FreeBSD Bugzilla – Attachment 96893 Details for
Bug 135596
security/openconnect: Update pkg-message to reflect new OpenSSL in -CURRENT (and make it more generic)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 2.30 KB, created by
dgerow
on 2009-06-15 17:40:04 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
dgerow
Created:
2009-06-15 17:40:04 UTC
Size:
2.30 KB
patch
obsolete
>diff -ruN openconnect.orig/pkg-descr openconnect/pkg-descr >--- openconnect.orig/pkg-descr 2009-06-06 15:48:49.000000000 -0700 >+++ openconnect/pkg-descr 2009-06-15 09:30:49.000000000 -0700 >@@ -1,9 +1,13 @@ >-OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is >-supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880, >-1800, 2800, 3800, 7200 Series and Cisco 7301 Routers. >+Cisco's implementation of the DTLS protocol unfortunately does not >+comply with the relevant standards, and the OpenSSL in FreeBSD's >+base requires a patch to provide full interoperability. You will >+still be able to establish a tunnel, but all traffic will be >+transmitted via an HTTPS connection. This means that any packet >+loss on your link will result in a significant detriment to the >+speed of your VPN connection. > >-Like vpnc, OpenConnect is not officially supported by, or >-associated in any way with, Cisco Systems. It just happens to >-interoperate with their equipment. >+Note that versions of FreeBSD older than 8.0 will require a small >+number of additional patches, due to the older version of OpenSSL >+included in their base. > >-WWW: http://www.infradead.org/openconnect.html >+More information is included in README.DTLS. >diff -ruN openconnect.orig/pkg-message openconnect/pkg-message >--- openconnect.orig/pkg-message 2009-06-06 15:48:49.000000000 -0700 >+++ openconnect/pkg-message 2009-06-15 09:29:10.128304574 -0700 >@@ -1,10 +1,9 @@ > Cisco's implementation of the DTLS protocol unfortunately does not >-comply with the relevant standards. OpenSSL must be patched to >-provide full compliance with their implementation, and due to the >-older release of OpenSSL in the FreeBSD base, there are additional >-patches that must be applied to achieve the same goal. Though >-OpenConnect will still function, all traffic will be passed over >-an HTTPS connection. Should there be any packet loss on your >-link, your VPN connection will suffer greatly. >+comply with the relevant standards, and the OpenSSL in FreeBSD's >+base requires a patch to provide full interoperability. You will >+still be able to establish a tunnel, but all traffic will be >+transmitted via an HTTPS connection. This means that any packet >+loss on your link will result in a significant detriment to the >+speed of your VPN connection. > > More information is included in README.DTLS.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=96893">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 135596
: 96893