Date: Sun, 05 Apr 2026 20:02:34 +0000 From: Daniel Engberg <diizzy@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Cc: Matthias Andree <mandree@FreeBSD.org> Subject: git: 51f1036a0750 - main - security/openvpn: Update to 2.7.1 Message-ID: <69d2bfda.374e9.4593a461@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by diizzy: URL: https://cgit.FreeBSD.org/ports/commit/?id=51f1036a07509a1e3eb50cf6e7904a88f55bb451 commit 51f1036a07509a1e3eb50cf6e7904a88f55bb451 Author: Matthias Andree <mandree@FreeBSD.org> AuthorDate: 2026-04-01 09:36:40 +0000 Commit: Daniel Engberg <diizzy@FreeBSD.org> CommitDate: 2026-04-05 20:00:05 +0000 security/openvpn: Update to 2.7.1 This changes installed scripts, openvpn-client.up and .down scripts are no longer installed into libexec/, but instead a dns-updown script is placed into libexec/openvpn/ (all under $PREFIX). Based on a patch provided by Marek Zarychta. Changelog: https://github.com/OpenVPN/openvpn/releases/tag/v2.7.1 PR: 293138, 286263 --- UPDATING | 9 +++++++++ security/openvpn/Makefile | 4 +--- security/openvpn/distinfo | 6 +++--- security/openvpn/files/openvpn-client.in | 5 ++--- security/openvpn/files/patch-inotify | 11 ----------- security/openvpn/files/pkg-message.in | 17 ++++++++++++++--- security/openvpn/pkg-plist | 3 +-- 7 files changed, 30 insertions(+), 25 deletions(-) diff --git a/UPDATING b/UPDATING index 2568f3b029ee..bf07357a41a0 100644 --- a/UPDATING +++ b/UPDATING @@ -5,6 +5,15 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20260401: + AFFECTS: users of security/openvpn + AUTHOR: mandree@FreeBSD.org + + The openvpn 2.7 port update no longer installs the openvpn-client.up + and openvpn-client.down scripts into libexec/, but instead a + dns-updown script into libexec/openvpn/. + Review your configuration, and the openvpn man page for --dns-updown. + 20260329: AFFECTS: users of java/openjdk25 and java/openjdk26 with the jre flavor AUTHOR: jrm@FreeBSD.org diff --git a/security/openvpn/Makefile b/security/openvpn/Makefile index 24de0901da9b..b267e810c066 100644 --- a/security/openvpn/Makefile +++ b/security/openvpn/Makefile @@ -1,5 +1,5 @@ PORTNAME= openvpn -DISTVERSION= 2.6.19 +DISTVERSION= 2.7.1 PORTREVISION?= 0 CATEGORIES= security net net-vpn MASTER_SITES= https://swupdate.openvpn.org/community/releases/ \ @@ -157,8 +157,6 @@ post-build: post-install: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/openvpn/plugins/openvpn-plugin-auth-pam.so ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/openvpn/plugins/openvpn-plugin-down-root.so - ${INSTALL_SCRIPT} ${WRKSRC}/contrib/pull-resolv-conf/client.up ${STAGEDIR}${PREFIX}/libexec/openvpn-client.up - ${INSTALL_SCRIPT} ${WRKSRC}/contrib/pull-resolv-conf/client.down ${STAGEDIR}${PREFIX}/libexec/openvpn-client.down ${INSTALL_SCRIPT} ${WRKDIR}/openvpn-client ${STAGEDIR}${PREFIX}/sbin/openvpn-client ${MKDIR} ${STAGEDIR}${PREFIX}/include diff --git a/security/openvpn/distinfo b/security/openvpn/distinfo index 0bc3904718f4..076472f98da7 100644 --- a/security/openvpn/distinfo +++ b/security/openvpn/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1770232344 -SHA256 (openvpn-2.6.19.tar.gz) = 13702526f687c18b2540c1a3f2e189187baaa65211edcf7ff6772fa69f0536cf -SIZE (openvpn-2.6.19.tar.gz) = 1926557 +TIMESTAMP = 1774966723 +SHA256 (openvpn-2.7.1.tar.gz) = 9858477ec2894a8a672974d8650dcb1af2eeffb468981a2b619f0fa387081167 +SIZE (openvpn-2.7.1.tar.gz) = 2088230 diff --git a/security/openvpn/files/openvpn-client.in b/security/openvpn/files/openvpn-client.in index 471757811795..20f806fd7a9c 100644 --- a/security/openvpn/files/openvpn-client.in +++ b/security/openvpn/files/openvpn-client.in @@ -1,6 +1,5 @@ #!/bin/sh -exec %%PREFIX%%/sbin/openvpn --script-security 2 \ - --up %%PREFIX%%/libexec/openvpn-client.up \ - --plugin openvpn-plugin-down-root.so %%PREFIX%%/libexec/openvpn-client.down \ +exec %%PREFIX%%/sbin/openvpn \ + --dns-updown force \ --config "$@" diff --git a/security/openvpn/files/patch-inotify b/security/openvpn/files/patch-inotify deleted file mode 100644 index 0f4a7fb66134..000000000000 --- a/security/openvpn/files/patch-inotify +++ /dev/null @@ -1,11 +0,0 @@ ---- configure.orig 2026-02-14 15:09:42.270539000 +0100 -+++ configure 2026-02-14 15:14:09.452731000 +0100 -@@ -19732,7 +19732,7 @@ - - if test "${enable_async_push}" = "yes"; then - case "$host" in -- *-*-freebsd*) -+ *-*-freebsd1[3-4]*) - - pkg_failed=no - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libinotify" >&5 diff --git a/security/openvpn/files/pkg-message.in b/security/openvpn/files/pkg-message.in index c527aec28683..770c343816b8 100644 --- a/security/openvpn/files/pkg-message.in +++ b/security/openvpn/files/pkg-message.in @@ -4,12 +4,13 @@ Edit /etc/rc.conf[.local] to start OpenVPN automatically at system startup. See %%PREFIX%%/etc/rc.d/openvpn for details. -Connect to VPN server as a client with this command to include -the client.up/down scripts in the initialization: +Connect to VPN server as a client with this command to include the +%%PREFIX%%/libexec/openvpn/dns-updown script in the initialization: openvpn-client <spec>.ovpn For compatibility notes when interoperating with older OpenVPN -versions, please see <http://openvpn.net/relnotes.html>; +versions, please see online documentation at +<https://github.com/OpenVPN/openvpn/blob/release/2.7/Changes.rst>; Note that OpenVPN does not officially support LibreSSL. @@ -29,6 +30,16 @@ when an unprivileged user account is desired. It is advisable to review existing configuration files and to consider adding/changing user openvpn and group openvpn. + +For compatibility notes when interoperating with older OpenVPN +versions, please see online documentation at +<https://github.com/OpenVPN/openvpn/blob/release/2.7/Changes.rst>; + +Note that the 2.7 version of the port replaced the +libexec/openvpn-client.down and .up scripts with a shared +%%PREFIX%%/libexec/openvpn/dns-updown script +(the sbin/openvpn-client script has been updated accordingly). + EOM } ] diff --git a/security/openvpn/pkg-plist b/security/openvpn/pkg-plist index a91ef85f2ee3..aaa55c692b28 100644 --- a/security/openvpn/pkg-plist +++ b/security/openvpn/pkg-plist @@ -2,8 +2,7 @@ include/openvpn-msg.h include/openvpn-plugin.h lib/openvpn/plugins/openvpn-plugin-auth-pam.so lib/openvpn/plugins/openvpn-plugin-down-root.so -libexec/openvpn-client.down -libexec/openvpn-client.up +libexec/openvpn/dns-updown share/man/man5/openvpn-examples.5.gz share/man/man8/openvpn.8.gz sbin/openvpnhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69d2bfda.374e9.4593a461>