Received: by mail.netbsd.org (Postfix, from userid 605) id 6FEDE84D8D; Wed, 21 Jun 2017 19:00:48 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 01EE184D73 for ; Wed, 21 Jun 2017 19:00:48 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id 2Q3qeu9Xe5bX for ; Wed, 21 Jun 2017 19:00:47 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 4466084D72 for ; Wed, 21 Jun 2017 19:00:47 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 3F6D9FAE8; Wed, 21 Jun 2017 19:00:47 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1498071647258580" MIME-Version: 1.0 Date: Wed, 21 Jun 2017 19:00:47 +0000 From: "Adam Ciarcinski" Subject: CVS commit: pkgsrc/net/openvpn To: pkgsrc-changes@NetBSD.org Reply-To: adam@netbsd.org X-Mailer: log_accum Message-Id: <20170621190047.3F6D9FAE8@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1498071647258580 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: adam Date: Wed Jun 21 19:00:47 UTC 2017 Modified Files: pkgsrc/net/openvpn: Makefile.common distinfo Log Message: OpenVPN 2.4.3 Ignore auth-nocache for auth-user-pass if auth-token is pushed crypto: Enable SHA256 fingerprint checking in --verify-hash copyright: Update GPLv2 license texts auth-token with auth-nocache fix broke --disable-crypto builds OpenSSL: don't use direct access to the internal of X509 OpenSSL: don't use direct access to the internal of EVP_PKEY OpenSSL: don't use direct access to the internal of RSA OpenSSL: don't use direct access to the internal of DSA OpenSSL: force meth->name as non-const when we free() it OpenSSL: don't use direct access to the internal of EVP_MD_CTX OpenSSL: don't use direct access to the internal of EVP_CIPHER_CTX OpenSSL: don't use direct access to the internal of HMAC_CTX Fix NCP behaviour on TLS reconnect. Remove erroneous limitation on max number of args for --plugin Fix edge case with clients failing to set up cipher on empty PUSH_REPLY. Fix potential 1-byte overread in TCP option parsing. Fix remotely-triggerable ASSERT() on malformed IPv6 packet. refactor my_strupr Fix 2 memory leaks in proxy authentication routine Fix memory leak in add_option() for option 'connection' Ensure option array p[] is always NULL-terminated Fix a null-pointer dereference in establish_http_proxy_passthru() Prevent two kinds of stack buffer OOB reads and a crash for invalid input data Fix an unaligned access on OpenBSD/sparc64 Missing include for socket-flags TCP_NODELAY on OpenBSD Make openvpn-plugin.h self-contained again. Pass correct buffer size to GetModuleFileNameW() Log the negotiated (NCP) cipher Avoid a 1 byte overcopy in x509_get_subject (ssl_verify_openssl.c) Skip tls-crypt unit tests if required crypto mode not supported openssl: fix overflow check for long --tls-cipher option Add a DSA test key/cert pair to sample-keys Fix mbedtls fingerprint calculation mbedtls: fix --x509-track post-authentication remote DoS (CVE-2017-7522) mbedtls: require C-string compatible types for --x509-username-field Fix remote-triggerable memory leaks (CVE-2017-7521) Restrict --x509-alt-username extension types Fix potential double-free in --x509-alt-username (CVE-2017-7521) Fix gateway detection with OpenBSD routing domains To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/openvpn/Makefile.common cvs rdiff -u -r1.36 -r1.37 pkgsrc/net/openvpn/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1498071647258580 Content-Disposition: inline Content-Length: 1993 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/net/openvpn/Makefile.common diff -u pkgsrc/net/openvpn/Makefile.common:1.8 pkgsrc/net/openvpn/Makefile.common:1.9 --- pkgsrc/net/openvpn/Makefile.common:1.8 Wed May 24 20:35:12 2017 +++ pkgsrc/net/openvpn/Makefile.common Wed Jun 21 19:00:47 2017 @@ -1,9 +1,9 @@ -# $NetBSD: Makefile.common,v 1.8 2017/05/24 20:35:12 adam Exp $ +# $NetBSD: Makefile.common,v 1.9 2017/06/21 19:00:47 adam Exp $ # used by net/openvpn/Makefile # used by net/openvpn-acct-wtmpx/Makefile # used by net/openvpn-nagios/Makefile -OPENVPN_DISTNAME= openvpn-2.4.2 +OPENVPN_DISTNAME= openvpn-2.4.3 OPENVPN_DISTFILE= ${OPENVPN_DISTNAME}.tar.xz OPENVPN_MASTER_SITES= http://swupdate.openvpn.net/community/releases/ SITES.${OPENVPN_DISTFILE}= ${OPENVPN_MASTER_SITES} Index: pkgsrc/net/openvpn/distinfo diff -u pkgsrc/net/openvpn/distinfo:1.36 pkgsrc/net/openvpn/distinfo:1.37 --- pkgsrc/net/openvpn/distinfo:1.36 Wed May 24 20:35:12 2017 +++ pkgsrc/net/openvpn/distinfo Wed Jun 21 19:00:47 2017 @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.36 2017/05/24 20:35:12 adam Exp $ +$NetBSD: distinfo,v 1.37 2017/06/21 19:00:47 adam Exp $ -SHA1 (openvpn-2.4.2.tar.xz) = 64395346fa6c7f52a350073acf6acfe5c0658bc8 -RMD160 (openvpn-2.4.2.tar.xz) = a87b04e515434f03be49a9c9ae501e6d3267dc36 -SHA512 (openvpn-2.4.2.tar.xz) = 438f16ac2d12dfd9f11ebcddebf709102046c71b4c4608a294da552587ea346d6ebb8c916f717bce992057754d6bc35ca1df5653fc907cc0003d9e34c92da963 -Size (openvpn-2.4.2.tar.xz) = 918448 bytes +SHA1 (openvpn-2.4.3.tar.xz) = 5575d66e31eee6bb3efb47cc887d3f322d5332ec +RMD160 (openvpn-2.4.3.tar.xz) = 5d50669ee4f3ff65fefc5b033e954cc831a82151 +SHA512 (openvpn-2.4.3.tar.xz) = 26d25bb71c5ecfa398924b3ee3dec16b2776b3d67cf0b532c2b8a4368f1307bbd04b80ed38f0344c313aab38ec6e4e4f9bf2b3bc90bc197b2f257288e72eb5d8 +Size (openvpn-2.4.3.tar.xz) = 929028 bytes SHA1 (patch-configure) = 240342a88baed7642dfd63ed0a2ab4c0a75adbd4 SHA1 (patch-src_compat_compat-basename.c) = 45a58ef2e05f6e0265f229da8540760e60e65143 --_----------=_1498071647258580--