Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
1.3.0_1 18 Jun 2024 03:59:09 |
Po-Chuan Hsieh (sunpoet) |
net/radcli: Update to 1.4.0
- Bump PORTREVISION of dependent ports for shlib change
Changes: https://github.com/radcli/radcli/releases |
1.3.0 22 May 2024 16:36:21 |
Juraj Lutter (otis) |
net/ocserv: Update to 1.3.0
Release notes: https://gitlab.com/openconnect/ocserv/-/releases/1.3.0 |
1.2.4 07 Feb 2024 13:08:21 |
Juraj Lutter (otis) |
net/ocserv: Update to 1.2.4 |
1.2.3_1 21 Jan 2024 20:24:08 |
Muhammad Moinur Rahman (bofh) |
net/ocserv: Sanitize MANPREFIX
Approved by: portmgr (blanket) |
1.2.3 27 Dec 2023 20:30:53 |
Juraj Lutter (otis) |
net/ocserv: Update to 1.2.3
Release notes: https://gitlab.com/openconnect/ocserv/-/releases/1.2.3 |
1.2.2 09 Nov 2023 13:59:35 |
Juraj Lutter (otis) |
net/ocserv: Fix build and wrong PLIST
Do not include now-non-existing file in plist.
Reported by: Trond Endrestøl <Trond.Endrestol@ximalas.info>
PR: 274983 |
1.2.2 08 Nov 2023 22:32:21 |
Juraj Lutter (otis) |
net/ocserv: Update to 1.2.2
Release notes: https://gitlab.com/openconnect/ocserv/-/releases/1.2.2
Reported by: portscout |
1.2.1 24 Aug 2023 11:44:44 |
Juraj Lutter (otis) |
net/ocserv: Update to 1.2.1
Release notes: https://gitlab.com/openconnect/ocserv/-/releases/1.2.1 |
1.2.0 21 Aug 2023 13:08:57 |
Juraj Lutter (otis) |
net/ocserv: Update to 1.2.0
- Update to 1.2.0
- Adjust dependencies
- Make DTLS work
- Regen patches
Co-authored-by: Eugene Mitrofanov <emitrofanov@gmail.com> |
1.1.7 13 May 2023 16:49:36 |
Juraj Lutter (otis) |
net/ocserv: Update to 1.1.7
- Update to 1.1.7
- Regen patches |
07 Sep 2022 21:58:51 |
Stefan Eßer (se) |
Remove WWW entries moved into port Makefiles
Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.
This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.
Approved by: portmgr (tcberner) |
1.1.6 07 Sep 2022 21:10:59 |
Stefan Eßer (se) |
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above ) |
1.1.6 25 Aug 2022 08:44:01 |
Juraj Lutter (otis) |
net/ocserv: Update to 1.1.6
- Update to 1.1.6
- Switch download from ftp to https |
1.1.3 05 Jun 2021 14:26:25 |
Juraj Lutter (otis) |
net/ocserv: Update to 1.1.3 |
1.1.2_1 31 May 2021 17:43:49 |
Don Lewis (truckman) |
devel/protobuf-c: Bump PORTREVISION of dependent ports
Bump the PORTREVISION of ports that use protobuf-c and bake in the value
of PROTOBUF_C_VERSION*.
Sponsored by: Farsight Security, Inc. |
1.1.2 06 Apr 2021 14:31:13 |
Mathieu Arnold (mat) |
all: Remove all other $FreeBSD keywords. |
1.1.2 06 Apr 2021 14:31:07 |
Mathieu Arnold (mat) |
Remove # $FreeBSD$ from Makefiles. |
1.1.2 29 Jan 2021 21:26:11 |
otis |
net/ocserv: Update to 1.1.2
- Update to 1.1.2
- Reformat Makefile according to portclippy/portfmt
- Install sample config with PREFIX-ized values where
apropriate.
- Take MAINTAINERship
Reviewed by: osa (mentor)
Approved by: osa (mentor)
MFH: 2021Q1
Differential Revision: https://reviews.freebsd.org/D28346 |
1.1.1_1 21 Nov 2020 09:44:58 |
sunpoet |
Bump PORTREVISION for net/radcli shlib change |
1.1.1 11 Oct 2020 08:36:34 |
pi |
net/ocserv: update 1.0.1 -> 1.1.1
- Fixed compatibility with OpenBSD that lacks procfs
- Improved rate-limit-ms and made it dependent on secmod backlog. This makes
the server more resilient (and prevents connection failures) on multiple
concurrent connections
- Added namespace support for listen address by introducing the listen-netns
option
- Disable TLS1.3 when cisco client compatibility is enabled. New anyconnect
clients seem to supporting TLS1.3 but are unable to handle a
client with an RSA key
- Enable a race free user disconnection via occtl
- Added the config option of a pre-login-banner
- Ocserv siwtched to using multiple ocserv-sm processes to improve scale,
with the number of ocserv-sm process dependent on maximum clients
and number of CPUs. Configuration option sec-mod-scale can be
used to override the heuristics.
- Fixed issue with group selection on radius servers sending multiple group
class attribute.
PR: 250225
Submitted by: Juraj Lutter <juraj@lutter.sk>
Relnotes: https://gitlab.com/openconnect/ocserv/-/releases/1.1.1 |
1.0.1_1 05 Oct 2020 17:34:54 |
rene |
Return cpm@'s ports to the pool after safekeeping his commit bit.
With hat: portmgr-secretary |
1.0.1_1 16 May 2020 10:51:33 |
sunpoet |
Bump PORTREVISION for security/nettle shlib change |
1.0.1 25 Apr 2020 14:38:21 |
mandree |
net/ocserv: Update to 1.0.1
Changelog:
https://gitlab.com/openconnect/ocserv/-/blob/1.0.1/NEWS#L1
This commit makes the following additional changes from Juraj's
submission:
- fix LIB_DEPENDS to libpc.so:devel/pcl (not devel/libpcl)
- replace LOCALBASE by PREFIX throughout, as these are internal references
- remove the src/config.c patch, it makes no sense to first
statically patch and then run REINPLACE_CMD for DEFAULT_CFG_FILE
- remove doc/sample.config from another REINPLACE_CMD
- remove @ - it makes no sense to hide running commands
- patch example configuration to avoid isolate-workers = true, which (Only the first 15 lines of the commit message are shown above ) |
0.12.4_2 03 Oct 2019 14:46:00 |
kevans |
net/ocserv: fix tun handoff between parent and worker process
ocserv hands off a tun fd to a worker process, but the worker process never
claims the tun with TUNSIFPID. The parent then closes the tunnel and leaves
it in a nasty state.
Bump PORTREVISION, as this is runtime breakage.
PR: 238500
Approved by: bapt (ports), cpm (maintainer, e-mail)
MFH: 2019Q4 (blanket, runtime fix) |
0.12.4_1 14 Aug 2019 03:26:09 |
meta |
Implement new virtual category: net-vpn for VPN related ports
based on discussion at ports@ [1]. As VPN softwares are put in different
physical category net and security. This is a little bit confusing. Let's
give them new virtual category net-vpn.
[1] https://lists.freebsd.org/pipermail/freebsd-ports/2019-April/115915.html
PR: 239395
Submitted by: myself
Approved by: portmgr (mat)
Differential Revision: https://reviews.freebsd.org/D21174 |
0.12.4_1 12 Aug 2019 10:52:00 |
cpm |
net/ocserv: Fix typos in pkg-descr
PR: 239577
Submitted by: Mikael Urankar <mikael.urankar@gmail.com> |
0.12.4_1 09 Jul 2019 17:13:07 |
sunpoet |
Update security/nettle to 3.5.1
- Bump PORTREVISION of dependent ports for shlib change
- Fix build of devel/pijul [1]
Changes: https://git.lysator.liu.se/nettle/nettle/blob/master/NEWS
PR: 238991
Exp-run by: antoine
Thanks to: tobik [1] |
0.12.4 08 Jul 2019 14:36:01 |
cpm |
net/ocserv: Update to 0.12.4
Noteworthy changes in 0.12.4
- Added support for radius access-challenge (multifactor) authentication.
- Fixed race condition when connect-script and disconnect-script are set, which
could potentially cause a crash (#208).
- Perform quicker cleanup of sessions which their user explicitly disconnected
(#210).
MFH: 2019Q3 |
0.12.3_1 26 Apr 2019 16:14:45 |
pkubaj |
net/ocserv: fix build with base GCC
-Wno-implicit-fallthrough is not supported by GCC 4.2
PR: 237558
Approved by: tcberner (mentor), cpm (maintainer)
Differential Revision: https://reviews.freebsd.org/D20075 |
0.12.3_1 09 Apr 2019 14:04:50 |
sunpoet |
Update devel/readline to 8.0
- Bump PORTREVISION of dependent ports for shlib change
Changes: https://tiswww.case.edu/php/chet/readline/CHANGES
PR: 236156
Exp-run by: antoine |
0.12.3 13 Mar 2019 22:06:36 |
cpm |
net/ocserv: Update to 0.12.3
- Remove LOCAL MASTER_SITES
Noteworthy changes in 0.12.3
- Fixed crash when no DTLS ciphersuite is negotiated.
- Fixed crash happening arbitrarily depending on handled string sizes (#197).
- Fixed compatibility issue with GnuTLS 3.3.x (#201).
- occtl: print the TLS session information, even if the DTLS channel is not
established.
MFH: 2019Q1 |
0.12.2 11 Jan 2019 16:20:19 |
cpm |
net/ocserv: update to 0.12.2
Noteworthy changes in 0.12.2
- Added support for AES256-SHA legacy cipher. This allows the anyconnect clients
to use AES256.
- Added support for the DTLS1.2 protocol hack used by new anyconnect client.
While I'm here pet portlint.
MFH: 2019Q1 |
0.12.1_1 30 Oct 2018 04:45:20 |
yuri |
net/ocserv: Use devel/libpcl as a dependency
PR: 232771
Approved by: Carlos J. Puga Medina <cpm@freebsd.org> (maintainer) |
0.12.1 14 May 2018 18:23:23 |
cpm |
net/ocserv: update to 0.12.1
Changelog: https://gitlab.com/ocserv/ocserv/blob/master/NEWS
Tested by: Jov <amutu@amutu.com> |
0.11.11 07 Mar 2018 18:14:18 |
cpm |
net/ocserv: Update to 0.11.11
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2018-March/004766.html |
0.11.10 08 Jan 2018 18:48:12 |
cpm |
net/ocserv: Update to 0.11.10
- Pet portlint, the port doesn't install any shared libraries, so there is no
point in USE_LDCONFIG
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2018-January/004655.html |
0.11.9 14 Oct 2017 02:03:05 |
cpm |
- Update to 0.11.9
- Update WWW in pkg-descr
Noteworthy changes in 0.11.9
- Fixed bug which caused the acceptable of invalid IPv4 address as valid.
- Fixed compatibility with gnutls 3.3.8 by avoiding the use of the 'VERS-ALL'
priority string which was introduced in 3.3.24.
- Fixed null pointer dereference when parsing locked accounts in plain password
authentication.
- Add support for RSA-PSS and Ed25519 private keys when used with GnuTLS 3.6.0.
- ocpasswd: when locking an account multiple times, add the '!' character only
once.
Based on patch by Frank Huang.
Changes:
http://lists.infradead.org/pipermail/openconnect-devel/2017-October/004529.html
MFH: 2017Q4 |
0.11.8_3 27 Jun 2017 13:46:53 |
sunpoet |
Update devel/readline to 7.0 patch 3
- Bump PORTREVISION for shlib change
Changes: https://cnswww.cns.cwru.edu/php/chet/readline/CHANGES
https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00107.html
https://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html
Differential Revision: https://reviews.freebsd.org/D11172
PR: 219947
Exp-run by: antoine |
0.11.8_2 19 May 2017 12:11:55 |
cpm |
- Make RADIUS auth backend optional
- Bump PORTREVISION
PR: 219393
Submitted by: Jov <amutu@amutu.com> |
0.11.8_1 18 May 2017 22:11:54 |
cpm |
- Add security/oath-toolkit to LIB_DEPENDS
- Sort BUILD_DEPENDS and LIB_DEPENDS
- Enable radius support
- Bump PORTREVISION |
0.11.8 05 May 2017 11:26:21 |
cpm |
net/ocserv: update to 0.11.8
- Update to 0.11.8
- Add my LOCAL to MASTER_SITES
Changes:
http://lists.infradead.org/pipermail/openconnect-devel/2017-May/004293.html |
0.11.7_1 05 May 2017 10:08:34 |
cpm |
- Fix ownership and permissions in /var/run/ocserv
- Bump PORTREVISION
PR: 219054
Reported by: Joy <amutu@amutu.com> |
0.11.7 13 Feb 2017 18:38:22 |
cpm |
net/ocserv: update to 0.11.7
- Update PORTVERSION and distinfo checksum (0.11.7)
- Regenerate some patches to apply cleanly
- Remove MAKE_JOBS_UNSAFE=yes
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2017-February/004204.html |
0.11.6 22 Nov 2016 18:35:35 |
cpm |
net/ocserv: Update to 0.11.6
- Update PORTVERSION and distinfo checksum (0.11.6)
- Add LICENSE_FILE
- Cosmetic fixes
- Remove STRIP_CMD target since all binaries are installed with --strip (-s)
option by default
- Silence two explicitly called commands
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2016-November/004066.html
Reviewed by: amdmi3 (mentor)
Approved by: amdmi3 (mentor)
Differential Revision: D8538 |
0.11.5 07 Oct 2016 22:34:04 |
cpm |
- Update ocserv to 0.11.5 release
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2016-September/003972.html
Reviewed by: pi, feld (mentor)
Approved by: feld (mentor)
Differential Revision: D8024 |
0.11.4_1 30 Sep 2016 19:24:30 |
tijl |
Let USES=localbase add -L${LOCALBASE}/lib to LIBS instead of LDFLAGS.
USES=localbase:ldflags can be used to set LDFLAGS. Normally LDFLAGS
appears too early on the command line causing some ports to link with
their own libraries in LOCALBASE (if installed) instead of WRKSRC.
Also make use of _USES_POST so -L${LOCALBASE}/lib is added as late as
possible after anything a port Makefile might set. Use _USES_POST
instead of .include in libedit.mk and libarchive.mk so things like
'USES=libedit localbase:ldflags' work correctly.
Fix some issues with LIBS in some ports.
Switch ports that don't support LIBS to localbase:ldflags.
PR: 212987
Exp-run by: antoine
Approved by: portmgr (antoine) |
0.11.4 09 Aug 2016 02:00:38 |
cpm |
- Update to 0.11.4
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2016-August/003817.html
Reviewed by: junovitch (mentor)
Approved by: junovitch (mentor)
Differential Revision: D7441 |
0.11.3 20 Jun 2016 10:04:38 |
cpm |
- Update to 0.11.3
- Add LIB_DEPENDS for security/nettle
- Switch to USES=localbase framework
ChangeLog:
http://lists.infradead.org/pipermail/openconnect-devel/2016-June/003720.html
Reviewed by: amdmi3, junovitch (mentors)
Approved by: amdmi3, junovitch (mentors)
Differential Revision: D6890 |
0.11.2 28 Apr 2016 20:27:15 |
cpm |
- Update to 0.11.2 release
- Remove unneeded patch (applied upstream)
Changelog: http://www.infradead.org/ocserv/changelog.html
Approved by: junovitch (mentor)
Differential Revision: D6122 |
0.11.1 18 Apr 2016 15:17:09 |
cpm |
- Update to 0.11.1 release
- Convert LICENSE= "GPLxx# or later" to "GPLxx+"
- Add dependency on libev
- Regenerate patches
- Add MAKE_JOBS_UNSAFE; port attempts to modify man page before generation
sed: ocpasswd.8: No such file or directory
Changelog: http://lists.infradead.org/pipermail/openconnect-devel/2016-March/003551.html
Approved by: junovitch (mentor)
Differential Revision: D5890 |
0.10.12_1 01 Apr 2016 14:16:20 |
mat |
Remove ${PORTSDIR}/ from dependencies, categories m, n, o, and p.
With hat: portmgr
Sponsored by: Absolight |
0.10.12_1 27 Mar 2016 14:58:00 |
tijl |
- Update security/gnutls to 3.4.10.
- Rename the LIBDANE option DANE because that's the name of the protocol
supported by libgnutls-dane and gnutls-cli. Also clarify the option
description.
- Add an IDN option.
- libgnutls-openssl has been removed in 3.4. Some ports used this library
in their LIB_DEPENDS but no port actually required it.
- Some old API functions have been removed. Ports that used these have been
updated or patched to use the new API.
- Add a patch to print/cups to prevent overlinking of libgnutls.so.
- Bump PORTREVISION on dependent ports.
net-im/jabber: This port used the old API to give users fine grained
control over which crypto algorithms were used via a configuration file.
It's not immediately obvious how to port this to the new API so the port
always uses the defaults now.
www/hydra: Mark BROKEN. This uses more removed calls than the other ports,
is said to be alpha quality and not fully functional and has been abandoned
10 years ago.
PR: 207768
Exp-run by: antoine
Approved by: portmgr (antoine) |
0.10.12 17 Mar 2016 10:32:06 |
cpm |
- Update to 0.10.12
- Update MAINTAINER to my @FreeBSD.org address
PR: 207824
Approved by: junovitch (mentor) |
0.10.11 27 Jan 2016 10:31:11 |
cpm |
- Update to 0.10.11
Changes:
http://lists.infradead.org/pipermail/openconnect-devel/2016-January/003362.html
PR: 205244
Submitted by: Carlos J. Puga Medina <cpm@fbsd.es>
Approved by: junovitch (mentor) |
0.10.9 13 Oct 2015 12:13:15 |
pi |
net/ocserv: 0.10.8 -> 0.10.9
Changes: http://www.infradead.org/ocserv/changelog.html
PR: 203739
Submitted by: Carlos J Puga Medina <cpm@fbsd.es> (maintainer) |
0.10.8 07 Oct 2015 01:36:22 |
amdmi3 |
- Switch to options helpers
- Pet portlint
Approved by: portmgr blanket |
0.10.8 06 Sep 2015 20:24:11 |
pi |
net/ocserv: 0.10.7 -> 0.10.8
- Update to 0.10.8 release
- Add libtasn1 dependency
- Fix patches
PR: 202936
Submitted by: Carlos J Puga Medina <cpm@fbsd.es> (maintainer) |
0.10.7 16 Aug 2015 21:48:16 |
pi |
New port: net/ocserv: server implementing the AnyConnect SSL VPN protocol
OpenConnect server (ocserv) is an SSL VPN server. Its purpose is
to be a secure, small, fast and configurable VPN server. It implements
the OpenConnect SSL VPN protocol, and has also (currently experimental)
compatibility with clients using the AnyConnect SSL VPN protocol.
The OpenConnect protocol provides a dual TCP/UDP VPN channel, and
uses the standard IETF security protocols to secure it. Both IPv4
and IPv6 are supported.
Ocserv's main features are security through provilege separation
and sandboxing, accounting, and resilience due to a combined use
of TCP and UDP. Authentication occurs in an isolated security
module process, and each user is assigned an unprivileged worker
process, and a networking (tun) device. That not only eases the (Only the first 15 lines of the commit message are shown above ) |