From 3e34186c167a1b515dac4aabf44724d2e2bc5417 Mon Sep 17 00:00:00 2001 From: Ivan Pavlov Date: Mon, 12 Feb 2024 22:23:24 +0300 Subject: [PATCH] openvpn: update to 2.6.9 - license change is now complete, and all code has been re-licensed under the new license (still GPLv2, but with new linking exception for Apache2 licensed code). Code that could not be re-licensed has been removed or rewritten. - add support for building with mbedTLS 3.x.x - new option "--force-tls-key-material-export" to only accept clients that can do TLS keying material export to generate session keys (mostly an internal option to better deal with TLS 1.0 PRF failures). - Windows: bump vcpkg-ports/pkcs11-helper to 1.30 - Log incoming SSL alerts in easier to understand form and move logging from "--verb 8" to "--verb 3". - protocol_dump(): add support for printing "--tls-crypt" packets and other fixes For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.9/Changes.rst Signed-off-by: Ivan Pavlov --- net/openvpn/Makefile | 6 +++--- .../patches/100-mbedtls-disable-runtime-version-check.patch | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/net/openvpn/Makefile b/net/openvpn/Makefile index 8d35c74770..81e5a72740 100644 --- a/net/openvpn/Makefile +++ b/net/openvpn/Makefile @@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn -PKG_VERSION:=2.6.8 -PKG_RELEASE:=6 +PKG_VERSION:=2.6.9 +PKG_RELEASE:=1 PKG_SOURCE_URL:=\ https://build.openvpn.net/downloads/releases/ \ https://swupdate.openvpn.net/community/releases/ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_HASH:=5ede1565c8a6d880100f7f235317a7ee9eea83d5052db5547f13a9e76af7805d +PKG_HASH:=e08d147e15b4508dfcd1d6618a1f21f1495f9817a8dadc1eddf0532fa116d7e3 PKG_MAINTAINER:= diff --git a/net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch b/net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch index 6ac30df594..4831de9c71 100644 --- a/net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch +++ b/net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch @@ -1,6 +1,6 @@ --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c -@@ -1533,7 +1533,7 @@ const char * +@@ -1612,7 +1612,7 @@ const char * get_ssl_library_version(void) { static char mbedtls_version[30];