openvpn: updated to 2.6.1
Overview of changes in 2.6.1 New features Dynamic TLS Crypt When both peers are OpenVPN 2.6.1+, OpenVPN will dynamically create a tls-crypt key that is used for renegotiation. This ensure that only the previously authenticated peer can do trigger renegotiation and complete renegotiations. CryptoAPI (Windows): support issuer name as a selector. Certificate selection string can now specify a partial issuer name string as "--cryptoapicert ISSUER:<string>" where <string> is matched as a substring of the issuer (CA) name in the certificate. User visible changes on crypto initialization, move old "quite verbose" messages to --verb 4 and only print a more compact summary about crypto and timing parameters by default configure now enables DCO build by default on FreeBSD and Linux, which brings in a default dependency for libnl-genl (for Linux distributions that are too old to have this library, use "configure --disable-dco") make "configure --help" output more consistent CryptoAPI (Windows): remove support code for OpenSSL before 3.0.1 (this will not affect official OpenVPN for Windows installers, as they will always be built with OpenSSL 3.0.x) CryptoAPI (Windows): log the selected certificate's name "configure" now uses "subdir-objects", for automake >= 1.16 (less warnings for recent-enough automake versions, will change the way .o files are created) Bugfixes / minor improvements fixed old IPv6 ifconfig race condition for FreeBSD 12.4 fix compile-time breakage related to DCO defines on FreeBSD 14 enforce minimum packet size for "--fragment" (avoid division by zero) some alignment fixes to avoid unaligned memory accesses, which will bring problems on some architectures (Sparc64, some ARM versions) - found by USAN clang checker windows source code fixes to reduce number of compile time warnings (eventual goal is to be able to compile with -Werror on MinGW), mostly related to signed/unsigned char * conversions, printf() format specifiers and unused variables. avoid endless loop on logging with --management + --verb 6+ build (but not run) unit tests on MinGW cross compiles, and run them when building with GitHub Actions. add unit test for parts of cryptoapi.c add debug logging to help with diagnosing windows driver selection disable DCO if proxy config is set via management interface do not crash on Android if run without --management improve documentation about cipher negotiation and OpenVPN3 for x86 windows builds, use proper calling conventions for dco-win (__stdcall) differentiate "dhcp-option ..." options into "needs an interface with true DHCP service" (tap-windows) and "can also be installed by IPAPI or service, and can be used on non-DHCP interfaces" (wintun, dco-win) windows interactive service: fix possible double-free if "--block-dns" installation fails due to "security products" interfering "make dist": package ovpn_dco_freebsd.h to permit building from tarballs on FreeBSD 14
This commit is contained in:
parent
200c28cb43
commit
292ba1bfd4
6 changed files with 18 additions and 19 deletions
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.10 2020/01/26 17:31:53 rillig Exp $
|
||||
# $NetBSD: Makefile,v 1.11 2023/03/14 06:31:38 adam Exp $
|
||||
|
||||
.include "../../net/openvpn/Makefile.common"
|
||||
|
||||
|
@ -28,4 +28,5 @@ SPECIAL_PERMS+= bin/logwtmpx ${SETUID_ROOT_PERMS}
|
|||
|
||||
DEPENDS+= openvpn>=2.4.2:../../net/openvpn
|
||||
|
||||
.include "../../security/openssl/buildlink3.mk"
|
||||
.include "../../mk/bsd.pkg.mk"
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
$NetBSD: distinfo,v 1.33 2022/11/23 08:02:57 adam Exp $
|
||||
$NetBSD: distinfo,v 1.34 2023/03/14 06:31:38 adam Exp $
|
||||
|
||||
BLAKE2s (openvpn-2.5.8.tar.gz) = 7af26d7da32f771a6b34a5c25e4c0ffc6084a776c0c9f5dbd920f05a47810224
|
||||
SHA512 (openvpn-2.5.8.tar.gz) = 9cb0e79f26e7021141213d241fffaaa899575fa1640cb02d5f2a7b71f1ae12faac762ac26c2e4ddc4822550aa12cb81bab7a5b259d81230983e9b098e0f14091
|
||||
Size (openvpn-2.5.8.tar.gz) = 1875551 bytes
|
||||
BLAKE2s (openvpn-2.6.1.tar.gz) = 8645f53378fadbfdb0106e95c5375995e7f7557acd28c0de248fbdf555cae40c
|
||||
SHA512 (openvpn-2.6.1.tar.gz) = f848abc1d3ab99111b852fa52d12cb93734137acf3319b704c65cf8d1ef8abbf3cd3dbbe32b59687945e7dbd7ac7e8fc97bee57667f97700ba03d1ced4b40c31
|
||||
Size (openvpn-2.6.1.tar.gz) = 1852147 bytes
|
||||
BLAKE2s (openvpn-acct-wtmpx-20130210.tgz) = 2bb02a4e6adb7ce1d189271a6fbb6cbffd6a37d7b5e75cccebfc8dfac6dbaddd
|
||||
SHA512 (openvpn-acct-wtmpx-20130210.tgz) = 7b8fd4929e65d8d84158f62e5a17ff3adb3b4a6cff63b29038acfb368750719f2f593786ed9b02402824c19d872b188d2a46740a5c5f853e8873a71481b13aaf
|
||||
Size (openvpn-acct-wtmpx-20130210.tgz) = 2778 bytes
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
$NetBSD: distinfo,v 1.30 2022/11/23 08:02:58 adam Exp $
|
||||
$NetBSD: distinfo,v 1.31 2023/03/14 06:31:38 adam Exp $
|
||||
|
||||
BLAKE2s (openvpn-2.5.8.tar.gz) = 7af26d7da32f771a6b34a5c25e4c0ffc6084a776c0c9f5dbd920f05a47810224
|
||||
SHA512 (openvpn-2.5.8.tar.gz) = 9cb0e79f26e7021141213d241fffaaa899575fa1640cb02d5f2a7b71f1ae12faac762ac26c2e4ddc4822550aa12cb81bab7a5b259d81230983e9b098e0f14091
|
||||
Size (openvpn-2.5.8.tar.gz) = 1875551 bytes
|
||||
BLAKE2s (openvpn-2.6.1.tar.gz) = 8645f53378fadbfdb0106e95c5375995e7f7557acd28c0de248fbdf555cae40c
|
||||
SHA512 (openvpn-2.6.1.tar.gz) = f848abc1d3ab99111b852fa52d12cb93734137acf3319b704c65cf8d1ef8abbf3cd3dbbe32b59687945e7dbd7ac7e8fc97bee57667f97700ba03d1ced4b40c31
|
||||
Size (openvpn-2.6.1.tar.gz) = 1852147 bytes
|
||||
BLAKE2s (openvpn-nagios-20130210.tgz) = 713b55e865350c44a314aa3b48694695f4d82b50883d1fae919f01e9545c7c34
|
||||
SHA512 (openvpn-nagios-20130210.tgz) = 80e565f32379c39eb6c7f3b4744af221ae882ff07dce9dae5bd7feb73b0edcfc7c7ac7f70d23fdcd4f492b66f095f09833deb122449840b36ea606ce91900358
|
||||
Size (openvpn-nagios-20130210.tgz) = 3034 bytes
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
# $NetBSD: Makefile.common,v 1.27 2022/11/23 08:02:57 adam Exp $
|
||||
# $NetBSD: Makefile.common,v 1.28 2023/03/14 06:31:38 adam Exp $
|
||||
# used by net/openvpn/Makefile
|
||||
# used by net/openvpn-acct-wtmpx/Makefile
|
||||
# used by net/openvpn-nagios/Makefile
|
||||
|
||||
OPENVPN_DISTNAME= openvpn-2.5.8
|
||||
OPENVPN_DISTNAME= openvpn-2.6.1
|
||||
OPENVPN_DISTFILE= ${OPENVPN_DISTNAME}.tar.gz
|
||||
OPENVPN_MASTER_SITES= https://swupdate.openvpn.org/community/releases/
|
||||
SITES.${OPENVPN_DISTFILE}= ${OPENVPN_MASTER_SITES}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
@comment $NetBSD: PLIST,v 1.24 2021/10/05 19:25:41 adam Exp $
|
||||
@comment $NetBSD: PLIST,v 1.25 2023/03/14 06:31:38 adam Exp $
|
||||
include/openvpn-msg.h
|
||||
include/openvpn-plugin.h
|
||||
${PLIST.pam}lib/openvpn/plugins/openvpn-plugin-auth-pam.la
|
||||
|
@ -10,7 +10,6 @@ share/doc/openvpn/COPYING
|
|||
share/doc/openvpn/COPYRIGHT.GPL
|
||||
share/doc/openvpn/Changes.rst
|
||||
share/doc/openvpn/README
|
||||
share/doc/openvpn/README.IPv6
|
||||
${PLIST.pam}share/doc/openvpn/README.auth-pam
|
||||
share/doc/openvpn/README.down-root
|
||||
share/doc/openvpn/README.mbedtls
|
||||
|
@ -28,8 +27,6 @@ share/examples/openvpn/config/openvpn-startup.sh
|
|||
share/examples/openvpn/config/server.conf
|
||||
share/examples/openvpn/config/tls-home.conf
|
||||
share/examples/openvpn/config/tls-office.conf
|
||||
share/examples/openvpn/config/xinetd-client-config
|
||||
share/examples/openvpn/config/xinetd-server-config
|
||||
share/examples/openvpn/keys/README
|
||||
share/examples/openvpn/keys/ca.crt
|
||||
share/examples/openvpn/keys/ca.key
|
||||
|
@ -50,5 +47,6 @@ share/examples/openvpn/keys/ta.key
|
|||
share/examples/openvpn/scripts/auth-pam.pl
|
||||
share/examples/openvpn/scripts/bridge-start
|
||||
share/examples/openvpn/scripts/bridge-stop
|
||||
share/examples/openvpn/scripts/totpauth.py
|
||||
share/examples/openvpn/scripts/ucn.pl
|
||||
share/examples/openvpn/scripts/verify-cn
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
$NetBSD: distinfo,v 1.58 2022/11/23 08:02:57 adam Exp $
|
||||
$NetBSD: distinfo,v 1.59 2023/03/14 06:31:38 adam Exp $
|
||||
|
||||
BLAKE2s (openvpn-2.5.8.tar.gz) = 7af26d7da32f771a6b34a5c25e4c0ffc6084a776c0c9f5dbd920f05a47810224
|
||||
SHA512 (openvpn-2.5.8.tar.gz) = 9cb0e79f26e7021141213d241fffaaa899575fa1640cb02d5f2a7b71f1ae12faac762ac26c2e4ddc4822550aa12cb81bab7a5b259d81230983e9b098e0f14091
|
||||
Size (openvpn-2.5.8.tar.gz) = 1875551 bytes
|
||||
BLAKE2s (openvpn-2.6.1.tar.gz) = 8645f53378fadbfdb0106e95c5375995e7f7557acd28c0de248fbdf555cae40c
|
||||
SHA512 (openvpn-2.6.1.tar.gz) = f848abc1d3ab99111b852fa52d12cb93734137acf3319b704c65cf8d1ef8abbf3cd3dbbe32b59687945e7dbd7ac7e8fc97bee57667f97700ba03d1ced4b40c31
|
||||
Size (openvpn-2.6.1.tar.gz) = 1852147 bytes
|
||||
SHA1 (patch-src_compat_compat-basename.c) = 45a58ef2e05f6e0265f229da8540760e60e65143
|
||||
|
|
Loading…
Reference in a new issue