- Upgrade security/openvpn to v2.3.0 (changes installed layout a bit),
splitting and re-diffing patches.
- Retain v2.2.2 as security/openvpn22
- Mark security/openvpn20 as deprecated and to expire 6 months from now
- Fix TCP_NODELAY option (openvpn 2.3, 2.2), see
<http://community.openvpn.net/openvpn/ticket/158>
- Fix PassTOS option (openvpn 2.2, 2.0), see
http://community.openvpn.net/openvpn/ticket/135
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
- Name
em@i.l
or variations thereof. While I'm here also fix some whitespace and other
formatting errors, including moving WWW: to the last line in the file.
constructions that parse out to [ -z "$foo" ] && foo=""
These are bad examples that get copied and pasted into new code, so the
hope is that with less bad examples there will be less need for me to
bring this up in review.
In a few of these files all that were changed were comments so that next
time I search for these patterns I won't trip on the file for no reason.
In a few places, add $FreeBSD$
No functional changes, so no PORTREVISION bumps
- remove subshell to use basename, and use ## substitution [1]
- remove FreeBSD 5.X compatibility comment [1]
- remove FreeBSD 5.X compatibility code
The parts marked with [1] above were
Submitted by: dougb (Doug Barton)
Update security/openvpn20 to 2.0.9, revising pkg-message.
Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.
Remove security/openvpn-devel, adding a MOVED entry.
Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.
Add a UPDATING entry for this shuffle. Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).
Approved by: garga@ (mentor)
propogated by copy and paste.
1. Primarily the "empty variable" default assignment, which is mostly
${name}_flags="", but fix a few others as well.
2. Where they are not already documented, add the existence of the _flags
(or other deleted empties) option to the comments, and in some cases add
comments from scratch.
3. Replace things that look like:
prefix=%%PREFIX%%
command=${prefix}/sbin/foo
to just use %%PREFIX%%. In many cases the $prefix variable is only used
once, and in some cases it is not used at all.
4. In a few cases remove ${name}_flags from command_args
5. Remove a long-stale comment about putting the port's rc.d script in
/etc/rc.d (which is no longer necessary).
No PORTREVISION bumps because all of these changes are noops.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.
To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.
To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.
Changes to Mk/*:
- Add runtime detection magic in bsd.port.mk
- Remove CONFIGURE_TARGET hack in various bsd.*.mk
- USE_GNOME=gnometarget is now an no-op
Changes to individual ports, other than removing the CONFIGURE_TARGET hack:
= pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables)
- comms/gnuradio
- science/abinit
- science/elmer-fem
- science/elmer-matc
- science/elmer-meshgen2d
- science/elmerfront
- science/elmerpost
= use x86_64 as ARCH
- devel/g-wrap
= other changes
- print/magicfilter
GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf
Total # of ports modified: 1,027
Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes)
PR: 126524 (obsoletes 52917)
Submitted by: rafan
Tested on: two pointyhat 7-amd64 exp runs (by pav)
Approved by: portmgr (pav)
being started during boot. The reason for this is that at boot $0 is not
/usr/local/etc/rc.d/openvpn but /etc/rc. The fix is a bit hackish because
it retrieves the script name from $_file - variable used in run_rc_script().
Reported by: bazzoola <bazzoola@gmail.com>
Inspired by [1]
* Bump PORTREVISION
* Update the comment which says not to send notices about 2.0.8 to 2.0.9 since
2.0.9 also introduces only Windows changes. Remove maintainer's name from
this comment since he did not explicitly state this.
PR: ports/108371 [1]
Submitted by: Denis Shaposhnikov <dsh@vlink.ru>, Gleb Kozyrev <gkozyrev@gmail.com> [1]
Approved by: matthias.andree@gmx.de (maintainer timeout, 28 days)
- Portrevision bumped since the change affects all architectures,
not just those that were failing.
PR: ports/103863
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer)
Reported by: pointyhat
the man page) and README.openvpn-down-root
2 - match rc.d filename as printed post install in pkg-message to actual file
name on newer systems (which use openvpn rather than openvpn.sh)
Reported by: Jean-Baptiste Quenot (Bcc'd)
The maintainer wishes to thank Jean-Baptiste for his report and patience.
3 - add a pkg-req script to prevent installation of 6.1 packages on older
machines, which is a frequent source of "rc.d script doesn't work"
complaints.
Added file(s):
- files/pkg-req.in
PR: ports/100917
Submitted by: Matthias Andree (maintainer)
prevent a lot of people asking maintainer about it:
# -----------------------------------------------------
# DO NOT BOTHER TO SEND NOTICES ABOUT 2.0.7 AS IT FIXES
# A WINDOWS-ONLY BUG THAT DOESN'T AFFECT *BSD AND THUS
# DOES NOT WARRANT A PORT UPGRADE! AND UPGRADE REQUESTS
# WILL BE DROPPED. -- Matthias Andree, 2006-04-26
# -----------------------------------------------------
PR: ports/96383
Submitted by: maintainer
* security fix for client LD_PRELOAD code injection vulnerability
through compromised upstream servers
(FreeBSD VuXML Vuln VID be4ccb7b-c48b-11da-ae12-0002b3b60e4c,
filed in separate PR)
CVE id not known yet
* 2 other changes only relevant for Linux and NetBSD, not detailed here.
PR: ports/95345
Submitted by: maintainer
Security: VuXML be4ccb7b-c48b-11da-ae12-0002b3b60e4c
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
(according to the release notes), so our heuristic assumes the module is
missing and tries to load it, which fails as the module already exists.
PR: ports/86286
Submitted by: maintainer
- fix bug that would exhaust file descriptors as the routing table was modified
(this had already been part of the port previously)
- fix bug that would block the management socket until the peer connected
- fix pkitool sh incompatibilities (from NetBSD)
PR: ports/85299
Submitted by: maintainer
CAN-2005-2531, CAN-2005-2532, CAN-2005-2533, CAN-2005-2534
- Drop old init script and add a modern rcNG script in its place,
requested by Matthias Grimm and Dirk Gouders (although the script below is
one I, Matthias Andree, wrote). It can automatically load tun/tap drivers.
- move pkg-message to files/pkg-message.in, revise it, list it in SUB_FILES
to expand ${PREFIX}.
- print pkg-message after installation from port
- switch to official "make check" as smoke-test, rather than wiring our own.
- prefer LZO2 in most situations, as OpenVPN will pick up LZO2 rather than
LZO1 if both are installed.
PR: ports/85109
Submitted by: maintainer
Approved by: portmgr (krion)
