mtk-20170518/package/network/services/openvpn/Makefile, branch master MTK 20170518 : Mediatek SDK based on OpenWRT Barrier Breaker treewide: Bump PKG_RELEASE due to mbedtls update 2018-07-30T08:35:12+00:00 Daniel Engberg daniel.engberg.lists@pyret.net 2018-07-27T10:23:40+00:00 5647cc7bd49232839281d28c7575fb5e0a84515c Bump PKG_RELEASE on packages that depends on (lib)mbedtls to avoid library mismatch. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> 
Bump PKG_RELEASE on packages that depends on (lib)mbedtls to avoid library
mismatch.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
openvpn: increase procd termination timeout to 15s 2018-07-17T14:03:56+00:00 Jo-Philipp Wich jo@mein.io 2018-07-17T14:01:46+00:00 28d3a1b54b6726a0a93477d75d09a25f74ee361f Increase the termination timeout to 15s to let OpenVPN properly tear down its connections, especially when weak links or complex down scripts are involved. Fixes FS#859. Signed-off-by: Jo-Philipp Wich <jo@mein.io> 
Increase the termination timeout to 15s to let OpenVPN properly tear down
its connections, especially when weak links or complex down scripts are
involved.

Fixes FS#859.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
mbedtls: Update to 2.11.0 2018-07-07T16:29:14+00:00 Daniel Engberg daniel.engberg.lists@pyret.net 2018-06-21T13:30:30+00:00 10554cfcc17b7333f7f91658660adc21ba941ac5 Update mbed TLS to 2.11.0 Disable OFB block mode and XTS block cipher mode, added in 2.11.0. The soVersion of mbedtls changed, bump PKG_RELEASE for packages that use mbedTLS This is to avoid having a mismatch between packages when upgrading. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 163.846 Bytes ipkg for mips_24kc after: 164.382 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> 
Update mbed TLS to 2.11.0

Disable OFB block mode and XTS block cipher mode, added in 2.11.0.
The soVersion of mbedtls changed, bump PKG_RELEASE for packages that use mbedTLS
This is to avoid having a mismatch between packages when upgrading.

The size of mbedtls increased a little bit:
ipkg for mips_24kc before:
163.846 Bytes
ipkg for mips_24kc after:
164.382 Bytes

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
mbedtls: update to version 2.9.0 2018-05-22T18:47:20+00:00 Hauke Mehrtens hauke@hauke-m.de 2018-05-21T11:58:52+00:00 cb11b23d601f1a8a96fed1bb903452c941770ae7 The soversion was changed in this version again and is now aligned with the 2.7.2 version. The size of the ipkg file stayed mostly the same. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 
The soversion was changed in this version again and is now aligned with
the 2.7.2 version.
The size of the ipkg file stayed mostly the same.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
openvpn: remove deprecated config options 2018-03-20T20:15:27+00:00 Hans Dedecker dedeckeh@gmail.com 2018-03-17T15:56:30+00:00 89b8ba96b404d2e412d5573e25348287255671dd Remove deprecated config options in 2.5 as described in [0] [0] https://community.openvpn.net/openvpn/wiki/DeprecatedOptions Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> 
Remove deprecated config options in 2.5 as described in [0]

[0] https://community.openvpn.net/openvpn/wiki/DeprecatedOptions

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
openvpn: add config param verify_client_cert 2018-03-17T13:56:39+00:00 Christian Bayer cave@cavebeat.org 2018-02-27T19:05:29+00:00 49f3286bde4e513287bdc1650dd3a16057fbf714 Option --client-cert-not-required DEPRECATED is deprecated in v2.4 and removed in OpenVPN 2.5. Replaced by param --verify-client-cert none|optional|require in v2.4 see https://community.openvpn.net/openvpn/wiki/ DeprecatedOptions#a--client-cert-not-required Signed-off-by: Christian Bayer <cave@cavebeat.org> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_ RELEASE increase] 
Option --client-cert-not-required DEPRECATED is deprecated in v2.4 and removed in OpenVPN 2.5.
Replaced by param --verify-client-cert none|optional|require in v2.4 see
https://community.openvpn.net/openvpn/wiki/ DeprecatedOptions#a--client-cert-not-required

Signed-off-by: Christian Bayer <cave@cavebeat.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_	RELEASE increase]
openvpn: update to 2.4.5 2018-03-09T21:13:21+00:00 Magnus Kroken mkroken@gmail.com 2018-03-03T00:11:07+00:00 ffbe51b2948a3270b25b8bd8bb5e6cea3e76af64 Signed-off-by: Magnus Kroken <mkroken@gmail.com> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com> 
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
add PKG_CPE_ID ids to package and tools 2017-11-17T01:24:35+00:00 Alexander Couzens lynxis@fe80.eu 2017-09-28T02:55:46+00:00 c61a2395140d92cdd37d3d6ee43a765427e8e318 CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Thanks to swalker for CPE to package mapping and keep tracking CVEs. Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Alexander Couzens <lynxis@fe80.eu> 
CPE ids helps to tracks CVE in packages.
https://cpe.mitre.org/specification/

Thanks to swalker for CPE to package mapping and
keep tracking CVEs.

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
openvpn: add support to start/stop single instances 2017-11-13T20:37:24+00:00 Martin Schiller ms@dev.tdt.de 2017-10-09T08:12:04+00:00 e2f25e607d2092cffa45196e7997854feb464232 Signed-off-by: Martin Schiller <ms@dev.tdt.de> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (PKG_RELEASE increase) 
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (PKG_RELEASE increase)
openvpn: update to 2.4.4 2017-09-28T01:05:44+00:00 Magnus Kroken mkroken@gmail.com 2017-09-27T17:45:32+00:00 a9a37526a9df3b565f5242857d17887cb492afab Fixes CVE-2017-12166: out of bounds write in key-method 1. Remove the mirror that was temporarily added during the 2.4.3 release. Signed-off-by: Magnus Kroken <mkroken@gmail.com> 
Fixes CVE-2017-12166: out of bounds write in key-method 1.

Remove the mirror that was temporarily added during the
2.4.3 release.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>