HomeFreeBSD
Diffusion FreeBSD ports repository 40215d3d4980

security/openvpn: support DCO float notifications
40215d3d4980
Actions

Description

security/openvpn: support DCO float notifications

The FreeBSD kernel added "if_ovpn: support floating clients"
on main on 2025-07-28, and merged it to 14/stable on 2025-08-13.

https://reviews.freebsd.org/D51468
https://cgit.freebsd.org/src/commit/?id=9c52600a5a150117b4396df3b868cf2516e1674c&h=main
https://cgit.freebsd.org/src/commit/?h=stable/14&id=fc387ed68f3c7b0b8da9bab13492b7bbafecb5bf

This adds a new notification from the kernel module to user space
named OVPN_NOTIF_FLOAT, which OpenVPN 2.6.14 does not support.

Backport support into OpenVPN 2.6.

Reported by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
Obtained from: Kristof Provost <kp@FreeBSD.org>
Obtained from: Ralf Lici <ralf@mandelbit.com>

  • modified to avoid assert() in nvlist_to_sockaddr() in src/openvpn/dco_freebsd.c

Obtained from: Gert Doering <gert@greenie.muc.de>
Tested by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
PR: 289303
MFH: 2025Q3 (suggestion after 10 days)

(cherry picked from commit 5ecf19f0371f4ca71c5dc89d133442c8dd0e7a00)

Details

Provenance
mandreeAuthored on Sep 6 2025, 12:25 AM
Parents
R11:57aad695f2f6: security/openvpn: remove 2048-bit legacy Diffie Hellman
Branches
Unknown
Tags
Unknown

Changes (7)

PathSize
security/
openvpn/
files/

R11:40215d3d4980

View Options

security/openvpn/Makefile

Loading...
View Options

security/openvpn/files/patch-src_openvpn_dco__freebsd.c

Loading...
View Options

security/openvpn/files/patch-src_openvpn_dco__freebsd.h

Loading...
View Options

security/openvpn/files/patch-src_openvpn_forward.c

Loading...
View Options

security/openvpn/files/patch-src_openvpn_forward.h

Loading...
View Options

security/openvpn/files/patch-src_openvpn_multi.c

Loading...
View Options

security/openvpn/files/patch-src_openvpn_ovpn__dco__freebsd.h

Loading...