Date: Fri, 8 Jan 2016 09:03:49 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r405536 - head/security/openvpn Message-ID: <201601080903.u0893nro067199@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Fri Jan 8 09:03:48 2016 New Revision: 405536 URL: https://svnweb.freebsd.org/changeset/ports/405536 Log: Upgrade to new upstream release 2.3.10. Now requires PolarSSL/mbedTLS 1.3.X with X >= 8, PolarSSL 1.2 is EOL. Match help text to the change. Make sure the build uses the local unpacked includes before the system includes, such that portmaster/portupgrade upgrades for PolarSSL work if 2.3.9 or older is pre-installed on the build system. Modified: head/security/openvpn/Makefile head/security/openvpn/distinfo Modified: head/security/openvpn/Makefile ============================================================================== --- head/security/openvpn/Makefile Fri Jan 8 09:02:01 2016 (r405535) +++ head/security/openvpn/Makefile Fri Jan 8 09:03:48 2016 (r405536) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= openvpn -DISTVERSION= 2.3.9 +DISTVERSION= 2.3.10 CATEGORIES= security net MASTER_SITES= http://swupdate.openvpn.net/community/releases/ \ http://build.openvpn.net/downloads/releases/ @@ -20,8 +20,9 @@ SHEBANG_FILES= sample/sample-scripts/ve sample/sample-scripts/auth-pam.pl \ sample/sample-scripts/ucn.pl -# let OpenVPN's configure script pick up the requisite libraries: -CPPFLAGS+= -I${LOCALBASE}/include +# let OpenVPN's configure script pick up the requisite libraries, +# but do not break the plugin build if an older version is installed +CPPFLAGS+= -I${WRKSRC}/include -I${LOCALBASE}/include LDFLAGS+= -L${LOCALBASE}/lib # set PLUGIN_LIBDIR so that unqualified plugin paths are found: @@ -36,7 +37,7 @@ OPTIONS_SINGLE_SSL= OPENSSL POLARSSL # PW_SAVE_DESC= Interactive passwords may be read from a file PKCS11_DESC= Use security/pkcs11-helper EASYRSA_DESC= Install security/easy-rsa RSA helper package -POLARSSL_DESC= SSL/TLS support via PolarSSL 1.2 +POLARSSL_DESC= SSL/TLS via PolarSSL (mbedTLS) 1.3.8+ (not 2.x) TUNNELBLICK_DESC= Tunnelblick XOR scramble patch (READ HELP!) X509ALTUSERNAME_DESC= Enable --x509-username-field (OpenSSL only) @@ -55,7 +56,10 @@ X509ALTUSERNAME_PREVENTS_MSG= OpenVPN ${ OPENSSL_USE= openssl=yes OPENSSL_CONFIGURE_ON= --with-crypto-library=openssl -POLARSSL_LIB_DEPENDS= libpolarssl.so:${PORTSDIR}/security/polarssl +# Pin the libmbedtls version because the 2.3.x port can't work with .so.10 or +# newer from the security/mbedtls package. Upstream works in progress +# for OpenVPN 2.4 to use mbedTLS 2.X. +POLARSSL_LIB_DEPENDS= libmbedtls.so.9:${PORTSDIR}/security/polarssl13 POLARSSL_CONFIGURE_ON= --with-crypto-library=polarssl USE_RC_SUBR= openvpn Modified: head/security/openvpn/distinfo ============================================================================== --- head/security/openvpn/distinfo Fri Jan 8 09:02:01 2016 (r405535) +++ head/security/openvpn/distinfo Fri Jan 8 09:03:48 2016 (r405536) @@ -1,2 +1,2 @@ -SHA256 (openvpn-2.3.9.tar.xz) = 52f16bef3a02369682f1464fbd2821070c98d0bd993f4c46c764e87375abdcc1 -SIZE (openvpn-2.3.9.tar.xz) = 816168 +SHA256 (openvpn-2.3.10.tar.xz) = c54dbf91d47b9533fac3b94d2b5719bdbe0d081fe8245184f91ef8a871d22003 +SIZE (openvpn-2.3.10.tar.xz) = 818152
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201601080903.u0893nro067199>