| Port details on branch 2025Q3 |
- openvpn Secure IP/Ethernet tunnel daemon
- 2.6.14_3 security
 =0      2.6.14_2Version of this port present on the latest quarterly branch. - Maintainer: mandree@FreeBSD.org
- Port Added: 2025-09-16 15:12:04
- Last Update: 2025-09-16 14:40:55
- Commit Hash: 03b8ed1
- Also Listed In: net net-vpn
- License: GPLv2
- WWW:
- https://openvpn.net/community/
- Description:
- OpenVPN is a robust, scalable and highly configurable VPN (Virtual Private
Network) daemon which can be used to securely link two or more private networks
using an encrypted tunnel over the internet. It can operate over UDP or TCP,
can use SSL or a pre-shared secret to authenticate peers, and in SSL mode, one
server can handle many clients.
  ¦  ¦  ¦  ¦ 
- Manual pages:
-
- pkg-plist: as obtained via:
make generate-plist - USE_RC_SUBR (Service Scripts)
-
- Dependency lines:
-
- openvpn>0:security/openvpn
- Conflicts:
- CONFLICTS_INSTALL:
- To install the port:
- cd /usr/ports/security/openvpn/ && make install clean
- To add the package, run one of these commands:
- pkg install security/openvpn
- pkg install openvpn
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: openvpn
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1743554391
SHA256 (openvpn-2.6.14.tar.gz) = 9eb6a6618352f9e7b771a9d38ae1631b5edfeed6d40233e243e602ddf2195e7a
SIZE (openvpn-2.6.14.tar.gz) = 1926343
No package information for this port in our database- Sometimes this happens. Not all ports have packages. Perhaps there is a build error. Check the fallout link:
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- cmocka>=0 : sysutils/cmocka
- rst2man : textproc/py-docutils@py311
- pkgconf>=1.3.0_1 : devel/pkgconf
- python3.11 : lang/python311
- Runtime dependencies:
-
- easy-rsa>=0 : security/easy-rsa
- Library dependencies:
-
- liblz4.so : archivers/liblz4
- liblzo2.so : archivers/lzo2
- libpkcs11-helper.so : security/pkcs11-helper
- There are no ports dependent upon this port
Configuration Options:- ===> The following configuration options are available for openvpn-2.6.14_3:
ASYNC_PUSH=off: Enable async-push support
DCO=on: Data Channel Offload/ovpn(4) support->README.dco.md
DOCS=on: Build and/or install documentation
EASYRSA=on: Install security/easy-rsa RSA helper package
EXAMPLES=on: Build and/or install examples
LZ4=on: LZ4 compression support
LZO=on: LZO compression (incompatible with LibreSSL)
PKCS11=on: Use security/pkcs11-helper, needs same SSL lib!
SMALL=off: Build a smaller executable with fewer features
TEST=on: Build and/or run tests
UNITTESTS=off: Enable unit tests
X509ALTUSERNAME=off: Enable --x509-username-field
===> Use 'make config' to modify these settings
- Options name:
- security_openvpn
- USES:
- cpe libtool localbase:ldflags pkgconfig python:build shebangfix ssl
- FreshPorts was unable to extract/find any pkg message
- Master Sites:
|
Number of commits found: 3
| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
2.6.14_3
16 Sep 2025 14:40:55
 |
Matthias Andree (mandree) |
security/openvpn: assert()->ASSERT() cleanup
This reverts my prior assert -> if...return(false) change
to Ralf Lici's backport, and replaces all assert() by ASSERT().
Gert Doering writes:
| OpenVPN's ASSERT() macro will do a bit more than the standard-libc
| assert() call, namely print out which function and what expression
| failed, before calling _exit(1). Also, it can not be accidentially
| compiled-away (-DNDEBUG).
|
| Use of ASSERT() generally only advised in cases of "this must not happen,
| but if it does, it's a programming or state corruption error that we
| must know about". Use of assert() is lacking the extra debug info, and as
| such, not advised at all.
This is a backport of OpenVPN master changes...
Obtained from: Gert Doering <gert@greenie.muc.de>
Obtained from: <https://gerrit.openvpn.net/c/openvpn/+/1171>
PR: 289303
MFH: 2025Q3 (suggestion after 10 days)
(cherry picked from commit d92d41ca1ae2cd5005a5b774e64b38ca2f6915c7) |
2.6.14_2
16 Sep 2025 14:40:55
|
Matthias Andree (mandree) |
security/openvpn: support DCO float notifications
The FreeBSD kernel added "if_ovpn: support floating clients"
on main on 2025-07-28, and merged it to 14/stable on 2025-08-13.
https://reviews.freebsd.org/D51468
https://cgit.freebsd.org/src/commit/?id=9c52600a5a150117b4396df3b868cf2516e1674c&h=main
https://cgit.freebsd.org/src/commit/?h=stable/14&id=fc387ed68f3c7b0b8da9bab13492b7bbafecb5bf
This adds a new notification from the kernel module to user space
named OVPN_NOTIF_FLOAT, which OpenVPN 2.6.14 does not support.
Backport support into OpenVPN 2.6.
Reported by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> (Only the first 15 lines of the commit message are shown above  ) |
2.6.14_1
16 Sep 2025 14:40:54
|
Matthias Andree (mandree) |
security/openvpn: remove 2048-bit legacy Diffie Hellman
I received a fallout complaint from i386 FreeBSD 15-PRERELEASE
builders that, as of now, has no other explanation than a tightened
(if intermediately) SECLEVEL on that machine, and that's due to
Diffie-Hellman 2048 bit parameters, and self-tests are failing
with stereotypical "ee key too small" and "dh key too small".
While it's not clear what the exact cause of the failure is and
if we had a glitch in the OpenSSL 3.5.1 import (Enji updated
the main branch to 3.5.2 shortly after), let's modernize the
setup a bit.
Fallout and Builder logs (I take it the 2nd URL states
that the FreeBSD src branch was at commit c6778f3a442): (Only the first 15 lines of the commit message are shown above ) |
Number of commits found: 3
|
As an Amazon Associate I earn from qualifying purchases.