- Port rc script changes from security/openvpn 2.0.6_7 to support multiple
instances
PR: ports/109909
Submitted by: Matthias Andree <matthias.andree at gmx.de> (maintainer)
OpenVPN is a robust, scalable and highly configurable VPN (Virtual Private
Network) daemon which can be used to securely link two or more private networks
using an encrypted tunnel over the internet. It can operate over UDP or TCP,
can use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one
server can handle many clients.
PR: ports/101802
Submitted by: Matthias Andree <matthias.andree@gmx.de> (openvpn maintainer)
* security fix for client LD_PRELOAD code injection vulnerability
through compromised upstream servers
(FreeBSD VuXML Vuln VID be4ccb7b-c48b-11da-ae12-0002b3b60e4c,
filed in separate PR)
CVE id not known yet
* 2 other changes only relevant for Linux and NetBSD, not detailed here.
PR: ports/95345
Submitted by: maintainer
Security: VuXML be4ccb7b-c48b-11da-ae12-0002b3b60e4c
- fix bug that would exhaust file descriptors as the routing table was modified
(this had already been part of the port previously)
- fix bug that would block the management socket until the peer connected
- fix pkitool sh incompatibilities (from NetBSD)
PR: ports/85299
Submitted by: maintainer
CAN-2005-2531, CAN-2005-2532, CAN-2005-2533, CAN-2005-2534
- Drop old init script and add a modern rcNG script in its place,
requested by Matthias Grimm and Dirk Gouders (although the script below is
one I, Matthias Andree, wrote). It can automatically load tun/tap drivers.
- move pkg-message to files/pkg-message.in, revise it, list it in SUB_FILES
to expand ${PREFIX}.
- print pkg-message after installation from port
- switch to official "make check" as smoke-test, rather than wiring our own.
- prefer LZO2 in most situations, as OpenVPN will pick up LZO2 rather than
LZO1 if both are installed.
PR: ports/85109
Submitted by: maintainer
Approved by: portmgr (krion)
