aboutsummaryrefslogtreecommitdiff
path: root/security/openvpn/Makefile
Commit message (Collapse)AuthorAgeFilesLines
* security/openvpn: update to bugfix release 2.6.10Matthias Andree2024-03-301-1/+1
| | | | | | | Changelog: https://github.com/OpenVPN/openvpn/blob/v2.6.10/Changes.rst#overview-of-changes-in-2610 Note that the security-related fixes only pertain to the Windows operating system.
* security/openvpn: update to 2.6.9 bug-fix releaseMatthias Andree2024-02-131-2/+2
| | | | | ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.9/Changes.rst#overview-of-changes-in-269 MFH: 2024Q1
* *: Move manpages to share/manHelge Oldach2024-01-301-1/+2
| | | | Approved by: portmgr (blanket)
* */*: Sunset 12.4-RELEASE/12-STABLE from ports treeMuhammad Moinur Rahman2023-12-311-1/+0
| | | | | | | | | | | | | | | | | | | | | - Remove all references to defunct ARCH arm - Remove all references to defunct ARCH sparc64 - Remove x11-drivers/xf86-video-sunffb which requires defunct sparc64 ARCH - Remove sysutils/afbinit requires defunct sparc64 ARCH - Remove all references to bktr driver - Remove all references to defunct FreeBSD_12 - Remove all references to OSVERSION/OSREL corresponding to 12 - Remove conditionals in Mk/Uses/cabal.mk - Remove sparc reference from Mk/Uses/qt-dist.mk - Remove BROKEN_sparc64/NOT_FOR_ARCH=sparc64 - Remove BROKEN_FreeBSD_12* from: - Remove OpenSSL patches from: - Remove conditional flags for OSVERSION >= 1300000 to fixed flags. Also move conditional flags for non sparc64/arm ARCH to fixed flags. Reviewed by: brooks, jbeich, rene, salvadore Differential Revision: https://reviews.freebsd.org/D42068
* security/openvpn: add missing 2.6.x documentation,Matthias Andree2023-11-221-3/+6
| | | | | | | | | | ...for instance, README.dco.md but also others. Update DCO help text to refer to this .md file. Found while debugging PR: 275206 MFH: 2023Q4
* security/openvpn: update to 2.6.8 bug-fix releaseMatthias Andree2023-11-211-2/+2
| | | | | | | | hopefully fixes... PR: 275206 Changelog: https://github.com/OpenVPN/openvpn/blob/v2.6.8/Changes.rst#overview-of-changes-in-268 MFH: 2023Q4
* security/openvpn: fix regressions and some documentation bitsMatthias Andree2023-11-151-1/+1
| | | | | | | | | | | | | | | | | Add two patches cherry-picked from upstream Git repository: OpenVPN 2.6.7 regressed and experienced crashes in some situations, https://github.com/OpenVPN/openvpn/issues/449 Reported by: Vladimir Druzenko (vvd@) Reported by: Patrick Cable (upstream) Obtained from: https://github.com/openvpn/openvpn/commit/b90ec6dabfb151dd93ef00081bbc3f55e7d3450f Also, some typos in the documentation are fixed, Obtained from: https://github.com/OpenVPN/openvpn/commit/457f468a76f324a14b1236988cc5f5a95f14abf5 Bump PORTREVISION. PR: 275055 MFH: 2023Q4
* security/openvpn: security update to 2.6.7Brad Davis2023-11-131-1/+1
| | | | | | | | PR: 275055 Changelog: https://github.com/OpenVPN/openvpn/blob/v2.6.7/Changes.rst#overview-of-changes-in-267 Security: CVE-2023-46849 Security: CVE-2023-46850 MFH: 2023Q4
* security/openvpn: bugfix update → 2.6.6Matthias Andree2023-08-151-1/+1
| | | | Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.6/Changes.rst#overview-of-changes-in-266
* security/openvpn: bugfix update to 2.6.5Matthias Andree2023-06-161-1/+1
| | | | ChangeLog: https://github.com/OpenVPN/openvpn/blob/release/2.6/Changes.rst#overview-of-changes-in-265
* security/openvpn: update to 2.6.4Matthias Andree2023-05-161-1/+1
| | | | | | https://github.com/OpenVPN/openvpn/blob/v2.6.4/Changes.rst#overview-of-changes-in-264 MFH: 2023Q2
* security/openvpn: bugfix update to v2.6.3Matthias Andree2023-04-151-1/+1
| | | | | | | | | I separately verified the OpenVPN signature and ran more tests, which the PR did not announce if it did. Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.6/Changes.rst#overview-of-changes-in-263 PR: 270831 MFH: 2023Q2
* security/openvpn: update to new upstream release 2.6.2Matthias Andree2023-03-281-1/+1
| | | | | | | Changes: https://github.com/OpenVPN/openvpn/blob/release/2.6/Changes.rst#overview-of-changes-in-262 Note that --inactive does not yet work on FreeBSD.
* security/openvpn: remove leftover commentMatthias Andree2023-03-121-1/+0
|
* security/openvpn: remove header file that now ships with 2.6.1 tarballMatthias Andree2023-03-081-2/+1
| | | | | Since this is identical to what's in the tarball, no PORTREVISION bump is required.
* security/openvpn: update to v2.6.1Matthias Andree2023-03-081-1/+1
| | | | Changelog: https://github.com/OpenVPN/openvpn/blob/v2.6.1/Changes.rst
* security/openvpn: default-enable DCOMatthias Andree2023-03-041-1/+1
| | | | | | | (on FreeBSD but not 12 and 13, because the relevant if_ovpn module is to appear in FreeBSD 14.) Reported by: Kristof Provost (kp@)
* security/openvpn*: update to 2.6.0, keep openvpn25Matthias Andree2023-01-271-10/+20
| | | | | | | | | | | | | | | | | | | | | - copy openvpn to openvpn25, mark as deprecated and to expire March 31 - update openvpn to openvpn 2.6.0, highlights from Frank Lichtenheld's release announcement e-mail, slightly edited: * Data Channel Offload (DCO) kernel acceleration support for Windows, Linux, and FreeBSD [14]. * OpenSSL 3 support * Improved handling of tunnel MTU, including support for pushable MTU. * Outdated cryptographic algorithms disabled by default, but there are options to override if necessary. * Reworked TLS handshake, making OpenVPN immune to replay-packet state exhaustion attacks. * Added --peer-fingerprint mode for a more simplistic certificate setup and verification. * Improved protocol negotiation, leading to faster connection setup. ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.0/Changes.rst
* security/openvpn: update to 2.5.8Matthias Andree2022-10-281-6/+10
| | | | Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-258
* security/openvpn: fix up ${name}_flags optionVVD2022-10-041-1/+1
| | | | | | was broken in previous commit; bumping PORTREVISION again PR: 266796
* security/openvpn: support ${name}_FLAGS0x1eef2022-10-031-1/+1
| | | | | | and bump PORTREVISION. PR: 266796
* Add WWW entries to port MakefilesStefan Eßer2022-09-071-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It has been common practice to have one or more URLs at the end of the ports' pkg-descr files, one per line and prefixed with "WWW:". These URLs should point at a project website or other relevant resources. Access to these URLs required processing of the pkg-descr files, and they have often become stale over time. If more than one such URL was present in a pkg-descr file, only the first one was tarnsfered into the port INDEX, but for many ports only the last line did contain the port specific URL to further information. There have been several proposals to make a project URL available as a macro in the ports' Makefiles, over time. This commit implements such a proposal and moves one of the WWW: entries of each pkg-descr file into the respective port's Makefile. A heuristic attempts to identify the most relevant URL in case there is more than one WWW: entry in some pkg-descr file. URLs that are not moved into the Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr files in order to preserve them. There are 1256 ports that had no WWW: entries in pkg-descr files. These ports will not be touched in this commit. The portlint port has been adjusted to expect a WWW entry in each port Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as deprecated. Approved by: portmgr (tcberner)
* security: remove 'Created by' linesTobias C. Berner2022-07-201-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A big Thank You to the original contributors of these ports: * <ports@c0decafe.net> * Aaron Dalton <aaron@FreeBSD.org> * Adam Weinberger <adamw@FreeBSD.org> * Ade Lovett <ade@FreeBSD.org> * Aldis Berjoza <aldis@bsdroot.lv> * Alex Dupre <ale@FreeBSD.org> * Alex Kapranoff <kappa@rambler-co.ru> * Alex Samorukov <samm@freebsd.org> * Alexander Botero-Lowry <alex@foxybanana.com> * Alexander Kriventsov <avk@vl.ru> * Alexander Leidinger <netchild@FreeBSD.org> * Alexander Logvinov <ports@logvinov.com> * Alexander Y. Grigoryev <alexander.4mail@gmail.com> * Alexey Dokuchaev <danfe@FreeBSD.org> * Alfred Perlstein * Alfred Perlstein <alfred@FreeBSD.org> * Anders Nordby <anders@FreeBSD.org> * Anders Nordby <anders@fix.no> * Andreas Klemm <andreas@klemm.gtn.com> * Andrew Lewis <freeghb@gmail.com> * Andrew Pantyukhin <infofarmer@FreeBSD.org> * Andrew St. Jean <andrew@arda.homeunix.net> * Anes Mukhametov <anes@anes.su> * Antoine Brodin <antoine@FreeBSD.org> * Anton Berezin <tobez@FreeBSD.org> * Antonio Carlos Venancio Junior (<antonio@inf.ufsc.br>) * Antonio Carlos Venancio Junior <antonio@inf.ufsc.br> * Ashish SHUKLA <ashish@FreeBSD.org> * Attila Nagy <bra@fsn.hu> * Autrijus Tang <autrijus@autrijus.org> * Axel Rau <axel.rau@chaos1.de> * Babak Farrokhi <farrokhi@FreeBSD.org> * Ben Woods <woodsb02@FreeBSD.org> * Bernard Spil <brnrd@FreeBSD.org> * Bernard Spil <brnrd@freebsd.org> * Blaz Zupan <blaz@si.FreeBSD.org> * Bob Hockney <zeus@ix.netcom.com> * Boris Kochergin <spawk@acm.poly.edu> * Brendan Molloy <brendan+freebsd@bbqsrc.net> * Bruce M Simpson * Bruce M Simpson <bms@FreeBSD.org> * Bruce M. Simpson <bms@FreeBSD.org> * Carlo Strub * Carlo Strub <cs@FreeBSD.org> * Carlos J Puga Medina <cpm@FreeBSD.org> * Carlos J Puga Medina <cpm@fbsd.es> * Charlie Root <se@FreeBSD.org> * Cheng-Lung Sung <clsung@FreeBSD.org> * Cheng-Lung Sung <clsung@dragon2.net> * Chie Taguchi <taguchi.ch@gmail.com> * Chris Cowart <ccowart@rescomp.berkeley.edu> * Chris D. Faulhaber <jedgar@FreeBSD.org> * Christer Edwards <christer.edwards@gmail.com> * Christian Lackas * Christopher Hall <hsw@bitmark.com> * Clement Laforet <sheepkiller@cultdeadsheep.org> * Clive Lin <clive@CirX.ORG> * Colin Percival * Cory McIntire (loon@noncensored.com) * Craig Leres <leres@FreeBSD.org> * Cristiano Deana <cris@gufi.org> * Cy Schubert (Cy.Schubert@uumail.gov.bc.ca) * Cy Schubert <Cy.Schubert@uumail.gov.bc.ca> * Cy Schubert <cy@FreeBSD.org> * Damian Gerow <dgerow@afflictions.org> * Damien Bobillot * Dan Langille * Dan Langille <dan@freebsddiary.org> * Dan Langille <dvl@FreeBSD.org> * Dan Langille <dvl@freebsd.org> * Dan Langille <dvl@sourcefire.com> * Daniel Kahn Gillmor <dkg@fifthhorseman.net> * Daniel Roethlisberger <daniel@roe.ch> * Danilo Egea Gondolfo <danilo@FreeBSD.org> * Danton Dorati <urisso@bsd.com.br> * Dave McKay <dave@mu.org> * David E. Thiel <lx@FreeBSD.org> * David O'Brien (obrien@NUXI.com) * David O'Brien <obrien@FreeBSD.org> * David Thiel <lx@redundancy.redundancy.org> * Dean Hollister <dean@odyssey.apana.org.au> * Denis Shaposhnikov <dsh@vlink.ru> * Dereckson <dereckson@gmail.com> * Dirk Froemberg <dirk@FreeBSD.org> * Ditesh Shashikant Gathani <ditesh@gathani.org> * Dom Mitchell <dom@happygiraffe.net> * Dominic Marks <dominic.marks@btinternet.com> * Don Croyle <croyle@gelemna.org> * Douglas Thrift <douglas@douglasthrift.net> * Edson Brandi <ebrandi@fugspbr.org> * Edwin Groothuis <edwin@mavetju.org> * Ekkehard 'Ekki' Gehm <gehm@physik.tu-berlin.de> * Emanuel Haupt <ehaupt@FreeBSD.org> * Emanuel Haupt <ehaupt@critical.ch> * Eric Crist <ecrist@secure-computing.net> * Erwin Lansing <erwin@FreeBSD.org> * Eugene Grosbein <eugen@FreeBSD.org> * Fabian Keil <fk@fabiankeil.de> * Felix Palmen <felix@palmen-it.de> * Florent Thoumie <flz@xbsd.org> * Foxfair Hu <foxfair@FreeBSD.org> * Frank Laszlo <laszlof@vonostingroup.com> * Frank Wall <fw@moov.de> * Franz Bettag <franz@bett.ag> * Gabor Kovesdan * Gabor Kovesdan <gabor@FreeBSD.org> * Gabriel M. Dutra <0xdutra@gmail.com> * Gary Hayers <Gary@Hayers.net> * Gasol Wu <gasol.wu@gmail.com> * Gea-Suan Lin <gslin@gslin.org> * George Reid <greid@ukug.uk.freebsd.org> * George Reid <services@nevernet.net> * Greg Larkin <glarkin@FreeBSD.org> * Greg V <greg@unrelenting.technology> * Gregory Neil Shapiro <gshapiro@FreeBSD.org> * Grzegorz Blach <gblach@FreeBSD.org> * Guangyuan Yang <ygy@FreeBSD.org> * Hakisho Nukama <nukama@gmail.com> * Hammurabi Mendes <hmendes@brturbo.com> * Henk van Oers <hvo.pm@xs4all.nl> * Horia Racoviceanu <horia@racoviceanu.com> * Hung-Yi Chen <gaod@hychen.org> * Jaap Akkerhuis <jaap@NLnetLabs.nl> * Jaap Boender <jaapb@kerguelen.org> * Jacek Serwatynski <tutus@trynet.eu.org> * James FitzGibbon <jfitz@FreeBSD.org> * James Thomason <james@divide.org> * Jan-Peter Koopmann <Jan-Peter.Koopmann@seceidos.de> * Janky Jay <ek@purplehat.org> * Janos Mohacsi * Janos Mohacsi <janos.mohacsi@bsd.hu> * Jean-Yves Lefort <jylefort@brutele.be> * Jim Geovedi <jim@corebsd.or.id> * Jim Ohlstein <jim@ohlste.in> * Joe Clarke <marcus@marcuscom.com> * Joe Marcus Clarke <marcus@FreeBSD.org> * Johann Visagie <johann@egenetics.com> * Johann Visagie <wjv@FreeBSD.org> * John Ferrell <jdferrell3@yahoo.com> * John Hixson <jhixson@gmail.com> * John Polstra <jdp@polstra.com> * John W. O'Brien <john@saltant.com> * John-Mark Gurney <jmg@FreeBSD.org> * Jose Alonso Cardenas Marquez <acardenas@bsd.org.pe> * Joseph Benden <joe@thrallingpenguin.com> * Joshua D. Abraham <jabra@ccs.neu.edu> * Jov <amutu@amutu.com> * Jui-Nan Lin <jnlin@freebsd.cs.nctu.edu.tw> * Ka Ho Ng <khng300@gmail.com> * Kay Lehmann <kay_lehmann@web.de> * Keith J. Jones <kjones@antihackertoolkit.com> * Kevin Zheng <kevinz5000@gmail.com> * Kimura Fuyuki <fuyuki@hadaly.org> * Kimura Fuyuki <fuyuki@mj.0038.net> * Klayton Monroe <klm@uidzero.org> * Konstantin Menshikov <kostjnspb@yandex.ru> * Koop Mast <kwm@FreeBSD.org> * Kris Kennaway <kris@FreeBSD.org> * Kubilay Kocak <koobs@FreeBSD.org> * Kurt Jaeger <fbsd-ports@opsec.eu> * LEVAI Daniel <leva@ecentrum.hu> * Lars Engels <lme@FreeBSD.org> * Lars Thegler <lth@FreeBSD.org> * Laurent LEVIER <llevier@argosnet.com> * Luiz Eduardo R. Cordeiro * Lukas Slebodnik <lukas.slebodnik@intrak.sk> * Lukasz Komsta * Mageirias Anastasios <anastmag@gmail.com> * Marcel Prisi <marcel.prisi@virtua.ch> * Marcello Coutinho * Mario Sergio Fujikawa Ferreira <lioux@FreeBSD.org> * Mark Felder <feld@FreeBSD.org> * Mark Hannon <markhannon@optusnet.com.au> * Mark Murray <markm@FreeBSD.org> * Mark Pulford <mark@kyne.com.au> * Marko Njezic <sf@maxempire.com> * Martin Matuska <martin@tradex.sk> * Martin Matuska <mm@FreeBSD.org> * Martin Mersberger * Martin Wilke <miwi@FreeBSD.org> * Martti Kuparinen <martti.kuparinen@ericsson.com> * Mateusz Piotrowski <0mp@FreeBSD.org> * Matt <matt@xtaz.net> * Matt Behrens <matt@zigg.com> * Matthias Andree <mandree@FreeBSD.org> * Matthias Fechner <mfechner@FreeBSD.org> * Matthieu BOUTHORS <matthieu@labs.fr> * Maxim Sobolev <sobomax@FreeBSD.org> * Meno Abels <meno.abels@adviser.com> * Michael Haro <mharo@FreeBSD.org> * Michael Johnson <ahze@FreeBSD.org> * Michael Nottebrock <lofi@FreeBSD.org> * Michael Reifenberger <mr@FreeBSD.org> * Michael Schout <mschout@gkg.net> * Michal Bielicki <m.bielicki@llizardfs.com> * Michiel van Baak <michiel@vanbaak.eu * Mij <mij@bitchx.it> * Mike Heffner <mheffner@vt.edu> * Mikhail T. <m.tsatsenko@gmail.com> * Mikhail Teterin <mi@aldan.algebra.com> * Milan Obuch * Mosconi <mosconi.rmg@gmail.com> * Muhammad Moinur Rahman <5u623l20@gmail.com> * Mustafa Arif <ma499@doc.ic.ac.uk> * Neil Booth * Neil Booth <kyuupichan@gmail.com> * Nick Barkas <snb@threerings.net> * Nicola Vitale <nivit@FreeBSD.org> * Niels Heinen * Nikola Kolev <koue@chaosophia.net> * Nobutaka Mantani <nobutaka@FreeBSD.org> * Oliver Lehmann * Oliver Lehmann <oliver@FreeBSD.org> * Olivier Duchateau * Olivier Duchateau <duchateau.olivier@gmail.com> * Olli Hauer * Patrick Li <pat@databits.net> * Paul Chvostek <paul@it.ca> * Paul Schmehl <pauls@utdallas.edu> * Pavel I Volkov <pavelivolkov@googlemail.com> * Pete Fritchman <petef@databits.net> * Peter Ankerstal <peter@pean.org> * Peter Haight <peterh@sapros.com> * Peter Johnson <johnson.peter@gmail.com> * Peter Pentchev <roam@FreeBSD.org> * Petr Rehor <rx@rx.cz> * Philippe Audeoud <jadawin@tuxaco.net> * Philippe Rocques <phil@teaser.fr> * Piotr Kubaj <pkubaj@FreeBSD.org> * Piotr Kubaj <pkubaj@anongoth.pl> * Po-Chuan Hsieh <sunpoet@FreeBSD.org> * RaRa Rasputin <rasputin@submonkey.net> * Radim Kolar * Ralf Meister * Remington Lang <MrL0Lz@gmail.com> * Renaud Chaput <renchap@cocoa-x.com> * Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl> * Roland van Laar <roland@micite.net> * Romain Tartiere <romain@blogreen.org> * Roman Bogorodskiy * Roman Bogorodskiy <novel@FreeBSD.org> * Roman Shterenzon <roman@xpert.com> * Rong-En Fan <rafan@FreeBSD.org> * Ryan Steinmetz <zi@FreeBSD.org> * Sahil Tandon <sahil@tandon.net> * Sascha Holzleiter <sascha@root-login.org> * SeaD * Seamus Venasse <svenasse@polaris.ca> * Sean Greven <sean.greven@gmail.com> * Sebastian Schuetz <sschuetz@fhm.edu> * Sergei Kolobov <sergei@FreeBSD.org> * Sergei Kolobov <sergei@kolobov.com> * Sergei Vyshenski * Sergei Vyshenski <svysh.fbsd@gmail.com> * Sergey Skvortsov <skv@protey.ru> * Seth Kingsley <sethk@meowfishies.com> * Shaun Amott <shaun@inerd.com> * Simeon Simeonov <sgs@pichove.org> * Simon Dick <simond@irrelevant.org> * Sofian Brabez <sbrabez@gmail.com> * Stanislav Sedov <ssedov@mbsd.msk.ru> * Stefan Esser <se@FreeBSD.org> * Stefan Grundmann * Stefan Walter <sw@gegenunendlich.de> * Stephon Chen <stephon@gmail.com> * Steve Wills <steve@mouf.net> * Steve Wills <swills@FreeBSD.org> * Steven Kreuzer * Steven Kreuzer <skreuzer@exit2shell.com> * Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> * TAKAHASHI Kaoru <kaoru@kaisei.org> * TAKATSU Tomonari <tota@FreeBSD.org> * Tatsuki Makino <tatsuki_makino@hotmail.com> * Thibault Payet <monwarez@mailoo.org> * Thierry Thomas (<thierry@pompo.net>) * Thierry Thomas <thierry@pompo.net> * Thomas Hurst <tom@hur.st> * Thomas Quinot <thomas@cuivre.fr.eu.org> * Thomas Zander <riggs@FreeBSD.org> * Thomas von Dein <freebsd@daemon.de> * Tilman Linneweh <arved@FreeBSD.org> * Tim Bishop <tim@bishnet.net> * Tom Judge <tom@tomjudge.com> * Tomoyuki Sakurai <cherry@trombik.org> * Toni Viemerö <toni.viemero@iki.fi> * Tony Maher * Torsten Zuhlsdorff <ports@toco-domains.de> * Travis Campbell <hcoyote@ghostar.org> * Tsung-Han Yeh <snowfly@yuntech.edu.tw> * Ulf Lilleengen * Vaida Bogdan <vaida.bogdan@gmail.com> * Valentin Zahariev <curly@e-card.bg> * Valerio Daelli <valerio.daelli@gmail.com> * Veniamin Gvozdikov <vg@FreeBSD.org> * Victor Popov * Victor Popov <v.a.popov@gmail.com> * Vsevolod Stakhov * Vsevolod Stakhov <vsevolod@FreeBSD.org> * Wen Heping <wen@FreeBSD.org> * Wen Heping <wenheping@gmail.com> * Yarodin <yarodin@gmail.com> * Yen-Ming Lee <leeym@FreeBSD.org> * Yen-Ming Lee <leeym@cae.ce.ntu.edu.tw> * Yen-Ming Lee <leeym@leeym.com> * Ying-Chieh Liao <ijliao@FreeBSD.org> * Yonatan <Yonatan@Xpert.com> * Yonatan <onatan@gmail.com> * Yoshisato YANAGISAWA * Yuri Victorovich * Yuri Victorovich <yuri@rawbw.com> * Zach Thompson <hideo@lastamericanempire.com> * Zane C. Bowers <vvelox@vvelox.net> * Zeus Panchenko <zeus@gnu.org.ua> * ache * adamw * ajk@iu.edu * alex@FreeBSD.org * allan@saddi.com * alm * andrej@ebert.su * andrew@scoop.co.nz * andy@fud.org.nz * antoine@FreeBSD.org * arved * barner * brix@FreeBSD.org * buganini@gmail.com * chinsan * chris@still.whet.org * clement * clsung * crow * cy@FreeBSD.org * dominik karczmarski <dominik@karczmarski.com> * dwcjr@inethouston.net * eivind * erich@rrnet.com * erwin@FreeBSD.org * girgen@FreeBSD.org * glen.j.barber@gmail.com * hbo@egbok.com * ijliao * jesper * jfitz * johans * joris * kftseng@iyard.org * kris@FreeBSD.org * lx * markm * mharo@FreeBSD.org * michaelnottebrock@gmx.net * mnag@FreeBSD.org * mp39590@gmail.com * nbm * nectar@FreeBSD.org * nork@FreeBSD.org * nork@cityfujisawa.ne.jp * nsayer@FreeBSD.org * nsayer@quack.kfu.com * ntarmos@cs.uoi.gr * oly * onatan@gmail.com * pandzilla * patrick@mindstep.com * pauls * perl@FreeBSD.org * petef@FreeBSD.org * peter.thoenen@yahoo.com * ports@c0decafe.net * ports@rbt.ca * roam@FreeBSD.org * rokaz * sada@FreeBSD.org * scrappy * se * shane@freebsdhackers.net aka modsix@gmail.com * snb@threerings.net * sumikawa * sviat * teramoto@comm.eng.osaka-u.ac.jp * thierry@pompo.net * tobez@FreeBSD.org * torstenb@FreeBSD.org * trasz <trasz@pin.if.uz.zgora.pl> * trevor * truckman * vanhu * vanilla@ * wen@FreeBSD.org * will With hat: portmgr
* security/openvpn: Bump PORTREVISION to be newer than on quarterly.Matthias Andree2022-05-311-1/+1
| | | | | | This is to make sure that with 2022Q3 branching off of this version, the package will look newer and flush out the old package, with MBEDTLS and TUNNELBLICK options now removed.
* security/openvpn: update to v2.5.7Matthias Andree2022-05-311-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FreeBSD-related changes from Changes.rst: - Limited OpenSSL 3.0 support OpenSSL 3.0 support has been added. OpenSSL 3.0 support in 2.5 relies on the compatiblity layer and full OpenSSL 3.0 support is coming with OpenVPN 2.6. Only features that impact usage directly have been backported: ``--tls-cert-profile insecure`` has been added to allow selecting the lowest OpenSSL security level (not recommended, use only if you must). OpenSSL 3.0 no longer supports the Blowfish (and other deprecated) algorithm by default and the new option ``--providers`` allows loading the legacy provider to renable these algorithms. Most notably, reading of many PKCS#12 files encrypted with the RC2 algorithm fails unless ``--providers legacy default`` is configured. The OpenSSL engine feature ``--engine`` is not enabled by default anymore if OpenSSL 3.0 is detected. - print OpenSSL error stack if decoding PKCS12 file fails - fix PATH_MAX build failure in auth-pam.c - fix t_net.sh self-test leaving around stale "ovpn-dummy0" interface detailed changes: https://github.com/OpenVPN/openvpn/releases/tag/v2.5.7
* security/openvpn: bump PORTREVISIONMatthias Andree2022-04-031-1/+1
| | | | ...forgotten in previous commit.
* security/openvpn: remove MBEDTLS and TUNNELBLICK options.Matthias Andree2022-04-031-37/+7
|
* security/openvpn: security update to 2.5.6Matthias Andree2022-03-171-2/+2
| | | | | | | | | | | | Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-256 Somewhat related to and obsoletes: PR: 262626 Security: 45a72180-a640-11ec-a08b-85298243e224 Security: CVE-2022-0547 Security: https://community.openvpn.net/openvpn/wiki/CVE-2022-0547 MFH: 2022Q1
* security/mbedtls: Update to 2.28.0 and fix make testTijl Coosemans2022-01-281-1/+1
| | | | | | Also bump dependent ports for library version change. PR: 255084
* security/openvpn: bugfix update to 2.5.5Matthias Andree2021-12-151-2/+2
| | | | | | | | | | | | | | | | | | Bugfixes (FreeBSD-specific): * improve "make check" to notice if "openvpn --show-cipher" crashes * improve argv unit tests * ensure unit tests work with mbedTLS builds without BF-CBC ciphers * include "--push-remove" in the output of "openvpn --help" * fix "resolvconf -p" invocation in example "up" script * fix "common_name" environment for script calls when "--username-as-common-name" is in effect (Trac #1434) Documentation: * move "push-peer-info" documentation from "server options" to "client" (where it belongs) * correct "foreign_option_{n}" typo in manpage * update IRC information in CONTRIBUTING.rst (libera.chat) * README.down-root: fix plugin module name
* security/openvpn: Default-enable PKCS#11 optionMatthias Andree2021-12-121-2/+2
| | | | | | | Bump PORTREVISION. PR: 260352 Reported by: Marcin Wojtas
* security/openvpn: sort OPTIONS_{DEFAULT|DEFINE}Matthias Andree2021-12-121-3/+3
|
* security/openvpn: deprecate tunnelblickMatthias Andree2021-12-121-6/+6
| | | | While here, shorten LZO_DESC to fit 80x24 dialogs.
* security/openvpn: re-enable mbedTLS buildMatthias Andree2021-12-111-4/+4
| | | | | | | | | ...now that mbedTLS metadata was fixed to show the actual situation for mbedTLS 2.x.y, that it's either Apache License 2.0, or GNU General Public License 2.0 or any later version. While here, also mark the main port with mbedTLS option enabled to record it's going to lose the mbedTLS option end of March 2022.
* security/openvpn: license incompat mbedTLS, LZO+LibreSSLMatthias Andree2021-12-111-3/+25
| | | | | | | | | | | | | | | | | | | After reviewing licenses again, - mark mbedTLS broken for now, since it uses the Apache License 2.0, which is incompatible with the GPLv2 (OpenVPN does not employ the "or any later version" escape hatch). This will be handed to the OpenVPN-devel mailing list for review. - block out the combination of LZO with LibreSSL, since OpenVPN only has a linking exception for OpenSSL itself. Remedy is to either forgo LibreSSL, or to disable the LZO option, which requires proper configuration on either end. The maintainer's recommendation is to compile with OpenSSL instead. Bump PORTREVISION in spite of unchanged contents to flush out old packages. MFH: 2021Q4
* security/openvpn-mbedtls: sunset port.Matthias Andree2021-12-041-0/+1
| | | | | | mbedTLS is obsolete through its lack of TLS v1.3 support OpenVPN-mbedtls does not work on 14-CURRENT. => remove this port and the MBEDTLS option end 2022Q1.
* */*: Remove redundant '-[0-9]*' from CONFLICTS_INSTALLStefan Eßer2021-11-231-1/+1
| | | | | | | | | The conflict checks compare the patterns first against the package names without version (as reported by "pkg query "%n"), then - if there was no match - agsinst the full package names including the version (as reported by "pkg query "%n-%v"). Approved by: portmgr (blanket)
* security/openvpn: rearrange MakefileMatthias Andree2021-11-011-10/+10
| | | | to portclippy-reported standard ordering
* security/openvpn: create and use dedicated openvpn userMatthias Andree2021-11-011-1/+11
| | | | PR: 259384
* security/openvpn: bugfix update to 2.5.4Matthias Andree2021-10-051-2/+2
| | | | | | | adds openvpn-examples(5) manual page Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-254
* security/openvpn: fix missing include for PATH_MAXMatthias Andree2021-06-221-3/+7
| | | | | | | | | While here, add a warning banner about libressl support status, and clean up a leftover INSTALL_DATA workaround no longer needed. Patch suggested and Reported by: Franco Fichtner <franco@opnsense.org> PR: 256744
* security/openvpn: update to v2.5.3Matthias Andree2021-06-181-2/+2
| | | | | | | | | | | | | | | | | | Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst FreeBSD relevant changes: Bugfixes * disable connect-retry backoff for p2p (--secret) instances (Trac #1010, #1384) * fix build with mbedtls w/o SSL renegotiation support * fix small memory leak in free_key_ctx for auth_token * Fix SIGSEGV (NULL deref) receiving push "echo" (Trac #1409) - -> in FreeBSD ports, already fixed in 2.5.2_2 (PORTREVISION 2). User-visible Changes * update copyright messages in files and --version output New features * add --auth-token-user option (for --auth-token deployments without --auth-user-pass in client config)
* security/openvpn: band-aid fix for SIGSEGV on push echoMatthias Andree2021-06-031-1/+1
| | | | | PR: 256331 Reported by: peo@nethead.se
* security/openvpn: do not package .orig leftovers from patchMatthias Andree2021-05-171-1/+2
| | | | | | | | | Bump PORTREVISION as we change the pkg-plist. (Includes -mbedtls port variant.) PR: 255946 Based on a patch by and Reported by: Mikael Urankar (mikael@)
* security/openvpn: security update to v2.5.2Matthias Andree2021-04-211-5/+6
| | | | | | | | Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-252 Security: CVE-2020-15078 Security: efb965be-a2c0-11eb-8956-1951a8617e30 MFH: 2021Q2
* Remove # $FreeBSD$ from Makefiles.Mathieu Arnold2021-04-061-1/+0
|
* security/openvpn: run ldd -a when multi-link of "same" library foundMatthias Andree2021-03-161-1/+1
| | | | | | | | | | | | | The build runs a sanity to check that libssl and libcrypto are linked only once, to catch mismatches in SSL providers to libpkcs11-helper and openvpn itself. In order to assist the operator to find out which libraries pull in differing versions of libcrypto or libssl, run ldd -a in the error path. (Not run normally, not PORTREVISION bump.) PR: 254323 (related) Notes: svn path=/head/; revision=568617
* security/openvpn: Bugfix update to v2.5.1Matthias Andree2021-02-241-1/+1
| | | | | | | | | Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-251 MFH: 2021Q1 (point-level bugfix update) Notes: svn path=/head/; revision=566502
* Update security/openvpn 2.5. For 2.3 peers, update your configuration,Matthias Andree2020-10-301-42/+37
| | | | | | | | | | | | ...see ports/UPDATING or the ChangeLog: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-25 Avoid LibreSSL (IGNORE_SSL). INSTALL_DATA -> INSTALL_MAN for documentation. Rearrange Makefile according to portclippy. Notes: svn path=/head/; revision=553713
* openvpn: Add one TODO marker (no functional change).Matthias Andree2020-07-171-0/+3
| | | | Notes: svn path=/head/; revision=542434
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 12:45:24 +0000