ports/135596: Update pkg-message to reflect new OpenSSL in -CURRENT (and make it more generic)
Damian Gerow
dgerow at afflictions.org
Mon Jun 15 16:40:05 UTC 2009
>Number: 135596
>Category: ports
>Synopsis: Update pkg-message to reflect new OpenSSL in -CURRENT (and make it more generic)
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Jun 15 16:40:04 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Damian Gerow
>Release: 8.0-CURRENT
>Organization:
>Environment:
FreeBSD plebeian.afflictions.org 8.0-CURRENT FreeBSD 8.0-CURRENT #1: Fri Jun 12 09:14:59 EDT 2009 dgerow at plebeian.afflictions.org:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
I've updated the wording in pkg-message to be a little more generic, and to specifically address the fact that OpenSSL 0.9.8k was just imported into -CURRENT.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -ruN openconnect.orig/pkg-descr openconnect/pkg-descr
--- openconnect.orig/pkg-descr 2009-06-06 15:48:49.000000000 -0700
+++ openconnect/pkg-descr 2009-06-15 09:30:49.000000000 -0700
@@ -1,9 +1,13 @@
-OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is
-supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880,
-1800, 2800, 3800, 7200 Series and Cisco 7301 Routers.
+Cisco's implementation of the DTLS protocol unfortunately does not
+comply with the relevant standards, and the OpenSSL in FreeBSD's
+base requires a patch to provide full interoperability. You will
+still be able to establish a tunnel, but all traffic will be
+transmitted via an HTTPS connection. This means that any packet
+loss on your link will result in a significant detriment to the
+speed of your VPN connection.
-Like vpnc, OpenConnect is not officially supported by, or
-associated in any way with, Cisco Systems. It just happens to
-interoperate with their equipment.
+Note that versions of FreeBSD older than 8.0 will require a small
+number of additional patches, due to the older version of OpenSSL
+included in their base.
-WWW: http://www.infradead.org/openconnect.html
+More information is included in README.DTLS.
diff -ruN openconnect.orig/pkg-message openconnect/pkg-message
--- openconnect.orig/pkg-message 2009-06-06 15:48:49.000000000 -0700
+++ openconnect/pkg-message 2009-06-15 09:29:10.128304574 -0700
@@ -1,10 +1,9 @@
Cisco's implementation of the DTLS protocol unfortunately does not
-comply with the relevant standards. OpenSSL must be patched to
-provide full compliance with their implementation, and due to the
-older release of OpenSSL in the FreeBSD base, there are additional
-patches that must be applied to achieve the same goal. Though
-OpenConnect will still function, all traffic will be passed over
-an HTTPS connection. Should there be any packet loss on your
-link, your VPN connection will suffer greatly.
+comply with the relevant standards, and the OpenSSL in FreeBSD's
+base requires a patch to provide full interoperability. You will
+still be able to establish a tunnel, but all traffic will be
+transmitted via an HTTPS connection. This means that any packet
+loss on your link will result in a significant detriment to the
+speed of your VPN connection.
More information is included in README.DTLS.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list