[Bug 250225] net/ocserv: Update to 1.1.1

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250225

            Bug ID: 250225
           Summary: net/ocserv: Update to 1.1.1
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://ocserv.gitlab.io/www/index.html
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs at FreeBSD.org
          Reporter: juraj at lutter.sk

Created attachment 218625
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=218625&action=edit
net/ocserv: Update to 1.1.1

Hi,

plese find the patch attached.

Changelog since 1.0.1:
      - Fixed compatibility with OpenBSD that lacks procfs

      - Improved rate-limit-ms and made it dependent on secmod backlog. This
makes
    the server more resilient (and prevents connection failures) on multiple
    concurrent connections

      - Added namespace support for listen address by introducing the
listen-netns
    option

      - Disable TLS1.3 when cisco client compatibility is enabled. New
anyconnect
    clients seem to supporting TLS1.3 but are unable to handle a client with an
RSA
    key

      - Enable a race free user disconnection via occtl

      - Added the config option of a pre-login-banner

      - Ocserv siwtched to using multiple ocserv-sm processes to improve scale,
    with the number of ocserv-sm process dependent on maximum clients and
number of
    CPUs. Configuration option sec-mod-scale can be used to override the
    heuristics.

      - Fixed issue with group selection on radius servers sending multiple
group
    class attribute.

See https://gitlab.com/openconnect/ocserv/-/releases/1.1.1 for details.

-- 
You are receiving this mail because:
You are the assignee for the bug.