non port: net/ocserv/distinfo |
Number of commits found: 31 |
Wednesday, 7 Feb 2024
|
13:08 Juraj Lutter (otis)
net/ocserv: Update to 1.2.4
b749a84 |
Wednesday, 27 Dec 2023
|
20:30 Juraj Lutter (otis)
net/ocserv: Update to 1.2.3
Release notes: https://gitlab.com/openconnect/ocserv/-/releases/1.2.3
7f0a801 |
Wednesday, 8 Nov 2023
|
22:32 Juraj Lutter (otis)
net/ocserv: Update to 1.2.2
Release notes: https://gitlab.com/openconnect/ocserv/-/releases/1.2.2
Reported by: portscout
e4894bf |
Thursday, 24 Aug 2023
|
11:44 Juraj Lutter (otis)
net/ocserv: Update to 1.2.1
Release notes: https://gitlab.com/openconnect/ocserv/-/releases/1.2.1
1f51b2b |
Monday, 21 Aug 2023
|
13:08 Juraj Lutter (otis)
net/ocserv: Update to 1.2.0
- Update to 1.2.0
- Adjust dependencies
- Make DTLS work
- Regen patches
Co-authored-by: Eugene Mitrofanov <emitrofanov@gmail.com>
944e00e |
Saturday, 13 May 2023
|
16:49 Juraj Lutter (otis)
net/ocserv: Update to 1.1.7
- Update to 1.1.7
- Regen patches
39beea1 |
Thursday, 25 Aug 2022
|
08:44 Juraj Lutter (otis)
net/ocserv: Update to 1.1.6
- Update to 1.1.6
- Switch download from ftp to https
91e924b |
Saturday, 5 Jun 2021
|
14:26 Juraj Lutter (otis)
net/ocserv: Update to 1.1.3
cd0a179 |
Friday, 29 Jan 2021
|
21:26 otis
net/ocserv: Update to 1.1.2
- Update to 1.1.2
- Reformat Makefile according to portclippy/portfmt
- Install sample config with PREFIX-ized values where
apropriate.
- Take MAINTAINERship
Reviewed by: osa (mentor)
Approved by: osa (mentor)
MFH: 2021Q1
Differential Revision: https://reviews.freebsd.org/D28346
|
Sunday, 11 Oct 2020
|
08:36 pi
net/ocserv: update 1.0.1 -> 1.1.1
- Fixed compatibility with OpenBSD that lacks procfs
- Improved rate-limit-ms and made it dependent on secmod backlog. This makes
the server more resilient (and prevents connection failures) on multiple
concurrent connections
- Added namespace support for listen address by introducing the listen-netns
option
- Disable TLS1.3 when cisco client compatibility is enabled. New anyconnect
clients seem to supporting TLS1.3 but are unable to handle a
client with an RSA key
- Enable a race free user disconnection via occtl
- Added the config option of a pre-login-banner
- Ocserv siwtched to using multiple ocserv-sm processes to improve scale,
with the number of ocserv-sm process dependent on maximum clients
and number of CPUs. Configuration option sec-mod-scale can be
used to override the heuristics.
- Fixed issue with group selection on radius servers sending multiple group
class attribute.
PR: 250225
Submitted by: Juraj Lutter <juraj@lutter.sk>
Relnotes: https://gitlab.com/openconnect/ocserv/-/releases/1.1.1
|
Saturday, 25 Apr 2020
|
14:38 mandree
net/ocserv: Update to 1.0.1
Changelog:
https://gitlab.com/openconnect/ocserv/-/blob/1.0.1/NEWS#L1
This commit makes the following additional changes from Juraj's
submission:
- fix LIB_DEPENDS to libpc.so:devel/pcl (not devel/libpcl)
- replace LOCALBASE by PREFIX throughout, as these are internal references
- remove the src/config.c patch, it makes no sense to first
statically patch and then run REINPLACE_CMD for DEFAULT_CFG_FILE
- remove doc/sample.config from another REINPLACE_CMD
- remove @ - it makes no sense to hide running commands
- patch example configuration to avoid isolate-workers = true, which
currently only works on Linux's seccomp.
- in the same vein, put up a warning pkg-message that there is no worker
process isolation
- install the @sample file as ocserv.conf.sample, not conf.sample,
so it matches the default configuration file path
Things that could be done but are not:
- rcfile option to configure a separate config file
PR: 245521
Submitted by: Juraj Lutter <juraj@lutter.sk>
Approved by: cpm@ (maintainer timeout, 15 d)
|
Monday, 8 Jul 2019
|
14:36 cpm
net/ocserv: Update to 0.12.4
Noteworthy changes in 0.12.4
- Added support for radius access-challenge (multifactor) authentication.
- Fixed race condition when connect-script and disconnect-script are set, which
could potentially cause a crash (#208).
- Perform quicker cleanup of sessions which their user explicitly disconnected
(#210).
MFH: 2019Q3
|
Wednesday, 13 Mar 2019
|
22:06 cpm
net/ocserv: Update to 0.12.3
- Remove LOCAL MASTER_SITES
Noteworthy changes in 0.12.3
- Fixed crash when no DTLS ciphersuite is negotiated.
- Fixed crash happening arbitrarily depending on handled string sizes (#197).
- Fixed compatibility issue with GnuTLS 3.3.x (#201).
- occtl: print the TLS session information, even if the DTLS channel is not
established.
MFH: 2019Q1
|
Friday, 11 Jan 2019
|
16:20 cpm
net/ocserv: update to 0.12.2
Noteworthy changes in 0.12.2
- Added support for AES256-SHA legacy cipher. This allows the anyconnect clients
to use AES256.
- Added support for the DTLS1.2 protocol hack used by new anyconnect client.
While I'm here pet portlint.
MFH: 2019Q1
|
Monday, 14 May 2018
|
18:23 cpm
net/ocserv: update to 0.12.1
Changelog: https://gitlab.com/ocserv/ocserv/blob/master/NEWS
Tested by: Jov <amutu@amutu.com>
|
Wednesday, 7 Mar 2018
|
18:14 cpm
net/ocserv: Update to 0.11.11
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2018-March/004766.html
|
Monday, 8 Jan 2018
|
18:48 cpm
net/ocserv: Update to 0.11.10
- Pet portlint, the port doesn't install any shared libraries, so there is no
point in USE_LDCONFIG
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2018-January/004655.html
|
Saturday, 14 Oct 2017
|
02:03 cpm
- Update to 0.11.9
- Update WWW in pkg-descr
Noteworthy changes in 0.11.9
- Fixed bug which caused the acceptable of invalid IPv4 address as valid.
- Fixed compatibility with gnutls 3.3.8 by avoiding the use of the 'VERS-ALL'
priority string which was introduced in 3.3.24.
- Fixed null pointer dereference when parsing locked accounts in plain password
authentication.
- Add support for RSA-PSS and Ed25519 private keys when used with GnuTLS 3.6.0.
- ocpasswd: when locking an account multiple times, add the '!' character only
once.
Based on patch by Frank Huang.
Changes:
http://lists.infradead.org/pipermail/openconnect-devel/2017-October/004529.html
MFH: 2017Q4
|
Friday, 5 May 2017
|
11:26 cpm
net/ocserv: update to 0.11.8
- Update to 0.11.8
- Add my LOCAL to MASTER_SITES
Changes:
http://lists.infradead.org/pipermail/openconnect-devel/2017-May/004293.html
|
Monday, 13 Feb 2017
|
18:38 cpm
net/ocserv: update to 0.11.7
- Update PORTVERSION and distinfo checksum (0.11.7)
- Regenerate some patches to apply cleanly
- Remove MAKE_JOBS_UNSAFE=yes
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2017-February/004204.html
|
Tuesday, 22 Nov 2016
|
18:35 cpm
net/ocserv: Update to 0.11.6
- Update PORTVERSION and distinfo checksum (0.11.6)
- Add LICENSE_FILE
- Cosmetic fixes
- Remove STRIP_CMD target since all binaries are installed with --strip (-s)
option by default
- Silence two explicitly called commands
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2016-November/004066.html
Reviewed by: amdmi3 (mentor)
Approved by: amdmi3 (mentor)
Differential Revision: D8538
|
Friday, 7 Oct 2016
|
22:34 cpm
- Update ocserv to 0.11.5 release
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2016-September/003972.html
Reviewed by: pi, feld (mentor)
Approved by: feld (mentor)
Differential Revision: D8024
|
Tuesday, 9 Aug 2016
|
02:00 cpm
- Update to 0.11.4
Changelog:
http://lists.infradead.org/pipermail/openconnect-devel/2016-August/003817.html
Reviewed by: junovitch (mentor)
Approved by: junovitch (mentor)
Differential Revision: D7441
|
Monday, 20 Jun 2016
|
10:04 cpm
- Update to 0.11.3
- Add LIB_DEPENDS for security/nettle
- Switch to USES=localbase framework
ChangeLog:
http://lists.infradead.org/pipermail/openconnect-devel/2016-June/003720.html
Reviewed by: amdmi3, junovitch (mentors)
Approved by: amdmi3, junovitch (mentors)
Differential Revision: D6890
|
Thursday, 28 Apr 2016
|
20:27 cpm
- Update to 0.11.2 release
- Remove unneeded patch (applied upstream)
Changelog: http://www.infradead.org/ocserv/changelog.html
Approved by: junovitch (mentor)
Differential Revision: D6122
|
Monday, 18 Apr 2016
|
15:17 cpm
- Update to 0.11.1 release
- Convert LICENSE= "GPLxx# or later" to "GPLxx+"
- Add dependency on libev
- Regenerate patches
- Add MAKE_JOBS_UNSAFE; port attempts to modify man page before generation
sed: ocpasswd.8: No such file or directory
Changelog: http://lists.infradead.org/pipermail/openconnect-devel/2016-March/003551.html
Approved by: junovitch (mentor)
Differential Revision: D5890
|
Thursday, 17 Mar 2016
|
10:32 cpm
- Update to 0.10.12
- Update MAINTAINER to my @FreeBSD.org address
PR: 207824
Approved by: junovitch (mentor)
|
Wednesday, 27 Jan 2016
|
10:31 cpm
- Update to 0.10.11
Changes:
http://lists.infradead.org/pipermail/openconnect-devel/2016-January/003362.html
PR: 205244
Submitted by: Carlos J. Puga Medina <cpm@fbsd.es>
Approved by: junovitch (mentor)
|
Tuesday, 13 Oct 2015
|
12:13 pi
net/ocserv: 0.10.8 -> 0.10.9
Changes: http://www.infradead.org/ocserv/changelog.html
PR: 203739
Submitted by: Carlos J Puga Medina <cpm@fbsd.es> (maintainer)
|
Sunday, 6 Sep 2015
|
20:24 pi
net/ocserv: 0.10.7 -> 0.10.8
- Update to 0.10.8 release
- Add libtasn1 dependency
- Fix patches
PR: 202936
Submitted by: Carlos J Puga Medina <cpm@fbsd.es> (maintainer)
|
Sunday, 16 Aug 2015
|
21:48 pi
New port: net/ocserv: server implementing the AnyConnect SSL VPN protocol
OpenConnect server (ocserv) is an SSL VPN server. Its purpose is
to be a secure, small, fast and configurable VPN server. It implements
the OpenConnect SSL VPN protocol, and has also (currently experimental)
compatibility with clients using the AnyConnect SSL VPN protocol.
The OpenConnect protocol provides a dual TCP/UDP VPN channel, and
uses the standard IETF security protocols to secure it. Both IPv4
and IPv6 are supported.
Ocserv's main features are security through provilege separation
and sandboxing, accounting, and resilience due to a combined use
of TCP and UDP. Authentication occurs in an isolated security
module process, and each user is assigned an unprivileged worker
process, and a networking (tun) device. That not only eases the (Only the first 15 lines of the commit message are shown above )
|
Number of commits found: 31 |