FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
ocserv Server implementing the AnyConnect SSL VPN protocol
0.11.8_3 net on this many watch lists=2 search for ports that depend on this port Find issues related to this port Report an issue related to this port
Maintainer: cpm@FreeBSD.org search for ports maintained by this maintainer
Port Added: 16 Aug 2015 21:48:28
Also Listed In: security
License: GPLv2+
OpenConnect server (ocserv) is an SSL VPN server. Its purpose is
to be a secure, small, fast and configurable VPN server. It implements
the OpenConnect SSL VPN protocol, and has also (currently experimental)
compatibility with clients using the AnyConnect SSL VPN protocol.
The OpenConnect protocol provides a dual TCP/UDP VPN channel, and
uses the standard IETF security protocols to secure it. Both IPv4
and IPv6 are supported.

Ocserv's main features are security through provilege separation
and sandboxing, accounting, and resilience due to a combined use
of TCP and UDP.  Authentication occurs in an isolated security
module process, and each user is assigned an unprivileged worker
process, and a networking (tun) device. That not only eases the
control of the resources of each user or group of users, but also
prevents data leak (e.g., heartbleed-style attacks), and privilege
escalation due to any bug on the VPN handling (worker) process. A
management interface allows for viewing and querying logged-in
users.

WWW: http://www.infradead.org/ocserv/
SVNWeb : Homepage : PortsMon

To install the port: cd /usr/ports/net/ocserv/ && make install clean
To add the package: pkg install ocserv

PKGNAME: ocserv

distinfo:

TIMESTAMP = 1493983020
SHA256 (ocserv-0.11.8.tar.xz) = 735b9b88a004d5bc8a91d4093d07ea0e2c9fac370a35d84beccc394ed24420c7
SIZE (ocserv-0.11.8.tar.xz) = 774108


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. autogen : devel/autogen
  2. bash : shells/bash
  3. gsed : textproc/gsed
  4. autoconf-2.69 : devel/autoconf
  5. autoheader-2.69 : devel/autoconf
  6. autoreconf-2.69 : devel/autoconf
  7. aclocal-1.15 : devel/automake
  8. automake-1.15 : devel/automake
  9. libtoolize : devel/libtool
  10. gmake : devel/gmake
  11. pkgconf>=1.3.0_1 : devel/pkgconf
Library dependencies:
  1. liblz4.so : archivers/liblz4
  2. libiconv.so : converters/libiconv
  3. libev.so : devel/libev
  4. libtalloc.so : devel/talloc
  5. libprotobuf-c.so : devel/protobuf-c
  6. libgnutls.so : security/gnutls
  7. libtasn1.so : security/libtasn1
  8. libnettle.so : security/nettle
  9. liboath.so : security/oath-toolkit
There are no ports dependent upon this port

Configuration Options
===> The following configuration options are available for ocserv-0.11.8_3:
     DOCS=on: Build and/or install documentation
     EXAMPLES=on: Build and/or install examples
     GSSAPI=off: GSSAPI Security API support
     RADIUS=off: RADIUS protocol support
===> Use 'make config' to modify these settings

USES:
autoreconf cpe gmake gperf libtool localbase ncurses  pathfix pkgconfig readline tar:xz

Master Sites:
  1. ftp://ftp.infradead.org/pub/ocserv/
  2. http://distcache.FreeBSD.org/local-distfiles/cpm/
  3. http://distcache.eu.FreeBSD.org/local-distfiles/cpm/
  4. http://distcache.us-east.FreeBSD.org/local-distfiles/cpm/
  5. http://distcache.us-west.FreeBSD.org/local-distfiles/cpm/

Number of commits found: 21

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
27 Jun 2017 13:46:53
Original commit files touched by this commit  0.11.8_3
Revision:444463
sunpoet search for other commits by this committer
Update devel/readline to 7.0 patch 3

- Bump PORTREVISION for shlib change

Changes:	https://cnswww.cns.cwru.edu/php/chet/readline/CHANGES
		https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00107.html
		https://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html
Differential Revision:	https://reviews.freebsd.org/D11172
PR:		219947
Exp-run by:	antoine
19 May 2017 12:11:55
Original commit files touched by this commit  0.11.8_2
Revision:441221
cpm search for other commits by this committer
- Make RADIUS auth backend optional
- Bump PORTREVISION

PR:		219393
Submitted by:	Jov <amutu@amutu.com>
18 May 2017 22:11:54
Original commit files touched by this commit  0.11.8_1
Revision:441202
cpm search for other commits by this committer
- Add security/oath-toolkit to LIB_DEPENDS
- Sort BUILD_DEPENDS and LIB_DEPENDS
- Enable radius support
- Bump PORTREVISION
05 May 2017 11:26:21
Original commit files touched by this commit  0.11.8
Revision:440147
cpm search for other commits by this committer
net/ocserv: update to 0.11.8

- Update to 0.11.8
- Add my LOCAL to MASTER_SITES

Changes:
http://lists.infradead.org/pipermail/openconnect-devel/2017-May/004293.html
05 May 2017 10:08:34
Original commit files touched by this commit  0.11.7_1
Revision:440146
cpm search for other commits by this committer
- Fix ownership and permissions in /var/run/ocserv
- Bump PORTREVISION

PR:		219054
Reported by:	Joy <amutu@amutu.com>
13 Feb 2017 18:38:22
Original commit files touched by this commit  0.11.7
Revision:434013
cpm search for other commits by this committer
net/ocserv: update to 0.11.7

- Update PORTVERSION and distinfo checksum (0.11.7)
- Regenerate some patches to apply cleanly
- Remove MAKE_JOBS_UNSAFE=yes

Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2017-February/004204.html
22 Nov 2016 18:35:35
Original commit files touched by this commit  0.11.6
Revision:426841
cpm search for other commits by this committer
net/ocserv: Update to 0.11.6

- Update PORTVERSION and distinfo checksum (0.11.6)
- Add LICENSE_FILE
- Cosmetic fixes
- Remove STRIP_CMD target since all binaries are installed with --strip (-s)
option by default
- Silence two explicitly called commands

Changelog:
  
http://lists.infradead.org/pipermail/openconnect-devel/2016-November/004066.html

Reviewed by:	amdmi3 (mentor)
Approved by:	amdmi3 (mentor)
Differential Revision:	D8538
07 Oct 2016 22:34:04
Original commit files touched by this commit  0.11.5
Revision:423487
cpm search for other commits by this committer
- Update ocserv to 0.11.5 release

Changelog:
 
http://lists.infradead.org/pipermail/openconnect-devel/2016-September/003972.html

Reviewed by:	pi, feld (mentor)
Approved by:	feld (mentor)
Differential Revision:	D8024
30 Sep 2016 19:24:30
Original commit files touched by this commit  0.11.4_1
Revision:423014
tijl search for other commits by this committer
Let USES=localbase add -L${LOCALBASE}/lib to LIBS instead of LDFLAGS.
USES=localbase:ldflags can be used to set LDFLAGS.  Normally LDFLAGS
appears too early on the command line causing some ports to link with
their own libraries in LOCALBASE (if installed) instead of WRKSRC.

Also make use of _USES_POST so -L${LOCALBASE}/lib is added as late as
possible after anything a port Makefile might set.  Use _USES_POST
instead of .include in libedit.mk and libarchive.mk so things like
'USES=libedit localbase:ldflags' work correctly.

Fix some issues with LIBS in some ports.

Switch ports that don't support LIBS to localbase:ldflags.

PR:		212987
Exp-run by:	antoine
Approved by:	portmgr (antoine)
09 Aug 2016 02:00:38
Original commit files touched by this commit  0.11.4
Revision:419896
cpm search for other commits by this committer
- Update to 0.11.4

Changelog:
  http://lists.infradead.org/pipermail/openconnect-devel/2016-August/003817.html

Reviewed by:	junovitch (mentor)
Approved by:	junovitch (mentor)
Differential Revision:	D7441
20 Jun 2016 10:04:38
Original commit files touched by this commit  0.11.3
Revision:417147
cpm search for other commits by this committer
- Update to 0.11.3
- Add LIB_DEPENDS for security/nettle
- Switch to USES=localbase framework

ChangeLog:
  http://lists.infradead.org/pipermail/openconnect-devel/2016-June/003720.html

Reviewed by:	amdmi3, junovitch (mentors)
Approved by:	amdmi3, junovitch (mentors)
Differential Revision:	D6890
28 Apr 2016 20:27:15
Original commit files touched by this commit  0.11.2
Revision:414238
cpm search for other commits by this committer
- Update to 0.11.2 release
- Remove unneeded patch (applied upstream)

Changelog: http://www.infradead.org/ocserv/changelog.html

Approved by:	junovitch (mentor)
Differential Revision:	D6122
18 Apr 2016 15:17:09
Original commit files touched by this commit  0.11.1
Revision:413584
cpm search for other commits by this committer
- Update to 0.11.1 release
- Convert LICENSE= "GPLxx# or later" to "GPLxx+"
- Add dependency on libev
- Regenerate patches
- Add MAKE_JOBS_UNSAFE; port attempts to modify man page before generation
  sed: ocpasswd.8: No such file or directory

Changelog:	http://lists.infradead.org/pipermail/openconnect-devel/2016-March/003551.html

Approved by:	junovitch (mentor)
Differential Revision:	D5890
01 Apr 2016 14:16:20
Original commit files touched by this commit  0.10.12_1
Revision:412348
mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories m, n, o, and p.

With hat:	portmgr
Sponsored by:	Absolight
27 Mar 2016 14:58:00
Original commit files touched by this commit  0.10.12_1
Revision:411990
tijl search for other commits by this committer
- Update security/gnutls to 3.4.10.
- Rename the LIBDANE option DANE because that's the name of the protocol
  supported by libgnutls-dane and gnutls-cli.  Also clarify the option
  description.
- Add an IDN option.
- libgnutls-openssl has been removed in 3.4.  Some ports used this library
  in their LIB_DEPENDS but no port actually required it.
- Some old API functions have been removed.  Ports that used these have been
  updated or patched to use the new API.
- Add a patch to print/cups to prevent overlinking of libgnutls.so.
- Bump PORTREVISION on dependent ports.

net-im/jabber: This port used the old API to give users fine grained
control over which crypto algorithms were used via a configuration file.
It's not immediately obvious how to port this to the new API so the port
always uses the defaults now.

www/hydra: Mark BROKEN.  This uses more removed calls than the other ports,
is said to be alpha quality and not fully functional and has been abandoned
10 years ago.

PR:		207768
Exp-run by:	antoine
Approved by:	portmgr (antoine)
17 Mar 2016 10:32:06
Original commit files touched by this commit  0.10.12
Revision:411268
cpm search for other commits by this committer
- Update to 0.10.12
- Update MAINTAINER to my @FreeBSD.org address

PR:		207824
Approved by:	junovitch (mentor)
27 Jan 2016 10:31:11
Original commit files touched by this commit  0.10.11
Revision:407350
cpm search for other commits by this committer
- Update to 0.10.11

Changes:
  
http://lists.infradead.org/pipermail/openconnect-devel/2016-January/003362.html

PR:		205244
Submitted by:	Carlos J. Puga Medina <cpm@fbsd.es>
Approved by:	junovitch (mentor)
13 Oct 2015 12:13:15
Original commit files touched by this commit  0.10.9
Revision:399187
pi search for other commits by this committer
net/ocserv: 0.10.8 -> 0.10.9

Changes: http://www.infradead.org/ocserv/changelog.html

PR:		203739
Submitted by:	Carlos J Puga Medina <cpm@fbsd.es> (maintainer)
07 Oct 2015 01:36:22
Original commit files touched by this commit  0.10.8
Revision:398733
amdmi3 search for other commits by this committer
- Switch to options helpers
- Pet portlint

Approved by:	portmgr blanket
06 Sep 2015 20:24:11
Original commit files touched by this commit  0.10.8
Revision:396231
pi search for other commits by this committer
net/ocserv: 0.10.7 -> 0.10.8

- Update to 0.10.8 release
- Add libtasn1 dependency
- Fix patches

PR:		202936
Submitted by:	Carlos J Puga Medina <cpm@fbsd.es> (maintainer)
16 Aug 2015 21:48:16
Original commit files touched by this commit  0.10.7
Revision:394422
pi search for other commits by this committer
New port: net/ocserv: server implementing the AnyConnect SSL VPN protocol

OpenConnect server (ocserv) is an SSL VPN server. Its purpose is
to be a secure, small, fast and configurable VPN server. It implements
the OpenConnect SSL VPN protocol, and has also (currently experimental)
compatibility with clients using the AnyConnect SSL VPN protocol.
The OpenConnect protocol provides a dual TCP/UDP VPN channel, and
uses the standard IETF security protocols to secure it. Both IPv4
and IPv6 are supported.

Ocserv's main features are security through provilege separation
and sandboxing, accounting, and resilience due to a combined use
of TCP and UDP.  Authentication occurs in an isolated security
module process, and each user is assigned an unprivileged worker
process, and a networking (tun) device. That not only eases the
(Only the first 15 lines of the commit message are shown above View all of this commit message)

Number of commits found: 21

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
jabberdJul 26
gsoapJul 25
webkit2-gtk3Jul 25
mariadb100-server*Jul 23
mariadb101-server*Jul 23
mariadb55-server*Jul 23
mysql55-server*Jul 23
mysql56-server*Jul 23
mysql57-server*Jul 23
percona55-server*Jul 23
percona56-server*Jul 23
percona57-server*Jul 23
gitlabJul 20
collectd5Jul 19
strongswanJul 19

13 vulnerabilities affecting 67 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 30899
Broken 174
Deprecated 102
Ignore 471
Forbidden 0
Restricted 210
No CDROM 84
Vulnerable 195
Expired 42
Set to expire 97
Interactive 0
new 24 hours 7
new 48 hours19
new 7 days99
new fortnight165
new month511

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2017 Dan Langille. All rights reserved.