aboutsummaryrefslogtreecommitdiff
path: root/security/strongswan
Commit message (Collapse)AuthorAgeFilesLines
* all: Remove all other $FreeBSD keywords.Mathieu Arnold2021-04-061-1/+0
|
* Remove # $FreeBSD$ from Makefiles.Mathieu Arnold2021-04-061-1/+0
|
* security/strongswan: use "vici" interface instead of deprecated "stroke" by ↵Dmitry Marakasov2021-03-172-1/+2
| | | | | | | | | | | | | default Add UPDATING entry with migration instruction. PR: 249865 Submitted by: driesm.michiels@gmail.com Approved by: strongswan@nanoteq.com (maintainer) Notes: svn path=/head/; revision=568683
* security/strongswan: Update to 5.9.2Fernando Apesteguía2021-03-093-21/+27
| | | | | | | | | | | | | ChangeLog: https://wiki.strongswan.org/versions/80 While here, pet linters PR: 254047 Submitted by: jlduran@gmail.com Approved by: strongswan@Nanoteq.com (maintainer) Notes: svn path=/head/; revision=567895
* security/strongswan: Update to version 5.9.1Joseph Mingrone2020-12-292-4/+4
| | | | | | | | | | | Changelog: https://wiki.strongswan.org/versions/79 PR: 252202 Submitted by: Jose Luis Duran <jlduran@gmail.com> Approved by: strongswan@nanoteq.com (maintainer) Notes: svn path=/head/; revision=559621
* security/strongswan: update 5.8.4 -> 5.9.0Kurt Jaeger2020-09-252-7/+9
| | | | | | | | | | | | | - Also link the tpm2-tss package for testing with the TPM plugin: https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin PR: 249470 Submitted by: Jose Luis Duran <jlduran@gmail.com> Approved by: strongswan@Nanoteq.com (maintainer) Relnotes: https://wiki.strongswan.org/versions/78 Notes: svn path=/head/; revision=550035
* security/strongswan: Add TEST_TARGETFernando Apesteguía2020-05-201-0/+2
| | | | | | | | | | | make test passes OK PR: 246535 Submitted by: jlduran@gmail.com Reviewed by: strongswan@Nanoteq.com (maintainer) Notes: svn path=/head/; revision=536014
* security/strongswan: Update to 5.8.4Renato Botelho2020-04-132-4/+4
| | | | | | | | | | PR: 245199 Submitted by: Jose Luis Duran <jlduran@gmail.com> Approved by: strongswan@Nanoteq.com (maintainer) Sponsored by: Rubicon Communications, LLC (Netgate) Notes: svn path=/head/; revision=531624
* Update to 5.8.3Jochen Neumeister2020-03-292-5/+4
| | | | | | | | PR: 245087 Sponsored by: Netzkommune GmbH Notes: svn path=/head/; revision=529774
* security/strongswan: Add PYTHON plugin option for a VICI protocol pluginMateusz Piotrowski2020-01-311-1/+5
| | | | | | | | | | PR: 243254 Submitted by: Dries Michiels <driesm.michiels@gmail.com> Approved by: maintainer Event: Brussels DevSummit 2020 Notes: svn path=/head/; revision=524730
* security/strongswan: load ipsec kernel module by rc scriptKoichiro Iwao2020-01-112-0/+2
| | | | | | | | | | | | | From the following discussion: https://reviews.freebsd.org/D20163 It makes sense to add ipsec as required module for the rc script of strongSwan. PR: 243316 Submitted by: Dries Michiels <driesm.michiels@gmail.com> Approved by: maintainer Notes: svn path=/head/; revision=522689
* security/strongswan: Update to 5.8.2Renato Botelho2019-12-303-4/+8
| | | | | | | | | | PR: 242687 Approved by: maintainer Obtained from: pfSense Sponsored by: Rubicon Communications, LLC (Netgate) Notes: svn path=/head/; revision=521493
* Add a new option to enable PKCS11 pluginRenato Botelho2019-09-302-13/+20
| | | | | | | | | | PR: 240684 Approved by: strongswan@Nanoteq.com (maintainer) Obtained from: pfSense Sponsored by: Rubicon Communications, LLC (Netgate) Notes: svn path=/head/; revision=513403
* security/strongswan: update to 5.8.1Steve Wills2019-09-242-4/+4
| | | | | | | | | PR: 240316 Submitted by: Jose Luis Duran <jlduran@gmail.com> Approved by: strongswan@Nanoteq.com (maintainer) Notes: svn path=/head/; revision=512739
* security/strongswan: Add support for the VIA Padlock pluginKoichiro Iwao2019-08-212-0/+13
| | | | | | | | | | PR: 239458 Submitted by: Evgeny <mojolicious@yandex.com> (initial revision) strongswan@Nanoteq.com (maintainer, brushed-up revision) Approved by: strongswan@Nanoteq.com (maintainer) Notes: svn path=/head/; revision=509483
* Implement new virtual category: net-vpn for VPN related portsKoichiro Iwao2019-08-141-1/+1
| | | | | | | | | | | | | | | | based on discussion at ports@ [1]. As VPN softwares are put in different physical category net and security. This is a little bit confusing. Let's give them new virtual category net-vpn. [1] https://lists.freebsd.org/pipermail/freebsd-ports/2019-April/115915.html PR: 239395 Submitted by: myself Approved by: portmgr (mat) Differential Revision: https://reviews.freebsd.org/D21174 Notes: svn path=/head/; revision=508887
* security/strongswan: Update to 5.8.0Renato Botelho2019-05-293-10/+9
| | | | | | | | | | PR: 238173 Approved by: maintainer Obtained from: pfSense Sponsored by: Rubicon Communications, LLC (Netgate) Notes: svn path=/head/; revision=502953
* security/strongswan: add vici-based configuration for the rc scriptKurt Jaeger2019-03-092-11/+69
| | | | | | | | | | | | | | | | | | | | The rc script is modified to allow both a legacy (ipsec.conf-based) startup or a new (swanctl.conf-based) config. Default is the legacy. The new setup is based on vici, the Versatile IKE Configuration Interface. For more details, see: https://wiki.strongswan.org/projects/strongswan/wiki/Vici PR: 234648 Submitted by: Jose Luis Duran <jlduran@gmail.com> Reviewed by: Sam Chen <sc.gear@one.caeon.com> Approved by: strongswan@Nanoteq.com (maintainer) Differential Revision: D19367 Notes: svn path=/head/; revision=495117
* security/strongswan: add PAM to XAUTHKurt Jaeger2019-03-092-1/+7
| | | | | | | | | PR: 236218 Submitted by: Franco Fichtner <franco@opnsense.org> Approved by: strongswan@Nanoteq.com (maintainer) Notes: svn path=/head/; revision=495112
* security/strongswan: Minor port improvementsSteve Wills2019-03-053-6/+16
| | | | | | | | | | | | | - Follow the same patching logic for swanctl.conf as the other config files. - Silence warning: $strongswan_enable not properly set. PR: 235340 Submitted by: Jose Luis Duran <jlduran@gmail.com> Approved by: strongswan@Nanoteq.com (maintainer) Notes: svn path=/head/; revision=494736
* security/strongswan: update to version 5.7.2Steve Wills2019-01-149-235/+247
| | | | | | | | | PR: 234882 Submitted by: Jose Luis Duran <jlduran@gmail.com> Approved by: strongswan@Nanoteq.com (maintainer) Notes: svn path=/head/; revision=490298
* security/strongswan: Update to 5.7.1Renato Botelho2018-10-022-4/+4
| | | | | | | | | | | | PR: 231862 Approved by: maintainer Obtained from: pfSense MFH: 2018Q4 Security: CVE-2018-16151 CVE-2018-16152 Sponsored by: Rubicon Communications, LLC (Netgate) Notes: svn path=/head/; revision=481111
* security/strongswan: Fix rc startup script to support rc.conf settings likeRenato Botelho2018-10-021-12/+16
| | | | | | | | | | | | | | _nice, _fib Do not bump version since I'll commit the upgrade to 5.7.1 just after it PR: 211108 Submitted by: Dmitry Wagin <dmitry.wagin@ya.ru> Approved by: maintainer Sponsored by: Rubicon Communications, LLC (Netgate) Notes: svn path=/head/; revision=481110
* - Update security/strongswan to 5.7.0Renato Botelho2018-09-263-11/+11
| | | | | | | | | | | | - While here, silence portlint warning renaming option IKEv1 to IKEV1 PR: 231720 Approved by: maintainer Obtained from: pfSense Sponsored by: Rubicon Communications, LLC (Netgate) Notes: svn path=/head/; revision=480733
* Update to 5.6.3Kirill Ponomarev2018-05-313-27/+4
| | | | | | | | | | | | | | | | | | | Fixes: - Denial-of-Service Vulnerability in the IKEv2 key derivation (CVE-2018-10811) - Denial-of-Service Vulnerability in the stroke plugin (CVE-2018-5388) - Crash on FreeBSD that was present in 5.6.2 - The kernel-pfkey plugin optionally installs routes via internal interface (one with an IP in the local traffic selector). On FreeBSD, enabling this selects the correct source IP when sending packets from the gateway itself. PR: 228631 Submitted by: maintainer Notes: svn path=/head/; revision=471205
* security/strongswan: Fix crash in public key authentication with 5.6.2Yuri Victorovich2018-03-062-0/+24
| | | | | | | | | | | While here, added LICENSE_FILE. PR: 226404 Submitted by: strongswan@Nanoteq.com (maintainer) Approved by: tcberner (mentor, implicit) Notes: svn path=/head/; revision=463768
* - Update security/strongswan to 5.6.2 [1]Renato Botelho2018-03-013-9/+18
| | | | | | | | | | | | | | | - Enable CURL option by default [2] PR: 226043 [1], 220488 [2] Submitted by: strongswan@Nanoteq.com (maintainer) [1] karl@denninger.net [2] Approved by: maintainer [2] MFH: 2018Q1 Security: CVE-2018-6459 Sponsored by: Rubicon Communications, LLC (Netgate) Notes: svn path=/head/; revision=463323
* Remove USES=execinfo.Mathieu Arnold2017-09-221-1/+1
| | | | | | | | | | PR: 220271 Submitted by: mat (review), Yasuhiro KIMURA (PR) Sponsored by: Absolight Differential Revision: https://reviews.freebsd.org/D11488 Notes: svn path=/head/; revision=450351
* security/strongswan: update 5.5.3 -> 5.6.0Kurt Jaeger2017-08-233-4/+5
| | | | | | | | | | | | | - the gmp plugin responsible for CVE-2017-11185 is not enabled in the FreeBSD build PR: 221716 Relnotes: https://wiki.strongswan.org/versions/66 Reported by: i.dani@outlook.com Approved by: strongswan@nanoteq.com (maintainer) Notes: svn path=/head/; revision=448590
* Update strongswan to 5.5.3Olivier Cochard2017-07-193-81/+4
| | | | | | | | | PR: 220823 Submitted by: strongswan@Nanoteq.com (maintainer) Reported by: i.dani@outlook.com Notes: svn path=/head/; revision=446193
* Add option for enabling mediation feature (like STUN for IPSec peers)Olivier Cochard2017-05-101-1/+4
| | | | | | | | Approved by: strongswan@nanoteq.com (maintainer) Sponsored by: Orange Notes: svn path=/head/; revision=440527
* Update security/strongswan to 5.5.2Renato Botelho2017-04-123-12/+28
| | | | | | | | | PR: 218430 Approved by: maintainer Sponsored by: Rubicon Communications (Netgate) Notes: svn path=/head/; revision=438397
* - Chase ldns shlip bumpMartin Wilke2017-03-031-0/+1
| | | | | | | PR: 217495 Notes: svn path=/head/; revision=435306
* Update security/strongswan to 5.5.1Renato Botelho2016-11-218-12/+16
| | | | | | | | | | PR: 213844 Approved by: strongswan@Nanoteq.com (maintainer) Obtained from: pfSense Sponsored by: Rubicon Communications (Netgate) Notes: svn path=/head/; revision=426700
* security/strongswan: Fix build with LibreSSLJohn Marino2016-09-121-0/+11
| | | | | | | Approved by: SSL blanket Notes: svn path=/head/; revision=421949
* Update security/strongswan to 5.5.0Renato Botelho2016-07-192-7/+8
| | | | | | | | PR: 211095 Submitted by: strongswan@Nanoteq.com (maintainer) Notes: svn path=/head/; revision=418809
* security/strongswan: unbreak FreeBSD 9 buildsJason Unovitch2016-04-031-0/+13
| | | | | | | | | | | - Add patch to include sys/endian.h header PR: 208446 Submitted by: strongswan@Nanoteq.com (maintainer) MFH: 2016Q2 (build fix blanket) Notes: svn path=/head/; revision=412481
* Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.Mathieu Arnold2016-04-011-5/+5
| | | | | | | | With hat: portmgr Sponsored by: Absolight Notes: svn path=/head/; revision=412349
* Update security/strongswan to 5.4.0Renato Botelho2016-03-233-9/+6
| | | | | | | | | | PR: 208219 Approved by: swan@nanoteq.com (maintainer) Obtained from: pfSense Sponsored by: Rubicon Communications (Netgate) Notes: svn path=/head/; revision=411720
* - bump PORTREVISION on ports depending on unboundOlli Hauer2016-03-151-1/+1
| | | | | | | | PR: 207948 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=411143
* security/strongswan: enable options to increase usefulness of default pkgJason Unovitch2016-02-171-3/+6
| | | | | | | | | | | | | - Enable PKI, SWANCTL, and VICI options (no external dependencies) - Document IMPLIES dependency on VICI for SWANCTL; mention in SWANCTL_DESC - Bump PORTREVISION PR: 205438 Reported by: Nick B <nicblais@clkroot.net> Submitted by: strongswan@Nanoteq.com (maintainer) Notes: svn path=/head/; revision=409026
* - Update unbound to 1.5.7Erwin Lansing2016-02-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Bump PORTREVISIOn on dependent ports Some Upgrade Notes: This release fixes a validation failure for nodata with wildcards and emptynonterminals. Fixes OpenSSL Library compability. Fixes correct response for malformed EDNS queries. For crypto in libunbound there is libnettle support. Qname minimisation is implemented. Use qname-minimisation: yes to enable it. This version sends the full query name when an error is found for intermediate names. It should therefore not fail for names on nonconformant servers. It combines well with harden-below-nxdomain: yes because those nxdomains are probed by the qname minimisation, and that will both stop privacy sensitive traffic and reduce nonsense traffic to authority servers. So consider enabling both. In this implementation IPv6 reverse lookups add several labels per increment, because otherwise those lookups would be very slow. [ Reference https://tools.ietf.org/html/draft-ietf-dnsop-qname-minimisation-08 ] More details at <http://unbound.net> PR: 206347 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> Approved by: maintainer timeout Sponsored by: DK Hostmaster A/S Notes: svn path=/head/; revision=408047
* Bump PORTREVISION to help users with custom OPTIONS to get the fixRenato Botelho2015-12-031-0/+1
| | | | | | | committed in r402880, as suggested by AMDmi3 Notes: svn path=/head/; revision=402881
* Add @sample to gcm.conf missed when I introduced it. No bump on PORTREVISIONRenato Botelho2015-12-031-1/+1
| | | | | | | | | | since GCM is disabled by default Submitted by: Jose Luis Duran Obtained from: https://github.com/pfsense/FreeBSD-ports/pull/2 Notes: svn path=/head/; revision=402880
* Update security/strongswan to 5.3.5Renato Botelho2015-12-022-3/+3
| | | | | | | | | | PR: 204959 Approved by: strongswan@Nanoteq.com (maintainer) Obtained from: pfSense Sponsored by: Rubicon Communications (Netgate) Notes: svn path=/head/; revision=402817
* Update security/strongswan to 5.3.4Renato Botelho2015-11-164-98/+3
| | | | | | | | | | | | PR: 204597 Submitted by: strongswan@nanoteq.com (maintainer) MFH: 2015Q4 Security: CVE 2015-8023 Security: https://github.com/strongswan/strongswan/commit/453e204ac40dfff2e0978e8f84a5f8ff0cbc45e2 Sponsored by: Rubicon Communications (Netgate) Notes: svn path=/head/; revision=401762
* Backport a couple of commits from master, that will be present in 5.3.4:Renato Botelho2015-11-093-1/+95
| | | | | | | | | | | | | | | | | | - dff2d05bb9 [1]: kernel-pfKey: Enable AES-CTR - 04f22cdabc [2]: VICI: add NAT information Bump PORTREVISION [1] https://github.com/strongswan/strongswan/commit/dff2d05bb9bec684b3b2efdafc9a47219550bbe1 [2] https://github.com/strongswan/strongswan/commit/04f22cdabc1c97d38692f95392429839f0fa90d1 PR: 204398 Approved by: maintainer Obtained from: pfSense Sponsored by: Rubicon Communications (Netgate) Notes: svn path=/head/; revision=401115
* - Add a new option, SWANCTL, to install swanctll utilityRenato Botelho2015-10-292-2/+30
| | | | | | | | | | | | | | - When VICI option is selected, install libvici.h to include directory, it's useful when you need to build a custom code linked to libvici - Pass path to USE_LDCONFIG otherwise libraries will not be visible PR: 204098 Approved by: maintainer Obtained from: pfSense Sponsored by: Rubicon Communications (Netgate) Notes: svn path=/head/; revision=400455
* - Add a new option (VICI) to build VICI management protocolRenato Botelho2015-10-282-2/+14
| | | | | | | | | | - Change SMP option description to show users it's deprecated PR: 204090 Approved by: maintainer Notes: svn path=/head/; revision=400393
* strongSwan can be beuit using 3 different printf hooks: builtin, glibcRenato Botelho2015-10-271-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | | (compatible with FreeBSD's libc) and vstr (devel/vstr). Since it's not selected any of them on CONFIGURE_ARGS, it uses auto, and end up using glibc. pfSense users reported memory leaks on strongSwan [2] [3] and a it was reported to upstream [1]. Add a single option and let user choose which printf hook to use, and change default to use builtin. Bump PORTREVISION due to default change [1] https://wiki.strongswan.org/issues/1106 [2] https://forum.pfsense.org/index.php?topic=96767.0 [3] https://redmine.pfsense.org/issues/5149 PR: 204051 Approved by: maintainer Obtained from: pfSense MFH: 2015Q4 Sponsored by: Rubicon Communications (Netgate) Notes: svn path=/head/; revision=400233
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-05 06:57:58 +0000