non port: security/openvpn/files/patch-src_openvpn_openssl__compat.h |
Number of commits found: 3 |
Friday, 27 Jan 2023
|
21:32 Matthias Andree (mandree)
security/openvpn*: update to 2.6.0, keep openvpn25
- copy openvpn to openvpn25, mark as deprecated and to expire March 31
- update openvpn to openvpn 2.6.0, highlights from Frank Lichtenheld's
release announcement e-mail, slightly edited:
* Data Channel Offload (DCO) kernel acceleration support for Windows,
Linux, and FreeBSD [14].
* OpenSSL 3 support
* Improved handling of tunnel MTU, including support for pushable MTU.
* Outdated cryptographic algorithms disabled by default, but there are
options to override if necessary.
* Reworked TLS handshake, making OpenVPN immune to replay-packet state
exhaustion attacks.
* Added --peer-fingerprint mode for a more simplistic certificate setup
and verification.
* Improved protocol negotiation, leading to faster connection setup.
ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.0/Changes.rst
6853ab1 |
Thursday, 7 May 2020
|
16:28 mandree
security/openvpn: reliability fixes cherry-picked from upstream
Arne Schwabe's OpenSSL fix for Debian Bug#958296
"Fix tls_ctx_client/server_new leaving error on OpenSSL error stack"
<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958296> [1]
Selva Nair's auth-pam fixes
"Parse static challenge response in auth-pam plugin"
"Accept empty password and/or response in auth-pam plugin"
Re-diff (with make makepatch) older patches.
Reported by: Jonas Andradas via Debian BTS
Obtained from: Arne Schwabe, Selva Nair
<https://github.com/OpenVPN/openvpn/tree/release/2.4>
MFH: 2020Q2 (blanket for backporting reliability fixes)
|
Friday, 6 Sep 2019
|
18:16 mandree
Fix a sed regexp from GNUism to POSIX.
Thanks!
Also sent upstream for inclusion today,
https://sourceforge.net/p/openvpn/mailman/message/36757480/ and
https://sourceforge.net/p/openvpn/mailman/message/36757481/
PR: 240306
Submitted by: kevans@
|
Number of commits found: 3 |