| Commit History - (may be incomplete: see SVNWeb link above for full details) |
| Date | By | Description |
31 Mar 2013 16:00:02
  2.3.1
|
mandree  |
security upgrade to OpenVPN 2.3.1; upstream release notes are
"This release adds supports for PolarSSL 1.2. It also adds a fix to
prevent potential side-channel attacks by switching to a constant-time
memcmp when comparing HMACs in the openvpn_decrypt function. In
addition, it contains several bugfixes and documentation updates, as
well as some minor enhancements."
Full ChangeLog:
<https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23>
The port upgrade also offers an option to use the GPLv2+-licensed
PolarSSL instead of OpenSSL (which brings in a license mix).
PR: ports/177517
Reviewed by: miwi
Approved by: portmgr (miwi)
Security: 92f30415-9935-11e2-ad4c-080027ef73ec |
20 Jan 2013 02:55:49
2.3.0_3
 |
mandree |
- When installing from port, do not tamper with permissions of other files
in ${PREFIX}/sbin and ${PREFIX}/lib. [1]
- Do not install plugin .la/.so files with the executable bit set, they
are not executable.
PR: ports/175434 [1]
Submitted by: Benjamin Lorenz [1] |
17 Jan 2013 23:12:24
2.3.0_2
|
mandree |
- Fix NOPORTDOCS regression [1], by installing to DESTDIR= and then installing
from
there, rather than tweaking the Makefiles.
- Move examples to EXAMPLESDIR, and heed NOPORTEXAMPLES
- Remove a leftover SUB_LIST addition.
- Switch comment to my FreeBSD e-mail address.
- Use PORTDOCS=* and PORTEXAMPLES=* to remove pkg-plist cruft
- Sort PORT_OPTIONS .ifs and stuff.
PR: ports/175283 [1]
Submitted by: Alexey Markov [1] |
13 Jan 2013 21:35:06
2.3.0_1
|
mandree |
Add a new security/easy-rsa package that contains the bits that got
split out of OpenVPN prior to the current 2.3.0 release, and make that
security/openvpn RUN_DEPENDS on it. Also update UPDATING record. |
11 Jan 2013 23:09:37
2.3.0
|
mandree |
OpenVPN changes, upgrades and fixes:
- Upgrade security/openvpn to v2.3.0 (changes installed layout a bit),
splitting and re-diffing patches.
- Retain v2.2.2 as security/openvpn22
- Mark security/openvpn20 as deprecated and to expire 6 months from now
- Fix TCP_NODELAY option (openvpn 2.3, 2.2), see
<http://community.openvpn.net/openvpn/ticket/158>
- Fix PassTOS option (openvpn 2.2, 2.0), see
http://community.openvpn.net/openvpn/ticket/135 |
06 Jan 2013 11:29:44
2.2.2
|
mandree |
- Convert to OptionsNG
- Strip Makefile header
- Drop LIB_DEPENDS ABI versions |
05 Aug 2012 23:19:40
2.2.2
|
dougb |
Move the rc.d scripts of the form *.sh.in to *.in
Where necessary add $FreeBSD$ to the file
No PORTREVISION bump necessary because this is a no-op |
14 Jan 2012 08:57:23
2.2.2
|
dougb |
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other. |
28 Dec 2011 20:43:49
2.2.2
|
mandree |
Update to new upstream release v2.2.2.
Changelog:
http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html |
24 Oct 2011 04:17:38
2.2.1_1
|
dougb |
Remove more tags from pkg-descr files fo the form:
- Name
em@i.l
or variations thereof. While I'm here also fix some whitespace and other
formatting errors, including moving WWW: to the last line in the file. |
04 Oct 2011 21:58:09
2.2.1_1
|
mandree |
Update and demote CONFLICTS to CONFLICTS_INSTALL. |
30 Aug 2011 17:11:57
2.2.1_1
|
mandree |
Use required_modules rather than _precmd.
To fix failures with 'restart'.
Reported by: Miroslav Lachman |
16 Aug 2011 22:33:30
2.2.1
|
mandree |
Fix skipping t_cltsrv when IP missing. Really this time.
Cause was a trap "... ; exit 1" 0 shell construct that needs to be
cancelled for the exit 77 to take effect. trap 0 inserted to that end. |
08 Aug 2011 22:38:44
2.2.1
|
mandree |
Fix NOPORTDOCS support, though differently than suggested
Reported by: pgollucci
PR: ports/159610 |
07 Aug 2011 18:05:35
2.2.1
|
mandree |
Skip self-test more readily without addresses. |
07 Aug 2011 17:23:40
2.2.1
|
pav |
- Turn off self-tests on pointyhat, they fail
Reported by: pointyhat |
20 Jul 2011 20:37:43
2.2.1
|
mandree |
Avoid jamming the build if the jail is without address, skip self-test. |
07 Jul 2011 00:16:57
2.2.1
|
mandree |
Update to upstream release 2.2.1.
NOTE: the easy-rsa/2.0 openssl.cnf file has been removed and replaced by
an openssl-0.9.8.cnf and an openssl-1.0.0.cnf file.
Changelog URL:
http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html |
20 Jun 2011 21:14:23
2.2.0
|
mandree |
Patch hardwired gcc to ${CC}, fixing clang-ports builds [1].
Use full ${MAKE} environment from do-build, for consistency.
Found by: -exp run [1]. |
15 May 2011 02:49:17
2.2.0
|
dougb |
Remove painful examples of foo="", with particular prejudice against
constructions that parse out to [ -z "$foo" ] && foo=""
These are bad examples that get copied and pasted into new code, so the
hope is that with less bad examples there will be less need for me to
bring this up in review.
In a few of these files all that were changed were comments so that next
time I search for these patterns I won't trip on the file for no reason.
In a few places, add $FreeBSD$
No functional changes, so no PORTREVISION bumps |
11 May 2011 09:20:45
2.2.0
|
mandree |
Remove support for lzo-1. |
03 May 2011 19:24:48
2.2.0
|
mandree |
Update to 2.2.0. Add LICENSE (GPLv2). Add a local mirror of the distfile (file
has been uploaded and will propagate soonish).
Changelog:
http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html |
08 Jan 2011 10:04:58
2.1.4
|
mandree |
Streamline a bit:
- remove subshell to use basename, and use ## substitution [1]
- remove FreeBSD 5.X compatibility comment [1]
- remove FreeBSD 5.X compatibility code
The parts marked with [1] above were
Submitted by: dougb (Doug Barton) |
09 Nov 2010 20:25:58
2.1.4
|
mandree |
Switch to XZ distribution format. |
09 Nov 2010 18:55:56
2.1.4
|
mandree |
Update to new upstream release 2.1.4.
Update MASTER_SITES.
Submitted by: Eric F. Crist <ecrist@secure-computing.net>
PR: ports/151962 |
27 Aug 2010 20:03:12
2.1.3
|
mandree |
Update to 2.1.3
No functional changes, but avoids 'have you seen new release'
type mail flood. :) |
17 Aug 2010 19:19:31
2.1.2
|
mandree |
Update to new upstream version 2.1.2.
Contains various bugfixes and improvements. |
13 Aug 2010 15:49:09
2.1.1_2
|
mandree |
Add openvpn-beta-[0-9]* to CONFLICTS variable.
Submitted by: Eric F. Crist
PR: ports/149617 |
04 Aug 2010 19:53:56
2.1.1_2
|
mandree |
Support /etc/rc.d/openvpn softrestart
to send SIGUSR1 (rather than SIGHUP) to OpenVPN processes.
Suggested by: Nick Hibma (in private email) |
05 Jun 2010 14:12:29
2.1.1_1
|
mandree |
Fix bashisms (source FILE -> . FILE)
replace shebang-lines /bin/bash -> /bin/sh
bump portrevision (changed files)
based on:
PR: ports/147472
Submitted by: Olli Hauer <ohauer@gmx.de>
Approved by: miwi (mentor) |
27 Mar 2010 06:14:03
2.1.1
|
dougb |
RC_SUBR_SUFFIX has not been needed for a long time now, all supported
versions of FreeBSD now use /etc/rc.subr and rc.d scripts without .sh
appended to the script name. |
27 Mar 2010 00:15:24
2.1.1
|
dougb |
Begin the process of deprecating sysutils/rc_subr by
s#. %%RC_SUBR%%#. /etc/rc.subr# |
07 Jan 2010 16:28:57
2.1.1
|
mandree |
Move security/openvpn to security/openvpn20 (after previous repocopy).
Update security/openvpn20 to 2.0.9, revising pkg-message.
Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.
Remove security/openvpn-devel, adding a MOVED entry.
Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.
Add a UPDATING entry for this shuffle. Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).
Approved by: garga@ (mentor) |
15 Jul 2009 16:56:10
2.0.6_9
|
dougb |
Fix a few "bad example" problems in the rc.d scripts that have been
propogated by copy and paste.
1. Primarily the "empty variable" default assignment, which is mostly
${name}_flags="", but fix a few others as well.
2. Where they are not already documented, add the existence of the _flags
(or other deleted empties) option to the comments, and in some cases add
comments from scratch.
3. Replace things that look like:
prefix=%%PREFIX%%
command=${prefix}/sbin/foo
to just use %%PREFIX%%. In many cases the $prefix variable is only used
once, and in some cases it is not used at all.
4. In a few cases remove ${name}_flags from command_args
5. Remove a long-stale comment about putting the port's rc.d script in
/etc/rc.d (which is no longer necessary).
No PORTREVISION bumps because all of these changes are noops. |
25 Jan 2009 08:10:59
2.0.6_9
|
beech |
- Add logging knob
PR: ports/130893
Submitted by: Michael Scheidell <scheidell@secnap.net>
Approved by: Matthias Andree <matthias.andree@gmx.de> (maintainer) |
21 Aug 2008 06:18:49
2.0.6_9
|
rafan |
Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.
To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.
To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.
Changes to Mk/*:
- Add runtime detection magic in bsd.port.mk (Only the first 15 lines of the commit message are shown above  ) |
18 Jul 2008 12:16:20
2.0.6_9
|
miwi |
- Force commit to correct the previous commit log:
Correct permissions/owner of DOCSDIR-installed files
PR: 125726 / 125727
Request by: maintainer via im |
18 Jul 2008 10:49:40
2.0.6_9
|
miwi |
- Respect NOPORTDOCS
PR: 125726
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer) |
20 Feb 2008 01:15:28
2.0.6_8
|
rafan |
- Run opensvn with --daemon ${name} in order to get distinguishable and
useful syslog tags
PR: ports/120862
Submitted by: Matthias Andree <matthias.andree at gmx.de> (maintainer) |
08 Mar 2007 07:16:33
2.0.6_7
|
dougb |
Remove spurious empty BEFORE: lines
Approved by: maintainer |
04 Mar 2007 19:12:37
2.0.6_7
|
nox |
rcfile:
- fix for FreeBSD releases before rcorder integration
- update copyright notice
- replace shell backticks by $().
Port:
- bump revision
- reformat comment
PR: ports/109856
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by: miwi (mentor) |
25 Feb 2007 19:42:55
2.0.6_6
|
vd |
Fix a bug I introduced with last commit which resulted in openvpn not
being started during boot. The reason for this is that at boot $0 is not
/usr/local/etc/rc.d/openvpn but /etc/rc. The fix is a bit hackish because
it retrieves the script name from $_file - variable used in run_rc_script().
Reported by: bazzoola <bazzoola@gmail.com> |
23 Feb 2007 11:41:46
2.0.6_4
|
vd |
use $() instead of ``
Requested by: Matthias Andree <matthias.andree@gmx.de> (maintainer) |
23 Feb 2007 08:38:53
2.0.6_5
|
vd |
* Add support for running multiple instances of openvpn to the startup script
Inspired by [1]
* Bump PORTREVISION
* Update the comment which says not to send notices about 2.0.8 to 2.0.9 since
2.0.9 also introduces only Windows changes. Remove maintainer's name from
this comment since he did not explicitly state this.
PR: ports/108371 [1]
Submitted by: Denis Shaposhnikov <dsh@vlink.ru>, Gleb Kozyrev
<gkozyrev@gmail.com> [1]
Approved by: matthias.andree@gmx.de (maintainer timeout, 28 days) |
04 Feb 2007 19:14:20
2.0.6_4
|
rafan |
- Use newly added RC_SUBR_SUFFIX
Approved by: Matthias Andree <matthias.andree at gmx.de> (maintainer) |
02 Oct 2006 17:47:32
2.0.6_4
|
alepulver |
- Fix build failures that arose from an accidentally omitted -fPIC.
- Portrevision bumped since the change affects all architectures,
not just those that were failing.
PR: ports/103863
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer)
Reported by: pointyhat |
30 Sep 2006 07:48:24
2.0.6_3
|
rafan |
- Install additional auth-pam plugin
PR: ports/103833
Submitted by: Matthias Andree <matthias.andree at gmx.de> (maintainer)
Suggested by: Michael Helmeste
Tested by: Michael Helmeste |
14 Sep 2006 01:22:01
2.0.6_2
|
rafan |
- Update comments for OpenVPN 2.0.8
PR: ports/103243
Submitted by: Matthias Andree <matthias.andree at gmx.de> (maintainer) |
20 Aug 2006 07:06:37
2.0.6_2
|
itetcu |
- conflicts with openvpn-devel-[0-9]*
- bump PORTREVISION
PR: ports/102301
Submitted by: Matthias Andree (maintainer) |
28 Jul 2006 09:56:54
2.0.6_1
|
itetcu |
1 - build and install lib/openvpn-down-root.so plugin (see --plugin option in
the man page) and README.openvpn-down-root
2 - match rc.d filename as printed post install in pkg-message to actual file
name on newer systems (which use openvpn rather than openvpn.sh)
Reported by: Jean-Baptiste Quenot (Bcc'd)
The maintainer wishes to thank Jean-Baptiste for his report and patience.
3 - add a pkg-req script to prevent installation of 6.1 packages on older
machines, which is a frequent source of "rc.d script doesn't work"
complaints.
Added file(s):
- files/pkg-req.in
PR: ports/100917
Submitted by: Matthias Andree (maintainer) |
27 Apr 2006 12:53:55
2.0.6
|
garga |
Add a message explaining why it won't be upgraded to 2.0.7 version, to
prevent a lot of people asking maintainer about it:
# -----------------------------------------------------
# DO NOT BOTHER TO SEND NOTICES ABOUT 2.0.7 AS IT FIXES
# A WINDOWS-ONLY BUG THAT DOESN'T AFFECT *BSD AND THUS
# DOES NOT WARRANT A PORT UPGRADE! AND UPGRADE REQUESTS
# WILL BE DROPPED. -- Matthias Andree, 2006-04-26
# -----------------------------------------------------
PR: ports/96383
Submitted by: maintainer |
05 Apr 2006 14:57:25
2.0.6
|
garga |
- Update to 2.0.6
* security fix for client LD_PRELOAD code injection vulnerability
through compromised upstream servers
(FreeBSD VuXML Vuln VID be4ccb7b-c48b-11da-ae12-0002b3b60e4c,
filed in separate PR)
CVE id not known yet
* 2 other changes only relevant for Linux and NetBSD, not detailed here.
PR: ports/95345
Submitted by: maintainer
Security: VuXML be4ccb7b-c48b-11da-ae12-0002b3b60e4c |
28 Feb 2006 16:25:43
2.0.5_1
|
vd |
Fix FreeBSD 4 jail build
PR: ports/93833
Patch by: dinoex
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by: portmgr (marcus) |
20 Feb 2006 20:47:50
2.0.5_1
|
dougb |
Remove the FreeBSD KEYWORD from all rc.d scripts where it appears.
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts. |
10 Nov 2005 15:05:42
2.0.5_1
|
garga |
- CATEGORY CHANGE: add "net" secondary category
- fix jail build on FreeBSD 4 (no security.jail.jailed oid in sysctl)
- catch jail IP misconfiguration and print clear error message
- add SHA256 checksum
- revise pkg-message and pkg-descr
PR: ports/88785
Submitted by: maintainer |
05 Nov 2005 01:24:15
2.0.5_1
|
mnag |
Enables self-tests with WITH_JAIL
Bump PORTREVISION
PR: 88488
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer) |
03 Nov 2005 15:22:44
2.0.5
|
garga |
- Update to 2.0.5
PR: ports/88437
Submitted by: maintainer |
02 Nov 2005 01:52:51
2.0.4
|
mnag |
Update to 2.0.4
PR: 88379
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer)
Security: CVE-2005-3393, CVE-2005-3409 |
25 Oct 2005 08:03:55
2.0.2_1
|
dinoex |
- fix build in jail
maintainer emailed 2005-10-04
Approved by: (maintainer timeout) |
18 Sep 2005 12:01:57
2.0.2_1
|
vs |
FreeBSD 6 no longer adds debug.if_* sysctl variables in its default kernel
(according to the release notes), so our heuristic assumes the module is
missing and tries to load it, which fails as the module already exists.
PR: ports/86286
Submitted by: maintainer |
29 Aug 2005 18:52:19
2.0.2
|
garga |
- Update to 2.0.2 that brings these upstream changes:
- fix bug that would exhaust file descriptors as the routing table was
modified
(this had already been part of the port previously)
- fix bug that would block the management socket until the peer connected
- fix pkitool sh incompatibilities (from NetBSD)
PR: ports/85299
Submitted by: maintainer |
22 Aug 2005 10:31:35
2.0.1_1
|
garga |
Fix a typo in the new rc file, where documentation didn't match the
actual variables.
PR: ports/85156
Submitted by: maintainer
Reported by: Benjamin Lutz <benlutz@datacomm.ch>
Approved by: portmgr (krion) |
19 Aug 2005 18:48:34
2.0.1
|
garga |
- Security update to version 2.0.1, fixing four denial of service bugs,
CAN-2005-2531, CAN-2005-2532, CAN-2005-2533, CAN-2005-2534
- Drop old init script and add a modern rcNG script in its place,
requested by Matthias Grimm and Dirk Gouders (although the script below is
one I, Matthias Andree, wrote). It can automatically load tun/tap drivers.
- move pkg-message to files/pkg-message.in, revise it, list it in SUB_FILES
to expand ${PREFIX}.
- print pkg-message after installation from port
- switch to official "make check" as smoke-test, rather than wiring our own.
- prefer LZO2 in most situations, as OpenVPN will pick up LZO2 rather than
LZO1 if both are installed.
PR: ports/85109
Submitted by: maintainer
Approved by: portmgr (krion) |
14 Jul 2005 13:15:47
2.0_3
|
garga |
Add PW_PASS option to compile with --enable-pass-save
PR: 82494
Submitted by: Landon Fuller <landonf@threerings.net>
Reviewed by: Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by: mantainer, flz (mentor) |
31 May 2005 19:58:33
2.0_3
|
flz |
- Backout latest commit, it needs a repocopy due to API change.
Noticed by: Matthias Andree <matthias.andree@gmx.de> |
31 May 2005 17:57:11
2.0_2
|
flz |
- Bump lzo lib version.
- Bump PORTREVISION. |
19 May 2005 16:22:21
2.0_1
|
vs |
Plug socket (file descriptor) leak.
PR: ports/81267
Submitted by: Jaroslav Klaus via maintainer |
24 Apr 2005 13:26:52
2.0
|
vs |
Revise pkg-message to mark more prominently that the default
port is now 1194 rather than 5000, and refer users to the
online release notes if looking for information WRT older versions.
PR: 80300
Submitted by: maintainer |
21 Apr 2005 14:04:41
2.0
|
jylefort |
Update to 2.0
PR: ports/80082
Submitted by: Matthias Andree <matthias.andree@gmx.de> (maintainer)
Approved by: adamw (mentor, implicit) |
03 Sep 2004 16:17:04
1.6.0
|
vs |
Add CONFLICTS with openvpn-devel
PR: ports/71337
Submitted by: maintainer |
10 May 2004 15:51:24
1.6.0
|
vs |
Update to latest stable version.
PR: ports/66473
Submitted by: Matthias Andree (maintainer) |
18 Mar 2004 02:27:55
1.5.0
|
trevor |
Add size data.
Approved by: maintainers |
21 Nov 2003 12:19:01
1.5.0
|
krion |
- Support for TCP as the tunnel transport was added
- Change maintainer email
PR: 59543
Submitted by: maintainer |
18 Jul 2003 00:16:06
1.4.2
|
leeym |
updates the OpenVPN port from 1.4.0 to 1.4.2.
PR: 54597
Submitted by: Matthias Andree <matthias.andree@gmx.de> |
09 May 2003 07:34:00
1.4.0
|
ijliao |
upgrade to 1.4.0
PR: 51956
Submitted by: maintainer |
21 Feb 2003 13:26:58
1.3.2
|
knu |
De-pkg-comment. |
25 Oct 2002 20:55:29
1.3.2
|
obraun |
* Upgrade to 1.3.2.
* Add init script.
PR: 44436
Submitted by: maintainer |
11 Jul 2002 16:51:06
1.3.0
|
ijliao |
upgrade to 1.3.0
PR: 40424
Submitted by: maintainer |
24 Jun 2002 16:13:10
1.2.1
|
pat |
Add new port openvpn: Secure IP/Ethernet tunnel daemon
PR: ports/39750
Submitted by: Matthias Andree <matthias.andree@web.de> |
If you buy from Amazon USA, please support us by using this link.
