Bundler: verify openvpn tag signature.

Besides using a specific signed tag to compile OpenVPN we should verify that the signature matches. See https://github.com/leapcode/bitmask_bundler/pull/6#discussion_r21374502

NOTE: we may want to do the same for every cloned repo.

(from redmine: created on 2014-12-29, relates #6297 (closed))