/plugins/README src/plugins/README.plugins
+
+#
+# Clean section
+#
+
+%clean
+[ %{buildroot} != "/" ] && rm -rf "%{buildroot}"
+
+#
+# On Linux 2.4, make the device node
+#
+
+%post
+case "`uname -r`" in
+2.4*)
+ /bin/mkdir /dev/net >/dev/null 2>&1
+ /bin/mknod /dev/net/tun c 10 200 >/dev/null 2>&1
+ ;;
+esac
+
+#
+# Handle the init script
+#
+
+/sbin/chkconfig --add %{name}
+%if "%{VENDOR}" == "SuSE"
+/etc/init.d/openvpn restart
+%else
+/sbin/service %{name} condrestart
+%endif
+%preun
+if [ "$1" = 0 ]
+then
+ %if "%{VENDOR}" == "SuSE"
+ /etc/init.d/openvpn stop
+ %else
+ /sbin/service %{name} stop
+ %endif
+ /sbin/chkconfig --del %{name}
+fi
+
+#
+# Files section
+#
+
+%files
+%defattr(-,root,root)
+%doc AUTHORS ChangeLog COPYING COPYRIGHT.GPL INSTALL NEWS PORTS README
+%{_mandir}
+%{_sbindir}/%{name}
+%{_datadir}/%{name}
+%dir /etc/%{name}
+%if "%{VENDOR}" == "SuSE"
+/etc/init.d/%{name}
+%else
+/etc/rc.d/init.d/%{name}
+%endif
+
+# Install extra %doc stuff
+%doc contrib/ sample/ src/plugins/README.*
+
+%files devel
+%defattr(-,root,root)
+%{_includedir}/*
+
+%changelog
+* Thu Jul 30 2009 David Sommerseth <dazo@users.sourceforge.net>
+- Removed management/ directory from %doc
+
+* Thu Dec 14 2006 Alon Bar-Lev
+- Added with_pkcs11
+
+* Mon Aug 2 2005 James Yonan
+- Fixed build problem with --define 'without_pam 1'
+
+* Mon Apr 4 2005 James Yonan
+- Moved some files from /usr/share/openvpn to %doc for compatibility
+ with Dag Wieers' RPM repository
+
+* Sat Mar 12 2005 Tom Walsh
+- Added MandrakeSoft liblzo1 require
+
+* Fri Dec 10 2004 James Yonan
+- Added AutoReq: 0 for manual dependencies
+
+* Fri Dec 10 2004 James Yonan
+- Packaged the plugins
+
+* Sun Nov 7 2004 Umberto Nicoletti
+- SuSE support
+
+* Wed Aug 18 2004 Bishop Clark (LC957) <bishop@platypus.bc.ca>
+- restrict what we claim in /etc/ to avoid ownership conflicts
+
+* Sun Feb 23 2003 Matthias Andree <matthias.andree@gmx.de> 1.3.2.14-1.
+- Have the version number filled in by autoconf.
+
+* Wed Jul 10 2002 James Yonan <jim@yonan.net> 1.3.1-1
+- Fixed %preun to only remove service on final uninstall
+
+* Mon Jun 17 2002 bishop clark (LC957) <bishop@platypus.bc.ca> 1.2.2-1
+- Added condrestart to openvpn.spec & openvpn.init.
+
+* Wed May 22 2002 James Yonan <jim@yonan.net> 1.2.0-1
+- Added mknod for Linux 2.4.
+
+* Wed May 15 2002 Doug Keller <dsk@voidstar.dyndns.org> 1.1.1.16-2
+- Added init scripts
+- Added conf file support
+
+* Mon May 13 2002 bishop clark (LC957) <bishop@platypus.bc.ca> 1.1.1.14-1
+- Added new directories for config examples and such
+
+* Sun May 12 2002 bishop clark (LC957) <bishop@platypus.bc.ca> 1.1.1.13-1
+- Updated buildroot directive and cleanup command
+- added easy-rsa utilities
+
+* Mon Mar 25 2002 bishop clark (LC957) <bishop@platypus.bc.ca> 1.0-1
+- Initial build.