From 5d0eadbc6aabbd869d57e042ab41563e888e6e2c Mon Sep 17 00:00:00 2001
From: Patrick McLean <chutzpah@gentoo.org>
Date: Wed, 13 Mar 2019 14:51:45 -0700
Subject: net-vpn/openvpn: Revert LibreSSL patch (bug #680184)

This reverts commit c16af66cd6e5903520a80e73c6f594449e654a5f.

The patch doesn't apply

Closes: https://bugs.gentoo.org/680184
Signed-off-By: Patrick McLean <chutzpah@gentoo.org>
---
 net-vpn/openvpn/files/openvpn-2.4.7-libressl.patch | 133 +++--------------
 net-vpn/openvpn/openvpn-2.4.7-r1.ebuild            | 159 +++++++++++++++++++++
 net-vpn/openvpn/openvpn-2.4.7-r2.ebuild            | 159 ---------------------
 3 files changed, 179 insertions(+), 272 deletions(-)
 create mode 100644 net-vpn/openvpn/openvpn-2.4.7-r1.ebuild
 delete mode 100644 net-vpn/openvpn/openvpn-2.4.7-r2.ebuild

(limited to 'net-vpn')

diff --git a/net-vpn/openvpn/files/openvpn-2.4.7-libressl.patch b/net-vpn/openvpn/files/openvpn-2.4.7-libressl.patch
index 414f132b3361..210189cd4d4d 100644
--- a/net-vpn/openvpn/files/openvpn-2.4.7-libressl.patch
+++ b/net-vpn/openvpn/files/openvpn-2.4.7-libressl.patch
@@ -1,142 +1,49 @@
-From a47508606be2c6359d4b27c3b65b72dfe4786222 Mon Sep 17 00:00:00 2001
+From 4faf695e3c42a81131c2aae96c4a60228aa237a5 Mon Sep 17 00:00:00 2001
 From: Stefan Strogin <stefan.strogin@gmail.com>
-Date: Mon, 25 Feb 2019 20:35:31 +0200
-Subject: [PATCH] Use correct ifdefs for LibreSSL support
+Date: Sat, 23 Feb 2019 20:13:41 +0200
+Subject: [PATCH] Fix compilation with LibreSSL
 
-- TLS 1.3 is not ready yet in LibreSSL. Also there is a theoretical
-possibility of OpenSSL >=1.1.1 built without TLS 1.3 support.
-- EC_KEY_METHOD API and SSL_get1_supported_ciphers are added into LibreSSL
-master (not yet released in 2.9.0).
-- Some methods that are available since LibreSSL 2.7.0 were thrown away
-in ssl_openssl.c regardless of LibreSSL version. Use them with newer
-LibreSSL.
+TLS 1.3 is not ready yet in LibreSSL.
+Also SSL_get1_supported_ciphers() has been just added into master (not yet
+released).
 
+Upstream-Status: Submitted [https://github.com/OpenVPN/openvpn/pull/123]
 Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
-Acked-by: Arne Schwabe <arne@rfc2549.org>
-Message-Id: <20190225183531.27399-1-stefan.strogin@gmail.com>
-URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18239.html
-Signed-off-by: Gert Doering <gert@greenie.muc.de>
-Upstream-Status: Accepted
-[https://github.com/OpenVPN/openvpn/commit/a47508606be2c6359d4b27c3b65b72dfe4786222]
 ---
- src/openvpn/ssl_openssl.c | 33 +++++++++++++++++++++------------
- 1 file changed, 21 insertions(+), 12 deletions(-)
+ src/openvpn/ssl_openssl.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
 
 diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
-index ddb78da7..8bcebac4 100644
+index a78dae99..6a8fcef3 100644
 --- a/src/openvpn/ssl_openssl.c
 +++ b/src/openvpn/ssl_openssl.c
-@@ -465,7 +465,7 @@ tls_ctx_restrict_ciphers_tls13(struct tls_root_ctx *ctx, const char *ciphers)
+@@ -459,7 +459,7 @@ tls_ctx_restrict_ciphers_tls13(struct tls_root_ctx *ctx, const char *ciphers)
          return;
      }
  
 -#if (OPENSSL_VERSION_NUMBER < 0x1010100fL)
-+#if !defined(TLS1_3_VERSION)
-     crypto_msg(M_WARN, "Not compiled with OpenSSL 1.1.1 or higher. "
-                "Ignoring TLS 1.3 only tls-ciphersuites '%s' setting.",
-                ciphers);
-@@ -526,7 +526,8 @@ tls_ctx_check_cert_time(const struct tls_root_ctx *ctx)
- 
-     ASSERT(ctx);
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)) \
-+    || LIBRESSL_VERSION_NUMBER >= 0x2070000fL
-     /* OpenSSL 1.0.2 and up */
-     cert = SSL_CTX_get0_certificate(ctx->ctx);
- #else
-@@ -561,7 +562,8 @@ tls_ctx_check_cert_time(const struct tls_root_ctx *ctx)
-     }
- 
- cleanup:
--#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10002000L \
-+    || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
-     SSL_free(ssl);
- #endif
-     return;
-@@ -1209,7 +1211,9 @@ err:
-     return 0;
- }
- 
--#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER)
-+#if ((OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) \
-+     || LIBRESSL_VERSION_NUMBER > 0x2090000fL) \
-+    && !defined(OPENSSL_NO_EC)
- 
- /* called when EC_KEY is destroyed */
- static void
-@@ -1331,7 +1335,7 @@ err:
-     }
-     return 0;
- }
--#endif /* OPENSSL_VERSION_NUMBER > 1.1.0 dev */
-+#endif /* OPENSSL_VERSION_NUMBER > 1.1.0 dev && !defined(OPENSSL_NO_EC) */
- 
- int
- tls_ctx_use_management_external_key(struct tls_root_ctx *ctx)
-@@ -1340,7 +1344,8 @@ tls_ctx_use_management_external_key(struct tls_root_ctx *ctx)
- 
-     ASSERT(NULL != ctx);
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)) \
-+    || LIBRESSL_VERSION_NUMBER >= 0x2070000fL
-     /* OpenSSL 1.0.2 and up */
-     X509 *cert = SSL_CTX_get0_certificate(ctx->ctx);
- #else
-@@ -1362,7 +1367,9 @@ tls_ctx_use_management_external_key(struct tls_root_ctx *ctx)
-             goto cleanup;
-         }
-     }
--#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER)
-+#if ((OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) \
-+     || LIBRESSL_VERSION_NUMBER > 0x2090000fL) \
-+    && !defined(OPENSSL_NO_EC)
-     else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC)
-     {
-         if (!tls_ctx_use_external_ec_key(ctx, pkey))
-@@ -1375,17 +1382,18 @@ tls_ctx_use_management_external_key(struct tls_root_ctx *ctx)
-         crypto_msg(M_WARN, "management-external-key requires an RSA or EC certificate");
-         goto cleanup;
-     }
--#else  /* if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER) */
-+#else  /* OPENSSL_VERSION_NUMBER > 1.1.0 dev && !defined(OPENSSL_NO_EC) */
-     else
-     {
-         crypto_msg(M_WARN, "management-external-key requires an RSA certificate");
-         goto cleanup;
-     }
--#endif /* OPENSSL_VERSION_NUMBER > 1.1.0 dev */
-+#endif /* OPENSSL_VERSION_NUMBER > 1.1.0 dev && !defined(OPENSSL_NO_EC) */
- 
-     ret = 0;
- cleanup:
--#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10002000L \
-+    || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
-     if (ssl)
-     {
-         SSL_free(ssl);
-@@ -1998,7 +2006,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
++#if (OPENSSL_VERSION_NUMBER < 0x1010100fL) || defined(LIBRESSL_VERSION_NUMBER)
+         crypto_msg(M_WARN, "Not compiled with OpenSSL 1.1.1 or higher. "
+                        "Ignoring TLS 1.3 only tls-ciphersuites '%s' setting.",
+                         ciphers);
+@@ -1846,7 +1846,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
          crypto_msg(M_FATAL, "Cannot create SSL_CTX object");
      }
  
 -#if (OPENSSL_VERSION_NUMBER >= 0x1010100fL)
-+#if defined(TLS1_3_VERSION)
++#if (OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER))
      if (tls13)
      {
          SSL_CTX_set_min_proto_version(tls_ctx.ctx, TLS1_3_VERSION);
-@@ -2019,7 +2027,8 @@ show_available_tls_ciphers_list(const char *cipher_list,
+@@ -1867,7 +1867,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
          crypto_msg(M_FATAL, "Cannot create SSL object");
      }
  
 -#if (OPENSSL_VERSION_NUMBER < 0x1010000fL)
-+#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) || \
-+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER <= 0x2090000fL)
++#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) || defined(LIBRESSL_VERSION_NUMBER)
      STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
  #else
      STACK_OF(SSL_CIPHER) *sk = SSL_get1_supported_ciphers(ssl);
 -- 
-2.21.0
+2.20.1
 
diff --git a/net-vpn/openvpn/openvpn-2.4.7-r1.ebuild b/net-vpn/openvpn/openvpn-2.4.7-r1.ebuild
new file mode 100644
index 000000000000..0ae13d41d8c6
--- /dev/null
+++ b/net-vpn/openvpn/openvpn-2.4.7-r1.ebuild
@@ -0,0 +1,159 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools flag-o-matic user systemd linux-info
+
+DESCRIPTION="Robust and highly flexible tunneling application compatible with many OSes"
+SRC_URI="https://github.com/OpenVPN/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz
+	test? ( https://raw.githubusercontent.com/OpenVPN/${PN}/v${PV}/tests/unit_tests/${PN}/mock_msg.h )"
+HOMEPAGE="https://openvpn.net/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos"
+
+IUSE="down-root examples inotify iproute2 libressl lz4 +lzo mbedtls pam"
+IUSE+=" pkcs11 +plugins selinux +ssl static systemd test userland_BSD"
+
+REQUIRED_USE="static? ( !plugins !pkcs11 )
+	mbedtls? ( ssl !libressl )
+	pkcs11? ( ssl )
+	!plugins? ( !pam !down-root )
+	inotify? ( plugins )"
+
+CDEPEND="
+	kernel_linux? (
+		iproute2? ( sys-apps/iproute2[-minimal] )
+		!iproute2? ( >=sys-apps/net-tools-1.60_p20160215155418 )
+	)
+	pam? ( virtual/pam )
+	ssl? (
+		!mbedtls? (
+			!libressl? ( >=dev-libs/openssl-0.9.8:0= )
+			libressl? ( dev-libs/libressl:0= )
+		)
+		mbedtls? ( net-libs/mbedtls )
+	)
+	lz4? ( app-arch/lz4 )
+	lzo? ( >=dev-libs/lzo-1.07 )
+	pkcs11? ( >=dev-libs/pkcs11-helper-1.11 )
+	systemd? ( sys-apps/systemd )"
+DEPEND="${CDEPEND}
+	test? ( dev-util/cmocka )"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-openvpn )"
+
+CONFIG_CHECK="~TUN"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-external-cmocka.patch"
+	"${FILESDIR}/${PN}-2.4.5-libressl-macro-fix.patch"
+	"${FILESDIR}/${P}-libressl.patch"
+)
+
+pkg_setup()  {
+	linux-info_pkg_setup
+}
+
+src_prepare() {
+	default
+	eautoreconf
+
+	if use test; then
+		cp "${DISTDIR}/mock_msg.h" tests/unit_tests/${PN} || die
+	fi
+}
+
+src_configure() {
+	use static && append-ldflags -Xcompiler -static
+	SYSTEMD_UNIT_DIR=$(systemd_get_systemunitdir) \
+	TMPFILES_DIR="/usr/lib/tmpfiles.d" \
+	IFCONFIG=/bin/ifconfig \
+	ROUTE=/bin/route \
+	econf \
+		$(usex mbedtls '--with-crypto-library=mbedtls' '') \
+		$(use_enable inotify async-push) \
+		$(use_enable ssl crypto) \
+		$(use_enable lz4) \
+		$(use_enable lzo) \
+		$(use_enable pkcs11) \
+		$(use_enable plugins) \
+		$(use_enable iproute2) \
+		$(use_enable pam plugin-auth-pam) \
+		$(use_enable down-root plugin-down-root) \
+		$(use_enable test tests) \
+		$(use_enable systemd)
+}
+
+src_test() {
+	make check || die "top-level tests failed"
+	pushd tests/unit_tests > /dev/null || die
+	make check || die "unit tests failed"
+	popd > /dev/null || die
+}
+
+src_install() {
+	default
+	find "${ED}/usr" -name '*.la' -delete
+	# install documentation
+	dodoc AUTHORS ChangeLog PORTS README README.IPv6
+
+	# Install some helper scripts
+	keepdir /etc/openvpn
+	exeinto /etc/openvpn
+	doexe "${FILESDIR}/up.sh"
+	doexe "${FILESDIR}/down.sh"
+
+	# Install the init script and config file
+	newinitd "${FILESDIR}/${PN}-2.1.init" openvpn
+	newconfd "${FILESDIR}/${PN}-2.1.conf" openvpn
+
+	# install examples, controlled by the respective useflag
+	if use examples ; then
+		# dodoc does not supportly support directory traversal, #15193
+		insinto /usr/share/doc/${PF}/examples
+		doins -r sample contrib
+	fi
+}
+
+pkg_postinst() {
+	# Add openvpn user so openvpn servers can drop privs
+	# Clients should run as root so they can change ip addresses,
+	# dns information and other such things.
+	enewgroup openvpn
+	enewuser openvpn "" "" "" openvpn
+
+	if use x64-macos; then
+		elog "You might want to install tuntaposx for TAP interface support:"
+		elog "http://tuntaposx.sourceforge.net"
+	fi
+
+	elog "The openvpn init script expects to find the configuration file"
+	elog "openvpn.conf in /etc/openvpn along with any extra files it may need."
+	elog ""
+	elog "To create more VPNs, simply create a new .conf file for it and"
+	elog "then create a symlink to the openvpn init script from a link called"
+	elog "openvpn.newconfname - like so"
+	elog "   cd /etc/openvpn"
+	elog "   ${EDITOR##*/} foo.conf"
+	elog "   cd /etc/init.d"
+	elog "   ln -s openvpn openvpn.foo"
+	elog ""
+	elog "You can then treat openvpn.foo as any other service, so you can"
+	elog "stop one vpn and start another if you need to."
+
+	if grep -Eq "^[ \t]*(up|down)[ \t].*" "${ROOT}/etc/openvpn"/*.conf 2>/dev/null ; then
+		ewarn ""
+		ewarn "WARNING: If you use the remote keyword then you are deemed to be"
+		ewarn "a client by our init script and as such we force up,down scripts."
+		ewarn "These scripts call /etc/openvpn/\$SVCNAME-{up,down}.sh where you"
+		ewarn "can move your scripts to."
+	fi
+
+	if use plugins ; then
+		einfo ""
+		einfo "plugins have been installed into /usr/$(get_libdir)/${PN}/plugins"
+	fi
+}
diff --git a/net-vpn/openvpn/openvpn-2.4.7-r2.ebuild b/net-vpn/openvpn/openvpn-2.4.7-r2.ebuild
deleted file mode 100644
index 0ae13d41d8c6..000000000000
--- a/net-vpn/openvpn/openvpn-2.4.7-r2.ebuild
+++ /dev/null
@@ -1,159 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit autotools flag-o-matic user systemd linux-info
-
-DESCRIPTION="Robust and highly flexible tunneling application compatible with many OSes"
-SRC_URI="https://github.com/OpenVPN/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz
-	test? ( https://raw.githubusercontent.com/OpenVPN/${PN}/v${PV}/tests/unit_tests/${PN}/mock_msg.h )"
-HOMEPAGE="https://openvpn.net/"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos"
-
-IUSE="down-root examples inotify iproute2 libressl lz4 +lzo mbedtls pam"
-IUSE+=" pkcs11 +plugins selinux +ssl static systemd test userland_BSD"
-
-REQUIRED_USE="static? ( !plugins !pkcs11 )
-	mbedtls? ( ssl !libressl )
-	pkcs11? ( ssl )
-	!plugins? ( !pam !down-root )
-	inotify? ( plugins )"
-
-CDEPEND="
-	kernel_linux? (
-		iproute2? ( sys-apps/iproute2[-minimal] )
-		!iproute2? ( >=sys-apps/net-tools-1.60_p20160215155418 )
-	)
-	pam? ( virtual/pam )
-	ssl? (
-		!mbedtls? (
-			!libressl? ( >=dev-libs/openssl-0.9.8:0= )
-			libressl? ( dev-libs/libressl:0= )
-		)
-		mbedtls? ( net-libs/mbedtls )
-	)
-	lz4? ( app-arch/lz4 )
-	lzo? ( >=dev-libs/lzo-1.07 )
-	pkcs11? ( >=dev-libs/pkcs11-helper-1.11 )
-	systemd? ( sys-apps/systemd )"
-DEPEND="${CDEPEND}
-	test? ( dev-util/cmocka )"
-RDEPEND="${CDEPEND}
-	selinux? ( sec-policy/selinux-openvpn )"
-
-CONFIG_CHECK="~TUN"
-
-PATCHES=(
-	"${FILESDIR}/${PN}-external-cmocka.patch"
-	"${FILESDIR}/${PN}-2.4.5-libressl-macro-fix.patch"
-	"${FILESDIR}/${P}-libressl.patch"
-)
-
-pkg_setup()  {
-	linux-info_pkg_setup
-}
-
-src_prepare() {
-	default
-	eautoreconf
-
-	if use test; then
-		cp "${DISTDIR}/mock_msg.h" tests/unit_tests/${PN} || die
-	fi
-}
-
-src_configure() {
-	use static && append-ldflags -Xcompiler -static
-	SYSTEMD_UNIT_DIR=$(systemd_get_systemunitdir) \
-	TMPFILES_DIR="/usr/lib/tmpfiles.d" \
-	IFCONFIG=/bin/ifconfig \
-	ROUTE=/bin/route \
-	econf \
-		$(usex mbedtls '--with-crypto-library=mbedtls' '') \
-		$(use_enable inotify async-push) \
-		$(use_enable ssl crypto) \
-		$(use_enable lz4) \
-		$(use_enable lzo) \
-		$(use_enable pkcs11) \
-		$(use_enable plugins) \
-		$(use_enable iproute2) \
-		$(use_enable pam plugin-auth-pam) \
-		$(use_enable down-root plugin-down-root) \
-		$(use_enable test tests) \
-		$(use_enable systemd)
-}
-
-src_test() {
-	make check || die "top-level tests failed"
-	pushd tests/unit_tests > /dev/null || die
-	make check || die "unit tests failed"
-	popd > /dev/null || die
-}
-
-src_install() {
-	default
-	find "${ED}/usr" -name '*.la' -delete
-	# install documentation
-	dodoc AUTHORS ChangeLog PORTS README README.IPv6
-
-	# Install some helper scripts
-	keepdir /etc/openvpn
-	exeinto /etc/openvpn
-	doexe "${FILESDIR}/up.sh"
-	doexe "${FILESDIR}/down.sh"
-
-	# Install the init script and config file
-	newinitd "${FILESDIR}/${PN}-2.1.init" openvpn
-	newconfd "${FILESDIR}/${PN}-2.1.conf" openvpn
-
-	# install examples, controlled by the respective useflag
-	if use examples ; then
-		# dodoc does not supportly support directory traversal, #15193
-		insinto /usr/share/doc/${PF}/examples
-		doins -r sample contrib
-	fi
-}
-
-pkg_postinst() {
-	# Add openvpn user so openvpn servers can drop privs
-	# Clients should run as root so they can change ip addresses,
-	# dns information and other such things.
-	enewgroup openvpn
-	enewuser openvpn "" "" "" openvpn
-
-	if use x64-macos; then
-		elog "You might want to install tuntaposx for TAP interface support:"
-		elog "http://tuntaposx.sourceforge.net"
-	fi
-
-	elog "The openvpn init script expects to find the configuration file"
-	elog "openvpn.conf in /etc/openvpn along with any extra files it may need."
-	elog ""
-	elog "To create more VPNs, simply create a new .conf file for it and"
-	elog "then create a symlink to the openvpn init script from a link called"
-	elog "openvpn.newconfname - like so"
-	elog "   cd /etc/openvpn"
-	elog "   ${EDITOR##*/} foo.conf"
-	elog "   cd /etc/init.d"
-	elog "   ln -s openvpn openvpn.foo"
-	elog ""
-	elog "You can then treat openvpn.foo as any other service, so you can"
-	elog "stop one vpn and start another if you need to."
-
-	if grep -Eq "^[ \t]*(up|down)[ \t].*" "${ROOT}/etc/openvpn"/*.conf 2>/dev/null ; then
-		ewarn ""
-		ewarn "WARNING: If you use the remote keyword then you are deemed to be"
-		ewarn "a client by our init script and as such we force up,down scripts."
-		ewarn "These scripts call /etc/openvpn/\$SVCNAME-{up,down}.sh where you"
-		ewarn "can move your scripts to."
-	fi
-
-	if use plugins ; then
-		einfo ""
-		einfo "plugins have been installed into /usr/$(get_libdir)/${PN}/plugins"
-	fi
-}
-- 
cgit v1.2.3-65-gdbad