./net/openvpn, Easy-to-use SSL VPN daemon

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4.9nb1, Package name: openvpn-2.4.9nb1, Maintainer: pkgsrc-users

OpenVPN is a robust and highly flexible tunneling application
that uses all of the encryption, authentication, and certification
features of the OpenSSL library to securely tunnel IP networks over
a single TCP/UDP port.


Required to run:
[archivers/lzo] [security/openssl] [archivers/lz4]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 60adab3955438d64cf7461ed8a6bb07babfd0e3c
RMD160: e4c4f725faf89f696c950710bd5648ca873505d6
Filesize: 931.898 KB

Version history: (Expand)


CVS history: (Expand)


   2020-05-22 12:56:49 by Adam Ciarcinski | Files touched by this commit (624)
Log message:
revbump after updating security/nettle
   2020-04-17 22:14:22 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
openvpn: updated to 2.4.9

OpenVPN 2.4.9
* socks: use the right function when printing struct openvpn_sockaddr
* Fetch OpenSSL versions via source/old links
* Fix OpenSSL error stack handling of tls_ctx_add_extra_certs
* Fix OpenSSL 1.1.1 not using auto elliptic curve selection
* Fix broken fragmentation logic when using NCP
* Fix building with --enable-async-push in FreeBSD
* Fix broken async push with NCP is used
* Fix illegal client float (CVE-2020-11810)
* OpenSSL: Fix --crl-verify not loading multiple CRLs in one file
* Fix OpenSSL private key passphrase notices
* Swap the order of checks for validating interactive service user
* Move querying username/password from management interface to a function
* When auth-user-pass file has no password query the management interface (if \ 
available).
* Fix possibly uninitialized return value in GetOpenvpnSettings()
* Fix possible access of uninitialized pipe handles
* Skip expired certificates in Windows certificate store
* Allow unicode search string in --cryptoapicert option
* mbedTLS: Make sure TLS session survives move
* docs: Add reference to X509_LOOKUP_hash_dir(3)
   2020-03-08 17:51:54 by Thomas Klausner | Files touched by this commit (2833)
Log message:
*: recursive bump for libffi
   2020-01-26 18:32:28 by Roland Illig | Files touched by this commit (981)
Log message:
all: migrate homepages from http to https

pkglint -r --network --only "migrate"

As a side-effect of migrating the homepages, pkglint also fixed a few
indentations in unrelated lines. These and the new homepages have been
checked manually.
   2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836)
Log message:
*: Recursive revision bump for openssl 1.1.1.
   2020-01-16 14:33:51 by Jonathan Perkin | Files touched by this commit (12)
Log message:
*: Remove USE_OLD_DES_API.

OpenSSL 1.1.1d no longer ships des_old.h, and the time for this being
necessary appears to be behind us.
   2019-12-29 18:14:08 by Sevan Janiyan | Files touched by this commit (1)
Log message:
tweak
   2019-11-04 13:52:14 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
openvpn: updated to 2.4.8

Version 2.4.8

This is primarily a maintenance release with minor bugfixes and improvements.

New features
Support compiling with OpenSSL 1.1 without deprecated APIs
handle PSS padding in cryptoapicert (necessary for TLS >= 1.2)

User visible changes
do not abort when hitting the combination of "--pull-filter" and \ 
"--mode server" (this got hit when starting OpenVPN servers using the \ 
windows GUI which installs a pull-filter to force ip-win32)
increase listen() backlog queue to 32 (improve response behaviour on openvpn \ 
servers using TCP that get portscanned)
fix and enhance documentation (INSTALL, man page, ...)

Bug fixes
the combination "IPv6 and proto UDP and SOCKS proxy" did not work - as \ 
a workaround, force IPv4 in this case until a full implementation for \ 
IPv6-UDP-SOCKS can be made.
fix IPv6 routes on tap interfaces on OpenSolaris/OpenIndiana
fix building with LibreSSL
do not set pkcs11-helper 'safe fork mode' (should fix PIN querying in systemd \ 
environments)
repair windows builds
repair Darwin builds (remove -no-cpp-precomp flag)