update to ocserv-0.11.9
This commit is contained in:
sthen
parent
ac072202fe
commit
73f9dd3b20
@ -1,9 +1,8 @@
|
||||
# $OpenBSD: Makefile,v 1.24 2017/06/03 14:28:40 schwarze Exp $
|
||||
# $OpenBSD: Makefile,v 1.25 2017/10/10 09:20:48 sthen Exp $
|
||||
|
||||
COMMENT= server implementing the AnyConnect SSL VPN protocol
|
||||
|
||||
DISTNAME= ocserv-0.11.8
|
||||
REVISION= 0
|
||||
DISTNAME= ocserv-0.11.9
|
||||
EXTRACT_SUFX= .tar.xz
|
||||
|
||||
CATEGORIES= net
|
||||
|
||||
@ -1,2 +1,2 @@
|
||||
SHA256 (ocserv-0.11.8.tar.xz) = c1ubiKAE1byKkdQJPQfqDiyfrDcKNdhL7Mw5TtJEIMc=
|
||||
SIZE (ocserv-0.11.8.tar.xz) = 774108
|
||||
SHA256 (ocserv-0.11.9.tar.xz) = I+J0/WoORN+Q7reSdrEFf2UIorSoQs4vWJqDU6USaOs=
|
||||
SIZE (ocserv-0.11.9.tar.xz) = 781948
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
$OpenBSD: patch-configure_ac,v 1.7 2017/05/03 07:39:55 sthen Exp $
|
||||
$OpenBSD: patch-configure_ac,v 1.8 2017/10/10 09:20:48 sthen Exp $
|
||||
Index: configure.ac
|
||||
--- configure.ac.orig
|
||||
+++ configure.ac
|
||||
@@ -153,7 +153,7 @@ if test "$test_for_geoip" = yes;then
|
||||
@@ -162,7 +162,7 @@ if test "$test_for_geoip" = yes;then
|
||||
fi
|
||||
|
||||
have_readline=no
|
||||
|
||||
@ -1,20 +1,11 @@
|
||||
$OpenBSD: patch-doc_sample_config,v 1.17 2017/05/03 07:39:55 sthen Exp $
|
||||
$OpenBSD: patch-doc_sample_config,v 1.18 2017/10/10 09:20:48 sthen Exp $
|
||||
|
||||
no seccomp, gssapi
|
||||
|
||||
Index: doc/sample.config
|
||||
--- doc/sample.config.orig
|
||||
+++ doc/sample.config
|
||||
@@ -1,7 +1,7 @@
|
||||
# User authentication method. Could be set multiple times and in
|
||||
# that case all should succeed. To enable multiple methods use
|
||||
# multiple auth directives. Available options: certificate,
|
||||
-# plain, pam, radius, gssapi.
|
||||
+# plain, pam, radius.
|
||||
#
|
||||
# Note that authentication methods cannot be changed with reload.
|
||||
|
||||
@@ -32,15 +32,6 @@
|
||||
@@ -34,15 +34,6 @@
|
||||
# Acct-Interim-Interval, and Session-Timeout values.
|
||||
#
|
||||
# See doc/README-radius.md for the supported radius configuration atributes.
|
||||
@ -30,7 +21,7 @@ Index: doc/sample.config
|
||||
|
||||
#auth = "pam"
|
||||
#auth = "pam[gid-min=1000]"
|
||||
@@ -53,8 +44,6 @@ auth = "plain[passwd=./sample.passwd]"
|
||||
@@ -55,8 +46,6 @@ auth = "plain[passwd=./sample.passwd]"
|
||||
# for authentication. That is, if set, any of the methods enabled
|
||||
# will be sufficient to login.
|
||||
#enable-auth = "certificate"
|
||||
@ -39,7 +30,7 @@ Index: doc/sample.config
|
||||
|
||||
# Accounting methods available:
|
||||
# radius: can be combined with any authentication method, it provides
|
||||
@@ -97,8 +86,8 @@ udp-port = 443
|
||||
@@ -99,8 +88,8 @@ udp-port = 443
|
||||
|
||||
# The user the worker processes will be run as. It should be
|
||||
# unique (no other services run as this user).
|
||||
@ -50,7 +41,7 @@ Index: doc/sample.config
|
||||
|
||||
# socket file used for IPC with occtl. You only need to set that,
|
||||
# if you use more than a single servers.
|
||||
@@ -107,7 +96,7 @@ run-as-group = daemon
|
||||
@@ -109,7 +98,7 @@ run-as-group = daemon
|
||||
# socket file used for server IPC (worker-main), will be appended with .PID
|
||||
# It must be accessible within the chroot environment (if any), so it is best
|
||||
# specified relatively to the chroot directory.
|
||||
@ -59,7 +50,7 @@ Index: doc/sample.config
|
||||
|
||||
# The default server directory. Does not require any devices present.
|
||||
#chroot-dir = /path/to/chroot
|
||||
@@ -161,16 +150,6 @@ ca-cert = ../tests/certs/ca.pem
|
||||
@@ -163,16 +152,6 @@ ca-cert = ../tests/certs/ca.pem
|
||||
### failures during the reloading time.
|
||||
|
||||
|
||||
@ -76,7 +67,7 @@ Index: doc/sample.config
|
||||
# A banner to be displayed on clients
|
||||
#banner = "Welcome"
|
||||
|
||||
@@ -320,9 +299,8 @@ min-reauth-time = 300
|
||||
@@ -322,9 +301,8 @@ min-reauth-time = 300
|
||||
# Banning clients in ocserv works with a point system. IP addresses
|
||||
# that get a score over that configured number are banned for
|
||||
# min-reauth-time seconds. By default a wrong password attempt is 10 points,
|
||||
@ -88,7 +79,7 @@ Index: doc/sample.config
|
||||
#
|
||||
# Score banning cannot be reliably used when receiving proxied connections
|
||||
# locally from an HTTP server (i.e., when listen-clear-file is used).
|
||||
@@ -336,7 +314,6 @@ ban-reset-time = 1200
|
||||
@@ -338,7 +316,6 @@ ban-reset-time = 1200
|
||||
# In case you'd like to change the default points.
|
||||
#ban-points-wrong-password = 10
|
||||
#ban-points-connection = 1
|
||||
@ -96,7 +87,7 @@ Index: doc/sample.config
|
||||
|
||||
# Cookie timeout (in seconds)
|
||||
# Once a client is authenticated he's provided a cookie with
|
||||
@@ -403,7 +380,7 @@ rekey-method = ssl
|
||||
@@ -405,7 +382,7 @@ rekey-method = ssl
|
||||
use-occtl = true
|
||||
|
||||
# PID file. It can be overridden in the command line.
|
||||
@ -105,7 +96,7 @@ Index: doc/sample.config
|
||||
|
||||
# Set the protocol-defined priority (SO_PRIORITY) for packets to
|
||||
# be sent. That is a number from 0 to 6 with 0 being the lowest
|
||||
@@ -518,6 +495,11 @@ no-route = 192.168.5.0/255.255.255.0
|
||||
@@ -520,6 +497,11 @@ no-route = 192.168.5.0/255.255.255.0
|
||||
# any other routes. In case of defaultroute, the no-routes are restricted.
|
||||
# All the routes applied by ocserv can be reverted using /etc/ocserv/ocserv-fw
|
||||
# --removeall. This option can be set globally or in the per-user configuration.
|
||||
@ -117,7 +108,7 @@ Index: doc/sample.config
|
||||
#restrict-user-to-routes = true
|
||||
|
||||
# This option implies restrict-user-to-routes set to true. If set, the
|
||||
@@ -590,23 +572,6 @@ no-route = 192.168.5.0/255.255.255.0
|
||||
@@ -592,23 +574,6 @@ no-route = 192.168.5.0/255.255.255.0
|
||||
# and '%{G}', if present will be replaced by the username and group name.
|
||||
#proxy-url = http://example.com/
|
||||
#proxy-url = http://example.com/%{U}/
|
||||
|
||||
@ -1,7 +1,8 @@
|
||||
$OpenBSD: patch-tests_data_test1_passwd,v 1.1 2016/08/13 21:08:07 sthen Exp $
|
||||
--- tests/data/test1.passwd.orig Mon Jul 11 09:17:13 2016
|
||||
+++ tests/data/test1.passwd Fri Aug 12 14:30:00 2016
|
||||
@@ -1,7 +1,7 @@
|
||||
$OpenBSD: patch-tests_data_test1_passwd,v 1.2 2017/10/10 09:20:48 sthen Exp $
|
||||
Index: tests/data/test1.passwd
|
||||
--- tests/data/test1.passwd.orig
|
||||
+++ tests/data/test1.passwd
|
||||
@@ -1,8 +1,8 @@
|
||||
-test:tost,group1, group2 , group3:$5$i6SNmLDCgBNjyJ7q$SZ4bVJb7I/DLgXo3txHBVohRFBjOtdbxGQZp.DOnrA.
|
||||
-sp@c/al:*:$5$kDNrlGibUoktiQ0n$mE/ys1XehvvoWQiSqAfB.Aw1WbAYayMV/ZYTX/6IlkC
|
||||
-test2:*:$5$QB3iB31ID49rW6kr$wSvbsDTzUPw51hqWTgvac9LyJ6HLv2HYyxh2Ud4v.x1
|
||||
@ -16,3 +17,4 @@ $OpenBSD: patch-tests_data_test1_passwd,v 1.1 2016/08/13 21:08:07 sthen Exp $
|
||||
+test4:*:$2b$08$ke7XBTm5uSybWnDAfanujee2uiNQqE2sAahftS21r15jr7S45vHF.
|
||||
+test5:*:$2b$08$XBZ6EzdfZeDKwCAKEhW1gOuk8KCHTP8H1DGV9jAbs5puoa1IwC8tS
|
||||
+empty:*:$2b$08$zEZ353QW.QSDhZ28DCLzM.Wqg6QKEfODnvWIfOluoijAn8vI/37qK
|
||||
locked:tost,group1, group2 , group3:!$5$i6SNmLDCgBNjyJ7q$SZ4bVJb7I/DLgXo3txHBVohRFBjOtdbxGQZp.DOnrA.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user