security/softether-devel: Mark BROKEN

Fails to build in all versions and archs with:

error: unable to open output file 'tmp/objs/Mayaqua/Encrypt.o': 'No such file
or directory'

Approved by:	portmgr (blanket)

security/softether{,-devel}: Drop ONLY_FOR_ARCHS

as now it builds every supported architectures.

Reported by:	danfe

security/softether-devel: Update to 4.43.9799-beta

security/softether5: Update to 5.02.5180-333-g0f689d9d

Now client functionality practically works on FreeBSD!

security/softether-devel: Mark IGNORE

as there's no beta version ahead of RTM version.

security/softether-devel: Update to 4.41.9782-beta

Changes:	https://www.softether.org/5-download/history

Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)

Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

security/softether-devel: Update to 4.39.9772-beta

* Fixed configuration file revision incrementing even when password is
  changed from the client.
* Sanitize Method in HttpSendNotImplemented.
* Added support for V_ASN1_GENERALIZEDTIME notation for certificate
  expiration dates.

Changes:	https://www.softether.org/5-download/history

security/softether{,-devel}: enable on riscv64

security/softether: Update to 4.38.9760

This version includes mitigations for attack attempts on IPsec.
See also the article[1].

Also, mark security/softether-devel as IGNORE because no beta versions
ahead of RTM release version now. Use security/softether instead.

[1] https://ja.softether.org/9-about/news/901-210816

Relnotes:	https://www.softether.org/5-download/history
Relnotes:	https://ja.softether.org/5-download/history

secyrity/softether-devel: Update to 4.37-9758-beta

This update reduces the occurrence of nonsensical packet ping-pong between
attackers targeting IPsec VPN devices with a wide range of global IP
addresses.  See the release note and the announcement[1] for details.

While here, clean CFLAGS & LDFLAGS, sync ONLY_FOR_ARCHS with
security/softether-devel.

[1] https://ja.softether.org/9-about/news/901-210816

Relnotes:	https://www.softether.org/5-download/history

security/softether-devel: enable on powerpc, powerpc64 and powerpc64le

*: Clean up some things

- Clean up commented PORTREVISION
- Add missing USES

Reported by:	portscan

security/softether-devel: fix distinfo corruption

security/softether{,-devel}: revert unnecessary use of DIST_SUBDIR

Reported by:	mat (pointed out in sysutils/mackerel-agent)

security/softether-devel: Update to 4.36-9754-beta

* Japanese government's public personal authentication JPKI 64bit
  support
* Use DIST_SUBDIR not to clutter distfiles directory

Relnotes:	https://ja.softether.org/5-download/history

One more small cleanup, forgotten yesterday.
Reported by:	lwhsu

Remove # $FreeBSD$ from Makefiles.

security/softether: increase SecureNAT sessions

to 20000 as well as security/softether5. The factory default is 4096.

Sponsored by:	HAW International

security/softether: Add rc script for TrafficServer

security/softether*: fix typo s/dirctories/directories/

in pkg-message

security/softether: deprecate UNLOCK option as well as r540740

security/softether: Update to 4.34.9745

because upstream considered 4.34.9745-beta is stable enough and marked it as
RTM. Also, mark security/softether-devel as IGNORE since it is exactly the
same as security/softether right now.

Relnotes:	https://www.softether.org/5-download/history

devel/softether-devel: Update to v4.34.9745-beta

Fix security issue:
Fix the security of JSON-API. If the administrator password of the
VirtualHub is empty, JSON-API (which was added in 4.30 Build 9696 Beta)
will not be able to access to the virtual hub with a empty password since
this release. Because there are relatively many cases in which administrator
password is empty for a virtual hub, being able to manage a virtual hub
without a password using JSON-API was a security problem. In this release,
this behavior has been changed so that JSON-API cannot be accessed in the
Virtual Hub management mode until it is configured with non-empty password.

Relnotes:	https://www.softether.org/5-download/history
Sponsored by:	HAW International

security/softether-devel: Update to v4.34.9744-beta

Summary of changes:
* Bug fix: In VPN Server, you could not connect from older SoftEther VPN
  (version 3.0 or earlier) due to the specification change of OpenSSL.
* Feature added: The Tls_Disable1_3 option has been added to the VPN Server.
  You can disable TLS 1.3 by setting this option to true.
* Feature added: It is now possible to get a log list of all cluster member
  servers from the cluster controller.

Relnotes:	https://www.softether.org/5-download/history

security/softether-devel:  Update to v4.32.9731-beta

Summary of changes:
* Bugfix: Fix the SecureNAT connection problem with ignoring TCP ECN bit enabled
packets
* Bugfix: Imperfect Virtual Hub FDB lock may cause process crush.
* Bugfix: OpenVPN Certificate Authentication may cause process crush.
* Improvement: Add a space character between URL and other tokens in the packet
log format.

Relnotes:	https://www.softether.org/5-download/history

security/softether-devel: Update to v4.31.9727-beta

Summary of changes:
* Add the new function to reserve and each Virtual MAC address and IP address
  for each user of L2TP/IPsec, SSTP and OpenVPN L3
* Add the "<CA>" field on the auto-generated OpenVPN configuration file
* Add the code to use the optimized OpenSSL's implementation to compute
  the AEAD_CHACHA20POLY1305 algorithm if available
* Add DisableJsonRpcWebApi switch to hide index.html
* Add DisableIPsecAggressiveMode switch to moderate CVE-2002-1623

Relnotes:	https://www.softether.org/5-download/history
Sponsored by:	HAW International, Inc.

security/softether-devel: make LogFileList command[1] work

properly as well as r512198. Also config backup function should work now.

[1]
https://www.softether.org/4-docs/1-manual/6._Command_Line_Management_Utility_Manual/6.3_VPN_Server_%2F%2F_VPN_Bridge_Management_Command_Reference_(For_Entire_Server)#6.3.55_.22LogFileList.22:_Get_List_of_Log_Files

Sponsored by:	HAW International, Inc.

Convert to UCL & cleanup pkg-message (categories s)

Implement new virtual category: net-vpn for VPN related ports

based on discussion at ports@ [1]. As VPN softwares are put in different
physical category net and security. This is a little bit confusing. Let's
give them new virtual category net-vpn.

[1] https://lists.freebsd.org/pipermail/freebsd-ports/2019-April/115915.html

PR:		239395
Submitted by:	myself
Approved by:	portmgr (mat)
Differential Revision:	https://reviews.freebsd.org/D21174

security/softether-devel: Update to v4.30.9700-beta

Build regression with OpenSSL 1.1.x is fixed in upstream.

security/softether-devel: Update to v4.30-9696-beta

The biggest topics of this version are JSON-RPC API and HTML5 based admin
console.

Here's the summary of changes:
* Added the SoftEther VPN Server JSON-RPC API Suite implementation
* Added the Embedded HTML5-based Modern Admin Console
* Fixed the problem occurs when RPC messages between Cluster Members exceed
64Kbytes
* Fixed the RADIUS PEAP client to use the standard TLS versioning
* Added the support of ChaCha20-Poly1305-IETF AEAD for RUDP
* Added the function to display the protocol details about the VPN session
* Fixed the bug that the language switching function was disabled. (Build 9695
-> Build 9696)

Relnotes:	https://www.softether.org/5-download/history
Sponsored by:	HAW International, Inc.

Update devel/readline to 8.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://tiswww.case.edu/php/chet/readline/CHANGES
PR:		236156
Exp-run by:	antoine

security/softether-devel: Mark as IGNORE

as no beta version ahead of stable release version right now. Use
security/softether instead for now.

While here, update COMMENT.

security/softether*: bridge is supported now

security/softether{,-devel}: do not spit out anything on libexec directory

SoftEther client, bridge, server daemon unintendedly had spit on libexec
directory up to this update. Spit out all runtime files, directories and
logs on SE_DBDIR or SE_LOGDIR.

While here,
- Avoid all hardcoded use of /var/db/softether, /var/log/softether
  Respect SE_DBDIR and SE_LOGDIR defined in Makefile
- Substitute these directories in pkg-message as well
- Regenerate some patches
- Bump PORTREVISION to force rebuild

Sponsored by:	HAW International, Inc.

New port: security/softether5: SoftEther VPN 5 (Developer Edition)

SoftEther VPN ("SoftEther" means "Software Ethernet") is an
open-source cross-platform multi-protocol VPN program, created as an
academic project in the University of Tsukuba.  Its protocol is very
fast and it can be used in very restricted environments, as it's able
to transfer packets over DNS and ICMP.  A NAT-Traversal function is
also available, very useful in case the required ports cannot be
opened on the firewall.  The supported third party protocols are
OpenVPN, L2TP/IPSec and SSTP.

This port is a bleeding-edge developer version of SoftEther, not for
production use.  If you're looking for a solid and stable version,
use security/softether (RTM version) or security/softether-devel
(stable version) instead.  This version is available also on other
other than i386/amd64 processors. Users who want to use SoftEther on
single board computers such as Raspberry Pi, BeagleBoard or other
embedded devices, try this port.

WWW: https://www.softether.org

security/softether-devel: Update to 4.28-9669-beta

Approved by:	mentors (implicit)
Relnotes:	https://www.softether.org/5-download/history

security/softether{,-devel}: fix the build with OpenSSL 1.1.1

Reported by:	pkg-fallout
Approved by:	mentors (implicit)
Obtained from:	https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/pull/1
Sponsored by:	HAW International, Inc.

security/softether{,-devel}: switch to DISTVERSION

- Quit using hardcoded WRKSRC, it is almost as same as DISTVERSION

Approved by:	mentors (implicit)

security/softether-devel: update to v4.27-9668-beta

As security/softether and -devel are created and maintained by different
people for a long time, there was a lot of difference between and no
consistency between both ports.

I grab both ports and renew this port based on security/softether. Now
there're least differences such as VERSION, COMMENT, CONFLICTS between
both. To make both ports consistent, I quit fetching from GitHub. Using
upstream site[1] instead. Upstream distributes -rtm and -beta suffixed
tarballs. -rtm corresponds to security/softether, -beta does to
security/softether-devel now.

[1] https://www.softether-download.com/

Approved by:	mentors (implicit)

Take maintainership due to long inactivity on these ports.

PR:		232372 230047 230050
Approved by:	maintainer timeout, mentors (implicit)

security/softether-devel: add unlock regional lockout option

As well as r462449, applying the same patch to -devel port.

PR:		225750
Submitted by:	myself
Approved by:	maintainer timeout, pi (mentor)

Update devel/readline to 7.0 patch 3

- Bump PORTREVISION for shlib change

Changes:	https://cnswww.cns.cwru.edu/php/chet/readline/CHANGES
		https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00107.html
		https://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html
Differential Revision:	https://reviews.freebsd.org/D11172
PR:		219947
Exp-run by:	antoine

net/softethervpn: rename to security/softether-devel

PR:		217732
Submitted by:	pi
Approved by:	hrs (maintainer timeout)