notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
non port: net/ocserv/Makefile
SVNWeb

Number of commits found: 42

Sat, 5 Jun 2021
[ 14:26 Juraj Lutter (otis) search for other commits by this committer ]    commit hash:cd0a1795e02636de8e062b47fb71935299751b49  cd0a179 
net/ocserv: Update to 1.1.3
Mon, 31 May 2021
[ 17:43 Don Lewis (truckman) search for other commits by this committer ]    commit hash:0926031bce42c0b43d56124642b9b36531598b7f  0926031 
devel/protobuf-c: Bump PORTREVISION of dependent ports

Bump the PORTREVISION of ports that use protobuf-c and bake in the value
of PROTOBUF_C_VERSION*.
Sponsored by:	Farsight Security, Inc.
Tue, 6 Apr 2021
[ 14:31 Mathieu Arnold (mat) search for other commits by this committer ]    commit hash:305f148f482daf30dcf728039d03d019f88344eb  305f148  (Only the first 10 of 29333 ports in this commit are shown above. View all ports for this commit)
Remove # $FreeBSD$ from Makefiles.
Fri, 29 Jan 2021
[ 21:26 otis search for other commits by this committer ] Original commit   Revision:563249
net/ocserv: Update to 1.1.2

- Update to 1.1.2
- Reformat Makefile according to portclippy/portfmt
- Install sample config with PREFIX-ized values where
  apropriate.
- Take MAINTAINERship

Reviewed by:	osa (mentor)
Approved by:	osa (mentor)
MFH:		2021Q1
Differential Revision:	https://reviews.freebsd.org/D28346
Sat, 21 Nov 2020
[ 09:44 sunpoet search for other commits by this committer ] Original commit   Revision:555942
Bump PORTREVISION for net/radcli shlib change
Sun, 11 Oct 2020
[ 08:36 pi search for other commits by this committer ] Original commit   Revision:552035
net/ocserv: update 1.0.1 -> 1.1.1

- Fixed compatibility with OpenBSD that lacks procfs
- Improved rate-limit-ms and made it dependent on secmod backlog. This makes
  the server more resilient (and prevents connection failures) on multiple
  concurrent connections
- Added namespace support for listen address by introducing the listen-netns
  option
- Disable TLS1.3 when cisco client compatibility is enabled. New anyconnect
  clients seem to supporting TLS1.3 but are unable to handle a
  client with an RSA key
- Enable a race free user disconnection via occtl
- Added the config option of a pre-login-banner
- Ocserv siwtched to using multiple ocserv-sm processes to improve scale,
  with the number of ocserv-sm process dependent on maximum clients
  and number of CPUs. Configuration option sec-mod-scale can be
  used to override the heuristics.
- Fixed issue with group selection on radius servers sending multiple group
  class attribute.

PR:		250225
Submitted by:	Juraj Lutter <juraj@lutter.sk>
Relnotes:	https://gitlab.com/openconnect/ocserv/-/releases/1.1.1
Mon, 5 Oct 2020
[ 17:34 rene search for other commits by this committer ] Original commit   Revision:551529 (Only the first 10 of 25 ports in this commit are shown above. View all ports for this commit)
Return cpm@'s ports to the pool after safekeeping his commit bit.

With hat:	portmgr-secretary
Sat, 16 May 2020
[ 10:51 sunpoet search for other commits by this committer ] Original commit   Revision:535391 (Only the first 10 of 34 ports in this commit are shown above. View all ports for this commit)
Bump PORTREVISION for security/nettle shlib change
Sat, 25 Apr 2020
[ 14:38 mandree search for other commits by this committer ] Original commit   Revision:532955 (Only the first 10 of 11 ports in this commit are shown above. View all ports for this commit)
net/ocserv: Update to 1.0.1

Changelog:
https://gitlab.com/openconnect/ocserv/-/blob/1.0.1/NEWS#L1

This commit makes the following additional changes from Juraj's
submission:

- fix LIB_DEPENDS to libpc.so:devel/pcl (not devel/libpcl)
- replace LOCALBASE by PREFIX throughout, as these are internal references
- remove the src/config.c patch, it makes no sense to first
  statically patch and then run REINPLACE_CMD for DEFAULT_CFG_FILE
- remove doc/sample.config from another REINPLACE_CMD
- remove @ - it makes no sense to hide running commands
- patch example configuration to avoid isolate-workers = true, which
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Thu, 3 Oct 2019
[ 14:46 kevans search for other commits by this committer ] Original commit   Revision:513668
net/ocserv: fix tun handoff between parent and worker process

ocserv hands off a tun fd to a worker process, but the worker process never
claims the tun with TUNSIFPID. The parent then closes the tunnel and leaves
it in a nasty state.

Bump PORTREVISION, as this is runtime breakage.

PR:		238500
Approved by:	bapt (ports), cpm (maintainer, e-mail)
MFH:		2019Q4 (blanket, runtime fix)
Wed, 14 Aug 2019
[ 03:26 meta search for other commits by this committer ] Original commit   Revision:508887 (Only the first 10 of 30 ports in this commit are shown above. View all ports for this commit)
Implement new virtual category: net-vpn for VPN related ports

based on discussion at ports@ [1]. As VPN softwares are put in different
physical category net and security. This is a little bit confusing. Let's
give them new virtual category net-vpn.

[1] https://lists.freebsd.org/pipermail/freebsd-ports/2019-April/115915.html

PR:		239395
Submitted by:	myself
Approved by:	portmgr (mat)
Differential Revision:	https://reviews.freebsd.org/D21174
Tue, 9 Jul 2019
[ 17:13 sunpoet search for other commits by this committer ] Original commit   Revision:506289 (Only the first 10 of 38 ports in this commit are shown above. View all ports for this commit)
Update security/nettle to 3.5.1

- Bump PORTREVISION of dependent ports for shlib change
- Fix build of devel/pijul [1]

Changes:	https://git.lysator.liu.se/nettle/nettle/blob/master/NEWS
PR:		238991
Exp-run by:	antoine
Thanks to:	tobik [1]
Mon, 8 Jul 2019
[ 14:36 cpm search for other commits by this committer ] Original commit   Revision:506230
net/ocserv: Update to 0.12.4

Noteworthy changes in 0.12.4

- Added support for radius access-challenge (multifactor) authentication.
- Fixed race condition when connect-script and disconnect-script are set, which
could potentially cause a crash (#208).
- Perform quicker cleanup of sessions which their user explicitly disconnected
(#210).

MFH:		2019Q3
Tue, 9 Apr 2019
[ 14:04 sunpoet search for other commits by this committer ] Original commit   Revision:498476 (Only the first 10 of 289 ports in this commit are shown above. View all ports for this commit)
Update devel/readline to 8.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://tiswww.case.edu/php/chet/readline/CHANGES
PR:		236156
Exp-run by:	antoine
Wed, 13 Mar 2019
[ 22:06 cpm search for other commits by this committer ] Original commit   Revision:495663
net/ocserv: Update to 0.12.3

- Remove LOCAL MASTER_SITES

Noteworthy changes in 0.12.3

- Fixed crash when no DTLS ciphersuite is negotiated.
- Fixed crash happening arbitrarily depending on handled string sizes (#197).
- Fixed compatibility issue with GnuTLS 3.3.x (#201).
- occtl: print the TLS session information, even if the DTLS channel is not
established.

MFH:		2019Q1
Fri, 11 Jan 2019
[ 16:20 cpm search for other commits by this committer ] Original commit   Revision:489983
net/ocserv: update to 0.12.2

Noteworthy changes in 0.12.2

- Added support for AES256-SHA legacy cipher. This allows the anyconnect clients
to use AES256.
- Added support for the DTLS1.2 protocol hack used by new anyconnect client.

While I'm here pet portlint.

MFH:		2019Q1
Tue, 30 Oct 2018
[ 04:45 yuri search for other commits by this committer ] Original commit   Revision:483447
net/ocserv: Use devel/libpcl as a dependency

PR:		232771
Approved by:	Carlos J. Puga Medina <cpm@freebsd.org> (maintainer)
Mon, 14 May 2018
[ 18:23 cpm search for other commits by this committer ] Original commit   Revision:469943 (Only the first 10 of 12 ports in this commit are shown above. View all ports for this commit)
net/ocserv: update to 0.12.1

Changelog: https://gitlab.com/ocserv/ocserv/blob/master/NEWS

Tested by:	Jov <amutu@amutu.com>
Wed, 7 Mar 2018
[ 18:14 cpm search for other commits by this committer ] Original commit   Revision:463819
net/ocserv: Update to 0.11.11

Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2018-March/004766.html
Mon, 8 Jan 2018
[ 18:48 cpm search for other commits by this committer ] Original commit   Revision:458468
net/ocserv: Update to 0.11.10

- Pet portlint, the port doesn't install any shared libraries, so there is no
point in USE_LDCONFIG

Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2018-January/004655.html
Sat, 14 Oct 2017
[ 02:03 cpm search for other commits by this committer ] Original commit   Revision:452040
- Update to 0.11.9
- Update WWW in pkg-descr

Noteworthy changes in 0.11.9

- Fixed bug which caused the acceptable of invalid IPv4 address as valid.
- Fixed compatibility with gnutls 3.3.8 by avoiding the use of the 'VERS-ALL'
  priority string which was introduced in 3.3.24.
- Fixed null pointer dereference when parsing locked accounts in plain password
  authentication.
- Add support for RSA-PSS and Ed25519 private keys when used with GnuTLS 3.6.0.
- ocpasswd: when locking an account multiple times, add the '!' character only
once.
  Based on patch by Frank Huang.

Changes:
http://lists.infradead.org/pipermail/openconnect-devel/2017-October/004529.html

MFH:		2017Q4
Tue, 27 Jun 2017
[ 13:46 sunpoet search for other commits by this committer ] Original commit   Revision:444463 (Only the first 10 of 252 ports in this commit are shown above. View all ports for this commit)
Update devel/readline to 7.0 patch 3

- Bump PORTREVISION for shlib change

Changes:	https://cnswww.cns.cwru.edu/php/chet/readline/CHANGES
		https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00107.html
		https://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html
Differential Revision:	https://reviews.freebsd.org/D11172
PR:		219947
Exp-run by:	antoine
Fri, 19 May 2017
[ 12:11 cpm search for other commits by this committer ] Original commit   Revision:441221
- Make RADIUS auth backend optional
- Bump PORTREVISION

PR:		219393
Submitted by:	Jov <amutu@amutu.com>
Thu, 18 May 2017
[ 22:11 cpm search for other commits by this committer ] Original commit   Revision:441202
- Add security/oath-toolkit to LIB_DEPENDS
- Sort BUILD_DEPENDS and LIB_DEPENDS
- Enable radius support
- Bump PORTREVISION
Fri, 5 May 2017
[ 11:26 cpm search for other commits by this committer ] Original commit   Revision:440147
net/ocserv: update to 0.11.8

- Update to 0.11.8
- Add my LOCAL to MASTER_SITES

Changes:
http://lists.infradead.org/pipermail/openconnect-devel/2017-May/004293.html
[ 10:08 cpm search for other commits by this committer ] Original commit   Revision:440146
- Fix ownership and permissions in /var/run/ocserv
- Bump PORTREVISION

PR:		219054
Reported by:	Joy <amutu@amutu.com>
Mon, 13 Feb 2017
[ 18:38 cpm search for other commits by this committer ] Original commit   Revision:434013
net/ocserv: update to 0.11.7

- Update PORTVERSION and distinfo checksum (0.11.7)
- Regenerate some patches to apply cleanly
- Remove MAKE_JOBS_UNSAFE=yes

Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2017-February/004204.html
Tue, 22 Nov 2016
[ 18:35 cpm search for other commits by this committer ] Original commit   Revision:426841
net/ocserv: Update to 0.11.6

- Update PORTVERSION and distinfo checksum (0.11.6)
- Add LICENSE_FILE
- Cosmetic fixes
- Remove STRIP_CMD target since all binaries are installed with --strip (-s)
option by default
- Silence two explicitly called commands

Changelog:
  
http://lists.infradead.org/pipermail/openconnect-devel/2016-November/004066.html

Reviewed by:	amdmi3 (mentor)
Approved by:	amdmi3 (mentor)
Differential Revision:	D8538
Fri, 7 Oct 2016
[ 22:34 cpm search for other commits by this committer ] Original commit   Revision:423487
- Update ocserv to 0.11.5 release

Changelog:
 
http://lists.infradead.org/pipermail/openconnect-devel/2016-September/003972.html

Reviewed by:	pi, feld (mentor)
Approved by:	feld (mentor)
Differential Revision:	D8024
Fri, 30 Sep 2016
[ 19:24 tijl search for other commits by this committer ] Original commit   Revision:423014 (Only the first 10 of 60 ports in this commit are shown above. View all ports for this commit)
Let USES=localbase add -L${LOCALBASE}/lib to LIBS instead of LDFLAGS.
USES=localbase:ldflags can be used to set LDFLAGS.  Normally LDFLAGS
appears too early on the command line causing some ports to link with
their own libraries in LOCALBASE (if installed) instead of WRKSRC.

Also make use of _USES_POST so -L${LOCALBASE}/lib is added as late as
possible after anything a port Makefile might set.  Use _USES_POST
instead of .include in libedit.mk and libarchive.mk so things like
'USES=libedit localbase:ldflags' work correctly.

Fix some issues with LIBS in some ports.

Switch ports that don't support LIBS to localbase:ldflags.

PR:		212987
Exp-run by:	antoine
Approved by:	portmgr (antoine)
Tue, 9 Aug 2016
[ 02:00 cpm search for other commits by this committer ] Original commit   Revision:419896
- Update to 0.11.4

Changelog:
  http://lists.infradead.org/pipermail/openconnect-devel/2016-August/003817.html

Reviewed by:	junovitch (mentor)
Approved by:	junovitch (mentor)
Differential Revision:	D7441
Mon, 20 Jun 2016
[ 10:04 cpm search for other commits by this committer ] Original commit   Revision:417147
- Update to 0.11.3
- Add LIB_DEPENDS for security/nettle
- Switch to USES=localbase framework

ChangeLog:
  http://lists.infradead.org/pipermail/openconnect-devel/2016-June/003720.html

Reviewed by:	amdmi3, junovitch (mentors)
Approved by:	amdmi3, junovitch (mentors)
Differential Revision:	D6890
Thu, 28 Apr 2016
[ 20:27 cpm search for other commits by this committer ] Original commit   Revision:414238
- Update to 0.11.2 release
- Remove unneeded patch (applied upstream)

Changelog: http://www.infradead.org/ocserv/changelog.html

Approved by:	junovitch (mentor)
Differential Revision:	D6122
Mon, 18 Apr 2016
[ 15:17 cpm search for other commits by this committer ] Original commit   Revision:413584
- Update to 0.11.1 release
- Convert LICENSE= "GPLxx# or later" to "GPLxx+"
- Add dependency on libev
- Regenerate patches
- Add MAKE_JOBS_UNSAFE; port attempts to modify man page before generation
  sed: ocpasswd.8: No such file or directory

Changelog:	http://lists.infradead.org/pipermail/openconnect-devel/2016-March/003551.html

Approved by:	junovitch (mentor)
Differential Revision:	D5890
Fri, 1 Apr 2016
[ 14:16 mat search for other commits by this committer ] Original commit   Revision:412348 (Only the first 10 of 2612 ports in this commit are shown above. View all ports for this commit)
Remove ${PORTSDIR}/ from dependencies, categories m, n, o, and p.

With hat:	portmgr
Sponsored by:	Absolight
Sun, 27 Mar 2016
[ 14:58 tijl search for other commits by this committer ] Original commit   Revision:411990 (Only the first 10 of 183 ports in this commit are shown above. View all ports for this commit)
- Update security/gnutls to 3.4.10.
- Rename the LIBDANE option DANE because that's the name of the protocol
  supported by libgnutls-dane and gnutls-cli.  Also clarify the option
  description.
- Add an IDN option.
- libgnutls-openssl has been removed in 3.4.  Some ports used this library
  in their LIB_DEPENDS but no port actually required it.
- Some old API functions have been removed.  Ports that used these have been
  updated or patched to use the new API.
- Add a patch to print/cups to prevent overlinking of libgnutls.so.
- Bump PORTREVISION on dependent ports.

net-im/jabber: This port used the old API to give users fine grained
control over which crypto algorithms were used via a configuration file.
It's not immediately obvious how to port this to the new API so the port
always uses the defaults now.

www/hydra: Mark BROKEN.  This uses more removed calls than the other ports,
is said to be alpha quality and not fully functional and has been abandoned
10 years ago.

PR:		207768
Exp-run by:	antoine
Approved by:	portmgr (antoine)
Thu, 17 Mar 2016
[ 10:32 cpm search for other commits by this committer ] Original commit   Revision:411268
- Update to 0.10.12
- Update MAINTAINER to my @FreeBSD.org address

PR:		207824
Approved by:	junovitch (mentor)
Wed, 27 Jan 2016
[ 10:31 cpm search for other commits by this committer ] Original commit   Revision:407350
- Update to 0.10.11

Changes:
  
http://lists.infradead.org/pipermail/openconnect-devel/2016-January/003362.html

PR:		205244
Submitted by:	Carlos J. Puga Medina <cpm@fbsd.es>
Approved by:	junovitch (mentor)
Tue, 13 Oct 2015
[ 12:13 pi search for other commits by this committer ] Original commit   Revision:399187
net/ocserv: 0.10.8 -> 0.10.9

Changes: http://www.infradead.org/ocserv/changelog.html

PR:		203739
Submitted by:	Carlos J Puga Medina <cpm@fbsd.es> (maintainer)
Wed, 7 Oct 2015
[ 01:36 amdmi3 search for other commits by this committer ] Original commit   Revision:398733
- Switch to options helpers
- Pet portlint

Approved by:	portmgr blanket
Sun, 6 Sep 2015
[ 20:24 pi search for other commits by this committer ] Original commit   Revision:396231
net/ocserv: 0.10.7 -> 0.10.8

- Update to 0.10.8 release
- Add libtasn1 dependency
- Fix patches

PR:		202936
Submitted by:	Carlos J Puga Medina <cpm@fbsd.es> (maintainer)
Sun, 16 Aug 2015
[ 21:48 pi search for other commits by this committer ] Original commit   Revision:394422 (Only the first 10 of 17 ports in this commit are shown above. View all ports for this commit)
New port: net/ocserv: server implementing the AnyConnect SSL VPN protocol

OpenConnect server (ocserv) is an SSL VPN server. Its purpose is
to be a secure, small, fast and configurable VPN server. It implements
the OpenConnect SSL VPN protocol, and has also (currently experimental)
compatibility with clients using the AnyConnect SSL VPN protocol.
The OpenConnect protocol provides a dual TCP/UDP VPN channel, and
uses the standard IETF security protocols to secure it. Both IPv4
and IPv6 are supported.

Ocserv's main features are security through provilege separation
and sandboxing, accounting, and resilience due to a combined use
of TCP and UDP.  Authentication occurs in an isolated security
module process, and each user is assigned an unprivileged worker
process, and a networking (tun) device. That not only eases the
(Only the first 15 lines of the commit message are shown above View all of this commit message)

Number of commits found: 42