cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
125,429 Commits 1 Branch 0 Tags
Commit Graph

91 Commits

Author SHA1 Message Date
jca
9b9ee90826 Pushed upstream 2017-11-05 01:09:28 +00:00
jca
ce24cf2b43 Uncomment and hook up the mbedtls FLAVOR 
Seems to work well light testing.  Requested earlier by sthen@ and
ajacoutot@
 2017-10-26 08:22:36 +00:00
jca
f007244af6 Re-disable the mbedtls flavor by default 
sthen@ and ajacoutot@ suggested to hook up this flavor, but I'd feel
better is we first updated our mbedtls port (mbedtls-2.6.0 doesn't
build out of the box).
 2017-10-19 00:55:02 +00:00
jca
0af9eed525 --enable-password-save is ignored (it is now the default) 2017-10-18 19:26:22 +00:00
jca
af9dec8e72 Uncomment mbedtls (formerly polarssl) FLAVOR 2017-10-18 19:24:44 +00:00
jca
18a679f3df Correctly print time_t, fixes a crash on arm (and probably i386) 2017-10-18 18:41:45 +00:00
jca
9ba97f6bee SECURITY update to openvpn-2.4.4 
Among other changes, fix for

o CVE-2017-12166: out of bounds write in key-method 1
  https://community.openvpn.net/openvpn/wiki/CVE-2017-12166

ok sthen@
 2017-09-29 16:36:23 +00:00
jca
b4c7ab72a1 Switch to self-hosted tarballs 
Upstream seems to serve two versions of the 2.4.3 tarball (issues with
cloudflare ?).
 2017-06-21 19:01:23 +00:00
jca
a2403ca8e7 SECURITY update to openvpn-2.4.3 
Fixes for:
- CVE-2017-7508 Remotely-triggerable ASSERT() on malformed IPv6 packet
- CVE-2017-7520 Pre-authentication remote crash/information disclosure
  for clients
- CVE-2017-7521 Potential double-free in --x509-alt-username
- CVE-2017-7512 Remote-triggerable memory leaks
- CVE-2017-7522 Post-authentication remote DoS when using
  the --x509-track option
- Null-pointer dereference in establish_http_proxy_passthru()

Full description at
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243

This update kills some of our patches that were committed upstream.
Similar diff proposed by pirofti@, ok pirofti@ stsp@
 2017-06-21 12:51:08 +00:00
jca
acedfd1692 Pushed upstream. 2017-06-11 12:15:50 +00:00
jca
d372ba1d90 Add support for non-0 routing tables 
Patch from Steven McDonald, already committed upstream.
 2017-05-21 16:12:43 +00:00
jca
c750a780c9 openvpn-plugin.h now makes use of size_t, so include stddef.h 
Unbreaks openvpn-auth-ldap.  Reported by naddy@
 2017-05-15 14:30:56 +00:00
danj
8528c2492a Security update to openvpn-2.4.2 
OK gonzalo@ jca@ (maitainer)
 2017-05-14 16:43:33 +00:00
stsp
63ba77727a Fix unaligned access in openvpn to unbreak it on sparc64 and such platforms. 
ok jca@ uwe@
 2017-04-16 20:14:17 +00:00
jca
db7b1ffac3 Update to openvpn-2.4.1 
ok danj@
 2017-03-28 22:16:37 +00:00
kurt
ff1a692232 Add missing header to fix this message in the log: 
NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
okay jca@
 2017-02-16 21:16:55 +00:00
jca
0720b0eab1 Update to openvpn-2.4.0 
Lots of new features and changes, see

  https://github.com/OpenVPN/openvpn/blob/master/Changes.rst

Tests by danj@ and Bryan Linton, ok danj@
 2017-02-06 10:22:35 +00:00
jca
458f27b328 Update to openvpn-2.3.14 
Kill most of our tun patches go away in the process.
 2016-12-18 18:58:01 +00:00
jca
a76ebfb541 Take maintainership 
Discussed with sthen@
 2016-11-29 10:10:44 +00:00
jca
5acccec629 Update to openvpn-2.3.13 
ChangeLog at https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23

ok sthen@ (maintainer)
 2016-11-29 09:22:02 +00:00
jca
147a8db288 Add a hack for topology subnet setups and bump REVISION. 
Previously route insertion failed with ELOOP because the gateway wasn't
directly connected.

ok sthen@
 2016-11-18 16:21:44 +00:00
jca
df79334763 More useful HOMEPAGE 
ok sthen@
 2016-11-18 16:19:29 +00:00
jca
6da368ecef Add support for on-link routes. 
ok sthen@
 2016-11-18 16:18:52 +00:00
jca
090e506629 We have gcc >= 3 on all platforms now. 2016-11-18 16:17:58 +00:00
sthen
402475cd62 update to openvpn-2.3.11 2016-05-14 13:14:46 +00:00
sthen
c2e2dca563 mention tap in openvpn readme 2016-04-25 18:21:09 +00:00
sthen
3a90f883c0 remove a couple of PFRAG.shared 2016-03-17 11:44:56 +00:00
sthen
3bd9321a86 update to openvpn-2.3.10 
patch for OPENSSL_VERSION_NUMBER check
 2016-01-06 11:03:21 +00:00
sthen
6d6b942d3e update to openvpn-2.3.9 2015-12-18 02:17:45 +00:00
sthen
24848258fb Adjust OpenVPN following the split of tun(4)'s "link0" mode into tap(4). 2015-10-23 15:10:36 +00:00
sthen
748fa28250 fix mis-merge in previous, had a link0 which should have been -link0 2015-09-16 09:07:30 +00:00
sthen
a489604d37 Consolidate OpenVPN's ifconfig tun handling for NetBSD/OpenBSD. noop for now, 
makes it easier to understand tun/tap handling. Thanks Ralf Hortsmann and
Johan Huldtgren for testing.
 2015-09-16 08:45:15 +00:00
sthen
a14f2f481a update to openvpn-2.3.8 2015-09-08 19:10:55 +00:00
sthen
94101c9c79 update to openvpn-2.3.7 
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23
 2015-06-25 08:46:49 +00:00
sthen
f2c79a6724 update to OpenVPN 2.3.6, fixing some assertion crashes (DoS) 
new version pointed out by dhill
 2014-12-01 21:43:39 +00:00
sthen
36f9ce8fc1 update to openvpn 2.3.5, also tested by Mattieu Baptiste, thanks! 2014-11-18 16:18:56 +00:00
sthen
2d15118f43 Fix mis-merge in last commit, restoring some route operations which got broken. 
Thanks to Mattieu Baptiste for reporting the problem and testing the fix.
 2014-10-21 17:55:11 +00:00
sthen
429633c786 update to openvpn-2.3.4 2014-10-10 21:07:07 +00:00
espie
b9976e2b4d *really* disable things properly. 2014-04-18 19:08:12 +00:00
sthen
dc45035b82 add makefile parts dealing with PolarSSL support; not enabled yet as current 
OpenVPN versions are built against the 1.2 API
 2014-04-18 11:54:32 +00:00
sthen
ad372c9dcf bugfix update to OpenVPN 2.3.2 2014-01-09 22:42:43 +00:00
sthen
27f03b1c52 bump REVISION for any ports using route messages. regen some distinfos and 
remove unnecessary USE_GROFFs while there.
 2013-10-31 21:12:12 +00:00
bluhm
ecc8a9c2f8 OpenVPN copies part of the net/route.h header file into their route.c 
source file.  They cannot include it, because the kernel route
structure has a name conflict with the openvpn route structure.
The obvious solution is to rename the openvpn route.  According to
the sources, NetBSD and FreeBSD and Dragonfly also suffer from that.

This change is needed for an upcoming routing message change.  We
do not want to patch the port each time when we change the system
header file.

Test and OK sthen@
 2013-10-21 09:15:06 +00:00
sthen
5d78d4f161 Reinstate route.c patch, lost in the update to 2.3.1 where upstream rearranged 
files. Found the hard way by, and diff from, Yoshihisa Matsushita.
 2013-05-01 15:40:33 +00:00
sthen
2058adb213 remove the (minimal) rtable support; shortly after it was added to the 
OpenVPN port, "exec" was added to route(8) which provides the same support
in a more general way. use a command like this instead:

"route -T <table#> exec openvpn -daemon ..."
 2013-04-23 09:31:33 +00:00
benoit
9195a3f3de remove fkr@ as maintainer per his request 2013-04-22 18:39:34 +00:00
sthen
1ce4070bea update to OpenVPN 2.31, from Bjorn Ketelaars, maintainer timeout 2013-04-20 16:22:55 +00:00
espie
eae66e4a7b PERMIT_* / REGRESS->TEST sweep 2013-03-11 11:35:43 +00:00
sthen
88ea72915d Change SEPARATE_BUILD=(concurrent|simple) to Yes; bsd.port.mk doesn't 
make a distinction between these.  ok aja@ dcoppa@
 2012-03-29 13:38:12 +00:00
jsing
3113bc5481 Include openvpn-plugin.h in openvpn package. 
ok sthen@
 2012-01-27 12:30:28 +00:00