FreeBSD Bugzilla – Attachment 207248 Details for
Bug 240376
security/openvpn-devel: Update to 201935
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
diff file for changes
ovpnd.diff (text/plain), 6.41 KB, created by
Eric F Crist
on 2019-09-06 20:45:02 UTC
(
hide
)
Description:
diff file for changes
Filename:
MIME Type:
Creator:
Eric F Crist
Created:
2019-09-06 20:45:02 UTC
Size:
6.41 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 511355) >+++ Makefile (working copy) >@@ -2,8 +2,8 @@ > # $FreeBSD$ > > PORTNAME= openvpn >-DISTVERSION= 201907 >-CATEGORIES= security net net-vpn >+DISTVERSION= 201935 >+CATEGORIES= security net > MASTER_SITES= https://secure-computing.net/files/openvpn/ \ > ftp://ftp2.secure-computing.net/pub/FreeBSD/openvpn-devel/ > PKGNAMESUFFIX= -devel >@@ -41,7 +41,7 @@ > OPTIONS_SINGLE_SSL= OPENSSL MBEDTLS > PKCS11_DESC= Use security/pkcs11-helper > EASYRSA_DESC= Install security/easy-rsa RSA helper package >-MBEDTLS_DESC= SSL/TLS via mbedTLS >+MBEDTLS_DESC= SSL/TLS via mbedTLS (lacks TLS v1.3) > TUNNELBLICK_DESC= Tunnelblick XOR scramble patch (READ HELP!) > X509ALTUSERNAME_DESC= Enable --x509-username-field (OpenSSL only) > SMALL_DESC= Build a smaller executable with fewer features >@@ -62,6 +62,7 @@ > > OPENSSL_USES= ssl > OPENSSL_CONFIGURE_ON= --with-crypto-library=openssl >+IGNORE_SSL= libressl libressl-devel > > LZ4_CONFIGURE_OFF= --disable-lz4 > >@@ -115,22 +116,11 @@ > _tlslibs=libssl libcrypto > .endif > >-.if ${SSL_DEFAULT:Mlibressl*} && empty(PORT_OPTIONS:MMBEDTLS) >-pre-everything:: >- @${ECHO_CMD} "WARNING: OpenVPN does not officially support LibreSSL." >- @${ECHO_CMD} "If things break, rebuild with OpenSSL or mbedTLS." >- @${ECHO_CMD} "You may wish to change your default SSL library" >- @${ECHO_CMD} "and press Ctrl+C within the next 10 seconds to abort." >-. if !(defined(PACKAGE_BUILDING) || defined(BATCH)) >- @sleep 10 >-. endif >-.endif >- > # sanity check that we don't inherit incompatible SSL libs through, > # for instance, pkcs11-helper: > post-build: >- @a=$$(LC_ALL=C ldd -f '%o\n' ${WRKSRC}/src/openvpn/openvpn \ >- | ${SORT} -u) ; set -- $$(for i in ${_tlslibs} ; do ${PRINTF} '%s\n' "$$a" | ${GREP} $${i}.so | wc -l ; done | ${SORT} -u) ;\ >+ @a=$$(LC_ALL=C ldd -f '%o\n' ${WRKSRC}/src/openvpn/openvpn \ >+ | ${SORT} -u) ; set -- $$(for i in ${_tlslibs} ; do ${PRINTF} '%s\n' "$$a" | ${GREP} $${i}.so | wc -l ; done | ${SORT} -u) ;\ > if test "$$*" != "1" ; then ${ECHO_CMD} >&2 "${.CURDIR} FAILED: either of ${_tlslibs} libraries linked multiple times" ; ${PRINTF} '%s\n' "$$a"; ${RM} ${BUILD_COOKIE} ; exit 1 ; fi > > post-install: >Index: distinfo >=================================================================== >--- distinfo (revision 511355) >+++ distinfo (working copy) >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1550580278 >-SHA256 (openvpn-201907.tar.xz) = 1e2394ca6582877c90fc3d9948cfb1b1c1aaa2383c02af62410d5a51f812ff68 >-SIZE (openvpn-201907.tar.xz) = 995288 >+TIMESTAMP = 1567798649 >+SHA256 (openvpn-201935.tar.xz) = a34dc87188ae38f148e99cc129db2ed05e33c7b41237373b34b5d711481cfc5f >+SIZE (openvpn-201935.tar.xz) = 1002220 >Index: files/patch-configure >=================================================================== >--- files/patch-configure (revision 511355) >+++ files/patch-configure (nonexistent) >@@ -1,11 +0,0 @@ >---- configure.orig 2016-08-23 14:19:07 UTC >-+++ configure >-@@ -17160,8 +17160,6 @@ fi >- $as_echo "!! WARNING !! The cmoka git submodule has not been initialized or updated. Unit testing cannot be performed." >&6; } >- fi >- else >-- { $as_echo "$as_me:${as_lineno-$LINENO}: result: !! WARNING !! CMake is NOT available. Unit testing cannot be performed." >&5 >--$as_echo "!! WARNING !! CMake is NOT available. Unit testing cannot be performed." >&6; } >- if false; then >- CMOCKA_INITIALIZED_TRUE= >- CMOCKA_INITIALIZED_FALSE='#' > >Property changes on: files/patch-configure >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: files/patch-src_openvpn_openssl__compat.h >=================================================================== >--- files/patch-src_openvpn_openssl__compat.h (nonexistent) >+++ files/patch-src_openvpn_openssl__compat.h (working copy) >@@ -0,0 +1,20 @@ >+--- src/openvpn/openssl_compat.h.orig 2019-02-20 12:28:23 UTC >++++ src/openvpn/openssl_compat.h >+@@ -735,7 +735,7 @@ SSL_CTX_get_max_proto_version(SSL_CTX *ctx) >+ } >+ #endif /* SSL_CTX_get_max_proto_version */ >+ >+-#ifndef SSL_CTX_set_min_proto_version >++#if !defined(SSL_CTX_set_min_proto_version) && !defined(LIBRESSL_VERSION_NUMBER) >+ /** Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1 */ >+ static inline int >+ SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min) >+@@ -764,7 +764,7 @@ SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_v >+ } >+ #endif /* SSL_CTX_set_min_proto_version */ >+ >+-#ifndef SSL_CTX_set_max_proto_version >++#if !defined(SSL_CTX_set_max_proto_version) && !defined(LIBRESSL_VERSION_NUMBER) >+ /** Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1 */ >+ static inline int >+ SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max) > >Property changes on: files/patch-src_openvpn_openssl__compat.h >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: pkg-descr >=================================================================== >--- pkg-descr (revision 511355) >+++ pkg-descr (working copy) >@@ -10,4 +10,4 @@ > > DO NOT USE IN PRODUCTION WITHOUT CAUTION > >-WWW: http://openvpn.net/ >+WWW: http://openvpn.net/index.php/open-source.html >Index: pkg-help >=================================================================== >--- pkg-help (nonexistent) >+++ pkg-help (working copy) >@@ -0,0 +1,10 @@ >+Note that "Tunnelblick" is a controversial option. >+It is included for compatibility, not enabled by default, >+and should only be used with due consideration, and it should not >+replace proper cryptography use in OpenVPN. >+ >+Note that this patch does NOT add documentation for the new --scramble >+option, neither to the --help output, nor the manual page. >+ >+Please see this website for a more detailed discussion: >+https://tunnelblick.net/cOpenvpn_xorpatch.html > >Property changes on: pkg-help >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=207248">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 240376
: 207248
Working