FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
openvpn 2.3.4 security on this many watch lists=99 search for ports that depend on this port An older version of this port was marked as vulnerable.
Secure IP/Ethernet tunnel daemon
Maintained by: mandree@FreeBSD.org search for ports maintained by this maintainer
Port Added: 24 Jun 2002 16:19:12
Also Listed In: net
License: GPLv2


OpenVPN is a robust, scalable and highly configurable VPN (Virtual Private
Network) daemon which can be used to securely link two or more private networks
using an encrypted tunnel over the internet. It can operate over UDP or TCP,
can use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one
server can handle many clients.

WWW: http://openvpn.net/index.php/open-source.html
SVNWeb : Main Web Site : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Required To Build:
  1. security/openssl
  2. devel/pkgconf
Required To Run:
  1. security/easy-rsa
  2. security/openssl
Required Libraries:
  1. archivers/lzo2

This port is required by:

for Build for Run * - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

To install the port: cd /usr/ports/security/openvpn/ && make install clean
To add the package: pkg install security/openvpn


Configuration Options
===> The following configuration options are available for openvpn-2.3.4:
     DOCS=on: Build and/or install documentation
     EASYRSA=on: Install security/easy-rsa RSA helper package
     EXAMPLES=on: Build and/or install examples
     PKCS11=off: Use security/pkcs11-helper
     PW_SAVE=off: Interactive passwords may be read from a file
====> SSL protocol support: you have to select exactly one of them
     OPENSSL=on: SSL/TLS support via OpenSSL
     POLARSSL=off: SSL/TLS support via PolarSSL
===> Use 'make config' to modify these settings

Master Sites:
  1. http://build.openvpn.net/downloads/releases/
  2. http://distcache.FreeBSD.org/ports-distfiles/
  3. http://swupdate.openvpn.net/community/releases/
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2013-01-13
    Affects: users of security/openvpn*
    Author: mandree@FreeBSD.org
    Reason: 
      security/openvpn has been upgraded to the IPv6-capable v2.3.0.
      This upgrade moves easy-rsa into a separate package in
      security/easy-rsa that is pre-selected as default run-time dependency,
      and changes installed file layout a bit.
    
      security/openvpn22 retains the prior OpenVPN 2.2.2 version.
      If you want to continue using this version, use one of these commands:
    
      # portmaster -o security/openvpn22 security/openvpn
        or
      # portupgrade -o security/openvpn22 security/openvpn
        or
      # pkg set -o security/openvpn:security/openvpn22
    
      security/openvpn20 has been marked deprecated and to be removed
      in half a year's time.  Please migrate to a newer version soonish.
    
    
  • 2010-01-07
    Affects: users of security/openvpn*
    Author: mandree@FreeBSD.org
    Reason: 
      security/openvpn has been moved to security/openvpn20 and upgraded to 2.0.9.
      security/openvpn has been upgraded to 2.1.1, and security/openvpn-devel has
      been removed.
    
      Regular upgrades of the security/openvpn port should succeed without
      manual intervention, but if you want to stick to openvpn 2.0 or if you
      had been using openvpn-devel, manual intervention is needed, as
      follows:
    
      If you'd been using the security/openvpn-devel port, please use one of
      these commands for upgrading:
    
        portmaster -m-DDISABLE_CONFLICTS -o security/openvpn security/openvpn-devel
    
        portupgrade -m-DDISABLE_CONFLICTS -o security/openvpn security/openvpn-devel
    
      If you want to stick to openvpn 2.0, please use one of these two
      upgrade commands:
    
        portmaster -m-DDISABLE_CONFLICTS -o security/openvpn20 security/openvpn
    
        portupgrade -m-DDISABLE_CONFLICTS -o security/openvpn20 security/openvpn
    
    
Port Moves
  • port moved here from security/openvpn20 on 2013-07-11
    REASON: Has expired: Superseded by security/openvpn

Number of commits found: 88

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
15 Jul 2014 16:57:39
Original commit files touched by this commit  2.3.4
Revision:361977
adamw search for other commits by this committer
Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS.
10 May 2014 23:35:00
Original commit files touched by this commit  2.3.4
Revision:353631
mandree search for other commits by this committer
Update to new upstream release 2.3.4.
Changes:
<https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.4>

Add USES=libtool and drop .la files.
10 Apr 2014 20:20:35
Original commit files touched by this commit  2.3.3
Revision:350847
mandree search for other commits by this committer
Upgrade to new upstream 2.3.3 release. Misc bugfixes.

Changes:
<https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.3>

Note that PKCS#11 helper support requires a pkcs11-helper upgrade from
<http://www.freebsd.org/cgi/query-pr.cgi?pr=188442> to be committed.
28 Feb 2014 16:24:41
Original commit files touched by this commit  2.3.2_1
Revision:346556
mandree search for other commits by this committer
Fix several compilation issues where the upstream's configure script
required pkg-config, for instance, the PKCS11 option.

Submitted by:	mat@
18 Feb 2014 09:03:59
Original commit files touched by this commit  2.3.2_1
Revision:344847
mandree search for other commits by this committer
- Repair PKCS11 option [1].
- Use the opportunity to simplify Makefile: leverage some of the
  OptionsNG and Staging features, removing our homebrew predecessors.
- QA: Strip .so libraries, fix shebang paths in samples.

Obtained from:	<https://forums.freebsd.org/viewtopic.php?f=7&t=44866> [1]
27 Jan 2014 19:00:08
Original commit files touched by this commit  2.3.2
Revision:341442
mandree search for other commits by this committer
Fix self-tests and their non-fatal auto-skip on RedPorts.

Add patch-tests__t_cltsrv.sh to properly skip self-tests when no
inet/inet6 addresses are available, and to properly use udp6 when only
inet6 is available (for instance, on RedPorts).

Drop patch-src__openvpn__syshead.h, had already been integrated upstream.

PR:		ports/185439 (related)
01 Oct 2013 14:43:26
Original commit files touched by this commit  2.3.2
Revision:328954
mandree search for other commits by this committer
Convert from port-specific to official STAGEDIR support.
20 Sep 2013 22:55:26
Original commit files touched by this commit  2.3.2
Revision:327769
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
31 May 2013 23:06:39
Original commit files touched by this commit  2.3.2
Revision:319549
mandree search for other commits by this committer
Update to new upstream release

2013.05.31 -- Version 2.3.2
Arne Schwabe (3):
      Only print script warnings when a script is used. Remove stray mention of
script-security system.
      Move settings of user script into set_user_script function
      Move checking of script file access into set_user_script

Davide Brini (1):
      Provide more accurate warning message

Gert Doering (2):
      Fix NULL-pointer crash in route_list_add_vpn_gateway().
      Fix problem with UDP tunneling due to mishandled pktinfo structures.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
31 Mar 2013 16:00:02
Original commit files touched by this commit  2.3.1
Revision:315640
mandree search for other commits by this committer
security upgrade to OpenVPN 2.3.1; upstream release notes are

  "This release adds supports for PolarSSL 1.2. It also adds a fix to
  prevent potential side-channel attacks by switching to a constant-time
  memcmp when comparing HMACs in the openvpn_decrypt function. In
  addition, it contains several bugfixes and documentation updates, as
  well as some minor enhancements."

Full ChangeLog:
<https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23>

The port upgrade also offers an option to use the GPLv2+-licensed
PolarSSL instead of OpenSSL (which brings in a license mix).

PR:		ports/177517
Reviewed by:	miwi
Approved by:	portmgr (miwi)
Security:	92f30415-9935-11e2-ad4c-080027ef73ec
20 Jan 2013 02:55:49
Original commit files touched by this commit  2.3.0_3
Revision:310670 This port version is marked as vulnerable.
mandree search for other commits by this committer
- When installing from port, do not tamper with permissions of other files
  in ${PREFIX}/sbin and ${PREFIX}/lib. [1]

- Do not install plugin .la/.so files with the executable bit set, they
  are not executable.

PR:		ports/175434 [1]
Submitted by:	Benjamin Lorenz [1]
17 Jan 2013 23:12:24
Original commit files touched by this commit  2.3.0_2
Revision:310575 This port version is marked as vulnerable.
mandree search for other commits by this committer
- Fix NOPORTDOCS regression [1], by installing to DESTDIR= and then installing
from
  there, rather than tweaking the Makefiles.
- Move examples to EXAMPLESDIR, and heed NOPORTEXAMPLES
- Remove a leftover SUB_LIST addition.
- Switch comment to my FreeBSD e-mail address.
- Use PORTDOCS=* and PORTEXAMPLES=* to remove pkg-plist cruft
- Sort PORT_OPTIONS .ifs and stuff.

PR:		ports/175283 [1]
Submitted by:	Alexey Markov [1]
13 Jan 2013 21:35:06
Original commit files touched by this commit  2.3.0_1
Revision:310340 This port version is marked as vulnerable.
mandree search for other commits by this committer
Add a new security/easy-rsa package that contains the bits that got
split out of OpenVPN prior to the current 2.3.0 release, and make that
security/openvpn RUN_DEPENDS on it. Also update UPDATING record.
11 Jan 2013 23:09:37
Original commit files touched by this commit  2.3.0
Revision:310252 This port version is marked as vulnerable.
mandree search for other commits by this committer
OpenVPN changes, upgrades and fixes:

- Upgrade security/openvpn to v2.3.0 (changes installed layout a bit),
  splitting and re-diffing patches.
- Retain v2.2.2 as security/openvpn22
- Mark security/openvpn20 as deprecated and to expire 6 months from now
- Fix TCP_NODELAY option (openvpn 2.3, 2.2), see
  <http://community.openvpn.net/openvpn/ticket/158>
- Fix PassTOS option (openvpn 2.2, 2.0), see
  http://community.openvpn.net/openvpn/ticket/135
06 Jan 2013 11:29:44
Original commit files touched by this commit  2.2.2
Revision:309978 This port version is marked as vulnerable.
mandree search for other commits by this committer
- Convert to OptionsNG
- Strip Makefile header
- Drop LIB_DEPENDS ABI versions
05 Aug 2012 23:19:40
Original commit files touched by this commit  2.2.2
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Move the rc.d scripts of the form *.sh.in to *.in

Where necessary add $FreeBSD$ to the file

No PORTREVISION bump necessary because this is a no-op
14 Jan 2012 08:57:23
Original commit files touched by this commit  2.2.2
 This port version is marked as vulnerable.
dougb search for other commits by this committer
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
28 Dec 2011 20:43:49
Original commit files touched by this commit  2.2.2
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Update to new upstream release v2.2.2.

Changelog:
http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html
24 Oct 2011 04:17:38
Original commit files touched by this commit  2.2.1_1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Remove more tags from pkg-descr files fo the form:

- Name
em@i.l

or variations thereof. While I'm here also fix some whitespace and other
formatting errors, including moving WWW: to the last line in the file.
04 Oct 2011 21:58:09
Original commit files touched by this commit  2.2.1_1
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Update and demote CONFLICTS to CONFLICTS_INSTALL.
30 Aug 2011 17:11:57
Original commit files touched by this commit  2.2.1_1
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Use required_modules rather than _precmd.

To fix failures with 'restart'.

Reported by: Miroslav Lachman
16 Aug 2011 22:33:30
Original commit files touched by this commit  2.2.1
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Fix skipping t_cltsrv when IP missing. Really this time.

Cause was a   trap "... ; exit 1" 0   shell construct that needs to be
cancelled for the exit 77 to take effect. trap 0 inserted to that end.
08 Aug 2011 22:38:44
Original commit files touched by this commit  2.2.1
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Fix NOPORTDOCS support, though differently than suggested

Reported by: pgollucci
PR:          ports/159610
07 Aug 2011 18:05:35
Original commit files touched by this commit  2.2.1
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Skip self-test more readily without addresses.
07 Aug 2011 17:23:40
Original commit files touched by this commit  2.2.1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Turn off self-tests on pointyhat, they fail

Reported by:    pointyhat
20 Jul 2011 20:37:43
Original commit files touched by this commit  2.2.1
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Avoid jamming the build if the jail is without address, skip self-test.
07 Jul 2011 00:16:57
Original commit files touched by this commit  2.2.1
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Update to upstream release 2.2.1.

NOTE: the easy-rsa/2.0 openssl.cnf file has been removed and replaced by
an openssl-0.9.8.cnf and an openssl-1.0.0.cnf file.

Changelog URL:
http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html
20 Jun 2011 21:14:23
Original commit files touched by this commit  2.2.0
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Patch hardwired gcc to ${CC}, fixing clang-ports builds [1].
Use full ${MAKE} environment from do-build, for consistency.

Found by: -exp run [1].
15 May 2011 02:49:17
Original commit files touched by this commit  2.2.0
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Remove painful examples of foo="", with particular prejudice against
constructions that parse out to [ -z "$foo" ] && foo=""

These are bad examples that get copied and pasted into new code, so the
hope is that with less bad examples there will be less need for me to
bring this up in review.

In a few of these files all that were changed were comments so that next
time I search for these patterns I won't trip on the file for no reason.

In a few places, add $FreeBSD$

No functional changes, so no PORTREVISION bumps
11 May 2011 09:20:45
Original commit files touched by this commit  2.2.0
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Remove support for lzo-1.
03 May 2011 19:24:48
Original commit files touched by this commit  2.2.0
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Update to 2.2.0. Add LICENSE (GPLv2). Add a local mirror of the distfile (file
has been uploaded and will propagate soonish).

Changelog:
http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html
08 Jan 2011 10:04:58
Original commit files touched by this commit  2.1.4
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Streamline a bit:
- remove subshell to use basename, and use ## substitution [1]
- remove FreeBSD 5.X compatibility comment [1]
- remove FreeBSD 5.X compatibility code

The parts marked with [1] above were
Submitted by: dougb (Doug Barton)
09 Nov 2010 20:25:58
Original commit files touched by this commit  2.1.4
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Switch to XZ distribution format.
09 Nov 2010 18:55:56
Original commit files touched by this commit  2.1.4
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Update to new upstream release 2.1.4.
Update MASTER_SITES.

Submitted by: Eric F. Crist <ecrist@secure-computing.net>
PR: ports/151962
27 Aug 2010 20:03:12
Original commit files touched by this commit  2.1.3
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Update to 2.1.3

No functional changes, but avoids 'have you seen new release'
type mail flood. :)
17 Aug 2010 19:19:31
Original commit files touched by this commit  2.1.2
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Update to new upstream version 2.1.2.

Contains various bugfixes and improvements.
13 Aug 2010 15:49:09
Original commit files touched by this commit  2.1.1_2
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Add openvpn-beta-[0-9]* to CONFLICTS variable.

Submitted by: Eric F. Crist
PR: ports/149617
04 Aug 2010 19:53:56
Original commit files touched by this commit  2.1.1_2
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Support /etc/rc.d/openvpn softrestart
to send SIGUSR1 (rather than SIGHUP) to OpenVPN processes.

Suggested by: Nick Hibma (in private email)
05 Jun 2010 14:12:29
Original commit files touched by this commit  2.1.1_1
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Fix bashisms (source FILE -> . FILE)
replace shebang-lines /bin/bash -> /bin/sh
bump portrevision (changed files)

based on:
PR: ports/147472
Submitted by: Olli Hauer <ohauer@gmx.de>

Approved by: miwi (mentor)
27 Mar 2010 06:14:03
Original commit files touched by this commit  2.1.1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
RC_SUBR_SUFFIX has not been needed for a long time now, all supported
versions of FreeBSD now use /etc/rc.subr and rc.d scripts without .sh
appended to the script name.
27 Mar 2010 00:15:24
Original commit files touched by this commit  2.1.1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Begin the process of deprecating sysutils/rc_subr by
s#. %%RC_SUBR%%#. /etc/rc.subr#
07 Jan 2010 16:28:57
Original commit files touched by this commit  2.1.1
 This port version is marked as vulnerable.
mandree search for other commits by this committer
Move security/openvpn to security/openvpn20 (after previous repocopy).
Update security/openvpn20 to 2.0.9, revising pkg-message.

Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.

Remove security/openvpn-devel, adding a MOVED entry.

Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.

Add a UPDATING entry for this shuffle.  Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).

Approved by:  garga@ (mentor)
15 Jul 2009 16:56:10
Original commit files touched by this commit  2.0.6_9
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Fix a few "bad example" problems in the rc.d scripts that have been
propogated by copy and paste.

1. Primarily the "empty variable" default assignment, which is mostly
${name}_flags="", but fix a few others as well.
2. Where they are not already documented, add the existence of the _flags
(or other deleted empties) option to the comments, and in some cases add
comments from scratch.
3. Replace things that look like:
prefix=%%PREFIX%%
command=${prefix}/sbin/foo
to just use %%PREFIX%%. In many cases the $prefix variable is only used
once, and in some cases it is not used at all.
4. In a few cases remove ${name}_flags from command_args
5. Remove a long-stale comment about putting the port's rc.d script in
/etc/rc.d (which is no longer necessary).

No PORTREVISION bumps because all of these changes are noops.
25 Jan 2009 08:10:59
Original commit files touched by this commit  2.0.6_9
 This port version is marked as vulnerable.
beech search for other commits by this committer
- Add logging knob

PR:             ports/130893
Submitted by:   Michael Scheidell <scheidell@secnap.net>
Approved by:    Matthias Andree <matthias.andree@gmx.de> (maintainer)
21 Aug 2008 06:18:49
Original commit files touched by this commit  2.0.6_9
 This port version is marked as vulnerable.
rafan search for other commits by this committer
Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk
(Only the first 15 lines of the commit message are shown above View all of this commit message)
18 Jul 2008 12:16:20
Original commit files touched by this commit  2.0.6_9
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Force commit to correct the previous commit log:

Correct permissions/owner of DOCSDIR-installed files

PR:             125726 / 125727
Request by:     maintainer via im
18 Jul 2008 10:49:40
Original commit files touched by this commit  2.0.6_9
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Respect NOPORTDOCS

PR:             125726
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
20 Feb 2008 01:15:28
Original commit files touched by this commit  2.0.6_8
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Run opensvn with --daemon ${name} in order to get distinguishable and
  useful syslog tags

PR:             ports/120862
Submitted by:   Matthias Andree <matthias.andree at gmx.de> (maintainer)
08 Mar 2007 07:16:33
Original commit files touched by this commit  2.0.6_7
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Remove spurious empty BEFORE: lines

Approved by:    maintainer
04 Mar 2007 19:12:37
Original commit files touched by this commit  2.0.6_7
 This port version is marked as vulnerable.
nox search for other commits by this committer
rcfile:
- fix for FreeBSD releases before rcorder integration
- update copyright notice
- replace shell backticks by $().

Port:
- bump revision
- reformat comment

PR:             ports/109856
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by:    miwi (mentor)
25 Feb 2007 19:42:55
Original commit files touched by this commit  2.0.6_6
 This port version is marked as vulnerable.
vd search for other commits by this committer
Fix a bug I introduced with last commit which resulted in openvpn not
being started during boot. The reason for this is that at boot $0 is not
/usr/local/etc/rc.d/openvpn but /etc/rc. The fix is a bit hackish because
it retrieves the script name from $_file - variable used in run_rc_script().

Reported by:    bazzoola <bazzoola@gmail.com>
23 Feb 2007 11:41:46
Original commit files touched by this commit  2.0.6_4
 This port version is marked as vulnerable.
vd search for other commits by this committer
use $() instead of ``

Requested by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
23 Feb 2007 08:38:53
Original commit files touched by this commit  2.0.6_5
 This port version is marked as vulnerable.
vd search for other commits by this committer
* Add support for running multiple instances of openvpn to the startup script
  Inspired by [1]
* Bump PORTREVISION
* Update the comment which says not to send notices about 2.0.8 to 2.0.9 since
  2.0.9 also introduces only Windows changes. Remove maintainer's name from
  this comment since he did not explicitly state this.

PR:             ports/108371 [1]
Submitted by:   Denis Shaposhnikov <dsh@vlink.ru>, Gleb Kozyrev
<gkozyrev@gmail.com> [1]
Approved by:    matthias.andree@gmx.de (maintainer timeout, 28 days)
04 Feb 2007 19:14:20
Original commit files touched by this commit  2.0.6_4
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Use newly added RC_SUBR_SUFFIX

Approved by:    Matthias Andree <matthias.andree at gmx.de> (maintainer)
02 Oct 2006 17:47:32
Original commit files touched by this commit  2.0.6_4
 This port version is marked as vulnerable.
alepulver search for other commits by this committer
- Fix build failures that arose from an accidentally omitted -fPIC.
- Portrevision bumped since the change affects all architectures,
  not just those that were failing.

PR:             ports/103863
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Reported by:    pointyhat
30 Sep 2006 07:48:24
Original commit files touched by this commit  2.0.6_3
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Install additional auth-pam plugin

PR:             ports/103833
Submitted by:   Matthias Andree <matthias.andree at gmx.de> (maintainer)
Suggested by:   Michael Helmeste
Tested by:      Michael Helmeste
14 Sep 2006 01:22:01
Original commit files touched by this commit  2.0.6_2
 This port version is marked as vulnerable.
rafan search for other commits by this committer
- Update comments for OpenVPN 2.0.8

PR:             ports/103243
Submitted by:   Matthias Andree <matthias.andree at gmx.de> (maintainer)
20 Aug 2006 07:06:37
Original commit files touched by this commit  2.0.6_2
 This port version is marked as vulnerable.
itetcu search for other commits by this committer
- conflicts with openvpn-devel-[0-9]*
- bump PORTREVISION

PR:             ports/102301
Submitted by:   Matthias Andree (maintainer)
28 Jul 2006 09:56:54
Original commit files touched by this commit  2.0.6_1
 This port version is marked as vulnerable.
itetcu search for other commits by this committer
1 - build and install lib/openvpn-down-root.so plugin (see --plugin option in
    the man page) and README.openvpn-down-root
2 - match rc.d filename as printed post install in pkg-message to actual file
    name on newer systems (which use openvpn rather than openvpn.sh)
Reported by:    Jean-Baptiste Quenot (Bcc'd)
The maintainer wishes to thank Jean-Baptiste for his report and patience.
3 - add a pkg-req script to prevent installation of 6.1 packages on older
    machines, which is a frequent source of "rc.d script doesn't work"
    complaints.

Added file(s):
- files/pkg-req.in

PR:             ports/100917
Submitted by:   Matthias Andree (maintainer)
27 Apr 2006 12:53:55
Original commit files touched by this commit  2.0.6
 This port version is marked as vulnerable.
garga search for other commits by this committer
Add a message explaining why it won't be upgraded to 2.0.7 version, to
prevent a lot of people asking maintainer about it:

# -----------------------------------------------------
# DO NOT BOTHER TO SEND NOTICES ABOUT 2.0.7 AS IT FIXES
# A WINDOWS-ONLY BUG THAT DOESN'T AFFECT *BSD AND THUS
# DOES NOT WARRANT A PORT UPGRADE! AND UPGRADE REQUESTS
# WILL BE DROPPED.       -- Matthias Andree, 2006-04-26
# -----------------------------------------------------

PR:             ports/96383
Submitted by:   maintainer
05 Apr 2006 14:57:25
Original commit files touched by this commit  2.0.6
 This port version is marked as vulnerable.
garga search for other commits by this committer
- Update to 2.0.6
  * security fix for client LD_PRELOAD code injection vulnerability
    through compromised upstream servers
    (FreeBSD VuXML Vuln VID be4ccb7b-c48b-11da-ae12-0002b3b60e4c,
     filed in separate PR)
    CVE id not known yet
  * 2 other changes only relevant for Linux and NetBSD, not detailed here.

PR:             ports/95345
Submitted by:   maintainer
Security:       VuXML be4ccb7b-c48b-11da-ae12-0002b3b60e4c
28 Feb 2006 16:25:43
Original commit files touched by this commit  2.0.5_1
 This port version is marked as vulnerable.
vd search for other commits by this committer
Fix FreeBSD 4 jail build

PR:             ports/93833
Patch by:       dinoex
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by:    portmgr (marcus)
20 Feb 2006 20:47:50
Original commit files touched by this commit  2.0.5_1
 This port version is marked as vulnerable.
dougb search for other commits by this committer
Remove the FreeBSD KEYWORD from all rc.d scripts where it appears.
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
10 Nov 2005 15:05:42
Original commit files touched by this commit  2.0.5_1
 This port version is marked as vulnerable.
garga search for other commits by this committer
- CATEGORY CHANGE: add "net" secondary category
- fix jail build on FreeBSD 4 (no security.jail.jailed oid in sysctl)
- catch jail IP misconfiguration and print clear error message
- add SHA256 checksum
- revise pkg-message and pkg-descr

PR:             ports/88785
Submitted by:   maintainer
05 Nov 2005 01:24:15
Original commit files touched by this commit  2.0.5_1
 This port version is marked as vulnerable.
mnag search for other commits by this committer
Enables self-tests with WITH_JAIL
Bump PORTREVISION

PR:             88488
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
03 Nov 2005 15:22:44
Original commit files touched by this commit  2.0.5
 This port version is marked as vulnerable.
garga search for other commits by this committer
- Update to 2.0.5

PR:             ports/88437
Submitted by:   maintainer
02 Nov 2005 01:52:51
Original commit files touched by this commit  2.0.4
 This port version is marked as vulnerable.
mnag search for other commits by this committer
Update to 2.0.4

PR:             88379
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Security:       CVE-2005-3393, CVE-2005-3409
25 Oct 2005 08:03:55
Original commit files touched by this commit  2.0.2_1
 This port version is marked as vulnerable.
dinoex search for other commits by this committer
- fix build in jail

maintainer emailed 2005-10-04
Approved by:    (maintainer timeout)
18 Sep 2005 12:01:57
Original commit files touched by this commit  2.0.2_1
 This port version is marked as vulnerable.
vs search for other commits by this committer
FreeBSD 6 no longer adds debug.if_* sysctl variables in its default kernel
(according to the release notes), so our heuristic assumes the module is
missing and tries to load it, which fails as the module already exists.

PR:             ports/86286
Submitted by:   maintainer
29 Aug 2005 18:52:19
Original commit files touched by this commit  2.0.2
 This port version is marked as vulnerable.
garga search for other commits by this committer
- Update to 2.0.2 that brings these upstream changes:

  - fix bug that would exhaust file descriptors as the routing table was
modified
    (this had already been part of the port previously)
  - fix bug that would block the management socket until the peer connected
  - fix pkitool sh incompatibilities (from NetBSD)

PR:             ports/85299
Submitted by:   maintainer
22 Aug 2005 10:31:35
Original commit files touched by this commit  2.0.1_1
 This port version is marked as vulnerable.
garga search for other commits by this committer
Fix a typo in the new rc file, where documentation didn't match the
actual variables.

PR:             ports/85156
Submitted by:   maintainer
Reported by:    Benjamin Lutz <benlutz@datacomm.ch>
Approved by:    portmgr (krion)
19 Aug 2005 18:48:34
Original commit files touched by this commit  2.0.1
 This port version is marked as vulnerable.
garga search for other commits by this committer
- Security update to version 2.0.1, fixing four denial of service bugs,
  CAN-2005-2531, CAN-2005-2532, CAN-2005-2533, CAN-2005-2534
- Drop old init script and add a modern rcNG script in its place,
  requested by Matthias Grimm and Dirk Gouders (although the script below is
  one I, Matthias Andree, wrote). It can automatically load tun/tap drivers.
- move pkg-message to files/pkg-message.in, revise it, list it in SUB_FILES
  to expand ${PREFIX}.
- print pkg-message after installation from port
- switch to official "make check" as smoke-test, rather than wiring our own.
- prefer LZO2 in most situations, as OpenVPN will pick up LZO2 rather than
  LZO1 if both are installed.

PR:             ports/85109
Submitted by:   maintainer
Approved by:    portmgr (krion)
14 Jul 2005 13:15:47
Original commit files touched by this commit  2.0_3
 This port version is marked as vulnerable.
garga search for other commits by this committer
Add PW_PASS option to compile with --enable-pass-save

PR:             82494
Submitted by:   Landon Fuller <landonf@threerings.net>
Reviewed by:    Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by:    mantainer, flz (mentor)
31 May 2005 19:58:33
Original commit files touched by this commit  2.0_3
 This port version is marked as vulnerable.
flz search for other commits by this committer
- Backout latest commit, it needs a repocopy due to API change.

Noticed by:     Matthias Andree <matthias.andree@gmx.de>
31 May 2005 17:57:11
Original commit files touched by this commit  2.0_2
 This port version is marked as vulnerable.
flz search for other commits by this committer
- Bump lzo lib version.
- Bump PORTREVISION.
19 May 2005 16:22:21
Original commit files touched by this commit  2.0_1
 This port version is marked as vulnerable.
vs search for other commits by this committer
Plug socket (file descriptor) leak.

PR:             ports/81267
Submitted by:   Jaroslav Klaus via maintainer
24 Apr 2005 13:26:52
Original commit files touched by this commit  2.0
 This port version is marked as vulnerable.
vs search for other commits by this committer
Revise pkg-message to mark more prominently that the default
port is now 1194 rather than 5000, and refer users to the
online release notes if looking for information WRT older versions.

PR:             80300
Submitted by:   maintainer
21 Apr 2005 14:04:41
Original commit files touched by this commit  2.0
 This port version is marked as vulnerable.
jylefort search for other commits by this committer
Update to 2.0

PR:             ports/80082
Submitted by:   Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by:    adamw (mentor, implicit)
03 Sep 2004 16:17:04
Original commit files touched by this commit  1.6.0
 This port version is marked as vulnerable.
vs search for other commits by this committer
Add CONFLICTS with openvpn-devel

PR:             ports/71337
Submitted by:   maintainer
10 May 2004 15:51:24
Original commit files touched by this commit  1.6.0
 This port version is marked as vulnerable.
vs search for other commits by this committer
Update to latest stable version.

PR:             ports/66473
Submitted by:   Matthias Andree (maintainer)
18 Mar 2004 02:27:55
Original commit files touched by this commit  1.5.0
 This port version is marked as vulnerable.
trevor search for other commits by this committer
Add size data.

Approved by:    maintainers
21 Nov 2003 12:19:01
Original commit files touched by this commit  1.5.0
 This port version is marked as vulnerable.
krion search for other commits by this committer
- Support for TCP as the tunnel transport was added
- Change maintainer email

PR:             59543
Submitted by:   maintainer
18 Jul 2003 00:16:06
Original commit files touched by this commit  1.4.2
 This port version is marked as vulnerable.
leeym search for other commits by this committer
updates the OpenVPN port from 1.4.0 to 1.4.2.

PR:             54597
Submitted by:   Matthias Andree <matthias.andree@gmx.de>
09 May 2003 07:34:00
Original commit files touched by this commit  1.4.0
 This port version is marked as vulnerable.
ijliao search for other commits by this committer
upgrade to 1.4.0

PR:             51956
Submitted by:   maintainer
21 Feb 2003 13:26:58
Original commit files touched by this commit  1.3.2
 This port version is marked as vulnerable.
knu search for other commits by this committer
De-pkg-comment.
25 Oct 2002 20:55:29
Original commit files touched by this commit  1.3.2
 This port version is marked as vulnerable.
obraun search for other commits by this committer
* Upgrade to 1.3.2.
* Add init script.

PR:             44436
Submitted by:   maintainer
11 Jul 2002 16:51:06
Original commit files touched by this commit  1.3.0
 This port version is marked as vulnerable.
ijliao search for other commits by this committer
upgrade to 1.3.0

PR:             40424
Submitted by:   maintainer
24 Jun 2002 16:13:10
Original commit files touched by this commit  1.2.1
 This port version is marked as vulnerable.
pat search for other commits by this committer
Add new port openvpn: Secure IP/Ethernet tunnel daemon

PR:             ports/39750
Submitted by:   Matthias Andree <matthias.andree@web.de>

Number of commits found: 88

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
mcollectiveJul 21
qt4-imageformats*Jul 21
qt5-gui*Jul 21
phpmyadmin*Jul 20
apache24Jul 19
chromiumJul 16
chromiumJul 16
kdelibs4Jul 16
postfixadminJul 13
dbusJul 03
mencoderJun 28
mplayerJun 28
lzo2Jun 26
phpmyadmin*Jun 24
gnupgJun 23

7 vulnerabilities affecting 9 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24467
Broken 194
Deprecated 710
Ignore 528
Forbidden 16
Restricted 263
No CDROM 102
Vulnerable 22
Expired 0
Set to expire 697
Interactive 13
new 24 hours 2
new 48 hours3
new 7 days20
new fortnight51
new month106

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.