notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

non port: security/openvpn-devel/distinfo

Number of commits found: 90

Tuesday, 20 Feb 2024
01:17 Matthias Andree (mandree) search for other commits by this committer Author: Gert Doering
security/openvpn-devel: upgrade port to git commit 91b057a2b5 (2024-02-11)

contains a number of bugfixes and minor improvements, especially adding
more unit tests.

There is one FreeBSD relevant bugfix for servers with DCO, where reporting
of kernel peer statistics to userland failed due to static buffers sized
too small (ENOSPC).  Buffer handling here has been made dynamic.

PR:		276973
commit hash: 54582f53f1bc0fd6cc8ed2055100385d5e4316f9 commit hash: 54582f53f1bc0fd6cc8ed2055100385d5e4316f9 commit hash: 54582f53f1bc0fd6cc8ed2055100385d5e4316f9 commit hash: 54582f53f1bc0fd6cc8ed2055100385d5e4316f9 54582f5
Sunday, 31 Dec 2023
06:22 Matthias Andree (mandree) search for other commits by this committer
security/openvpn-devel: upgrade port to git commit efad93d049 (2023-11-17)

contains a number of bugfixes and minor improvements, plus fixes
for two bugs that have been assigned CVEs:

- CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use
  a send buffer after it has been free()d in some circumstances, causing
  some free()d memory to be sent to the peer.  All configurations using TLS
  (e.g. not using --secret) are affected by this issue.
  (found while tracking down CVE-2023-46849 / Github #400, #417)

- CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly
  restore "--fragment" configuration in some circumstances, leading to
  a division by zero when "--fragment" is used.  On platforms where
  division by zero is fatal, this will cause an OpenVPN crash.

see also https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements

Also adjust files/patch-tests__t_cltsrv.sh because upstream commit
d623aa6c29 conflicts with this patch.

Security:	2fe004f5-83fd-11ee-9f5d-31909fb2f495
Security:	CVE-2023-46849
Security:	CVE-2023-46850
commit hash: 110af6a7bee600b9382fd568beecb28593378df4 commit hash: 110af6a7bee600b9382fd568beecb28593378df4 commit hash: 110af6a7bee600b9382fd568beecb28593378df4 commit hash: 110af6a7bee600b9382fd568beecb28593378df4 110af6a
Saturday, 15 Apr 2023
08:10 Matthias Andree (mandree) search for other commits by this committer Author: Gert Doering
security/openvpn-devel: upgrade port to git commit fafb05f6f3 (2023-03-31)

This brings openvpn-devel to the current HEAD of the development tree,
which is still very close to OpenVPN 2.6.3.

Adjust config handling of option "DCO" to match upstream changes - that
is, DCO is enabled by default, so we pass "--disable-dco" to configure
now if the option is unchecked.
commit hash: 0012d5bb025b2968fad3cbfe7db5ccd27419b6b9 commit hash: 0012d5bb025b2968fad3cbfe7db5ccd27419b6b9 commit hash: 0012d5bb025b2968fad3cbfe7db5ccd27419b6b9 commit hash: 0012d5bb025b2968fad3cbfe7db5ccd27419b6b9 0012d5b
Friday, 13 Jan 2023
19:29 Matthias Andree (mandree) search for other commits by this committer Author: Gert Doering
security/openvpn-devel: upgrade port to git commit 480ad2a84e (2023-01-13)

this commit is also 2.6_rc2 (+ a freebsd/linux build fix).

contains a number of bugfixes and minor improvements, see
https://github.com/OpenVPN/openvpn/blob/v2.6_rc2/Changes.rst

Most notable improvement: this contains a default-enabled ratelimiter
for initial TLS handshake packets (100 per 10s), significantly reducing
the usefulness of abusing an OpenVPN server as a DDoS reflection engine.

Use '--connect-freq-initial' to tune parameters if needed.
commit hash: 0ffbe3c4015a5c04bf8b6754f7cdf396262e931f commit hash: 0ffbe3c4015a5c04bf8b6754f7cdf396262e931f commit hash: 0ffbe3c4015a5c04bf8b6754f7cdf396262e931f commit hash: 0ffbe3c4015a5c04bf8b6754f7cdf396262e931f 0ffbe3c
Wednesday, 28 Dec 2022
19:16 Matthias Andree (mandree) search for other commits by this committer Author: Gert Doering
security/openvpn-devel: upgrade port to git commit 84e70c479e (2022-12-28)

this commit is also 2.6_rc1.

contains a number of bugfixes and minor improvements, see
https://github.com/OpenVPN/openvpn/blob/v2.6_rc1/Changes.rst
commit hash: 8e26351fa01eab391a7e3d28f3bffcce57dec5c4 commit hash: 8e26351fa01eab391a7e3d28f3bffcce57dec5c4 commit hash: 8e26351fa01eab391a7e3d28f3bffcce57dec5c4 commit hash: 8e26351fa01eab391a7e3d28f3bffcce57dec5c4 8e26351
Friday, 16 Dec 2022
22:08 Matthias Andree (mandree) search for other commits by this committer Author: Gert Doering
security/openvpn-devel: upgrade port to git commit 566c0791ca (2022-12-15)

this commit is also 2.6_beta2.

contains a number of bugfixes and minor improvements

user visible changes since last port upgrade
 - freebsd + DCO now has working byte counters in DCO mode
 - server no longer accepts new inbound client connections
   while in "explicit-exit-notify" shutdown phase
 - logging improvements for DCO key handling
commit hash: c6b754fbdee2abf5518a92edec15d702198261c3 commit hash: c6b754fbdee2abf5518a92edec15d702198261c3 commit hash: c6b754fbdee2abf5518a92edec15d702198261c3 commit hash: c6b754fbdee2abf5518a92edec15d702198261c3 c6b754f
Tuesday, 6 Dec 2022
08:13 Matthias Andree (mandree) search for other commits by this committer Author: Gert Doering
security/openvpn-devel: upgrade port to git commit e778a6fd26d (2022-12-01)

this commit is also 2.6_beta1.

contains a good number of bugfixes and minor improvements

user visible changes since last port upgrade
 - binary identifies itself as "2.6_beta1"
 - client reconnect in p2p TLS mode works now with DCO enabled (on FreeBSD 14)
 - more robust handling of cipher negotiation issues in p2p TLS mode
 - supports server-pushable "tun-mtu" now
 - support DCO with AES-192-GCM on sufficiently-new FreeBSD 14 kernels
commit hash: b9d3c13fb81c21b6ef4103e1d49453249f13cd74 commit hash: b9d3c13fb81c21b6ef4103e1d49453249f13cd74 commit hash: b9d3c13fb81c21b6ef4103e1d49453249f13cd74 commit hash: b9d3c13fb81c21b6ef4103e1d49453249f13cd74 b9d3c13
Thursday, 27 Oct 2022
18:08 Matthias Andree (mandree) search for other commits by this committer Author: Gert Doering
security/openvpn-devel: upgrade port to git commit ecad4839ca (2022-10-27)

contains a good number of bugfixes and minor improvements, no new features.

user visible changes:
  - "topology subnet" tun interfaces will now use IFF_POINTOPOINT
  - DCO option on FreeBSD 14 will default to "on" now
  - DCO on FreeBSD now requires  a FreeBSD kernel after
    commit 2e797555f701c38d9d to get kernel-side ovpn(4)
    improvements, necessary for proper subnet + iroute support
commit hash: bb24536ac02a721fdc6657a2ff5e43c0c71ae54e commit hash: bb24536ac02a721fdc6657a2ff5e43c0c71ae54e commit hash: bb24536ac02a721fdc6657a2ff5e43c0c71ae54e commit hash: bb24536ac02a721fdc6657a2ff5e43c0c71ae54e bb24536
Sunday, 21 Aug 2022
09:14 Matthias Andree (mandree) search for other commits by this committer Author: Gert Doering
security/openvpn-devel: Upgrade to current git revision, add DCO option

commits up to 734de8f9aa2df bring a number new developments, especially
inclusion of the "Data Channel Offload" (OpenVPN in kernel space)
feature.

Since this is still considered not very well tested and needs a
very recent FreeBSD 14 kernel, this is off by default, and a new option
  [ ] DCO
has been added to enable it.
commit hash: c5c7369a3fe85961f8322531462d33465d4a89c7 commit hash: c5c7369a3fe85961f8322531462d33465d4a89c7 commit hash: c5c7369a3fe85961f8322531462d33465d4a89c7 commit hash: c5c7369a3fe85961f8322531462d33465d4a89c7 c5c7369
Friday, 6 May 2022
17:15 Matthias Andree (mandree) search for other commits by this committer Author: Gert Doering
security/openvpn-devel: Upgrade to current git revision

commits up to 413877f522e  bring a number new developments, especially
hardening the server against TLS state exhaustion and being abused
for reflection/amplification attacks, a full MTU/MSS handling rehaul,
and proper OpenSSL 3.0.x support.

PR:		263818
commit hash: be05900d7d732c33b2cc48aac68d818c041728bd commit hash: be05900d7d732c33b2cc48aac68d818c041728bd commit hash: be05900d7d732c33b2cc48aac68d818c041728bd commit hash: be05900d7d732c33b2cc48aac68d818c041728bd be05900
Thursday, 3 Jun 2021
15:30 Matthias Andree (mandree) search for other commits by this committer
security/openvpn-devel: bugfix update to 0033811e

Changes:
* 0033811e 2021-06-03 | Fix SIGSEGV (NULL deref) receiving push "echo" [Matthias
Andree]
* b7fe49c2 2021-05-24 | Do not require CA when peer-fingerprint is used [Selva
Nair]
* 28240c4a 2021-06-01 | Fix parsing of IV_SSO string [Selva Nair]

Approved by: Gert Doering (maintainer, by IRC)
commit hash: 8c0ab38d7a4762277fdbb3da8f0f72a60b4cec2c commit hash: 8c0ab38d7a4762277fdbb3da8f0f72a60b4cec2c commit hash: 8c0ab38d7a4762277fdbb3da8f0f72a60b4cec2c commit hash: 8c0ab38d7a4762277fdbb3da8f0f72a60b4cec2c 8c0ab38
Saturday, 29 May 2021
10:51 Matthias Andree (mandree) search for other commits by this committer
security/openvpn-devel: switch to Gitlab and new maintainer

The previous maintainer asked that the port be removed, but
we seem to have found a better solution. Gert Doering volunteered
to take over the port and reference Git directly.

Import security/openvpn fix for leftover .orig files.

PR:		256209
Maintainer change implicitly
Approved by:	ecrist@secure-computing.net (removal request)
New contents reviewed and
Approved by:	gert@greenie.muc.de (new maintainer, by IRC/mail)
commit hash: 9364842b3b08f9eaa49bf80c7c14550c2689ab7f commit hash: 9364842b3b08f9eaa49bf80c7c14550c2689ab7f commit hash: 9364842b3b08f9eaa49bf80c7c14550c2689ab7f commit hash: 9364842b3b08f9eaa49bf80c7c14550c2689ab7f 9364842
Tuesday, 6 Apr 2021
17:33 Matthias Andree (mandree) search for other commits by this committer
security/openvpn-devel: Update to 2021-W13 development snapshot

Commit history from 202049 to 202113:

5ac8c3c7 Fix async push broken after auth deferred refactor
8ccce69d log file descriptor in more socket related error messages
c5fec838 Move auth deferred related members into its own struct
6ea62d50 Remove deprecated option '--keysize'
60f5889a Deprecate non TLS mode in OpenVPN
79ff3f79 Allow running a default configuration with TLS libraries without BF-CBC
9e702a5d Always disable TLS renegotiations
203afbe9 reliable: retransmit if 3 follow-up ACKs are received
343b6119 Remove do_init_socket_2 and do_init_socket_1 wrapper function
9fe0b2c2 Extract multi_assign_peer_id into its own function
18b4a838 Remove thread_mode field of multi_context
aba8776e Fix 'compress migrate' for 2.2 clients.
8fa8a175 Implement '--compress migrate' to migrate to non-compression setup
72e1ecb5 Move is_proto function to the socket.h header
9eb285f4 Remove unused variable pass_config_info
c0b36e9f Remove unused function tls_test_auth_deferred_interval
3667df1d Remove unused field txqueuelen from struct tuntap
14061e3e Remove pointless tun_adjust_frame_parameters function
137eb670 Remove code for aligning non-swapped compression
bdc11ae4 Rename tunnel_server_udp_single_threaded to tunnel_server_udp
213fd3ee Remove superflous ifdefs around enum like defines
997b006a Get rid of last PLUGIN_DEF_AUTH #ifdef
76ccc62d Stop using deprecated getpass()
2d5c437f Remove automatic service
d11c273b Fix #elif TARGET_LINUX missing defined() call
f91e2116 Remove support for non ISO C99 vararg support
7975e33b Remove flexible array member autoconf check
ca570706 Cleanup print_details and add signature/ED certificate print
467b16dc Use correct types for OpenSSL and Windows APIs
e756e12a Fix socket related functions using int instead of socket_descriptor_t
7fc608da Make buffer related function conversion explicit when narrowing
5a2ed714 Restore also ping related options on a reconnect
7064ccb9 Move NCP saving and restore to the prepush restore code
528a78fb Move restoring pre pull options to initialising of c2 context
1e938c50 openvpnserv: Cache last error before it is overridden
1b71f859 Remove empty dummy functions
5b8a1231 Deprecate the --verify-hash option
26117a82 Document the simple self-signed certificate setup in examples
423ced96 Support fingerprint authentication without CA certificate
e5e9a07e tapctl: Resolve MSVC C4996 warnings
c3a7065d Implement peer-fingerprint to check fingerprint of peer certificate
d1fe6d52 Extend verify-hash to allow multiple hashes
df471f4d iservice: Resolve MSVC C4996 warnings
709c3810 interactive.c: Resolve MSVC C4996 warning
26540310 tun.c: Remove dead code
6eb28f7c Wipe Socks5 credentials after use
f9d9fe55 Move extract_iv_proto to ssl_util.c/h
45e7d412 Fix multiple problems when compiling with LLVM/Windows (clang-cl)
1480903e README.wolfssl Update
9b2e8034 Remove compat-lz4 references from VS project files
60c18b45 build: Add support for pkg-config < 0.28 for old autoconf versions
f38819b7 Add README.wolfssl documentating the state of WolfSSL in OpenVPN
f6dca235 Support for wolfSSL in OpenVPN
4524feb2 Avoid generating unecessary mbed debug messages
24596b25 build: Remove compat-lz4
4170da07 Do not print Diffie Hellman parameters file to log file
476990d4 EVP_DigestSignFinal siglen parameter correction
b0bff559 Require at least 100MB of mlock()-able memory if --mlock is used.
fdb4f276 Allow pending auth to be send from a auth plugin
d8ed5932 Change parameter of send_auth_pending_messages from context to
tls_multi
88664aba Refactor extract_var_peer_info into standalone function and add
ssl_util.c
53229047 Implement server side of AUTH_PENDING with extending timeout
4cf01c8e Fix EVP_PKEY_CTX_... compilation with LibreSSL
06f6cf3f Prefer TLS libraries TLS PRF function, fix OpenVPN in FIPS mode
3338f2d5 Quote the domain name argument passed to the wmic command
04876274 Add S_EXITCODE flag for openvpn_run_script to report exit code
b29f7dff Introduce management client state for AUTH_PENDING notifications
3f8fb2b2 Implement client side handling of AUTH_PENDING message
0714ed80 Check return values in md_ctx_init and hmac_ctx_init
fdfbd444 Explain structver usage in sample defer plugin.
413580b6 Change pull request timeout use a timeout rather than a number
ce652e7d Remove inetd support from OpenVPN
a385a3e8 More explicit versioning compatibility in sample-plugins/defer/simple.c
7d1361c1 Update openvpn_plugin_func_v2 to _v3 in sample-plugins/defer/simple.c
595be121 Documentation fixes around openvpn_plugin_func_v3 in
openvpn-plugin.h.in
2d7e1954 Fix naming error in sample-plugins/defer/simple.c
452e016c clean up / rewrite sample-plugins/defer/simple.c
6a0c51ba Make OPENVPN_PLUGIN_ENABLE_PF failures FATAL
ef2405a6 Document common uses of 'echo' directive, re-enable logging for 'echo'.
15daa988 Fix tls-auth mismatch OCC message when tls-cryptv2 is used.
3b1ded39 Man page sections corrections
e0e7625c Skip DHCP renew with Wintun adapter
b1a8213e Remove 1 second delay before running netsh
8a8ee283 Clarify --block-ipv6 intent and direction.
aa58035a Zero initialise msghdr prior to calling sendmesg
86d7e990 ssl_common.h: fix 'not all control paths return a value' msvc warning
ab4688e3 Fix too early argv freeing when registering DNS
a686f7e2 Fix line number reporting on config file errors after <inline> segments

PR:		254785
Submitted by:	Eric F. Crist (maintainer)
-- Diese und die folgenden Zeilen werden ignoriert --
> Description of fields to fill in above:                     76 columns --|
> PR:                       If and which Problem Report is related.
> Submitted by:             If someone else sent in the change.
> Reported by:              If someone else reported the issue.
> Reviewed by:              If someone else reviewed your modification.
> Approved by:              If you needed approval for this commit.
> Obtained from:            If the change is from a third party.
> MFC after:                N [day[s]|week[s]|month[s]].  Request a reminder
email.
> MFH:                      Ports tree branch name.  Request approval for merge.
> Relnotes:                 Set to 'yes' for mention in release notes.
> Security:                 Vulnerability reference (one per line) or
description.
> Sponsored by:             If the change was sponsored by an organization (each
collaborator).
> Differential Revision:    https://reviews.freebsd.org/D### (*full* phabric URL
needed).
> Empty fields above will be automatically removed.

M    openvpn-devel/Makefile
M    openvpn-devel/distinfo
commit hash: e098d24a5aceebd6924b41a980ebb135a1dec0ed commit hash: e098d24a5aceebd6924b41a980ebb135a1dec0ed commit hash: e098d24a5aceebd6924b41a980ebb135a1dec0ed commit hash: e098d24a5aceebd6924b41a980ebb135a1dec0ed e098d24
Friday, 11 Dec 2020
17:46 mandree search for other commits by this committer
security/openvpn-devel: Update to 2020-W49 snapshot

Update port to 2020-W49 development snapshot.

1387f526 Fix port-share option with TLS-Crypt v2
4d307ed4 tls-crypt-v2: also preload tls-crypt-v2 keys (if --persist-key)
fb169c3b tls-crypt-v2: fix server memory leak
dfd624b5 Remove auth_user_pass.wait_for_push variable
fb789947 Fix auth-token not being updated if auth-nocache is set
88dc4276 Make any auth failure tls_authentication_status return auth failed
55d5eaa3 Send AUTH_FAILED message to clients on renegotiation failures
3ac8e592 Rename DECRYPT_KEY_ENABLED to TLS_AUTHENTICATED
f9d3fbf9 Clean up tls_authentication_status and document it
f1f0f074 Improve keys out of sync message
8292102b Add more documentation about our internal TLS functions
cc5a7163 Replace key_scan array of static pointers with inline function
fc25ca3a build: Fix missing install of man page in certain environments
0d4069e4 Change travis build scripts to use https when fetching prerequisites.

PR:		251761
Submitted by:	Eric F. Crist (maintainer)
Original commitRevision:557755 
Friday, 30 Oct 2020
20:41 mandree search for other commits by this committer
openvpn-devel Update to post 2.5 release development snapshot.

=== Commit Notes ===
99d217b2 Remove --disable-def-auth configure argument
0d4ca79d Remove explicit setting of peer_id to false
cb70cf51 Remove NULL checks before calling free
2c8a9877 Align reliable_free with other free methods to accept NULL
0d5aab88 Inline function tls_get_peer_info
bbcada8a Avoid passing NULL to argv_printf_cat() in temp_file error case.
a4eeef17 Add function for common env setting of verify user/pass calls
a480eaae Ignore deprecation warning for daemon on macOS
14bd92b7 Fix compilation on pre-EKM mbedTLS libraries.
f0734e49 Simplify key material exporter backend API
6dc09d0d Implement generating data channel keys via EKM/RFC 5705
1e6e083e networking_iproute2: fix memory leak in net_iface_mtu_set()
c018fc00 Allow 'none' cipher being specified in --data-ciphers
3b04c34d Support X509 field list to be username
15d05243 Move openvpn specific key expansion into its own function
23e11e59 Fix redirecting of IPv4 default gateway if connecting over IPv6.
bfb28845 Added 'route_ipv6_metric_NN' environment variable for IPv6 route
metric.
b68aa006 Speedup TCP remote hosts connections
a5409c0d Selectively reformat too long lines
0f44a908 compat/lz4: Update to v1.9.2
43cdb0c7 Improve error msg when all TAP adapters are in use 'or disabled'
e9e47f49 Fix update_time() and openvpn_gettimeofday() coexistence
d6720203 Alias ADAPTER_DOMAIN_SUFFIX to DOMAIN
66ad8727 Improve documentation of --username-as-common-name
70882f3e Set DNS Domain using iservice
7f7b0539 openvpnmsica: Simplify find_adapters() to void return
370395b3 netsh: Delete WINS servers on TUN close
dd754221 netsh: Clear existing IPv6 DNS servers before configuring new ones
6020e94b netsh: Specify interfaces by index rather than name
860a7bc7 Fix combination of --dev tap and --topology subnet across multiple
platforms.
94cebf82 Add demo plugin that excercises "CLIENT_CONNECT" and
"CLIENT_CONNECT_V2" paths
4dff2368 If IPv6 pool specification sets pool start to ::0 address, increment.
3ad86c25 Fix fatal error at switching remotes (#629)
6345cea8 build: Fix make distclean/distcheck
0b5141d8 sample-plugins: Partially autotoolize the sample-plugins build
81b6a7e7 Fix netbits setting (in TAP mode) for IPv6 on Windows.
b8625abb Allow --dhcp-option in config file when windows-driver is wintun
97ff6436 man: Improve --remote entry
eebeaa02 socks.c: fix alen for DOMAIN type addresses, bump up buffer sizes
fb94fbc3 msvc: better support for 32bit architecture
37aab49b Fix --show-gateway for IPv6 on NetBSD/i386.
a61c08a2 Handle NULL returns from calloc() in sample plugins.
8120e1ad man: Add missing --server-ipv6
50c7700d Fix description of --client-disconnect calling convention in manpage.
81f9bb3a Replace 'echo -n' with 'printf' in tests/t_lpback.sh
5b815eb4 Add a remark on dropping privileges when --mlock is used
aa346849 Fix handling of 'route remote_host' for IPv6 transport case.
505d5ad8 Fix best gateway selection over netlink
a4e0ac06 Fix TUNSETGROUP compatibility with very old Linux systems.
a09a2fad Fix error detection / abort in --inetd corner case.
5fd66510 Document that --push-remove is generally more suitable than
--push-reset
b341b1c5 openvpnmsica: make adapter renaming non-fatal
f3f09541 In tap.c use DiInstallDevice to install the driver on a new adapter
6ffe64e3 Fix client NCP OCC fallback when server and client cipher are identical
136c5f01 Fix compilation with older mbed TLS versions (mbedtls_tls_prf_types
undefined)

PR:		250743
Submitted by:	Eric F. Crist (maintainer)
Approved by:	Eric F. Crist (maintainer)
Original commitRevision:553714 
Friday, 28 Aug 2020
14:14 mandree search for other commits by this committer
security/openvpn-devel: Update to 2020-W35 snapshot (take 2 + 1/2)

This also adds a fix to the optional TUNNELBLICK extra-patch that removes
context now gone from the upstream code.

Here are the changes in the W35 snapshot:

136c5f01 Fix compilation with older mbed TLS versions (mbedtls_tls_prf_types
undefined)
5e19cc2c Workaround FreeBSD 12+ race condition on tun/tap open with IPv6.
10abd656 Refactor key_state_export_keying_material functions
62560e2a Fixes a bug in management_callback_send_cc_message, should be strlen
instead of sizeof
2ab0a924 Fix client's poor man NCP fallback
ed47c097 tun.c: enable using wintun driver under SYSTEM
2da29362 Improve the documentation for --dhcp-option
bf911882 Changes.rst: fix mistyped option names
e33f4475 doc: fix typos in cipher-negotiation.rst
7e65483d Fix stack overflow in OpenSolaris NEXTADDR()
f7432a97 Change version.m4 to 2.6_git
c1c43d46 Improve sections about older OpenVPN clients in cipher-negotiation.rst
26b658ea Changes.rst updates in preparation to 2.5_beta1
079fca54 Add depreciation notice for --ncp-disable to protocol-options.rst
16249959 Cleanup tls_pre_decrypt_lite and tls_pre_encrypt
a6a15f70 Refactor/Reformat tls_pre_decrypt

Poudriere test builds succeed on:
11.3 i386, amd64
12.1 i386, amd64, arm64

mips64 currently left in the dust because a build req. for py-docutils
winds up requiring gcc9, which isn't available for MIPS64.

PR:		248969
Submitted by:	Eric F. Crist (maintainer)
Original commitRevision:546735 
Tuesday, 11 Aug 2020
13:12 mandree search for other commits by this committer
security/openvpn-devel: Update to 2020-W33 snapshot

Update to Week 33 snapshot:

e02616d8 Document comp-lzo no and compress being incompatible
c13d20fa Remove S_OP_NORMAL key state.
4b4f5fe2 Move parsing IV_PROTO to separate function
4edcf571 Skip existing interfaces on opening the first available utun on macOS
42b39e98 Merge check_coarse_timers and check_coarse_timers_dowork
cd88d947 Eliminate check_tls wrapper function
eed645b3 Eliminate check_incoming_control_channel wrapper function
b7aebba2 Eliminate check_fragment function
76ea0859 Rename check_ping_restart_dowork to trigger_ping_timeout_signal
ce7ddaaf Split pf_check_reload check and check timer in process_coarse_timers
feacd01c travis: don't run t_net.sh test
e9639044 Remove a number of check/do_work wrapper calls from coarse_timers
60200b9e Remove buf argument from link_socket_set_outgoing_addr
33773a02 Clean up a number of leftover C89 initialisations in ssl.c
2fdd3329 Minor cleanup in push.c
bf42466d Document different behaviour of dynamic cipher negotiation
2c1d8c33 Rework NCP compability logic and drop BF-CBC support by default
dab34fdd Fix compilation with --disable-lzo and --disable-lz4
992e9cec Log serial number of revoked certificate
71d56aea client-connect: Add documentation for the deferred client connect
feature
20b39474 Abort client-connect handler loop after first handler sets 'disable'.
08f3c1ca Fix sequence of events for async plugin v1 handler.
0a7af784 Gently push users towards --data-ciphers in --show-ciphers output
5fde831c Fix stack buffer overruns in NEXTADDR() macro:
342f9b78 Add a note that ncp-ciphers is replaced by data-ciphers
30d19c6e Rename ncp-ciphers to data-ciphers
a3b21a76 Avoid sending push request after receving push reply
7cadbe24 Simplify calling logic of check_connection_established_dowork
1d86fae8 Include utun device number in utun error message

PR:		248600
Submitted by:	Eric F. Crist (maintainer)
Original commitRevision:544685 
Tuesday, 21 Jul 2020
19:03 mandree search for other commits by this committer
security/openvpn-devel: update to 2020-W30 snapshot

This is from the PR, with the addition of
BUILD_DEPENDS+=rst2man:textproc/py-docutils
such that the manpage gets built (it doesn't ship with
snapshots - which are from Git - any longer).

changes:

08469ca1 Remove --client-cert-not-required
2d5facaa Remove --ifconfig-pool-linear
94edc7c5 Require AEAD support in the crypto library
ec7d0e8e Drop support for OpenSSL 1.0.1
df85950a travis: Fix make distcheck failure
aad16b6c client-connect: Implement deferred connect support for plugin API v2
3658e577 Separate handling of non-deferred return values for
client-connect-scripts.
3d2af156 client-connect: Add deferred support to the client-connect v1 plugin
handler
290bb269 client-connect: Use inotify for the deferred client-connect status file
529b1ab2 client-connect: Add deferred support to the client-connect script
handler
82241468 Remove CAS_PARTIAL state
4cabd28a doc/man: Do not install man *.rst files
4b4b34da Remove --no-iv
19fab1f6 options: don't leak inline'd key material in logfile
83d6da50 Merge Makefile.am's AUTOMAKE_OPTIONS into configure.ac's
AM_INIT_AUTOMAKE.
dfb40edc client-connect: Add CC_RET_DEFERRED and cope with deferred
client-connect
ee6830c3 doc/man: Add misssing renegotiation.rst to Makefile.am
8d0b1def doc/man: Documentation for --bind-dev / VRFs on Linux
5c5544d4 doc/man: Update --txqueuelen default setting (Now OS default)
ed593e65 doc/man: Adopt compression documentation
850fd5fa doc/man: Mark compression options as deprecated
f500c49c doc/man: convert openvpn.8 to split-up .rst files
c83b197a Add deferred authentication support to plugin-auth-pam
90ed0fd2 reformat multi_client_generate_tls_keys according to uncrustify
708d1694 client-connect: Move adding inotify watch into its own function
4d500451 client-connect: Change cas_context from int to enum
07a69fd2 client-connect: Refactor client-connect handling to calling a bunch of
hooks in a loop
4f29b73b client-connect: Refactor to use return values instead of modifying a
passed-in flag
380a142a client-connect: Move multi_client_connect_setenv into early_setup
62a840e2 client-connect: Refactor multi_client_connect_source_ccd
78359a04 Added support for DHCP option 119 (dns search suffix list) for Windows.
0c8c50ca client-connect: Split multi_connection_established into separate
functions
b15fcceb Handle connecting clients without NCP or OCC without crashing.

PR:		248147
Submitted by:	Eric F. Crist (maintainer)
Original commitRevision:542781 
Friday, 17 Jul 2020
10:04 mandree search for other commits by this committer
security/openvpn-devel: Update to 202028 (2020-W28 snapshot)

ChangeLog:
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247974#c0>

While here:
* add cmocka as build-time requisite to include the engine test.
* use PLUGINDIR rather than hacking CPPFLAGS for PLUGIN_LIBDIR,
  the latter breaks -fPIC detection by configure (breaking the
  shared lib build for the engine unit tests)

PR:		247974
Submitted by:	Eric F. Crist (maintainer)
Original commitRevision:542422 
Monday, 20 Apr 2020
14:35 mandree search for other commits by this committer
Update to new snapshot 202016.

Git changes since 202015:

* 37bc691e 2020-04-15 | Fix illegal client float (CVE-2020-11810) [Lev Stipakov]
* 3b06b57d 2020-03-13 | Fix broken async push with NCP is used [Lev Stipakov]
* d8ac887c 2020-03-28 | Fix OpenSSL 1.1.1 not using auto elliptic curve
selection [Arne Schwabe]

Approved by:	ecrist@secure-computing.net (via IRC #openvpn-devel)
Security:	CVE-2020-11810
Security:	8604121c-7fc2-11ea-bcac-7781e90b0c8f
Original commitRevision:532210 
Sunday, 12 Apr 2020
15:57 mandree search for other commits by this committer
security/openvpn-devel: update to 2020-W15 snapshot

Update openvpn-devel port to the 2020-W15 snapshot
(Changes from upstream's Git):

* 05229fb5 2020-04-07 | OpenSSL: Fix --crl-verify not loading multiple
			CRLs in one file [Maxim Plotnikov]
* e23fb6b8 2020-04-03 | Fix off-by-one in tls-crypt-v2 client wrapping
			with custom metadata [Arne Schwabe]

PR:		245573
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:531525 
Sunday, 5 Apr 2020
12:05 mandree search for other commits by this committer
security/openvpn-devel: update to 2020-W14 snapshot

update to the 2020-W14 snapshot, Git log:

* 57578310 2020-03-30 | When auth-user-pass file has no password query the
management interface (if available). (HEAD -> master-2020-14, origin/master,
origin/HEAD, master) [Selva Nair]
* 8e5d30cf 2020-03-30 | Move querying username/password from management to a
function [Selva Nair]
* 3608d890 2020-04-02 | Fix OpenSSL error stack handling of
tls_ctx_add_extra_certs [Arne Schwabe]
* 09ae6280 2020-03-14 | tun.c: revise the IPv4 ifconfig flow on Windows [Simon
Rozman]
* 3e0e1692 2020-04-01 | Fetch OpenSSL versions via source/old links [Arne
Schwabe]
* a59e0754 2020-03-31 | mbedTLS: Make sure TLS session survives move [Tom van
Leeuwen]
* a2a2132c 2020-03-25 | docs: Add reference to X509_LOOKUP_hash_dir(3) [WGH]
* e8106537 2020-03-10 | tapctl: Support multiple hardware IDs [Simon Rozman]
* c6f8d1a7 2020-03-09 | openvpnmsica: Merge FindTUNTAPAdapters into
FindSystemInfo [Simon Rozman]

PR:		245373
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:530771 
Monday, 30 Mar 2020
18:16 mandree search for other commits by this committer
security/openvpn-devel: update to 2020-W13 snapshot

Changes since the 2020-W12 snapshot:

* be453156 2020-03-12 | Normalise ncp-ciphers option and restrict it to 127
bytes (HEAD -> master-2020-13, origin/master, origin/HEAD, master) [Arne
Schwabe]
* f67efa94 2019-10-21 | Fix OpenSSL private key passphrase notices [Santtu
Lakkala]
* 072f7d35 2020-03-22 | travis-ci: add arm64, s390x builds. [Ilya Shipitsin]
* 50d68142 2020-03-09 | openvpnmsica, tapctl: Revise default hardware ID
management [Simon Rozman]
* d263e4f3 2020-03-09 | openvpnmsica: Extend to support arbitrary HWID network
adapters [Simon Rozman]
* 8c487854 2020-03-09 | openvpnmsica: "TAP" => "TUN/TAP" [Simon Rozman]
* 52b2414d 2020-03-09 | openvpnmsica, tapctl: "interface" => "adapter" [Simon
Rozman]
* c8de3ddb 2020-03-09 | openvpnmsica: Simplify static function names [Simon
Rozman]
* e24049d5 2020-03-09 | openvpnmsica: Revise MSI custom actions interop [Simon
Rozman]
* d15bc3ad 2020-03-09 | tapctl: Add functions for enabling/disabling adapters
[Simon Rozman]

PR:		245192
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:529902 
Friday, 27 Mar 2020
12:10 mandree search for other commits by this committer
security/openvpn-devel: Update to new 2020-W12 snapshot.

Git history since 202010:
* e1eb630d 2020-03-14 | Fix building with --enable-async-push in FreeBSD [Lev
Stipakov]
* f3ef6ced 2020-03-10 | tun.c: reorder IPv6 ifconfig on Windows [Simon Rozman]
* 5d28b47c 2020-03-12 | tun.c: fix 'use after free' error [Lev Stipakov]
* 04f4b4fe 2020-02-05 | Skip DNS address validation [Domagoj Pensa]
* 089fbe65 2020-02-05 | wintun: upgrade error message in case of ring
registration failure [Simon Rozman]
* 57fe5a26 2020-03-09 | tapctl: Update documentation [Simon Rozman]
* 36493bf6 2020-03-09 | openvpnmsica: Fix TAPInterface.DisplayName field
interpretation [Simon Rozman]
* 026cf3e5 2020-03-09 | openvpnmsica: Remove required Windows driver
certification detection [Simon Rozman]
* 1828f9c1 2020-02-21 | Move NCP related function into a seperate file and add
unit tests [Arne Schwabe]
* 53e7d8db 2020-02-05 | wintun: check for conflicting options [Simon Rozman]
* baef44fc 2020-02-05 | tun.c: uncrustify [Simon Rozman]
* 4c71a647 2020-02-05 | tun.c: refactor driver detection and make it
case-insensitive [Simon Rozman]
* b111aa80 2020-02-29 | interactive.c: remove unused function [Lev Stipakov]

PR:		245098
Submitted by:	ecrist@secure-computing.net
Original commitRevision:529243 
Friday, 6 Mar 2020
14:27 mandree search for other commits by this committer
security/openvpn-devel update to snapshot 202010

PR:		244632
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:527880 
Saturday, 7 Sep 2019
07:37 mandree search for other commits by this committer
security/openvpn-devel: Maintainer update to 201935

This commit updates the port to the latest development snapshot.

Additional changes over PR:
- leave CATEGORIES alone (leaving net-vpn in)
- move IGNORE_SSL upwards and remove USE_LDCONFIG to please portlint -CA

PR:		240376
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:511396 
Wednesday, 27 Feb 2019
15:31 swills search for other commits by this committer
security/openvpn-devel: Update to 201907 development snapshot

PR:		235859
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:494062 
Wednesday, 30 May 2018
16:10 joneum search for other commits by this committer
security/openvpn-devel: Update to 201821

PR:		228589
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:471136 
Thursday, 24 May 2018
02:53 meta search for other commits by this committer
security/openvpn-devel: Update to 201815

PR:		227567
Submitted by:	ecrist@secure-computing.net (maintainer)
Approved by:	pi (mentor)
Original commitRevision:470755 
Wednesday, 14 Mar 2018
14:45 swills search for other commits by this committer
security/openvpn-devel: update to latest 2018-11 snapshot

PR:		226588
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:464495 
Wednesday, 21 Jun 2017
19:19 jpaetzel search for other commits by this committer
Update to latest version

PR:	220183
Submitted by:	ecrist@secure-computing.net
Original commitRevision:444072 
Monday, 15 May 2017
22:40 mandree search for other commits by this committer
Update to new snapshot.

Note I didn't take the original patch because it needed to NOT conflict
with itself, and I had to fix indentation - be sure to use TAB, not
blanks, after the VARIABLE= part.

PR:		219305
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:440983 
Wednesday, 4 Jan 2017
14:38 mandree search for other commits by this committer
Update openvpn-devel to 2016-52 snapshot.

Align with security/openvpn for RC script improvements, dropping the
TUNNELBLICK patch (integrated upstream) and pkg-help file (no longer
required).

Note that pkcs11* and mbedTLS currently do not mix (I randomly checked
different option sets), an issue this port shares with security/openvpn.
"checking mbedtls pkcs11 support...
configure: error: mbedtls has no pkcs11 wrapper compiled in"

PR:		215734
Submitted by:	Eric F. Crist (maintainer)
Original commitRevision:430558 
Thursday, 8 Dec 2016
08:55 mandree search for other commits by this committer
Update to 2016-W47 snapshot (2.4 beta).

PR:		214930
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:428107 
Thursday, 3 Nov 2016
22:32 mandree search for other commits by this committer
Update to latest snapshot (week 43)

PR:		213982
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:425277 
Tuesday, 28 Jun 2016
16:20 pi search for other commits by this committer
security/openvpn-devel: 201607 -> 201623

Port Changes:
- password-save option is always on now, no longer optional
- LibreSSL has been renamed mbed TLS

Upstream Changes:
- Implement --push-remove option to remove options pushed by server
- Use mbedTLS 2.x now, instead of PolarSSL 1.x

PR:		210259
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:417735 
Saturday, 27 Feb 2016
20:28 pi search for other commits by this committer
security/openvpn-devel: 201548 -> 201607

- update to the latest development snapshot

PR:		207489
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:409687 
Monday, 30 Nov 2015
11:08 miwi search for other commits by this committer
- Update to 2015-48

PR:		        204805
Submitted by:	ecrist@secure-computing.net (maintainer)
Approved by:	mat (mentor)
Original commitRevision:402661 
Wednesday, 21 Oct 2015
14:16 mat search for other commits by this committer
Update to 201541. [1]

Convert to options helpers.

PR:		203823 [1]
Submitted by:	maintainer
Sponsored by:	Absolight
Original commitRevision:399908 
Tuesday, 16 Jun 2015
01:29 delphij search for other commits by this committer
Update to 201523.

PR:		200774
Submitted by:	maintainer
Original commitRevision:389811 
Tuesday, 21 Apr 2015
16:39 jpaetzel search for other commits by this committer
Update to 201516 development snapshot

PR:	199580
Submitted by:	ecrist@secure-computing.net
Original commitRevision:384431 
Friday, 5 Dec 2014
16:51 feld search for other commits by this committer
Update to the 201449 snapshot

PR:		195651
Submitted by:	ecrist (maintainer)
Original commitRevision:374053 
Wednesday, 23 Jul 2014
20:33 rakuco search for other commits by this committer
Update to the 201425 snapshot.

PR:		192006
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:362728 
Friday, 6 Jun 2014
17:12 bdrewery search for other commits by this committer
- Update to latest snapshot 201421
- Support staging
- Sync more with security/openvpn

PR:		190312
Submitted by:	ecrist@secure-computing.net (maintainer)
Original commitRevision:356822 
Monday, 1 Jul 2013
18:10 lme search for other commits by this committer
Update to version 201326

PR:		ports/180167
Submitted by:	maintainer
Original commitRevision:322134 
Tuesday, 21 May 2013
23:32 jpaetzel search for other commits by this committer
Update to latest snapshot

PR:	ports/178814
Submitted by:	Eric F Crist <ecrist@secure-computing.net>
Sponsored by:	Claimlynx
Original commitRevision:318735 
Tuesday, 18 Dec 2012
19:59 jpaetzel search for other commits by this committer
Update to 201250 snapshot

PR:	ports/174520
Submitted by:	Eric F. Crist <ecrist@secure-computing.net>
Original commitRevision:309198 
Thursday, 11 Oct 2012
20:13 bdrewery search for other commits by this committer
- Update to latest snapshot [1]
- Properly install symlinks for auth-pam and down-root plugins [1]
- Fix pkg-message description of locations of these plugins [1]
- Fix plist for nonexistent DOCSDIR/openvpn and DOCSDIRS/sample

PR:		ports/172587 [1]
Submitted by:	Eric F Crist <ecrist@secure-computing.net> (maintainer) [1]
Feature safe:	yes
Original commitRevision:305741 
Friday, 28 Sep 2012
18:45 bdrewery search for other commits by this committer
- Update to 201237 snapshot [1]
- Convert to new options framework
- Remove ABI versions from LIB_DEPENDS
- Update to new header

PR:		ports/171743 [1]
Submitted by:	Eric F Crist <ecrist@secure-computing.net> (maintainer) [1]
Original commitRevision:305007 
Wednesday, 25 Jul 2012
16:52 scheidell search for other commits by this committer
- Update to latest snapshot

PR:		ports/170111
Submitted by:	Eric F Crist <ecrist@secure-computing.net> (maintainer)
Original commit
Monday, 27 Feb 2012
19:20 jgh search for other commits by this committer
- Update to 201208 snapshot
- while here use INSTALL_LIB for library installation

PR:     ports/165504
Submitted by:   maintainer, ecrist@secure-computing.net
Original commit
Monday, 23 Jan 2012
20:47 ohauer search for other commits by this committer
- update to DISTVERSION 201204
- sort pkg-plist with help from ports-mgmt/genplist

PR:             164407
Submitted by:   Eric F Crist <ecrist@secure-computing.net> (maintainer)
Original commit
Tuesday, 4 Oct 2011
21:51 mandree search for other commits by this committer
Update to new snapshot 201139, removing files/patch-t_cltsrv.sh [1].

Remove files/pkg-req.in and references in SUB_FILES and pre-install,
it was a (now obsolete) workaround to warn users that installed newer
6.X packages on older 6.X systems and ended up with the new rc world
order scripts unfound and openvpn not running. [2]

Fix version number in CONFLICTS to encompass openvpn (not just
openvpn20), and demote to CONFLICTS_INSTALL. Neither port installs
headers or libraries that might get in the way.

PR:           ports/161285
Submitted by: Eric F. Crist (maintainer) [1]
Approved by:  Eric F. Crist (maintainer) [2]
Original commit
Friday, 1 Jul 2011
17:59 jpaetzel search for other commits by this committer
Update to week 26 snapshot.

PR:     ports/158568
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Sponsored by:   ClaimLynx, Inc
Original commit
Wednesday, 15 Jun 2011
08:43 culot search for other commits by this committer
- Update to 201124

PR:             ports/157812
Submitted by:   Jin-Sih Lin <linpct@gmail.com>
Approved by:    Eric Crist <ecrist@secure-computing.net> (maintainer)
Original commit
Wednesday, 4 May 2011
18:12 dhn search for other commits by this committer
- Update to 201118

PR:             ports/156812
Submitted by:   Eric F Crist <ecrist@secure-computing.net> (maintainer)
Original commit
Tuesday, 22 Mar 2011
13:34 jpaetzel search for other commits by this committer
Update to latest snapshot.

PR:     ports/155770
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Sponsored by:   ClaimLynx, Inc
Original commit
Tuesday, 25 Jan 2011
23:31 jpaetzel search for other commits by this committer
Update to week 4 snapshot

PR:     ports/154296
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Feature safe:   yes
Sponsored by:   ClaimLynx, Inc
Original commit
Friday, 10 Dec 2010
15:04 jpaetzel search for other commits by this committer
Update to latest snapshot.

PR:     ports/152992
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Sponsored by:   ClaimLynx, Inc
Original commit
Thursday, 14 Oct 2010
20:27 jpaetzel search for other commits by this committer
Update to latest snapshot

PR:     ports/151462
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Sponsored by:   ClaimLynx, Inc
Original commit
Sunday, 22 Aug 2010
15:22 lwhsu search for other commits by this committer
- Update to the latest week 34 snapshot.
- While here, resolve portlint(1) warning: Package conflicts with itself.

PR:             ports/149878
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Original commit
Wednesday, 4 Aug 2010
16:02 jpaetzel search for other commits by this committer
Update to latest weekly snapshot.
Add softrestart command to rc script.

PR:     ports/149272
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Original commit
Tuesday, 20 Jul 2010
15:55 jpaetzel search for other commits by this committer
Update weekly snapshot

PR:     ports/148787
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Original commit
Monday, 28 Jun 2010
17:54 jpaetzel search for other commits by this committer
Update to weekly snapshot

PR:     148212
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Approved by:    itetcu@ (mentor)
Feature safe:   yes
Original commit
Wednesday, 16 Jun 2010
22:35 jpaetzel search for other commits by this committer
Update to week 24 snapshot

PR:     147850
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Approved by:    itetcu@ (mentor)
Original commit
Thursday, 3 Jun 2010
17:20 jpaetzel search for other commits by this committer
Update to latest snapshot

PR:     ports/147330
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Approved by:    itetcu@ (mentor)
Original commit
Friday, 14 May 2010
21:17 jpaetzel search for other commits by this committer
Update to week 19 tarball

PR:     ports/146594
Submitted by:   Eric F Crist <ecrist@secure-computing.net>
Approved by:    itetcu@ (mentor)
Original commit
Monday, 26 Apr 2010
03:02 sylvio search for other commits by this committer
- Update to 201017

PR:             ports/145762
Submitted by:   Eric F Crist <ecrist@secure-computing.net> (maintainer)
Original commit
Wednesday, 24 Mar 2010
13:17 niels search for other commits by this committer
This is the bi-weekly update of openvpn-devel (week 12)

PR:     ports/144945
Submitted by:   Eric F Crist <ecrist@secure-computing.net> (maintainer)
Approved by:    miwi (mentor)
Original commit
Monday, 15 Mar 2010
14:13 niels search for other commits by this committer
Maintainer updated to 201010 snapshot

PR:     ports/144699
Submitted by:   Eric F Crist <ecrist@secure-computing.net> (maintainer)
Approved by:    itetcu (mentor)
Original commit
Tuesday, 23 Feb 2010
12:22 mandree search for other commits by this committer
Revive openvpn-devel port and pass maintainership to Eric F. Christ.

NOTE that the port is more of a development snapshot than it used to be,
so it should be used SOLELY for testing and development, NOT IN PRODUCTION.

PR: ports/144115
Approved by: mandree@ (previous maintainer)
Approved by: garga@ (mentor)
Feature safe: yes
Original commit
Thursday, 7 Jan 2010
16:28 mandree search for other commits by this committer
Move security/openvpn to security/openvpn20 (after previous repocopy).
Update security/openvpn20 to 2.0.9, revising pkg-message.

Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.

Remove security/openvpn-devel, adding a MOVED entry.

Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.

Add a UPDATING entry for this shuffle.  Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).

Approved by:  garga@ (mentor)
Original commit
Wednesday, 14 Oct 2009
10:34 miwi search for other commits by this committer
- Update to 2.1_rc20

PR:             139584
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Original commit
Friday, 7 Aug 2009
17:47 amdmi3 search for other commits by this committer
- Update to 2.1_rc19
- Fix on FreeBSD 8.x

PR:             137516
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Original commit
Saturday, 13 Jun 2009
22:55 miwi search for other commits by this committer
- Update to 2.1_rc18

PR:             135392
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Original commit
Tuesday, 2 Jun 2009
21:41 miwi search for other commits by this committer
- Update to 2.1_rc17

PR:             135148
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Original commit
Saturday, 22 Nov 2008
22:29 miwi search for other commits by this committer
- Update to 2.1_rc15

PR:             129062
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Original commit
Saturday, 11 Oct 2008
14:00 miwi search for other commits by this committer
- Update to 2.1-rc13

PR:             128007
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Original commit
Monday, 15 Sep 2008
23:13 miwi search for other commits by this committer
- Update to 2.1_rc11

Changelog:
        This release fixes a serious (though not security-related) bug in the
        SSL/TLS negotiation over UDP that can cause SSL/TLS handshake failures.

PR:             127392
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by:    portmgr (pav)
Original commit
Sunday, 10 Aug 2008
21:48 miwi search for other commits by this committer
- Security update to version 2.1_rc9 to fix CVE-2008-3459
  (arbitrary code execution).
- VulnDB update was submitted in a previous PR.
- Add PKCS#11 option which explicitly disables PKCS11 at
  build time if not desired to avoid invisible pkcs11-helper
  dependency, else openvpn would silently pick up security/pkcs11-helper.

PR:             126356
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Original commit
Friday, 18 Jul 2008
12:16 miwi search for other commits by this committer
- Force commit to correct the previous commit log:

Correct permissions/owner of DOCSDIR-installed files

PR:             125726 / 125727
Request by:     maintainer via im
Original commit
Sunday, 15 Jun 2008
18:30 jadawin search for other commits by this committer
- Update to 2.1-rc8

PR:             ports/124574
Submitted by:   Matthias Andree <matthias.andree gmx.de> (maintainer)
Approved by:    mentor (implicit)
Original commit
Thursday, 31 Jan 2008
04:46 tabthorpe search for other commits by this committer
- Update to 2.1_rc7

PR:             ports/120174
Submitted by:   Matthias Andree <matthias.andree gmx.de> (maintainer)
Original commit
Saturday, 26 Jan 2008
15:40 araujo search for other commits by this committer
- Update to 2.1_rc6.

PR:             ports/119953
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by:    stas (mentor, implicit)
Original commit
Saturday, 26 May 2007
15:47 araujo search for other commits by this committer
- Update to new upstream version 2.1-rc4.
- Override new automake default dir.

PR:             ports/112414
Submitted by:   Matthias Andree <matthias.andree@gmx.de>
Approved by:    stas (mentor)
Original commit
Tuesday, 6 Mar 2007
13:00 rafan search for other commits by this committer
- Update to 2.1 RC2
- Port rc script changes from security/openvpn 2.0.6_7 to support multiple
  instances

PR:             ports/109909
Submitted by:   Matthias Andree <matthias.andree at gmx.de> (maintainer)
Original commit
Sunday, 12 Nov 2006
19:22 itetcu search for other commits by this committer
Update to 2.1_rc1.

PR:             ports/105449
Submitted by:   Matthias Andree (maintainer)
Original commit
Saturday, 7 Oct 2006
07:04 rafan search for other commits by this committer
- Update to 2.1 beta 16
- Build auth-pam module
- Remove patch that got merged upstream

PR:             ports/103994
Submitted by:   Matthias Andree <matthias.andree at gmx.de> (maintainer)
Original commit
Thursday, 14 Sep 2006
05:59 rafan search for other commits by this committer
- Update to 2.1.beta15

PR:             ports/103244
Submitted by:   Matthias Andree <matthias.andree at gmx.de> (maintainer)
Original commit
Saturday, 19 Aug 2006
14:29 shaun search for other commits by this committer
Convert the repocopied security/openvpn into openvpn-devel.

OpenVPN is a robust, scalable and highly configurable VPN (Virtual Private
Network) daemon which can be used to securely link two or more private networks
using an encrypted tunnel over the internet. It can operate over UDP or TCP,
can use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one
server can handle many clients.

PR:             ports/101802
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (openvpn maintainer)
Original commit

Number of commits found: 90