19 files changed, 611 insertions, 0 deletions

diff --git a/testing/cryptsetup/PKGBUILD b/testing/cryptsetup/PKGBUILD
new file mode 100644
index 000000000..a577c5805
--- /dev/null
+++ b/testing/cryptsetup/PKGBUILD
@@ -0,0 +1,37 @@
+# $Id: PKGBUILD 145897 2012-01-03 21:19:51Z thomas $
+# Maintainer: Thomas Bächler <thomas@archlinux.org>
+pkgname=cryptsetup
+pkgver=1.4.1
+pkgrel=1
+pkgdesc="Userspace setup tool for transparent encryption of block devices using dm-crypt"
+arch=(i686 x86_64)
+license=('GPL')
+url="http://code.google.com/p/cryptsetup/"
+groups=('base')
+depends=('device-mapper>=2.02.85-2' 'libgcrypt' 'popt')
+conflicts=('mkinitcpio<0.7')
+options=('!libtool' '!emptydirs')
+source=(http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2
+        http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2.asc
+        encrypt_hook
+        encrypt_install)
+sha256sums=('82b143328c2b427ef2b89fb76c701d311c95b54093c21bbf22342f7b393bddcb'
+            '71c6506d4b6d0b22b9b6c2a68e604959e4c072af04680ed6acc0126c97bdbc88'
+            '811bbea1337106ad811731c746d73ee81039bad00aef52398e3a377ad0766757'
+            'd4380195351b70abf8fcb3cd19461879c55a7a07e4915d1f0365b295b112a573')
+build() {
+  cd "${srcdir}"/$pkgname-${pkgver}
+  ./configure --prefix=/usr --disable-static --sbindir=/sbin --libdir=/lib
+  make
+}
+
+package() {
+  cd "${srcdir}"/$pkgname-${pkgver}
+  make DESTDIR="${pkgdir}" install
+  # install hook
+  install -D -m644 "${srcdir}"/encrypt_hook "${pkgdir}"/lib/initcpio/hooks/encrypt
+  install -D -m644 "${srcdir}"/encrypt_install "${pkgdir}"/lib/initcpio/install/encrypt
+  # Fix pkgconfig location
+  install -d -m755 "${pkgdir}"/usr/lib
+  mv "${pkgdir}"/lib/pkgconfig "${pkgdir}"/usr/lib/
+}
diff --git a/testing/cryptsetup/encrypt_hook b/testing/cryptsetup/encrypt_hook
new file mode 100644
index 000000000..956b18023
--- /dev/null
+++ b/testing/cryptsetup/encrypt_hook
@@ -0,0 +1,148 @@
+# vim: set ft=sh:
+# TODO this one needs some work to work with lots of different
+#       encryption schemes
+run_hook ()
+{
+    /sbin/modprobe -a -q dm-crypt >/dev/null 2>&1
+    if [ -e "/sys/class/misc/device-mapper" ]; then
+        if [ ! -e "/dev/mapper/control" ]; then
+            mkdir /dev/mapper
+            mknod "/dev/mapper/control" c $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |')
+        fi
+        [ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
+
+        # Get keyfile if specified
+        ckeyfile="/crypto_keyfile.bin"
+        if [ "x${cryptkey}" != "x" ]; then
+            ckdev="$(echo "${cryptkey}" | cut -d: -f1)"
+            ckarg1="$(echo "${cryptkey}" | cut -d: -f2)"
+            ckarg2="$(echo "${cryptkey}" | cut -d: -f3)"
+            if poll_device "${ckdev}" ${rootdelay}; then
+                case ${ckarg1} in
+                    *[!0-9]*)
+                        # Use a file on the device
+                        # ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
+                        mkdir /ckey
+                        mount -r -t ${ckarg1} ${ckdev} /ckey
+                        dd if=/ckey/${ckarg2} of=${ckeyfile} >/dev/null 2>&1
+                        umount /ckey
+                        ;;
+                    *)
+                        # Read raw data from the block device
+                        # ckarg1 is numeric: ckarg1=offset, ckarg2=length
+                        dd if=${ckdev} of=${ckeyfile} bs=1 skip=${ckarg1} count=${ckarg2} >/dev/null 2>&1
+                        ;;
+                esac
+            fi
+            [ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
+        fi
+
+        if [ -n "${cryptdevice}" ]; then
+            DEPRECATED_CRYPT=0
+            cryptdev="$(echo "${cryptdevice}" | cut -d: -f1)"
+            cryptname="$(echo "${cryptdevice}" | cut -d: -f2)"
+            cryptoptions="$(echo "${cryptdevice}" | cut -d: -f3)"
+        else
+            DEPRECATED_CRYPT=1
+            cryptdev="${root}"
+            cryptname="root"
+        fi
+
+        warn_deprecated() {
+            echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
+            echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
+        }
+
+        OLDIFS="${IFS}"
+        IFS=","
+        for cryptopt in ${cryptoptions}; do
+            case ${cryptopt} in
+                allow-discards)
+                    echo "Enabling TRIM/discard support."
+                    cryptargs="${cryptargs} --allow-discards"
+                    ;;
+                *)
+                    echo "Encryption option '${cryptopt}' not known, ignoring." >&2
+                    ;;
+            esac
+        done
+        IFS="${OLDIFS}"
+
+        if  poll_device "${cryptdev}" ${rootdelay}; then
+            if /sbin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
+                [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
+                dopassphrase=1
+                # If keyfile exists, try to use that
+                if [ -f ${ckeyfile} ]; then
+                    if eval /sbin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; then
+                        dopassphrase=0
+                    else
+                        echo "Invalid keyfile. Reverting to passphrase."
+                    fi
+                fi
+                # Ask for a passphrase
+                if [ ${dopassphrase} -gt 0 ]; then
+                    echo ""
+                    echo "A password is required to access the ${cryptname} volume:"
+
+                    #loop until we get a real password
+                    while ! eval /sbin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; do
+                        sleep 2;
+                    done
+                fi
+                if [ -e "/dev/mapper/${cryptname}" ]; then
+                    if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
+                        export root="/dev/mapper/root"
+                    fi
+                else
+                    err "Password succeeded, but ${cryptname} creation failed, aborting..."
+                    exit 1
+                fi
+            elif [ -n "${crypto}" ]; then
+                [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
+                msg "Non-LUKS encrypted device found..."
+                if [ $# -ne 5 ]; then
+                    err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
+                    err "Non-LUKS decryption not attempted..."
+                    return 1
+                fi
+                exe="/sbin/cryptsetup create ${cryptname} ${cryptdev} ${cryptargs}"
+                tmp=$(echo "${crypto}" | cut -d: -f1)
+                [ -n "${tmp}" ] && exe="${exe} --hash \"${tmp}\""
+                tmp=$(echo "${crypto}" | cut -d: -f2)
+                [ -n "${tmp}" ] && exe="${exe} --cipher \"${tmp}\""
+                tmp=$(echo "${crypto}" | cut -d: -f3)
+                [ -n "${tmp}" ] && exe="${exe} --key-size \"${tmp}\""
+                tmp=$(echo "${crypto}" | cut -d: -f4)
+                [ -n "${tmp}" ] && exe="${exe} --offset \"${tmp}\""
+                tmp=$(echo "${crypto}" | cut -d: -f5)
+                [ -n "${tmp}" ] && exe="${exe} --skip \"${tmp}\""
+                if [ -f ${ckeyfile} ]; then
+                    exe="${exe} --key-file ${ckeyfile}"
+                else
+                    exe="${exe} --verify-passphrase"
+                    echo ""
+                    echo "A password is required to access the ${cryptname} volume:"
+                fi
+                eval "${exe} ${CSQUIET}"
+
+                if [ $? -ne 0 ]; then
+                    err "Non-LUKS device decryption failed. verify format: "
+                    err "      crypto=hash:cipher:keysize:offset:skip"
+                    exit 1
+                fi
+                if [ -e "/dev/mapper/${cryptname}" ]; then
+                    if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
+                        export root="/dev/mapper/root"
+                    fi
+                else
+                    err "Password succeeded, but ${cryptname} creation failed, aborting..."
+                    exit 1
+                fi
+            else
+                err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
+            fi
+        fi
+        rm -f ${ckeyfile}
+    fi
+}
diff --git a/testing/cryptsetup/encrypt_install b/testing/cryptsetup/encrypt_install
new file mode 100644
index 000000000..13174ec06
--- /dev/null
+++ b/testing/cryptsetup/encrypt_install
@@ -0,0 +1,26 @@
+# vim: set ft=sh:
+
+build()
+{
+    if [ -z "${CRYPTO_MODULES}" ]; then
+        MODULES=" dm-crypt $(all_modules "/crypto/") "
+    else
+        MODULES=" dm-crypt ${CRYPTO_MODULES} "
+    fi
+    FILES=""
+    SCRIPT="encrypt"
+    [ -f "/sbin/cryptsetup" ] && add_binary "/sbin/cryptsetup" "/sbin/cryptsetup"
+    [ -f "/usr/sbin/cryptsetup" ] && add_binary "/usr/sbin/cryptsetup" "/sbin/cryptsetup"
+    add_binary "/sbin/dmsetup"
+    add_file "/lib/udev/rules.d/10-dm.rules"
+    add_file "/lib/udev/rules.d/13-dm-disk.rules"
+    add_file "/lib/udev/rules.d/95-dm-notify.rules"
+    add_file "/lib/initcpio/udev/11-dm-initramfs.rules" "/lib/udev/rules.d/11-dm-initramfs.rules"
+}
+
+help ()
+{
+cat<<HELPEOF
+  This hook allows for an encrypted root device.
+HELPEOF
+}
diff --git a/testing/inetutils/PKGBUILD b/testing/inetutils/PKGBUILD
new file mode 100644
index 000000000..cc382cd47
--- /dev/null
+++ b/testing/inetutils/PKGBUILD
@@ -0,0 +1,78 @@
+# $Id: PKGBUILD 145853 2012-01-03 07:18:10Z eric $
+# Maintainer: Eric Bélanger <eric@archlinux.org>
+
+pkgname=inetutils
+pkgver=1.9
+pkgrel=1
+pkgdesc="A collection of common network programs"
+arch=('i686' 'x86_64')
+url="http://www.gnu.org/software/inetutils/"
+license=('GPL3')
+groups=('base')
+depends=('readline' 'ncurses' 'pam')
+provides=('netkit-ftp' 'netkit-rsh' 'netkit-telnet' 'netkit-ntalk')
+conflicts=('netkit-ftp' 'netkit-rsh' 'netkit-telnet' 'netkit-ntalk')
+replaces=('netkit-ftp' 'netkit-rsh' 'netkit-telnet' 'netkit-ntalk')
+backup=('etc/conf.d/ftpd' 'etc/xinetd.d/telnet' 'etc/xinetd.d/talk' \
+        'etc/xinetd.d/rexec' 'etc/xinetd.d/rlogin' 'etc/xinetd.d/rsh')
+options=('!emptydirs')
+install=inetutils.install
+source=(http://ftp.gnu.org/gnu/inetutils/${pkgname}-${pkgver}.tar.gz{,.sig} \
+        ftpd.rc ftpd.conf telnet.xinetd talk.xinetd rexec.xinetd rlogin.xinetd rsh.xinetd \
+        dnsdomainname domainname)
+sha1sums=('c0466718360459622172bf80674005e20fefeb38'
+          '1bd1555c8e1db5a7a6d1b96a7647a6a9db1abc68'
+          '84dc802b5e57b5e04c847572225a3b9612017155'
+          '68a590083b45997dfdb80e666b2de762f494ba74'
+          'bfad98a4a62f1fff8779f076c6019ed07f9111af'
+          '27d99b910eec0fc26bd79ccc2c1de26608330298'
+          '87aa4f38ebee9dac5dcaa04cbc3f2f0906bec605'
+          '81f10b3b688e3952f793b35bcef63b5bf257a92b'
+          '81f4a8da823cf0bb14284fc71ee6108849691eda'
+          'ac69756d6cc50157d430d863db04a5aac4688380'
+          'eb952b0b9c3e3d429d8e21b110249e495f0e0e63')
+
+build() {
+  cd "${srcdir}/${pkgname}-${pkgver}"
+  ./configure --prefix=/usr --libexec=/usr/sbin --localstatedir=/var \
+    --sysconfdir=/etc --mandir=/usr/share/man --infodir=/usr/share/info \
+    --without-wrap --with-pam \
+    --enable-ftp --enable-ftpd \
+    --enable-telnet --enable-telnetd \
+    --enable-talk --enable-talkd \
+    --enable-rlogin --enable-rlogind \
+    --enable-rsh --enable-rshd \
+    --enable-rexec --enable-rexecd \
+    --enable-rcp --enable-hostname \
+    --disable-tftp --disable-tftpd \
+    --disable-ping --disable-ping6 \
+    --disable-logger --disable-syslogd \
+    --disable-inetd --disable-whois \
+    --disable-uucpd --disable-ifconfig --disable-traceroute
+  make
+}
+
+check() {
+  cd "${srcdir}/${pkgname}-${pkgver}"
+  make check
+}
+
+package() {
+  cd "${srcdir}/${pkgname}-${pkgver}"
+  make DESTDIR="${pkgdir}" install
+  rm "${pkgdir}/usr/bin/git-merge-changelog"
+
+  install -d "${pkgdir}/bin"
+  ln -s /usr/bin/hostname "${pkgdir}/bin/hostname"
+  install -D -m755 "${srcdir}/domainname" "${pkgdir}/bin/domainname"
+  install -D -m755 "${srcdir}/dnsdomainname" "${pkgdir}/bin/dnsdomainname"
+  echo ".so man1/hostname.1" > "${pkgdir}/usr/share/man/man1/domainname.1"
+  echo ".so man1/hostname.1" > "${pkgdir}/usr/share/man/man1/dnsdomainname.1"
+  install -D -m755 "${srcdir}/ftpd.rc" "${pkgdir}/etc/rc.d/ftpd"
+  install -D -m644 "${srcdir}/ftpd.conf" "${pkgdir}/etc/conf.d/ftpd"
+  install -D -m644 "${srcdir}/telnet.xinetd" "${pkgdir}/etc/xinetd.d/telnet"
+  install -D -m644 "${srcdir}/talk.xinetd" "${pkgdir}/etc/xinetd.d/talk"
+  install -D -m644 "${srcdir}/rexec.xinetd" "${pkgdir}/etc/xinetd.d/rexec"
+  install -D -m644 "${srcdir}/rlogin.xinetd" "${pkgdir}/etc/xinetd.d/rlogin"
+  install -D -m644 "${srcdir}/rsh.xinetd" "${pkgdir}/etc/xinetd.d/rsh"
+}
diff --git a/testing/inetutils/dnsdomainname b/testing/inetutils/dnsdomainname
new file mode 100644
index 000000000..4bba209fe
--- /dev/null
+++ b/testing/inetutils/dnsdomainname
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec /usr/bin/hostname -y "$@"
diff --git a/testing/inetutils/domainname b/testing/inetutils/domainname
new file mode 100644
index 000000000..a1b8a8c31
--- /dev/null
+++ b/testing/inetutils/domainname
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec /usr/bin/hostname -d "$@"
diff --git a/testing/inetutils/ftpd.conf b/testing/inetutils/ftpd.conf
new file mode 100644
index 000000000..f660f0035
--- /dev/null
+++ b/testing/inetutils/ftpd.conf
@@ -0,0 +1,4 @@
+#
+# Parameters to be passed to ftpd
+#
+FTPD_ARGS=""
diff --git a/testing/inetutils/ftpd.rc b/testing/inetutils/ftpd.rc
new file mode 100644
index 000000000..3d0d34421
--- /dev/null
+++ b/testing/inetutils/ftpd.rc
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+. /etc/rc.conf
+. /etc/rc.d/functions
+. /etc/conf.d/ftpd
+
+PID=$(pidof -o %PPID /usr/sbin/ftpd)
+case "$1" in
+  start)
+    stat_busy "Starting ftpd"
+    [ -z "$PID" ] && /usr/sbin/ftpd -D $FTPD_ARGS
+    if [ $? -gt 0 ]; then
+      stat_fail
+    else
+      add_daemon ftpd
+      stat_done
+    fi
+    ;;
+  stop)
+    stat_busy "Stopping ftpd"
+    [ ! -z "$PID" ]  && kill $PID &> /dev/null
+    if [ $? -gt 0 ]; then
+      stat_fail
+    else
+      rm_daemon ftpd
+      stat_done
+    fi
+    ;;
+  restart)
+    $0 stop
+    sleep 1
+    $0 start
+    ;;
+  *)
+    echo "usage: $0 {start|stop|restart}"
+esac
+exit 0
diff --git a/testing/inetutils/inetutils.install b/testing/inetutils/inetutils.install
new file mode 100644
index 000000000..b338fa498
--- /dev/null
+++ b/testing/inetutils/inetutils.install
@@ -0,0 +1,20 @@
+infodir=/usr/share/info
+filelist=(inetutils.info.gz)
+
+post_install() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist[@]}; do
+    install-info $infodir/$file $infodir/dir 2> /dev/null
+  done
+}
+
+post_upgrade() {
+  post_install $1
+}
+
+pre_remove() {
+  [ -x usr/bin/install-info ] || return 0
+  for file in ${filelist[@]}; do
+    install-info --delete $infodir/$file $infodir/dir 2> /dev/null
+  done
+}
diff --git a/testing/inetutils/rexec.xinetd b/testing/inetutils/rexec.xinetd
new file mode 100644
index 000000000..4659e4745
--- /dev/null
+++ b/testing/inetutils/rexec.xinetd
@@ -0,0 +1,10 @@
+service exec
+{
+        flags                   = REUSE
+        socket_type             = stream
+        wait                    = no
+        user                    = root
+        server                  = /usr/sbin/rexecd
+        log_on_failure          += USERID
+        disable                 = yes
+}
diff --git a/testing/inetutils/rlogin.xinetd b/testing/inetutils/rlogin.xinetd
new file mode 100644
index 000000000..5c72f86df
--- /dev/null
+++ b/testing/inetutils/rlogin.xinetd
@@ -0,0 +1,10 @@
+service login
+{
+        flags                   = REUSE
+        socket_type             = stream
+        wait                    = no
+        user                    = root
+        server                  = /usr/sbin/rlogind
+        log_on_failure          += USERID
+        disable                 = yes
+}
diff --git a/testing/inetutils/rsh.xinetd b/testing/inetutils/rsh.xinetd
new file mode 100644
index 000000000..a13738c31
--- /dev/null
+++ b/testing/inetutils/rsh.xinetd
@@ -0,0 +1,10 @@
+service shell
+{
+        flags                   = REUSE
+        socket_type             = stream
+        wait                    = no
+        user                    = root
+        server                  = /usr/sbin/rshd
+        log_on_failure          += USERID
+        disable                 = yes
+}
diff --git a/testing/inetutils/talk.xinetd b/testing/inetutils/talk.xinetd
new file mode 100644
index 000000000..6abef359c
--- /dev/null
+++ b/testing/inetutils/talk.xinetd
@@ -0,0 +1,10 @@
+service ntalk
+{
+	flags			= REUSE
+	socket_type		= dgram
+	wait			= yes
+	user			= root
+	server			= /usr/sbin/talkd
+	log_on_failure		+= USERID
+	disable			= yes
+}
diff --git a/testing/inetutils/telnet.xinetd b/testing/inetutils/telnet.xinetd
new file mode 100644
index 000000000..bd3a5e4b1
--- /dev/null
+++ b/testing/inetutils/telnet.xinetd
@@ -0,0 +1,10 @@
+service telnet
+{
+	flags			= REUSE
+	socket_type		= stream
+	wait			= no
+	user			= root
+	server			= /usr/sbin/telnetd
+	log_on_failure		+= USERID
+	disable			= yes
+}
diff --git a/testing/libpcap/PKGBUILD b/testing/libpcap/PKGBUILD
new file mode 100644
index 000000000..047a69a87
--- /dev/null
+++ b/testing/libpcap/PKGBUILD
@@ -0,0 +1,38 @@
+# $Id: PKGBUILD 145895 2012-01-03 21:16:20Z thomas $
+# Maintainer: Thomas Bächler <thomas@archlinux.org>
+
+pkgname=libpcap
+pkgver=1.2.1
+pkgrel=1
+pkgdesc="A system-independent interface for user-level packet capture"
+arch=('i686' 'x86_64')
+url="http://www.tcpdump.org/"
+license=('BSD')
+depends=('glibc' 'libnl' 'sh')
+makedepends=('flex')
+source=(http://www.tcpdump.org/release/libpcap-${pkgver}.tar.gz
+        http://www.tcpdump.org/release/libpcap-1.2.1.tar.gz.sig)
+sha256sums=('a135a6ef7e539729a57c7ed345bdb9b64159e13404174006a7972eb33f00debd'
+            'dc82ca7e7f737885969af0f78ad0f0eef8206062087e0261ca2799ef26d569b4')
+
+build() {
+  cd ${srcdir}/${pkgname}-${pkgver}
+  ./configure --prefix=/usr --enable-ipv6
+  make
+}
+
+package() {
+  cd ${srcdir}/${pkgname}-${pkgver}
+  install -d -m755 ${pkgdir}/usr/bin
+  make DESTDIR=${pkgdir} install
+  # remove static library
+  rm -rf ${pkgdir}/usr/lib/libpcap.a
+  
+  # backwards compatibility, programs often look for net/bpf.h
+  mkdir -p ${pkgdir}/usr/include/net
+  cd ${pkgdir}/usr/include/net
+  ln -s ../pcap-bpf.h bpf.h
+
+  #install the license
+  install -D -m644 ${srcdir}/$pkgname-$pkgver/LICENSE ${pkgdir}/usr/share/licenses/$pkgname/LICENSE
+}
diff --git a/testing/openvpn/PKGBUILD b/testing/openvpn/PKGBUILD
new file mode 100644
index 000000000..7e7705243
--- /dev/null
+++ b/testing/openvpn/PKGBUILD
@@ -0,0 +1,72 @@
+# $Id: PKGBUILD 145902 2012-01-03 21:27:30Z thomas $
+# Maintainer: Thomas Bächler <thomas@archlinux.org>
+
+pkgname=openvpn
+pkgver=2.2.2
+pkgrel=1
+pkgdesc="An easy-to-use, robust, and highly configurable VPN (Virtual Private Network)"
+arch=(i686 x86_64)
+url="http://openvpn.net/index.php/open-source.html"
+depends=('openssl' 'lzo2' 'iproute2')
+license=('custom')
+backup=(usr/share/openvpn/easy-rsa/vars
+        usr/share/openvpn/easy-rsa/openssl-1.0.0.cnf
+        etc/conf.d/openvpn-tapdev)
+source=(http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.gz
+        http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.gz.asc
+        openvpn.rc
+        openvpn-tapdev.rc
+        openvpn-tapdev.conf)
+md5sums=('c5181e27b7945fa6276d21873329c5c7'
+         '81ff11ec8cd9fc3c8bc646aae24c4298'
+         'a3809b9727f0c2af2d0770f5c7442db2'
+         'd2c48e970088d679dd3c2afd914ff731'
+         '722f483c9e3ce2ec66d3301aaf7cf3d5')
+
+build() {
+  cd $srcdir/$pkgname-$pkgver
+  # Build openvpn
+  CFLAGS="$CFLAGS -DPLUGIN_LIBDIR=\\\"/usr/lib/openvpn\\\"" ./configure \
+    --prefix=/usr \
+    --enable-password-save \
+    --mandir=/usr/share/man \
+    --enable-iproute2
+  make
+
+  # Build plugins
+  for plug in auth-pam down-root; do
+    cd $srcdir/$pkgname-$pkgver/plugin/$plug
+    make
+  done
+}
+
+package() {
+  cd $srcdir/$pkgname-$pkgver
+  # Install openvpn
+  make DESTDIR=$pkgdir install
+  install -d -m755 $pkgdir/etc/openvpn
+  # Install examples
+  install -d -m755 $pkgdir/usr/share/openvpn
+  cp -r sample-config-files $pkgdir/usr/share/openvpn/examples
+  find $pkgdir/usr/share/openvpn -type f -exec chmod 644 {} \;
+  find $pkgdir/usr/share/openvpn -type d -exec chmod 755 {} \;
+  # Install license
+  install -D -m644 COPYING $pkgdir/usr/share/licenses/$pkgname/COPYING
+  # Install plugins
+  for plug in auth-pam down-root; do
+    cd $srcdir/$pkgname-$pkgver/plugin/$plug
+    install -D -m755 openvpn-$plug.so $pkgdir/usr/lib/openvpn/openvpn-$plug.so
+    cd -
+  done
+  # Install contrib
+  install -d -m755 $pkgdir/usr/share/openvpn/contrib
+  cp -r contrib $pkgdir/usr/share/openvpn
+  # Install easy-rsa
+  cd $srcdir/$pkgname-$pkgver
+  make -C easy-rsa/2.0 install DESTDIR=$pkgdir PREFIX=usr/share/openvpn/easy-rsa
+  rm -f ${pkgdir}/usr/share/openvpn/easy-rsa/openssl-0.9.?.cnf
+  # Install rc scripts
+  install -D -m755 $srcdir/openvpn.rc $pkgdir/etc/rc.d/openvpn
+  install -D -m755 $srcdir/openvpn-tapdev.rc $pkgdir/etc/rc.d/openvpn-tapdev
+  install -D -m644 $srcdir/openvpn-tapdev.conf $pkgdir/etc/conf.d/openvpn-tapdev
+}
diff --git a/testing/openvpn/openvpn-tapdev.conf b/testing/openvpn/openvpn-tapdev.conf
new file mode 100644
index 000000000..afa5586dd
--- /dev/null
+++ b/testing/openvpn/openvpn-tapdev.conf
@@ -0,0 +1,12 @@
+#
+# /etc/conf.d/openvpn-tapdev
+#
+# Place openvpn-tapdev before network into your DAEMONS array
+# This will create permanent tap devices which you can use for bridging
+#
+# Example:
+# TAPDEVS="work home"
+# Will create two tap devices "work" and "home"
+#
+
+TAPDEVS=""
diff --git a/testing/openvpn/openvpn-tapdev.rc b/testing/openvpn/openvpn-tapdev.rc
new file mode 100755
index 000000000..2c51f8248
--- /dev/null
+++ b/testing/openvpn/openvpn-tapdev.rc
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+. /etc/rc.conf
+. /etc/rc.d/functions
+
+. /etc/conf.d/openvpn-tapdev
+
+case "$1" in
+  start)
+    stat_busy "Creating tap devices for OpenVPN ... "
+    success=0
+    for tapdev in ${TAPDEVS}; do
+      stat_append "${tapdev} "
+      /usr/sbin/openvpn --mktun --dev-type tap --dev ${tapdev} >/dev/null 2>&1 || success=$?
+    done
+    if [ $success -eq 0 ]; then
+      add_daemon openvpn-tapdev
+      stat_done
+    else
+      stat_fail
+    fi
+    ;;
+  stop)
+    stat_busy "Destroying tap devices for OpenVPN ..."
+    for tapdev in ${TAPDEVS}; do
+      stat_append "${tapdev} "
+      /usr/sbin/openvpn --rmtun --dev-type tap --dev ${tapdev} >/dev/null 2>&1 || success=$?
+    done
+    rm_daemon openvpn-tapdev
+    stat_done
+    ;;
+  restart)
+    $0 stop
+    sleep 1
+    $0 start
+    ;;
+  *)
+    echo "usage: $0 {start|stop|restart}"  
+esac
+exit 0
diff --git a/testing/openvpn/openvpn.rc b/testing/openvpn/openvpn.rc
new file mode 100755
index 000000000..96c28b641
--- /dev/null
+++ b/testing/openvpn/openvpn.rc
@@ -0,0 +1,43 @@
+#!/bin/bash
+
+. /etc/rc.conf
+. /etc/rc.d/functions
+
+CFGDIR="/etc/openvpn"
+STATEDIR="/var/run/openvpn"
+
+case "$1" in
+  start)
+    stat_busy "Starting OpenVPN ... "
+    success=0
+    mkdir -p "${STATEDIR}"
+    for cfg in "${CFGDIR}"/*.conf; do
+      stat_append "$(basename "${cfg}" .conf) "
+      /usr/sbin/openvpn --daemon --writepid "${STATEDIR}"/"$(basename "${cfg}" .conf)".pid --cd "${CFGDIR}" --config "${cfg}" || success=$?
+    done
+    if [ $success -eq 0 ]; then
+      add_daemon openvpn
+      stat_done
+    else
+      stat_fail
+    fi
+    ;;
+  stop)
+    stat_busy "Stopping OpenVPN ..."
+    for pidfile in "${STATEDIR}"/*.pid; do
+      stat_append "$(basename "${pidfile}" .pid) "
+      kill $(cat "${pidfile}" 2>/dev/null) 2>/dev/null
+      rm -f "${pidfile}"
+    done
+    rm_daemon openvpn
+    stat_done
+    ;;
+  restart)
+    $0 stop
+    sleep 1
+    $0 start
+    ;;
+  *)
+    echo "usage: $0 {start|stop|restart}"  
+esac
+exit 0