The tls-remote directive is deprecated and will be removed with OpenVPN version 2.4 . Added instead --verify-x509-name HOST name into ovpnmain.cgi. --- html/cgi-bin/ovpnmain.cgi | 2 +- lfs/openvpn | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index fb52e68..8c724ef 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -2290,7 +2290,7 @@ else } print CLIENTCONF "verb 3\r\n"; print CLIENTCONF "ns-cert-type server\r\n"; - print CLIENTCONF "tls-remote $vpnsettings{ROOTCERT_HOSTNAME}\r\n"; + print CLIENTCONF "verify-x509-name $vpnsettings{ROOTCERT_HOSTNAME} name\r\n"; if ($vpnsettings{MSSFIX} eq 'on') { print CLIENTCONF "mssfix\r\n"; } diff --git a/lfs/openvpn b/lfs/openvpn index a19ac1f..96e37f7 100644 --- a/lfs/openvpn +++ b/lfs/openvpn @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2014 IPFire Team info@ipfire.org # +# Copyright (C) 2015 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.3.6 +VER = 2.3.7
THISAPP = openvpn-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = bcc30c296566df14feebdd8aa0e408ca +$(DL_FILE)_MD5 = 5b819f7cd0b875f55f20a947224967aa
install : $(TARGET)
Signed-off-by: Erik Kapfer erik.kapfer@ipfire.org --- config/rootfiles/common/lzo | 17 ++++++++--------- lfs/lzo | 15 ++++++++++----- 2 files changed, 18 insertions(+), 14 deletions(-)
diff --git a/config/rootfiles/common/lzo b/config/rootfiles/common/lzo index 6d746bd..4ebc05c 100644 --- a/config/rootfiles/common/lzo +++ b/config/rootfiles/common/lzo @@ -12,16 +12,15 @@ #usr/include/lzo/lzoconf.h #usr/include/lzo/lzodefs.h #usr/include/lzo/lzoutil.h -#usr/lib/liblzo2.a #usr/lib/liblzo2.la usr/lib/liblzo2.so usr/lib/liblzo2.so.2 usr/lib/liblzo2.so.2.0.0 -#usr/share/doc/lzo -#usr/share/doc/lzo/AUTHORS -#usr/share/doc/lzo/COPYING -#usr/share/doc/lzo/LZO.FAQ -#usr/share/doc/lzo/LZO.TXT -#usr/share/doc/lzo/LZOAPI.TXT -#usr/share/doc/lzo/NEWS -#usr/share/doc/lzo/THANKS +#usr/share/doc/lzo-2.09 +#usr/share/doc/lzo-2.09/AUTHORS +#usr/share/doc/lzo-2.09/COPYING +#usr/share/doc/lzo-2.09/LZO.FAQ +#usr/share/doc/lzo-2.09/LZO.TXT +#usr/share/doc/lzo-2.09/LZOAPI.TXT +#usr/share/doc/lzo-2.09/NEWS +#usr/share/doc/lzo-2.09/THANKS diff --git a/lfs/lzo b/lfs/lzo index 19ad090..2afc89f 100644 --- a/lfs/lzo +++ b/lfs/lzo @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2014 IPFire Team info@ipfire.org # +# Copyright (C) 2015 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.06 +VER = 2.09
THISAPP = lzo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 95380bd4081f85ef08c5209f4107e9f8 +$(DL_FILE)_MD5 = c7ffc9a103afe2d1bba0b015e7aa887f
install : $(TARGET)
@@ -70,9 +70,14 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/lzo-2.06-CVE-2014-4607.patch - cd $(DIR_APP) && ./configure --prefix=/usr --enable-shared + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --enable-shared \ + --disable-static \ + --docdir=/usr/share/doc/lzo-2.09 + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) @$(POSTBUILD)
-
Erik Kapfer