Commit graph

79 commits

Author SHA1 Message Date
Peter Hoeg 7aa2c5cfb4 openvpn: use update-systemd-resolved instead of vendoring it 2022-04-12 22:59:11 +08:00
Peter Hoeg adbf08f9ec update-systemd-resolved: inject PATH to avoid wrapping 2022-04-12 22:59:11 +08:00
Markus S. Wamser 448d02ec22 openvpn: 2.4.11 -> 2.4.12 (security, CVE-2022-0547)
Release Notes:
https://github.com/OpenVPN/openvpn/blob/release/2.4/Changes.rst#version-2412https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst

Fixes: CVE-2022-0547
2022-03-17 22:47:40 +01:00
Markus S. Wamser 1098fc9221 openvpn: 2.5.5 -> 2.5.6 (security, CVE-2022-0547)
Release Notes:
https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst

Fixes: CVE-2022-0547
2022-03-17 15:07:23 +01:00
Ben Wolsieffer 75741425ce openvpn: 2.5.2 -> 2.5.5
Also, increase the minimum version that requires iproute2 (for documentation
purposes only, since we are upgrading to a later version). Until 2.5.4, iproute2
was required to set the MAC address on the VPN interface.
2022-01-08 13:01:30 -05:00
Felix Buehler 9480444dae treewide: rename name to pname&version 2021-11-09 22:24:57 +01:00
Robert Schütz 966188ff80 openvpn-auth-ldap: 2.0.3+deb6.1 -> 2.0.4 2021-05-29 14:00:57 -07:00
Thomas Gerbet e2df9554b0 openvpn_24: 2.4.9 -> 2.4.11
Fixes CVE-2020-15078.
https://community.openvpn.net/openvpn/wiki/CVE-2020-15078
2021-05-23 15:52:46 +02:00
Thomas Gerbet 82f90f892f openvpn: 2.5.0 -> 2.5.2
Fixes CVE-2020-15078.
https://community.openvpn.net/openvpn/wiki/CVE-2020-15078
2021-05-23 15:46:06 +02:00
Sandro Jäckel 9378fdf87e
iproute: deprecate alias 2021-04-04 01:43:46 +02:00
Sandro Jäckel ec5be00b37
openvpn: remove ? null 2021-03-17 22:55:11 +01:00
Ben Siraphob e03c068af5 treewide: makeWrapper buildInputs to nativeBuildInputs 2021-02-19 20:09:16 +07:00
Ben Siraphob 8c5d37129f pkgs/tools: stdenv.lib -> lib 2021-01-15 17:12:36 +07:00
Profpatsch 4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Graham Christensen bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
Peter Hoeg 31cf796be6 openvpn: 2.4.9 -> 2.5.0 2020-11-22 20:36:57 +08:00
Peter Hoeg 1f2368d387 openvpn: update and wrap update-systemd-resolved
The string replacement we were doing was just too brittle, so wrap the
script with a modified PATH instead as it is less likely to break on new
versions.
2020-05-21 20:54:25 +08:00
Martin Milata f35d50c68c openvpn: 2.4.7 -> 2.4.9
Fixes CVE-2020-11736
2020-04-23 14:25:37 +02:00
Michael Reilly 84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Edmund Wu 5766bd451a
update-systemd-resolved: init at 1.3.0 2019-10-01 08:43:36 -04:00
volth 08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
lassulus acc3eec8da openvpn: fix pkcs11 helper 2019-05-20 10:39:24 +02:00
Peter Hoeg 8f81838ab5
Merge pull request #58800 from peterhoeg/f/openvpn
openvpn: support for updating systemd-resolved with DNS servers
2019-04-28 21:54:26 +08:00
Peter Hoeg 36c344ac00 openvpn: support for updating systemd-resolved with DNS servers 2019-04-03 09:35:27 +08:00
R. RyanTM ddc5666b28 openvpn: 2.4.6 -> 2.4.7
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/openvpn/versions
2019-03-11 01:00:15 -07:00
Ryan Mulligan 038a0c9a60 treewide: http to https 2018-04-30 21:39:20 -07:00
R. RyanTM 8898063828 openvpn: 2.4.5 -> 2.4.6
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/openvpn/versions.

These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 2.4.6 with grep in /nix/store/5hj70y409c0b01zmx4rddiicgq7jajb2-openvpn-2.4.6
- directory tree listing: https://gist.github.com/ce0bc5e31d7d26ead341febdc7bdc6ee
2018-04-26 01:20:56 -07:00
Ryan Mulligan b0e306b192 openvpn: 2.4.4 -> 2.4.5
Semi-automatic update. These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 2.4.5 with grep in /nix/store/a2wdxd4c08b1gilnj2mcvkmvpnqxw942-openvpn-2.4.5
- found 2.4.5 in filename of file in /nix/store/a2wdxd4c08b1gilnj2mcvkmvpnqxw942-openvpn-2.4.5
2018-03-09 05:42:34 -08:00
Kier Davis 397daef205
openvpn: make systemd dependency optional
systemd is a fairly large dependency, and it doesn't appear to
be necessary in all circumstances - e.g. when openvpn is
not run as a systemd service (as is usually the case when it is
run in a Docker container).

This change makes the dependency on systemd optional, controlled
by a new argument `useSystemd`. The default behaviour remains
the same as it was before this change: enabled only on Linux systems.

For me, this change reduces the size of my container image (dominated
by the closure of openvpn) from about 110 MB to 45 MB.

Version 2: rename argument to `useSystemd` (was `systemdSupport`), and
rebase onto master
2018-01-06 15:05:44 +00:00
Orivej Desh 1bae36bc41 openvpn-auth-ldap: rehash patches 2017-11-22 14:10:46 +00:00
Benjamin Staffin 998027a531
openvpn-auth-ldap: init at 2.0.3 2017-11-02 14:35:48 -04:00
Franz Pletz 8e4586d077
openvpn: 2.4.3 -> 2.4.4 for CVE-2017-12166
https://community.openvpn.net/openvpn/wiki/CVE-2017-12166
2017-09-28 12:27:01 +02:00
Silvan Mosberger f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Nikolay Amiantov 9ffdbe3853 update-resolv-conf: 2016-09-30 -> 2017-06-21 2017-07-27 17:07:45 +03:00
Franz Pletz 5521b542a2
openvpn: 2.4.2 -> 2.4.3
See https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243

Fixed:

  * CVE-2017-7508
  * CVE-2017-7520
  * CVE-2017-7521
  * CVE-2017-7512
  * CVE-2017-7522
2017-06-21 13:36:10 +02:00
Peter Simons ae6f9324cd openvpn: update to version 2.4.2 to fix CVE-2017-7478 and CVE-2017-7479 2017-05-12 13:35:37 +02:00
Jörg Thalheim e09b950f54
openvpn: remove no longer correct systemd-notify.patch
This patch was only necessary for 2.3.x, while 2.4.0 improved
its own systemd notify support.

See: https://github.com/NixOS/nixpkgs/issues/24817
2017-04-11 08:51:56 +02:00
Michael Raskin 277e7119be openvpn: 2.3.13 -> 2.4.0 2017-01-02 15:38:46 +01:00
Nikolay Amiantov e5167e8763 update-resolv-conf: 2016-04-24 -> 2016-09-30 2016-11-24 01:17:58 +03:00
Hendrik Schaeidt d6d12ebc55
openvpn: disable libpam support on OSX to enable build 2016-10-06 20:24:02 +02:00
Tim Steinbach 244aee5cd1
openvpn: 2.3.11 -> 2.3.12 2016-09-23 09:24:00 -04:00
John Ericson ea1caf9272 openvpn: Optional pkcs11 support 2016-09-16 07:24:03 -07:00
Tuomas Tynkkynen 74a3a2cd7e treewide: Use makeBinPath 2016-08-23 01:18:10 +03:00
Nikolay Amiantov 49fe339b09 update-resolv-conf: 20141003 -> 2016-04-24 2016-08-14 22:37:11 +03:00
Matthias Beyer 340a5d6fbf openvpn: 2.3.10 -> 2.3.11
Taken from #15856.
2016-07-09 15:04:55 +02:00
Tuomas Tynkkynen bac26e08db Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
Franz Pletz 4962f52b88 openvpn: --enable-password-save was removed 2016-05-26 19:17:39 +02:00
Franz Pletz bf12560053 openvpn: Fix build for systemd 230 2016-05-26 19:16:45 +02:00
Eelco Dolstra 38afa836b3 openvpn: 2.3.8 -> 2.3.10
In particular, this fixes the systemd-ask-password regression
re-introduced by cb1c818491.
2016-03-27 23:29:53 +02:00