Bug 250743 - security/openvpn-devel: Update to 2020-W43 snapshot
Summary: security/openvpn-devel: Update to 2020-W43 snapshot
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords: buildisok
Depends on:
Blocks:
 
Reported: 2020-10-30 19:18 UTC by Eric F Crist
Modified: 2020-10-30 20:41 UTC (History)
1 user (show)

See Also:
ecrist: maintainer-feedback+


Attachments
SVN Diff for port update (842 bytes, patch)
2020-10-30 19:18 UTC, Eric F Crist
ecrist: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Eric F Crist 2020-10-30 19:18:00 UTC
Created attachment 219224 [details]
SVN Diff for port update

Update to post 2.5 release development snapshot.

=== Commit Notes ===
99d217b2 Remove --disable-def-auth configure argument
0d4ca79d Remove explicit setting of peer_id to false
cb70cf51 Remove NULL checks before calling free
2c8a9877 Align reliable_free with other free methods to accept NULL
0d5aab88 Inline function tls_get_peer_info
bbcada8a Avoid passing NULL to argv_printf_cat() in temp_file error case.
a4eeef17 Add function for common env setting of verify user/pass calls
a480eaae Ignore deprecation warning for daemon on macOS
14bd92b7 Fix compilation on pre-EKM mbedTLS libraries.
f0734e49 Simplify key material exporter backend API
6dc09d0d Implement generating data channel keys via EKM/RFC 5705
1e6e083e networking_iproute2: fix memory leak in net_iface_mtu_set()
c018fc00 Allow 'none' cipher being specified in --data-ciphers
3b04c34d Support X509 field list to be username
15d05243 Move openvpn specific key expansion into its own function
23e11e59 Fix redirecting of IPv4 default gateway if connecting over IPv6.
bfb28845 Added 'route_ipv6_metric_NN' environment variable for IPv6 route metric.
b68aa006 Speedup TCP remote hosts connections
a5409c0d Selectively reformat too long lines
0f44a908 compat/lz4: Update to v1.9.2
43cdb0c7 Improve error msg when all TAP adapters are in use 'or disabled'
e9e47f49 Fix update_time() and openvpn_gettimeofday() coexistence
d6720203 Alias ADAPTER_DOMAIN_SUFFIX to DOMAIN
66ad8727 Improve documentation of --username-as-common-name
70882f3e Set DNS Domain using iservice
7f7b0539 openvpnmsica: Simplify find_adapters() to void return
370395b3 netsh: Delete WINS servers on TUN close
dd754221 netsh: Clear existing IPv6 DNS servers before configuring new ones
6020e94b netsh: Specify interfaces by index rather than name
860a7bc7 Fix combination of --dev tap and --topology subnet across multiple platforms.
94cebf82 Add demo plugin that excercises "CLIENT_CONNECT" and "CLIENT_CONNECT_V2" paths
4dff2368 If IPv6 pool specification sets pool start to ::0 address, increment.
3ad86c25 Fix fatal error at switching remotes (#629)
6345cea8 build: Fix make distclean/distcheck
0b5141d8 sample-plugins: Partially autotoolize the sample-plugins build
81b6a7e7 Fix netbits setting (in TAP mode) for IPv6 on Windows.
b8625abb Allow --dhcp-option in config file when windows-driver is wintun
97ff6436 man: Improve --remote entry
eebeaa02 socks.c: fix alen for DOMAIN type addresses, bump up buffer sizes
fb94fbc3 msvc: better support for 32bit architecture
37aab49b Fix --show-gateway for IPv6 on NetBSD/i386.
a61c08a2 Handle NULL returns from calloc() in sample plugins.
8120e1ad man: Add missing --server-ipv6
50c7700d Fix description of --client-disconnect calling convention in manpage.
81f9bb3a Replace 'echo -n' with 'printf' in tests/t_lpback.sh
5b815eb4 Add a remark on dropping privileges when --mlock is used
aa346849 Fix handling of 'route remote_host' for IPv6 transport case.
505d5ad8 Fix best gateway selection over netlink
a4e0ac06 Fix TUNSETGROUP compatibility with very old Linux systems.
a09a2fad Fix error detection / abort in --inetd corner case.
5fd66510 Document that --push-remove is generally more suitable than --push-reset
b341b1c5 openvpnmsica: make adapter renaming non-fatal
f3f09541 In tap.c use DiInstallDevice to install the driver on a new adapter
6ffe64e3 Fix client NCP OCC fallback when server and client cipher are identical
136c5f01 Fix compilation with older mbed TLS versions (mbedtls_tls_prf_types undefined)
Comment 1 Automation User 2020-10-30 19:46:38 UTC
Build and package info is available at https://gitlab.com/swills/freebsd-ports/pipelines/209895931
Comment 2 commit-hook freebsd_committer 2020-10-30 20:41:52 UTC
A commit references this bug:

Author: mandree
Date: Fri Oct 30 20:41:40 UTC 2020
New revision: 553714
URL: https://svnweb.freebsd.org/changeset/ports/553714

Log:
  openvpn-devel Update to post 2.5 release development snapshot.

  === Commit Notes ===
  99d217b2 Remove --disable-def-auth configure argument
  0d4ca79d Remove explicit setting of peer_id to false
  cb70cf51 Remove NULL checks before calling free
  2c8a9877 Align reliable_free with other free methods to accept NULL
  0d5aab88 Inline function tls_get_peer_info
  bbcada8a Avoid passing NULL to argv_printf_cat() in temp_file error case.
  a4eeef17 Add function for common env setting of verify user/pass calls
  a480eaae Ignore deprecation warning for daemon on macOS
  14bd92b7 Fix compilation on pre-EKM mbedTLS libraries.
  f0734e49 Simplify key material exporter backend API
  6dc09d0d Implement generating data channel keys via EKM/RFC 5705
  1e6e083e networking_iproute2: fix memory leak in net_iface_mtu_set()
  c018fc00 Allow 'none' cipher being specified in --data-ciphers
  3b04c34d Support X509 field list to be username
  15d05243 Move openvpn specific key expansion into its own function
  23e11e59 Fix redirecting of IPv4 default gateway if connecting over IPv6.
  bfb28845 Added 'route_ipv6_metric_NN' environment variable for IPv6 route metric.
  b68aa006 Speedup TCP remote hosts connections
  a5409c0d Selectively reformat too long lines
  0f44a908 compat/lz4: Update to v1.9.2
  43cdb0c7 Improve error msg when all TAP adapters are in use 'or disabled'
  e9e47f49 Fix update_time() and openvpn_gettimeofday() coexistence
  d6720203 Alias ADAPTER_DOMAIN_SUFFIX to DOMAIN
  66ad8727 Improve documentation of --username-as-common-name
  70882f3e Set DNS Domain using iservice
  7f7b0539 openvpnmsica: Simplify find_adapters() to void return
  370395b3 netsh: Delete WINS servers on TUN close
  dd754221 netsh: Clear existing IPv6 DNS servers before configuring new ones
  6020e94b netsh: Specify interfaces by index rather than name
  860a7bc7 Fix combination of --dev tap and --topology subnet across multiple platforms.
  94cebf82 Add demo plugin that excercises "CLIENT_CONNECT" and "CLIENT_CONNECT_V2" paths
  4dff2368 If IPv6 pool specification sets pool start to ::0 address, increment.
  3ad86c25 Fix fatal error at switching remotes (#629)
  6345cea8 build: Fix make distclean/distcheck
  0b5141d8 sample-plugins: Partially autotoolize the sample-plugins build
  81b6a7e7 Fix netbits setting (in TAP mode) for IPv6 on Windows.
  b8625abb Allow --dhcp-option in config file when windows-driver is wintun
  97ff6436 man: Improve --remote entry
  eebeaa02 socks.c: fix alen for DOMAIN type addresses, bump up buffer sizes
  fb94fbc3 msvc: better support for 32bit architecture
  37aab49b Fix --show-gateway for IPv6 on NetBSD/i386.
  a61c08a2 Handle NULL returns from calloc() in sample plugins.
  8120e1ad man: Add missing --server-ipv6
  50c7700d Fix description of --client-disconnect calling convention in manpage.
  81f9bb3a Replace 'echo -n' with 'printf' in tests/t_lpback.sh
  5b815eb4 Add a remark on dropping privileges when --mlock is used
  aa346849 Fix handling of 'route remote_host' for IPv6 transport case.
  505d5ad8 Fix best gateway selection over netlink
  a4e0ac06 Fix TUNSETGROUP compatibility with very old Linux systems.
  a09a2fad Fix error detection / abort in --inetd corner case.
  5fd66510 Document that --push-remove is generally more suitable than --push-reset
  b341b1c5 openvpnmsica: make adapter renaming non-fatal
  f3f09541 In tap.c use DiInstallDevice to install the driver on a new adapter
  6ffe64e3 Fix client NCP OCC fallback when server and client cipher are identical
  136c5f01 Fix compilation with older mbed TLS versions (mbedtls_tls_prf_types undefined)

  PR:		250743
  Submitted by:	Eric F. Crist (maintainer)
  Approved by:	Eric F. Crist (maintainer)

Changes:
  head/security/openvpn-devel/Makefile
  head/security/openvpn-devel/distinfo