Up to [cvs.NetBSD.org] / pkgsrc / net / vpnc-script
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Update to 20230103. From the changelog: - No need to specify FAMILY in IPv4 only functions - Avoid "ip route flush cache" for IPv4
Update to 20220917. From the changelog: - Use 'ps -c -o command=' rather than 'cmd=' [chris vogan] - Use full names of Windows 'netsh' sub-commands, not abbreviations [Dimitri Papadopoulos] - Don't try to condition 'validate=no' flag on Windows version [Daniel Lenski] - add networksetup for darwin to fix dns setup on newer versions of MacOS [Tobias Breitwieser] - Removed automatic adding of NS routes [Heiko Schabert] - Add configuration for OBS workflow [Luca Boccassi] - Add RPM packaging for OBS workflow [Luca Boccassi] - Add Debian packaging for OBS workflow [Luca Boccassi] - vpnc-script-sshd: use ip link peer name syntax [Luca Boccassi] - vpnc-script: Detect systemd with resolvectl status [Jordan Justen] - Cleanup error status in vpnc-script-win.js [Dimitri Papadopoulos] - Update copyright/origin notices in scripts [Daniel Lenski] - On newer versions of Windows, need `validate=no` when adding DNS servers [Daniel Lenski] - Better ordering, more logging, and disconnect handler fixes on Windows [Daniel Lenski] - Add logLevel and logTimestamps options to vpnc-script-win.js [Daniel Lenski] - On newer versions of Windows, need `validate=no` when adding DNS servers [Daniel Lenski] - Better ordering, more logging, and disconnect handler fixes on Windows [Daniel Lenski] - Add logLevel and logTimestamps options to vpnc-script-win.js [Daniel Lenski] - Remove unnecessary quotes around numeric interface identifier (TUNIDX) in vpnc-script-win.js [Daniel Lenski] - vpnc-script-win.js: replace incorrect exec() call with run() [Tim De Baets] - Always use INTERNAL_IP4_ADDRESS as "gateway" on Windows [Daniel Lenski] - Support for OpenBSD's resolvd via route messages [Andrew Hewus Fresh] - Another bugfix when determining the controlling PID [Daniel Lenski] - Use `type -P` instead of `command -v` in tests/ bash scripts [Ville Skyttä] - Use `grep -E` instead of `egrep` [Ville Skyttä] - Use `command -v` instead of `which` [Ville Skyttä] - Ensure that vpnc-script-win.js works even if INTERNAL_IP4_{NETADDR,NETMASK} are unset [Daniel Lenski] - Add polyfill for String.prototype.trim in vpnc-script-win.js [Daniel Lenski] - Minor typo [Dimitri Papadopoulos] - Fix spacing [Daniel Lenski] - Use $VPNPID when provided by OpenConnect [Daniel Lenski] - Also include controlling process identifier in resolv.conf backup path [Daniel Lenski] - Bugfix default route handling by using GRANDparent process ID to uniquely identify connection [Daniel Lenski] - Typos found by codespell [Dimitri Papadopoulos] - Ensure that vpnc-script-win.js picks a legal "internal gateway" address even for /32 netmask [Daniel Lenski] - tests: fix error message about missing ocserv [Luca Boccassi] - Typos caught by codespell [Dimitri Papadopoulos] - Fix set_vpngateway_route [Daniel Lenski] - Exclude routes may use a different address family from VPNGATEWAY [Daniel Lenski] - factor out list_non_loopback_routes and use for split-exclude routes as well [Daniel Lenski] - tests: 'route flush' doesn't work properly on Linux' [Daniel Lenski] - Linux: fix IPv6 route flushing [Daniel Lenski] - test timing: wait up to 10s for OpenConnect client to terminating [Daniel Lenski] - re-add tests for IPv6 support [Daniel Lenski] - always exclude TUNDEV when finding/setting gateway route [Daniel Lenski] - preserve onlink flag in gateway/exclude routes [Daniel Lenski]
net: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts...): net/radsecproxy/distinfo The following distfiles could not be fetched (fetched conditionally?): ./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz ./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch ./net/djbdns/distinfo djbdns-1.05-test28.diff.xz ./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch ./net/djbdns/distinfo djbdns-1.05-multiip.diff ./net/djbdns/distinfo djbdns-cachestats.patch
net: Remove SHA1 hashes for distfiles
Update to 20210401. From the changelog: - fix IPv6 split masklen - vpnc-script-win: tidy up, more logging - vpnc-script-win: make VPN addresses/gateways "non-persistent", and delete them on disconnect - vpnc-script-win: delete DNS and WINS servers before adding them - vpnc-script-win: dump stdout and stderr when a command fails - vpnc-script-win: use TUNIDX in all netsh commands, remove waitForInterface() - vpnc-script-win: add FIXMEs regard IPv6 split-excludes and gateways - vpnc-script-win: add legacy IP split-exclude handling - vpnc-script-win: cleanup spacing, clarify comments - vpnc-script-win: simplify 'internal gateway' calculation - GNU awk regex fix - move destroy_tun_device into do_disconnect (called only here) - remove bits for ancient Linux 2.6.x kernels - mention IDLE_TIMEOUT - cleanup whitespace and clarify comments - tweak warning message about un-routable exclude routes - Ignore unreachable exclude routes - Document split tunnel EXC variables - ignore bogus non-forwardable exclude routes on disconnect too - *BSDs: get_default_gw needs to EXCLUDE routes through tunnel for attempt-reconnect, but should NOT exclude them otherwise - mark tunnel device 'down' before destroying - Add DragonFly BSD support and improve FreeBSD support - Use '[[:space:]]' instead of '\s' to support POSIX awk - *BSDs: don't inadvertently pick up a bogus 0.0.0.0/32 route as a default route - Fix basename invocation on *BSD shells - fix another ifconfig syntax difference between Linux and *BSDs - use `ip netns` instead of ocserv `listen-netns` config option for test configs - match preexisting code style - Use systemd-resolve to check if resolved is running - FIXME add mock IPv6 configuration to get CI to work - add a bit more logging to test scripts - split iproute2 and *BSD-ish into separate CI runs - CI: don't need to install ocserv and which - numerous fixes for Linux IPv6 configuration using ifconfig/route/netstat - try running tests with *BSD-ish tools (ifconfig/route/netstat) for additional coverage - match code style - Don't use /sbin/resolvconf if it just points to resolvectl. - include calling process ID in DEFAULT_ROUTE_FILE{,_IPV6} - with BSD 'route', save-and-restore IPv6 default routes - simplify cases and add ifconfig_syntax_del variable - Patch: make ipv6 in ipv4 and ipv6 in ipv6 tunnels work on (Net)BSD - vpnc-scripts: added a sanity check of routes and resolv.conf generation - preserve metric in fix_ip_get_output - with iproute2, sort the routes to the VPN gateway by metric before trying to create an explicit route to the gateway via each of them - make do_attempt_reconnect work with route/ifconfig - add working do_attempt_reconnect - don't try to set an explicit route to VPN gateway if localhost, and ignore bogus non-forwardable exclude routes - Ignore link-local routes in set_default_route - leave support for older systemd-resolved (v229-v238) in place - Windows IPv6: remove hard-coded next-hop of fe80::8 - Add split DNS support for systemd-resolved - Use resolvectl for systemd-resolved - fix tabs/spaces in POSIX vpnc-script as well - cleanup whitespace in vpnc-script-win.js - specify interface when adding routes - fix Slackware issue (netconfig is an unrelated tool, not relevant for resolv.conf handling) - No need to add a separate sed invocation for `$NETMASKLEN` fixing - iproute2 5.1+ doesn't allow prefixlen!=32 in get
Update to 20190606. From the changelog: Previously, an IPv6 split tunnel with a /128 request would result in a default tunnel, rather than a specific route. Correctly set the default route if we request a /0. If `which ip` returns something on a non-Linux OS, it's an unrelated tool that won't work for routing configuration; don't try to set IPROUTE on another OS. This should fix the macOS issue discovered at: <https://github.com/dlenski/openconnect/issues/132#issuecomment-470475009>
Update to 20190424. From the changelog: Some vpn clients pass multiple domains for DNS search scope, which requires that we use search rather than domain. The generic path was already using search, so just switch the resolvconf path to also use search. In a container, /etc/nsswitch.conf might not exist. Silence the error grep: /etc/nsswitch.conf: No such file or directory Inside a container, running 'ip route flush cache' can spam with "ip: can't open '/proc/sys/net/ipv4/route/flush': Read-only file system" Hide that the error output for that command.
Update to 20190116. From the changelog: - Add IPv6 DNS addresses using "netsh interface ipv6 add dns" command - Add attempt-reconnect invocation
Update to 20180226. From the changelog: - Support routes with different devs and gateways - Revive route cleanup for /sbin/route code - Support split-exclude rules from Pulse gateway - Check if resolved is enabled in nsswitch.conf prior to using it - Add support for systemd-resolved
Updated vpnc-script to 20160828. From Kai-Uwe Eckhardt in PR 51576. Changes: rewrite resolv.conf parsing master avoid multiple "domain" entries in resolv.conf fix comment OSX - Fix split DNS when doing split routing Enable resolvconf on FreeBSD too
Add SHA512 digests for distfiles for net category Problems found with existing digests: Package haproxy distfile haproxy-1.5.14.tar.gz 159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded] da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated] Problems found locating distfiles: Package bsddip: missing distfile bsddip-1.02.tar.Z Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2 Package djbdns: missing distfile djbdns-cachestats.patch Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch Package gated: missing distfile gated-3-5-11.tar.gz Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz Package poink: missing distfile poink-1.6.tar.gz Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch Package waste: missing distfile waste-source.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Import vpnc-script-20140805 as net/vpnc-script, packaged for wip by pdtafti, hfath, asau, jakllsch, and keckhardt. This package provides David Woodhouse's modified vpnc config script with IPv6 support and bug fixes. It can be used in conjunction with net/vpnc and/or net/openconnect.