Date: Fri, 28 Aug 2020 14:14:40 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r546735 - in head/security/openvpn-devel: . files Message-ID: <202008281414.07SEEex3070634@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Fri Aug 28 14:14:40 2020 New Revision: 546735 URL: https://svnweb.freebsd.org/changeset/ports/546735 Log: security/openvpn-devel: Update to 2020-W35 snapshot (take 2 + 1/2) This also adds a fix to the optional TUNNELBLICK extra-patch that removes context now gone from the upstream code. Here are the changes in the W35 snapshot: 136c5f01 Fix compilation with older mbed TLS versions (mbedtls_tls_prf_types undefined) 5e19cc2c Workaround FreeBSD 12+ race condition on tun/tap open with IPv6. 10abd656 Refactor key_state_export_keying_material functions 62560e2a Fixes a bug in management_callback_send_cc_message, should be strlen instead of sizeof 2ab0a924 Fix client's poor man NCP fallback ed47c097 tun.c: enable using wintun driver under SYSTEM 2da29362 Improve the documentation for --dhcp-option bf911882 Changes.rst: fix mistyped option names e33f4475 doc: fix typos in cipher-negotiation.rst 7e65483d Fix stack overflow in OpenSolaris NEXTADDR() f7432a97 Change version.m4 to 2.6_git c1c43d46 Improve sections about older OpenVPN clients in cipher-negotiation.rst 26b658ea Changes.rst updates in preparation to 2.5_beta1 079fca54 Add depreciation notice for --ncp-disable to protocol-options.rst 16249959 Cleanup tls_pre_decrypt_lite and tls_pre_encrypt a6a15f70 Refactor/Reformat tls_pre_decrypt Poudriere test builds succeed on: 11.3 i386, amd64 12.1 i386, amd64, arm64 mips64 currently left in the dust because a build req. for py-docutils winds up requiring gcc9, which isn't available for MIPS64. PR: 248969 Submitted by: Eric F. Crist (maintainer) Modified: head/security/openvpn-devel/Makefile head/security/openvpn-devel/distinfo head/security/openvpn-devel/files/extra-tunnelblick-openvpn_xorpatch Modified: head/security/openvpn-devel/Makefile ============================================================================== --- head/security/openvpn-devel/Makefile Fri Aug 28 14:04:55 2020 (r546734) +++ head/security/openvpn-devel/Makefile Fri Aug 28 14:14:40 2020 (r546735) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= openvpn -DISTVERSION= 202033 +DISTVERSION= 202035 CATEGORIES= security net net-vpn MASTER_SITES= https://secure-computing.net/files/openvpn/ PKGNAMESUFFIX= -devel Modified: head/security/openvpn-devel/distinfo ============================================================================== --- head/security/openvpn-devel/distinfo Fri Aug 28 14:04:55 2020 (r546734) +++ head/security/openvpn-devel/distinfo Fri Aug 28 14:14:40 2020 (r546735) @@ -1,3 +1,3 @@ -TIMESTAMP = 1597145486 -SHA256 (openvpn-202033.tar.xz) = 0759d8f06b1af368bf6551785f90e8deceee1396ae5046fd2a96a7a8fcb88b05 -SIZE (openvpn-202033.tar.xz) = 1057600 +TIMESTAMP = 1598621546 +SHA256 (openvpn-202035.tar.xz) = ea195c1c1c2e9bc1a5ff443b2649e58f730926bd34fe6ab24400a11c749c11cd +SIZE (openvpn-202035.tar.xz) = 1053628 Modified: head/security/openvpn-devel/files/extra-tunnelblick-openvpn_xorpatch ============================================================================== --- head/security/openvpn-devel/files/extra-tunnelblick-openvpn_xorpatch Fri Aug 28 14:04:55 2020 (r546734) +++ head/security/openvpn-devel/files/extra-tunnelblick-openvpn_xorpatch Fri Aug 28 14:14:40 2020 (r546735) @@ -40,16 +40,14 @@ The patch was ported to OpenVPN 2.4 by OPNsense. link_socket_write_post_size_adjust(&size, size_delta, &c->c2.to_link); --- src/openvpn/options.c.orig 2016-12-22 07:25:18 UTC +++ src/openvpn/options.c -@@ -811,6 +811,9 @@ init_options(struct options *o, const bo +@@ -811,4 +811,7 @@ init_options(struct options *o, const bo o->resolve_retry_seconds = RESOLV_RETRY_INFINITE; o->resolve_in_advance = false; o->proto_force = -1; + o->ce.xormethod = 0; + o->ce.xormask = "\0"; + o->ce.xormasklen = 0; - #ifdef ENABLE_OCC o->occ = true; - #endif @@ -972,6 +975,9 @@ setenv_connection_entry(struct env_set * setenv_str_i(es, "local_port", e->local_port, i); setenv_str_i(es, "remote", e->remote, i);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202008281414.07SEEex3070634>