From nobody Tue May 31 16:41:59 2022 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 733161B6E1EF; Tue, 31 May 2022 16:41:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LCJ2v2snkz4ksy; Tue, 31 May 2022 16:41:59 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1654015319; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8bkavQEW11/Jt4Tl7hNNxBZqCt7dy/GcxjWDAPvN5EA=; b=IL+FD6wCttqC/ber6AxHbs/Er0W9yB6ypb3h+ezAD54pwRI7fGCUESv/MOP4Hmt3Iui/Wc cC98vLXjxxN+Y7iGgKM5gmnsk+QdTy2dyWuTH7zLdwZwqPlQOflqG3FZY0f+W1VETC/5iI cisEIg3zIz2vebWmpCq5VWaP7CSyd3+G69Woz/1lFnOOCMqLGu2GhQ9p3q4sauVC3F66S3 ikk0rGL7MSG0GAAn3gk1N0tiddILvuHsAFTW7ln5Z2/ApJhHzDPva29vIrxeZOb8D4XqG2 bJ79eIuQ+j44Cy/7yzssPnS+uok9K87MF3bKI0a7A3xgOFlUwgUfejYvZbl3MA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 422AA7885; Tue, 31 May 2022 16:41:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 24VGfxUo079196; Tue, 31 May 2022 16:41:59 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 24VGfxmw079195; Tue, 31 May 2022 16:41:59 GMT (envelope-from git) Date: Tue, 31 May 2022 16:41:59 GMT Message-Id: <202205311641.24VGfxmw079195@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Matthias Andree Subject: git: c450cf43cc7a - 2022Q2 - security/openvpn: update to v2.5.7 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mandree X-Git-Repository: ports X-Git-Refname: refs/heads/2022Q2 X-Git-Reftype: branch X-Git-Commit: c450cf43cc7a22ee2ac08e55345ebf49992f8a19 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1654015319; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8bkavQEW11/Jt4Tl7hNNxBZqCt7dy/GcxjWDAPvN5EA=; b=ZM+nFmUPpxdYF1PcwqV/bbUT7B5pakGAxfSSvG65kvJo5dLuIJ3KRIR6NsfI/Rx344ms2K lvBPZLF08+UkWwAsmr1C88qom9dircrclk7wVIMMQCuTzVQXJTsVvlE7wnu0DDDQ4rYAva stKQe6Xnkp9VH1xfpErdirsk2F5hSvLbQiFMteUTCO3dSsC9E1MmbKGOhd7+ZLXUWR+gi1 Smp3IiaCHiqUBitw8L/EWbQeP4tkZTK54YWQHAn/GOMs1gyqdOjplcAaPMafBNy6Gowe0g G9G9EVahiZn3qZWta9Ec9MCz6VQmujeD/xKJcQdfXnEzrjMqQKHu6qnLQYX7KA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1654015319; a=rsa-sha256; cv=none; b=nHdOUxpDk2fuf8VqlrJvTa1cJ814xMUeAuhFPB7r1m+GnN8tlkmOgGheTpq/KyCahhkTPF ct3fdwqgyR0PSUjLCblRP3WZpBxySCRI2lh2L2CWB5WhHjLVUEyFINHq84r4fT6TBUnX7a GxNsWJ/MAiqI6u8pfQX3wbJ3EzP2vJ3h5afQeLjO8a1rg6ipsQR1WPrNzHAXTXE/VVOQRC sxF5BqeDbRJ8pB5bm0Df00vSUSOPRuh+MHfej8y6KPw7dZoCiyiRgJbbtM5f6QP+HEVYXa SDNnxYlpyPoUIQNbQEJL8wrJgNZ7942her7Fr/nRzMwGjY0MEOF1Ua4xD36LQw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch 2022Q2 has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=c450cf43cc7a22ee2ac08e55345ebf49992f8a19 commit c450cf43cc7a22ee2ac08e55345ebf49992f8a19 Author: Matthias Andree AuthorDate: 2022-05-28 18:37:05 +0000 Commit: Matthias Andree CommitDate: 2022-05-31 16:41:34 +0000 security/openvpn: update to v2.5.7 FreeBSD-related changes from Changes.rst: - Limited OpenSSL 3.0 support OpenSSL 3.0 support has been added. OpenSSL 3.0 support in 2.5 relies on the compatiblity layer and full OpenSSL 3.0 support is coming with OpenVPN 2.6. Only features that impact usage directly have been backported: ``--tls-cert-profile insecure`` has been added to allow selecting the lowest OpenSSL security level (not recommended, use only if you must). OpenSSL 3.0 no longer supports the Blowfish (and other deprecated) algorithm by default and the new option ``--providers`` allows loading the legacy provider to renable these algorithms. Most notably, reading of many PKCS#12 files encrypted with the RC2 algorithm fails unless ``--providers legacy default`` is configured. The OpenSSL engine feature ``--engine`` is not enabled by default anymore if OpenSSL 3.0 is detected. - print OpenSSL error stack if decoding PKCS12 file fails - fix PATH_MAX build failure in auth-pam.c - fix t_net.sh self-test leaving around stale "ovpn-dummy0" interface detailed changes: https://github.com/OpenVPN/openvpn/releases/tag/v2.5.7 (cherry picked from commit 9acfd1b4afebdf57366dff963ddc70d962994d1d) While here, deprecate MBEDTLS. --- security/openvpn/Makefile | 4 ++-- security/openvpn/distinfo | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/security/openvpn/Makefile b/security/openvpn/Makefile index 680e92e82fde..2e4abfe023c4 100644 --- a/security/openvpn/Makefile +++ b/security/openvpn/Makefile @@ -1,7 +1,7 @@ # Created by: Matthias Andree PORTNAME= openvpn -DISTVERSION= 2.5.6 +DISTVERSION= 2.5.7 PORTREVISION?= 0 CATEGORIES= security net net-vpn MASTER_SITES= https://swupdate.openvpn.org/community/releases/ \ @@ -44,7 +44,7 @@ OPTIONS_SINGLE_SSL= OPENSSL MBEDTLS ASYNC_PUSH_DESC= Enable async-push support EASYRSA_DESC= Install security/easy-rsa RSA helper package LZO_DESC= LZO compression (incompatible with LibreSSL) -MBEDTLS_DESC= SSL/TLS via mbedTLS (lacks TLS v1.3) +MBEDTLS_DESC= SSL/TLS via mbedTLS (DEPRECATED) PKCS11_DESC= Use security/pkcs11-helper (OpenSSL only) SMALL_DESC= Build a smaller executable with fewer features TUNNELBLICK_DESC= XOR scrambling patch - DEPRECATED! diff --git a/security/openvpn/distinfo b/security/openvpn/distinfo index da8a61fc1dbd..c0b63a7bfe5e 100644 --- a/security/openvpn/distinfo +++ b/security/openvpn/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1647545752 -SHA256 (openvpn-2.5.6.tar.xz) = 13c7c3dc399d1b571cabf189c4d34ae34656ee72b6bde2a8059c1e9bc61574ed -SIZE (openvpn-2.5.6.tar.xz) = 1150352 +TIMESTAMP = 1653761260 +SHA256 (openvpn-2.5.7.tar.xz) = 313bca7e996a4f59ef9940dd87c6c4b9168064db9be6cabebd37cd65f13759ed +SIZE (openvpn-2.5.7.tar.xz) = 1150476