Saturday, April 04, 2020

UPDATE net/openconnect-8.07

Simple diff for updating openconnect to 8.07. Overview on changes can be
found at:
http://lists.infradead.org/pipermail/openconnect-devel/2020-March/005562.html
http://lists.infradead.org/pipermail/openconnect-devel/2020-April/005575.html

This update checks the version of gnutls>=3.6.13. gnutls from 3.6.3 to
3.6.12 sends DTLS ClientHello with all zeroes in the client random and
openconnect advises, and enforces, against using these versions.

Changes to the port:
- Symbols have been added to libopenconnect so bump minor
- Add version requirement to gnutls>=3.6.13
- Take MAINTAINER

Testing:
- 'make test' runs successful
- Run tested on amd64 in combination with ocserv

Comments/OK?


diff --git Makefile Makefile
index 1820496cae7..4b457ebee67 100644
--- Makefile
+++ Makefile
@@ -2,15 +2,16 @@

COMMENT= client for Cisco AnyConnect SSL VPN

-DISTNAME= openconnect-8.05
-REVISION= 0
+DISTNAME= openconnect-8.07

-SHARED_LIBS += openconnect 4.4 # 5.5
+SHARED_LIBS += openconnect 4.5 # 5.6

CATEGORIES= net

HOMEPAGE= https://www.infradead.org/openconnect/

+MAINTAINER= Bjorn Ketelaars <bket@openbsd.org>
+
# LGPLv2.1 only
PERMIT_PACKAGE= Yes

@@ -26,6 +27,7 @@ FLAVOR?=

MODULES= lang/python
MODPY_RUNDEP= No
+
# groff is used to format html during build, USE_GROFF not needed
# XXX can probably convert to using mandoc?
BUILD_DEPENDS= devel/gettext,-tools \
@@ -34,7 +36,7 @@ BUILD_DEPENDS= devel/gettext,-tools \
RUN_DEPENDS= net/vpnc-scripts
LIB_DEPENDS= archivers/lz4 \
devel/gettext,-runtime \
- security/gnutls \
+ security/gnutls>=3.6.13 \
textproc/libxml
# also wants socket_wrapper and uid_wrapper from cwrap to be present at
# configure time (in openbsd-wip); tests currently failing, in need of
@@ -44,11 +46,10 @@ TEST_DEPENDS= net/ocserv
FAKE_FLAGS= pkgdatadir=${PREFIX}/share/doc/openconnect

CONFIGURE_STYLE= gnu
-
-CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \
- LDFLAGS="-L${LOCALBASE}/lib -liconv"
-CONFIGURE_ARGS= --with-vpnc-script=${SYSCONFDIR}/vpnc-script \
- --without-stoken
+CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \
+ LDFLAGS="-L${LOCALBASE}/lib -liconv"
+CONFIGURE_ARGS= --with-vpnc-script=${SYSCONFDIR}/vpnc-script \
+ --without-stoken
# make sure libstoken isn't picked up automatically if we import it.

.if ${FLAVOR:Mlight}
diff --git distinfo distinfo
index 7549b13e496..66797b8b879 100644
--- distinfo
+++ distinfo
@@ -1,2 +1,2 @@
-SHA256 (openconnect-8.05.tar.gz) = M1wpUtDLNoIqyxEuqvXjtKz/xodJhfthT+wLdsTBKZI=
-SIZE (openconnect-8.05.tar.gz) = 1922100
+SHA256 (openconnect-8.07.tar.gz) = cdtBWOkrRx5+ZsqqwVJrKFZFcdMO1QWyTToqFEcShPY=
+SIZE (openconnect-8.07.tar.gz) = 2034130
diff --git pkg/PLIST pkg/PLIST
index 941baf59e32..f2b461d13f6 100644
--- pkg/PLIST
+++ pkg/PLIST
@@ -1,6 +1,6 @@
@comment $OpenBSD: PLIST,v 1.17 2019/08/10 04:02:13 bket Exp $
include/openconnect.h
-lib/libopenconnect.a
+@static-lib lib/libopenconnect.a
lib/libopenconnect.la
@lib lib/libopenconnect.so.${LIBopenconnect_VERSION}
lib/pkgconfig/openconnect.pc

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)