non port: security/strongswan/Makefile |
Number of commits found: 94 |
Saturday, 20 Apr 2024
|
17:13 Fernando Apesteguía (fernape) Author: Jose Luis Duran
security/strongswan: Update to 5.9.14
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.14
PR: 278137
Reported by: jlduran@gmail.com
Approved by: strongswan@Nanoteq.com (maintainer, timeout > 2 weeks)
32cab2d |
Sunday, 25 Feb 2024
|
13:25 Muhammad Moinur Rahman (bofh)
security/strongswan: Moved man to share/man
Approved by: portmgr (blanket)
53f3494 |
Sunday, 10 Dec 2023
|
17:16 Fernando Apesteguía (fernape) Author: Jose Luis Duran
security/strongswan: Update to 5.9.13
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.13
PR: 275620
Reported by: jlduran@gmail.com
MFH: 2023Q4 (security fix)
Security: CVE-2023-41913
9d8accb |
Friday, 24 Nov 2023
|
08:03 Eugene Grosbein (eugen)
security/strongswan: fix CVE-2023-41913
This is urgent change adding official patch
https://download.strongswan.org/security/CVE-2023-41913/strongswan-5.9.7-5.9.11_charon_tkm_dh_len.patch
that is identical to the change made for strongswan-5.9.12:
https://github.com/strongswan/strongswan/commit/96d793718955820dfe5e6d8aa6127a34795ae39e
It is upto port maintainer to review and maybe upgrade the port to 5.9.12
Obtained from: strongSwan
Security: CVE-2023-41913
4e2c038 |
Wednesday, 30 Aug 2023
|
08:00 Fernando Apesteguía (fernape) Author: Jose Luis Duran
security/strongswan: Explicitly set sysconfdir
This allows for proper substitution in manual pages.
PR: 273138
Reported by: jlduran@gmail.com
Reviewed by: strongswan@Nanoteq.com (maintainer timeout > 2 weeks)
f7f3856 |
Thursday, 3 Aug 2023
|
06:21 Fernando Apesteguía (fernape) Author: Matteo Riondato
security/strongswan: Fix route installation
cherry-pick upstream commit a619356 to fix route installation on FreeBSD
PR: 272841
Reported by: matteo@FreeBSD.org
Approved by: strongswan@Nanoteq.com (maintainer)
ab5ef1b |
Friday, 28 Jul 2023
|
12:33 Fernando Apesteguía (fernape) Author: Matteo Riondato
security/strongswan: Update to 5.9.11
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.11
PR: 272739
Reported by: matteo@FreeBSD.org
Approved by: strongswan@Nanoteq.com (maintainer)
7409da5 |
Wednesday, 29 Mar 2023
|
12:47 Fernando Apesteguía (fernape)
security/strongswan: Fix TLS 1.2 in EAP-TLS plugin
Cherry pick commit from upstream.
PR: 270380
Reported by: dronmbi@gtn.ru
Approved by: strongswan@Nanoteq.com (maintainer)
e27bfba |
Sunday, 5 Mar 2023
|
15:38 Kurt Jaeger (pi)
security/strongswan: upgrade 5.9.9 -> 5.9.10 to fix CVE-2023-26463
See also:
https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-(cve-2023-26463).html
PR: 269976
Approved-by: Francois ten Krooden <strongswan@Nanoteq.com> (maintainer)
Changelog: https://github.com/strongswan/strongswan/releases/tag/5.9.10
0cc82a4 |
Saturday, 4 Mar 2023
|
06:31 Eugene Grosbein (eugen)
security/strongswan: fix CVE-2023-26463
This is urgent change adding official patch
https://download.strongswan.org/security/CVE-2023-26463/strongswan-5.9.8-5.9.9_tls_auth_bypass_exp_pointer.patch
It is upto port maintainer to review and maybe upgrade
the port to 5.9.10.
Obtained from: strongSwan
Security: CVE-2023-26463
c703ad7 |
Wednesday, 8 Feb 2023
|
10:53 Muhammad Moinur Rahman (bofh)
Mk/**ldap.mk: Convert USE_LDAP to USES=ldap
Convert the USE_LDAP=yes to USES=ldap and adds the following features:
- Adds the argument USES=ldap:server to add openldap2{4|5|6}-server as
RUN_DEPENDS
- Adds the argument USES=ldap<version> and replaces WANT_OPENLDAP_VER
- Adds OPENLDAP versions in bsd.default-versions.mk
- Adds USE_OPENLDAP/WANT_OPENLDAP_VER in Mk/bsd.sanity.mk
- Changes consumers to use the features
Reviewed by: delphij
Approved by: portmgr
Differential Revision: https://reviews.freebsd.org/D38233
6e1233b |
Sunday, 15 Jan 2023
|
18:14 Fernando Apesteguía (fernape) Author: Jose Luis Duran
security/strongswan: Remove --with-lib-prefix
Remove flag already in the default option.
PR: 268918
Reported by: jlduran@gmail.com
Approved by: strongswan@Nanoteq.com (maintainer, implicit in PR)
a06d577 |
Saturday, 14 Jan 2023
|
17:13 Fernando Apesteguía (fernape) Author: Jose Luis Duran
security/strongswan: Update to 5.9.9
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.9
PR: 268918 262743
Reported by: jlduran@gmail.com
Approved by: strongswan@Nanoteq.com (maintainer)
9428654 |
Wednesday, 26 Oct 2022
|
14:35 Nuno Teixeira (eduardo) Author: Jose Luis Duran
security/strongswan: Add GCM option to OPTIONS_DEFAULT
Avoid the message:
"plugin 'gcm': failed to load - gcm_plugin_create not found and no
plugin file available"
According to strongSwan's 5.9.8 release notes[1]:
The gcm plugin has been enabled by default, so that the TLS 1.3 unit
tests (now indirectly enabled if the pki tool is built due to the
implementation of EST) can be completed successfully with just the
default plugins.
Let's also enable it by default.
[1]: https://github.com/strongswan/strongswan/releases/tag/5.9.8
PR: 267352
a0103c8 |
Wednesday, 19 Oct 2022
|
16:45 Fernando Apesteguía (fernape) Author: Franco Fichtner
security/strongswan: update to 5.9.8
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.8
Fixes CVE-2022-40617.
PR: 267037
Reported by: franco@opnsense.org
Approved by: strongswan@Nanoteq.com (maintainer, implicit)
MFH: 2022Q4 (security update)
Security: CVE-2022-40617 DoS attack vulnerability
a28166f |
Wednesday, 7 Sep 2022
|
21:10 Stefan Eßer (se)
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
This commit implements such a proposal and moves one of the WWW: entries
of each pkg-descr file into the respective port's Makefile. A heuristic
attempts to identify the most relevant URL in case there is more than
one WWW: entry in some pkg-descr file. URLs that are not moved into the
Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr
files in order to preserve them.
There are 1256 ports that had no WWW: entries in pkg-descr files. These
ports will not be touched in this commit.
The portlint port has been adjusted to expect a WWW entry in each port
Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as
deprecated.
Approved by: portmgr (tcberner)
b7f0544 |
Thursday, 16 Jun 2022
|
14:41 Fernando Apesteguía (fernape) Author: Francois ten Krooden
security/strongswan: Fix key derivation
An issue in the upstream port causes key derivation to fail in version 5.9.6.
A work around is to enable the KDF pluging by default.
PR: 264667
Reported by: strongswan@Nanoteq.com (maintainer)
4e7ee35 |
Wednesday, 1 Jun 2022
|
22:03 Dries Michiels (driesm) Author: Björn König
security/strongswan: add CTR plugin option
PR: 264354
Approved by: Francois ten Krooden (maintainer)
b3a2477 |
Monday, 9 May 2022
|
22:28 Dries Michiels (driesm) Author: Dani I
security/strongswan: Update to 5.9.6
Changes: https://github.com/strongswan/strongswan/releases/tag/5.9.6
PR: 263748
Approved by: Francois ten Krooden (maintainer)
b591672 |
Wednesday, 26 Jan 2022
|
18:38 Dries Michiels (driesm) Author: Michael Glaus
security/strongswan: Update to 5.9.5
Changes: https://github.com/strongswan/strongswan/releases/tag/5.9.5
PR: 261462
Approved by: Francois ten Krooden <strongswan@Nanoteq.com> (maintainer)
MFH: 2022Q1
Security: CVE-2021-45079
f642535 |
Wednesday, 20 Oct 2021
|
07:19 Li-Wen Hsu (lwhsu) Author: Dani
security/strongswan: Update to 5.9.4
Security & Bugfix Update to 5.9.4:
- Changelog: https://github.com/strongswan/strongswan/releases/tag/5.9.4
- While here change repos to https
- Fix CVE-2021-41990:
https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41990).html
- Fix CVE-2021-41991:
https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41991).html
PR: 259267
Approved by: strongswan@Nanoteq.com (maintainer)
MFH: 2021Q4
eead2dd |
Tuesday, 3 Aug 2021
|
06:38 Guangyuan Yang (ygy) Author: Jose Luis Duran
security/strongswan: Update to 5.9.3
Changelog: https://github.com/strongswan/strongswan/releases/tag/5.9.3
PR: 257564
Approved by: strongswan@Nanoteq.com (maintainer)
4a83672 |
Wednesday, 19 May 2021
|
11:23 Juraj Lutter (otis) Author: Sergey Akhmatov
security/strongswan: Fix default control-interface
Fix default control-interface in rc.d script and also
make it user-selectable at build time, defaulting to VICI.
Also mention this change in pkg-message, as previously the
default was "stroke" and it was changed to "vici" with
only a short notice in UPDATING, that was not displayed
when using binary upgrades.
Committing a portfmt'd version.
PR: 255952
Approved by: strongswan@Nanoteq.com (maintainer)
0ca8849 |
Tuesday, 6 Apr 2021
|
14:31 Mathieu Arnold (mat)
Remove # $FreeBSD$ from Makefiles.
305f148 |
Wednesday, 17 Mar 2021
|
19:12 amdmi3
security/strongswan: use "vici" interface instead of deprecated "stroke" by
default
Add UPDATING entry with migration instruction.
PR: 249865
Submitted by: driesm.michiels@gmail.com
Approved by: strongswan@nanoteq.com (maintainer)
|
Tuesday, 9 Mar 2021
|
06:45 fernape
security/strongswan: Update to 5.9.2
ChangeLog: https://wiki.strongswan.org/versions/80
While here, pet linters
PR: 254047
Submitted by: jlduran@gmail.com
Approved by: strongswan@Nanoteq.com (maintainer)
|
Tuesday, 29 Dec 2020
|
22:24 jrm
security/strongswan: Update to version 5.9.1
Changelog: https://wiki.strongswan.org/versions/79
PR: 252202
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@nanoteq.com (maintainer)
|
Friday, 25 Sep 2020
|
14:05 pi
security/strongswan: update 5.8.4 -> 5.9.0
- Also link the tpm2-tss package for testing with the TPM plugin:
https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin
PR: 249470
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer)
Relnotes: https://wiki.strongswan.org/versions/78
|
Wednesday, 20 May 2020
|
18:50 fernape
security/strongswan: Add TEST_TARGET
make test passes OK
PR: 246535
Submitted by: jlduran@gmail.com
Reviewed by: strongswan@Nanoteq.com (maintainer)
|
Monday, 13 Apr 2020
|
18:02 garga
security/strongswan: Update to 5.8.4
PR: 245199
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer)
Sponsored by: Rubicon Communications, LLC (Netgate)
|
Sunday, 29 Mar 2020
|
06:26 joneum
Update to 5.8.3
PR: 245087
Sponsored by: Netzkommune GmbH
|
Friday, 31 Jan 2020
|
16:39 0mp
security/strongswan: Add PYTHON plugin option for a VICI protocol plugin
PR: 243254
Submitted by: Dries Michiels <driesm.michiels@gmail.com>
Approved by: maintainer
Event: Brussels DevSummit 2020
|
Saturday, 11 Jan 2020
|
15:38 meta
security/strongswan: load ipsec kernel module by rc script
From the following discussion: https://reviews.freebsd.org/D20163
It makes sense to add ipsec as required module for the rc script
of strongSwan.
PR: 243316
Submitted by: Dries Michiels <driesm.michiels@gmail.com>
Approved by: maintainer
|
Monday, 30 Dec 2019
|
14:49 garga
security/strongswan: Update to 5.8.2
PR: 242687
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications, LLC (Netgate)
|
Monday, 30 Sep 2019
|
17:06 garga
Add a new option to enable PKCS11 plugin
PR: 240684
Approved by: strongswan@Nanoteq.com (maintainer)
Obtained from: pfSense
Sponsored by: Rubicon Communications, LLC (Netgate)
|
Tuesday, 24 Sep 2019
|
18:03 swills
security/strongswan: update to 5.8.1
PR: 240316
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer)
|
Wednesday, 21 Aug 2019
|
01:59 meta
security/strongswan: Add support for the VIA Padlock plugin
PR: 239458
Submitted by: Evgeny <mojolicious@yandex.com> (initial revision)
strongswan@Nanoteq.com (maintainer, brushed-up revision)
Approved by: strongswan@Nanoteq.com (maintainer)
|
Wednesday, 14 Aug 2019
|
03:26 meta
Implement new virtual category: net-vpn for VPN related ports
based on discussion at ports@ [1]. As VPN softwares are put in different
physical category net and security. This is a little bit confusing. Let's
give them new virtual category net-vpn.
[1] https://lists.freebsd.org/pipermail/freebsd-ports/2019-April/115915.html
PR: 239395
Submitted by: myself
Approved by: portmgr (mat)
Differential Revision: https://reviews.freebsd.org/D21174
|
Wednesday, 29 May 2019
|
12:12 garga
security/strongswan: Update to 5.8.0
PR: 238173
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications, LLC (Netgate)
|
Saturday, 9 Mar 2019
|
10:37 pi
security/strongswan: add vici-based configuration for the rc script
The rc script is modified to allow both a legacy (ipsec.conf-based)
startup or a new (swanctl.conf-based) config. Default is the legacy.
The new setup is based on vici, the Versatile IKE Configuration Interface.
For more details, see:
https://wiki.strongswan.org/projects/strongswan/wiki/Vici
PR: 234648
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Reviewed by: Sam Chen <sc.gear@one.caeon.com>
Approved by: strongswan@Nanoteq.com (maintainer)
Differential Revision: D19367
|
09:49 pi
security/strongswan: add PAM to XAUTH
PR: 236218
Submitted by: Franco Fichtner <franco@opnsense.org>
Approved by: strongswan@Nanoteq.com (maintainer)
|
Tuesday, 5 Mar 2019
|
20:14 swills
security/strongswan: Minor port improvements
- Follow the same patching logic for swanctl.conf as the other config
files.
- Silence warning: $strongswan_enable not properly set.
PR: 235340
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer)
|
Monday, 14 Jan 2019
|
16:00 swills
security/strongswan: update to version 5.7.2
PR: 234882
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer)
|
Tuesday, 2 Oct 2018
|
11:00 garga
security/strongswan: Update to 5.7.1
PR: 231862
Approved by: maintainer
Obtained from: pfSense
MFH: 2018Q4
Security: CVE-2018-16151 CVE-2018-16152
Sponsored by: Rubicon Communications, LLC (Netgate)
|
Wednesday, 26 Sep 2018
|
13:03 garga
- Update security/strongswan to 5.7.0
- While here, silence portlint warning renaming option IKEv1 to IKEV1
PR: 231720
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications, LLC (Netgate)
|
Thursday, 31 May 2018
|
12:39 krion
Update to 5.6.3
Fixes:
- Denial-of-Service Vulnerability in the IKEv2 key derivation
(CVE-2018-10811)
- Denial-of-Service Vulnerability in the stroke plugin
(CVE-2018-5388)
- Crash on FreeBSD that was present in 5.6.2
- The kernel-pfkey plugin optionally installs routes via internal
interface (one with an IP in the local traffic selector). On
FreeBSD, enabling this selects the correct source IP when sending
packets from the gateway itself.
PR: 228631
Submitted by: maintainer
|
Tuesday, 6 Mar 2018
|
21:56 yuri
security/strongswan: Fix crash in public key authentication with 5.6.2
While here, added LICENSE_FILE.
PR: 226404
Submitted by: strongswan@Nanoteq.com (maintainer)
Approved by: tcberner (mentor, implicit)
|
Thursday, 1 Mar 2018
|
13:53 garga
- Update security/strongswan to 5.6.2 [1]
- Enable CURL option by default [2]
PR: 226043 [1], 220488 [2]
Submitted by: strongswan@Nanoteq.com (maintainer) [1]
karl@denninger.net [2]
Approved by: maintainer [2]
MFH: 2018Q1
Security: CVE-2018-6459
Sponsored by: Rubicon Communications, LLC (Netgate)
|
Friday, 22 Sep 2017
|
10:48 mat
Remove USES=execinfo.
PR: 220271
Submitted by: mat (review), Yasuhiro KIMURA (PR)
Sponsored by: Absolight
Differential Revision: https://reviews.freebsd.org/D11488
|
Wednesday, 23 Aug 2017
|
06:10 pi
security/strongswan: update 5.5.3 -> 5.6.0
- the gmp plugin responsible for CVE-2017-11185 is not enabled
in the FreeBSD build
PR: 221716
Relnotes: https://wiki.strongswan.org/versions/66
Reported by: i.dani@outlook.com
Approved by: strongswan@nanoteq.com (maintainer)
|
Wednesday, 19 Jul 2017
|
10:29 olivier
Update strongswan to 5.5.3
PR: 220823
Submitted by: strongswan@Nanoteq.com (maintainer)
Reported by: i.dani@outlook.com
|
Wednesday, 10 May 2017
|
06:12 olivier
Add option for enabling mediation feature (like STUN for IPSec peers)
Approved by: strongswan@nanoteq.com (maintainer)
Sponsored by: Orange
|
Wednesday, 12 Apr 2017
|
17:25 garga
Update security/strongswan to 5.5.2
PR: 218430
Approved by: maintainer
Sponsored by: Rubicon Communications (Netgate)
|
Friday, 3 Mar 2017
|
04:12 miwi
- Chase ldns shlip bump
PR: 217495
|
Monday, 21 Nov 2016
|
10:43 garga
Update security/strongswan to 5.5.1
PR: 213844
Approved by: strongswan@Nanoteq.com (maintainer)
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate)
|
Tuesday, 19 Jul 2016
|
16:38 garga
Update security/strongswan to 5.5.0
PR: 211095
Submitted by: strongswan@Nanoteq.com (maintainer)
|
Friday, 1 Apr 2016
|
14:25 mat
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.
With hat: portmgr
Sponsored by: Absolight
|
Wednesday, 23 Mar 2016
|
16:21 garga
Update security/strongswan to 5.4.0
PR: 208219
Approved by: swan@nanoteq.com (maintainer)
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate)
|
Tuesday, 15 Mar 2016
|
06:21 ohauer
- bump PORTREVISION on ports depending on unbound
PR: 207948
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Wednesday, 17 Feb 2016
|
02:34 junovitch
security/strongswan: enable options to increase usefulness of default pkg
- Enable PKI, SWANCTL, and VICI options (no external dependencies)
- Document IMPLIES dependency on VICI for SWANCTL; mention in SWANCTL_DESC
- Bump PORTREVISION
PR: 205438
Reported by: Nick B <nicblais@clkroot.net>
Submitted by: strongswan@Nanoteq.com (maintainer)
|
Thursday, 4 Feb 2016
|
15:58 erwin
- Update unbound to 1.5.7
- Bump PORTREVISIOn on dependent ports
Some Upgrade Notes:
This release fixes a validation failure for nodata with wildcards and
emptynonterminals. Fixes OpenSSL Library compability. Fixes correct
response for malformed EDNS queries. For crypto in libunbound there is
libnettle support.
Qname minimisation is implemented. Use qname-minimisation: yes to
enable it. This version sends the full query name when an error is
found for intermediate names. It should therefore not fail for names
on nonconformant servers. It combines well with
harden-below-nxdomain: yes because those nxdomains are probed by the
qname minimisation, and that will both stop privacy sensitive traffic
and reduce nonsense traffic to authority servers. So consider
enabling both. In this implementation IPv6 reverse lookups add
several labels per increment, because otherwise those lookups would be
very slow. [ Reference
https://tools.ietf.org/html/draft-ietf-dnsop-qname-minimisation-08 ]
More details at <http://unbound.net>
PR: 206347
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
Approved by: maintainer timeout
Sponsored by: DK Hostmaster A/S
|
Thursday, 3 Dec 2015
|
16:34 garga
Bump PORTREVISION to help users with custom OPTIONS to get the fix
committed in r402880, as suggested by AMDmi3
|
Wednesday, 2 Dec 2015
|
10:58 garga
Update security/strongswan to 5.3.5
PR: 204959
Approved by: strongswan@Nanoteq.com (maintainer)
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate)
|
Monday, 16 Nov 2015
|
14:08 garga
Update security/strongswan to 5.3.4
PR: 204597
Submitted by: strongswan@nanoteq.com (maintainer)
MFH: 2015Q4
Security: CVE 2015-8023
Security: https://github.com/strongswan/strongswan/commit/453e204ac40dfff2e0978e8f84a5f8ff0cbc45e2
Sponsored by: Rubicon Communications (Netgate)
|
Monday, 9 Nov 2015
|
16:56 garga
Backport a couple of commits from master, that will be present in 5.3.4:
- dff2d05bb9 [1]: kernel-pfKey: Enable AES-CTR
- 04f22cdabc [2]: VICI: add NAT information
Bump PORTREVISION
[1]
https://github.com/strongswan/strongswan/commit/dff2d05bb9bec684b3b2efdafc9a47219550bbe1
[2]
https://github.com/strongswan/strongswan/commit/04f22cdabc1c97d38692f95392429839f0fa90d1
PR: 204398
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate)
|
Thursday, 29 Oct 2015
|
12:42 garga
- Add a new option, SWANCTL, to install swanctll utility
- When VICI option is selected, install libvici.h to include directory,
it's useful when you need to build a custom code linked to libvici
- Pass path to USE_LDCONFIG otherwise libraries will not be visible
PR: 204098
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate)
|
Wednesday, 28 Oct 2015
|
14:27 garga
- Add a new option (VICI) to build VICI management protocol
- Change SMP option description to show users it's deprecated
PR: 204090
Approved by: maintainer
|
Tuesday, 27 Oct 2015
|
13:27 garga
strongSwan can be beuit using 3 different printf hooks: builtin, glibc
(compatible with FreeBSD's libc) and vstr (devel/vstr). Since it's not
selected any of them on CONFIGURE_ARGS, it uses auto, and end up using
glibc.
pfSense users reported memory leaks on strongSwan [2] [3] and a it was
reported to upstream [1].
Add a single option and let user choose which printf hook to use, and
change default to use builtin. Bump PORTREVISION due to default change
[1] https://wiki.strongswan.org/issues/1106
[2] https://forum.pfsense.org/index.php?topic=96767.0
[3] https://redmine.pfsense.org/issues/5149
PR: 204051
Approved by: maintainer
Obtained from: pfSense
MFH: 2015Q4
Sponsored by: Rubicon Communications (Netgate)
|
Monday, 21 Sep 2015
|
11:02 garga
Update security/strongswan to 5.3.3
PR: 203178
Approved by: strongswan@Nanoteq.com (maintainer)
Sponsored by: Rubicon Communications (Netgate)
|
Tuesday, 9 Jun 2015
|
09:51 garga
Update to 5.3.2
PR: 200721
Approved by: strongswan@Nanoteq.com (maintainer)
MFH: 2015Q2
Security: CVE-2015-3991
Sponsored by: Netgate
|
Friday, 24 Apr 2015
|
10:57 garga
Fix PLIST when EAPAKA3GPP2 is unset and EAPDYNAMIC is set
PR: 199652
Approved by: stronswan@Nanoteq.com (maintainer)
Sponsored by: Netgate
|
Wednesday, 22 Apr 2015
|
22:53 amdmi3
- Add CPE info
Approved by: portmgr blanket
|
Thursday, 16 Apr 2015
|
12:55 feld
Add patches to fix Strongswan Management Protocol
SMP is an XML control interface for Strongswan used by pfSense and
Opnsense. SMP has been deprecated by upstream since 5.2.0 in favor of a
newer IPC mechanism called VICI. As a result upstream is not motivated
to take patches for SMP, and this uses non-portable strlcpy anyway.
The code has not been deleted from the project and if we can bludgeon it
into a working state I see no harm.
PR: 199442
|
Wednesday, 1 Apr 2015
|
10:28 garga
- Update to 5.3.0
- Add a new option UNITY, to enable Cisco unity extension plugin
PR: 199064
Approved by: maintainer
Sponsored by: Netgate
|
Wednesday, 25 Feb 2015
|
10:03 garga
- Add GCM and SMP options
- Add pkgconfig to the list of dependencies
- Enable IKEv1 OPTION by default
- Bump PORTREVISION
PR: 197824
Submitted by: Franco Fichtner <franco@lastsummer.de> (based on)
Reworked by: strongswan@Nanoteq.com (maintainer)
Approved by: strongswan@Nanoteq.com (maintainer)
|
Friday, 9 Jan 2015
|
17:15 garga
- Update to 5.2.2
- Add LICENSE
PR: 196615
Approved by: strongswan@Nanoteq.com (maintainer)
Security: CVE-2014-9221
|
Sunday, 14 Dec 2014
|
21:43 pawel
- Update to version 5.2.1 [1]
- Convert to USES=execinfo
- Fix LDAP, MYSQL options
PR: 195580 [1]
Submitted by: maintainer [1]
|
Friday, 22 Aug 2014
|
09:06 amdmi3
- Switch dns/unbound to USES=libtool, drop .la files
- Bump dependent ports as .so version has changed
- While here, add LICENSE_FILE to dns/getdns
Approved by: portmgr blanket
|
Tuesday, 19 Aug 2014
|
13:40 marino
security/strongswan: Upgrade version 5.1.3 => 5.2.0
While here, including missing library files and use install-strip
target. Maintainer added a crash fix patch while reviewing.
PR: 192366
Submitted by: dewayne (heruristicssystems.com.au)
Approved by: maintainer (strongswan nanoteq.com)
|
Thursday, 24 Jul 2014
|
18:34 tijl
net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD
databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip
databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample
databases/libgdamm:
- Drop :keepla
- USES=tar:bzip2
- Use INSTALL_TARGET=install-strip
databases/libgdamm5:
- Add INSTALL_TARGET=install-strip
- Drop --enable-static (inherited from old repocopy)
devel/anjuta x11-toolkits/py-gnome-extras:
- Drop :keepla
dns/powerdns dns/powerdns-devel:
- Convert to USES=libtool
- Add INSTALL_TARGET=install-strip
- Disable static modules
- Stop creating library symlinks with .0 suffix, not needed for dynamically
opened modules
mail/dovecot2:
- Add USES=libtool
mail/dovecot2-pigeonhole:
- Drop CONFIGURE_TARGET (incorrect for Dragonfly)
- Add USES=libtool and INSTALL_TARGET=install-strip
math/gnumeric:
- USES=libtool tar:xz
Approved by: portmgr (implicit, bump unstaged ports)
|
Friday, 27 Jun 2014
|
17:21 miwi
- Chase database/sqlite3 slib bump
Approved by: portmgr (myself)
|
Thursday, 15 May 2014
|
12:47 pi
security/strongswan: update 5.1.1 -> 5.1.3 with security update
- Update strongSwan port to 5.1.3 to resolve CVE 2014-2338
- Fixed rcvar issue with FreeBSD 10 (ports/186865)
- Added building of additional tools included in strongswan (ports/186867)
- libtool fix
- pkg-plist updated
PR: ports/189132, ports/186865, ports/186867
Submitted by: Robert Sevat, Dewayne Geraghty, Francois ten Krooden
(maintainer)
Approved by: jadawin (mentor)
|
Friday, 14 Feb 2014
|
14:37 decke
- Use OPTIONS_SUB=yes
- Prefer ${INSTALL_DATA} over ${MV}
- Whitespace fix
Thanks to: garga@
|
Sunday, 9 Feb 2014
|
18:15 antoine
- Remove MANx, man pages are already moved to plist
- Use new LIB_DEPENDS syntax
|
Friday, 7 Feb 2014
|
14:55 decke
- Add missing manpages
PR: ports/186264
Submitted by: HASHI Hiroaki <hashiz@meridiani.jp>
Approved by: strongswan <strongswan@Nanoteq.com> (maintainer)
|
Monday, 27 Jan 2014
|
13:35 decke
- Update to 5.1.1
- Added EAP dynamic proxy module
- Added EAP Radius proxy authentication
- Added DNSSEC/unbound support
- Added kernel libipsec plugin
- Changed configuration files to install to ${PREFIX}/etc/<filename>.conf.sample
- Convert to new options format
PR: ports/185535
Submitted by: Francois ten Krooden <strongswan@nanoteq.com> (maintainer)
Security: CVE-2013-5018
Security: CVE-2013-6075
Security: CVE-2013-6076
|
Friday, 20 Sep 2013
|
22:55 bapt
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
|
Thursday, 11 Jul 2013
|
16:26 sunpoet
- Update to 7.31.0
- Bump PORTREVISION for ftp/curl shlib change
- Add TEST_DEPENDS
- Convert to new options framework
- Adjust options:
- Add COOKIES
- Add CYASSL, NSS, POLARSSL, THREADED_RESOLVER, TLS_SRP [1]
- Add GSSAPI and SPNEGO [2]
- Remove KERBEROS4
- Rename LIBIDN to IDN
- Remove TRACKMEMORY [1]
- Sort option handler
- Add SLAVEDIRS: ftp/curl-hiphop
- Cosmetic change
- Cleanup Makefile header
- While I'm here, fix typo (PORTREVSION) in x11-wm/ede/Makefile
Changes: http://curl.haxx.se/changes.html
PR: ports/172325 (-exp run), ports/177369 (based on) [1]
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> [1], hrs (via email) [2]
Exp run by: miwi
|
Friday, 3 May 2013
|
18:16 ohauer
- update to version 5.0.4 which fixes CVE-2013-2944.
- add entry to vuxml
- add CVE references to jankins vuxml entry
while I'm here remove .sh from rc script
PR: ports/178266
Submitted by: David Shane Holden <dpejesh@yahoo.com>
Approved by: strongswan@nanoteq.com (maintainer)
|
Monday, 7 Jan 2013
|
12:11 tota
- Update to 5.0.1
- Change maintainer address
- Trim Makefile header
- Convert to new options framework
- Cleanup
PR: ports/173860 (based on)
Submitted by: Riaan Kruger (maintainer)
|
Thursday, 22 Sep 2011
|
21:37 flo
update to 4.5.3
PR: ports/160401
Submitted by: Riaan Kruger <riaank@gmail.com> maintainer
|
Friday, 29 Apr 2011
|
12:24 culot
- Update to 4.5.1 [1]
- Pet portlint(1) (change spaces into tabs and reformat IGNORE message)
PR: ports/156711 [1]
Submitted by: Riaan Kruger <riaank@gmail.com> (maintainer)
|
Saturday, 4 Dec 2010
|
07:34 ade
Sync to new bsd.autotools.mk
|
Thursday, 26 Aug 2010
|
13:40 pav
Strongswan is an open source IPsec-based VPN solution.
Strongswan for FreeBSD supports IKEv2 but NOT IKEv1.
WWW: http://www.strongswan.org
PR: ports/147431
Submitted by: Riaan Kruger <riaank@gmail.com>
|
Number of commits found: 94 |