Path to this page:
./
net/openvpn-acct-wtmpx,
Log OpenVPN logins and logouts to wtmpx
Branch: CURRENT,
Version: 20130210nb6,
Package name: openvpn-acct-wtmpx-20130210nb6,
Maintainer: manuThis OpenVPN plugin logs VPN logins and logouts in the wtmpx file.
Using it, you can have a look of OpenPVN usage by the last(1) command.
Required to run:[
net/openvpn]
Required to build:[
pkgtools/cwrappers]
Master sites:
Filesize: 2.713 KB
Version history: (Expand)
- (2024-02-13) Updated to version: openvpn-acct-wtmpx-20130210nb6
- (2023-11-19) Updated to version: openvpn-acct-wtmpx-20130210nb5
- (2023-11-10) Updated to version: openvpn-acct-wtmpx-20130210nb4
- (2023-10-25) Updated to version: openvpn-acct-wtmpx-20130210nb3
- (2023-08-26) Updated to version: openvpn-acct-wtmpx-20130210nb2
- (2023-06-17) Updated to version: openvpn-acct-wtmpx-20130210nb1
CVS history: (Expand)
2024-07-18 15:00:07 by Adam Ciarcinski | Files touched by this commit (4) | |
Log message:
openvpn: updated to 2.6.12
v2.6.12
Bug fixes:
the fix for CVE-2024-5594 (refuse control channel messages with
nonprintable characters) was too strict, breaking user configurations
with AUTH_FAIL messages having trailing CR/NL characters. This often
happens if the AUTH_FAIL reason is set by a script. Strip those before
testing the command buffer. Also, add unit test.
Http-proxy: fix bug preventing proxy credentials caching.
|
2024-03-20 20:24:02 by Adam Ciarcinski | Files touched by this commit (5) | |
Log message:
openvpn: updated to 2.6.10
Version 2.6.10
Christoph Schug (1):
Update documentation references in systemd unit files
Frank Lichtenheld (6):
Fix typo --data-cipher-fallback
samples: Remove tls-*.conf
check_compression_settings_valid: Do not test for LZ4 in LZO check
t_client.sh: Allow to skip tests
Update Copyright statements to 2024
GHA: general update March 2024
Lev Stipakov (4):
win32: Enforce loading of plugins from a trusted directory
interactive.c: disable remote access to the service pipe
interactive.c: Fix potential stack overflow issue
Disable DCO if proxy is set via management
Martin Rys (1):
openvpn-[client|server].service: Remove syslog.target
Max Fillinger (1):
Remove license warning from README.mbedtls
Selva Nair (1):
Document that auth-user-pass may be inlined
wellweek (1):
remove repetitive words in documentation and comments
|
2024-02-18 15:01:05 by Adam Ciarcinski | Files touched by this commit (2) |
Log message:
regen distinfo
|
2024-02-13 20:34:38 by Greg Troxel | Files touched by this commit (3) |
Log message:
net/openvpn-*: PKGREVISION++ (these build something else with openvpn also)
|
2023-11-18 13:51:20 by Greg Troxel | Files touched by this commit (6) |
Log message:
net/openvpn: Update to 2.6.8
upstream NEWS: bugfixes
|
2023-11-10 01:17:47 by Greg Troxel | Files touched by this commit (8) |
Log message:
net/openvpn: Update to 2.6.7
Upstream NEWS:
Security Fixes:
* CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use a send \
buffer after
it has been free()d in some circumstances, causing some free()d memory to be \
sent to the peer.
All configurations using TLS (e.g. not using --secret) are affected by this issue.
(found while tracking down CVE-2023-46849 / Github #400, #417)
* CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore \
--fragment configuration
in some circumstances, leading to a division by zero when --fragment is used. \
On platforms where
division by zero is fatal, this will cause an OpenVPN crash.(Github #400, #417).
User visible changes:
* DCO: warn if DATA_V1 packets are sent by the other side - this a hard \
incompatibility between
a 2.6.x client connecting to a 2.4.0-2.4.4 server, and the only fix is to use \
--disable-dco.
* Remove OpenSSL Engine method for loading a key. This had to be removed because \
the original author
did not agree to relicensing the code with the new linking exception added. \
This was a somewhat
obsolete feature anyway as it only worked with OpenSSL 1.x, which is end-of-support.
* add warning if p2p NCP client connects to a p2mp server - this is a \
combination that used to work
without cipher negotiation (pre 2.6 on both ends), but would fail in \
non-obvious ways with 2.6 to 2.6.
* add warning to --show-groups that not all supported groups are listed (this is
due the internal enumeration in OpenSSL being a bit weird, omitting X448 and \
X25519 curves).
* --dns: remove support for exclude-domains argument (this was a new 2.6 option,
with no backend support implemented yet on any platform, and it turns out that
no platform supported it at all - so remove option again)
* warn user if INFO control message too long, do not forward to management client
(safeguard against protocol-violating server implementations)
New features:
* DCO-WIN: get and log driver version (for easier debugging).
* print "peer temporary key details" in TLS handshake
* log OpenSSL errors on failure to set certificate, for example if the \
algorithms used
are in acceptable to OpenSSL (misleading message would be printed in cryptoapi \
/ pkcs11 scenarios)
* add CMake build system for MinGW and MSVC builds
* remove old MSVC build system
* improve cmocka unit test building for Windows
|
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2023-08-26 16:23:10 by Greg Troxel | Files touched by this commit (4) | |
Log message:
net/openvpn-*: revbump and regen distinfo for openvpn update
|