head 1.11; access; symbols pkgsrc-2023Q4:1.11.0.6 pkgsrc-2023Q4-base:1.11 pkgsrc-2023Q3:1.11.0.4 pkgsrc-2023Q3-base:1.11 pkgsrc-2023Q2:1.11.0.2 pkgsrc-2023Q2-base:1.11 pkgsrc-2023Q1:1.10.0.4 pkgsrc-2023Q1-base:1.10 pkgsrc-2022Q4:1.10.0.2 pkgsrc-2022Q4-base:1.10 pkgsrc-2022Q3:1.8.0.12 pkgsrc-2022Q3-base:1.8 pkgsrc-2022Q2:1.8.0.10 pkgsrc-2022Q2-base:1.8 pkgsrc-2022Q1:1.8.0.8 pkgsrc-2022Q1-base:1.8 pkgsrc-2021Q4:1.8.0.6 pkgsrc-2021Q4-base:1.8 pkgsrc-2021Q3:1.8.0.4 pkgsrc-2021Q3-base:1.8 pkgsrc-2021Q2:1.8.0.2 pkgsrc-2021Q2-base:1.8 pkgsrc-2021Q1:1.7.0.16 pkgsrc-2021Q1-base:1.7 pkgsrc-2020Q4:1.7.0.14 pkgsrc-2020Q4-base:1.7 pkgsrc-2020Q3:1.7.0.12 pkgsrc-2020Q3-base:1.7 pkgsrc-2020Q2:1.7.0.10 pkgsrc-2020Q2-base:1.7 pkgsrc-2020Q1:1.7.0.6 pkgsrc-2020Q1-base:1.7 pkgsrc-2019Q4:1.7.0.8 pkgsrc-2019Q4-base:1.7 pkgsrc-2019Q3:1.7.0.4 pkgsrc-2019Q3-base:1.7 pkgsrc-2019Q2:1.7.0.2 pkgsrc-2019Q2-base:1.7 pkgsrc-2019Q1:1.5.0.2 pkgsrc-2019Q1-base:1.5 pkgsrc-2018Q4:1.3.0.20 pkgsrc-2018Q4-base:1.3 pkgsrc-2018Q3:1.3.0.18 pkgsrc-2018Q3-base:1.3 pkgsrc-2018Q2:1.3.0.16 pkgsrc-2018Q2-base:1.3 pkgsrc-2018Q1:1.3.0.14 pkgsrc-2018Q1-base:1.3 pkgsrc-2017Q4:1.3.0.12 pkgsrc-2017Q4-base:1.3 pkgsrc-2017Q3:1.3.0.10 pkgsrc-2017Q3-base:1.3 pkgsrc-2017Q2:1.3.0.6 pkgsrc-2017Q2-base:1.3 pkgsrc-2017Q1:1.3.0.4 pkgsrc-2017Q1-base:1.3 pkgsrc-2016Q4:1.3.0.2 pkgsrc-2016Q4-base:1.3 pkgsrc-2016Q3:1.2.0.4 pkgsrc-2016Q3-base:1.2 pkgsrc-2016Q2:1.2.0.2 pkgsrc-2016Q2-base:1.2 pkgsrc-2016Q1:1.1.0.10 pkgsrc-2016Q1-base:1.1 pkgsrc-2015Q4:1.1.0.8 pkgsrc-2015Q4-base:1.1 pkgsrc-2015Q3:1.1.0.6 pkgsrc-2015Q3-base:1.1 pkgsrc-2015Q2:1.1.0.4 pkgsrc-2015Q2-base:1.1 pkgsrc-2015Q1:1.1.0.2 pkgsrc-2015Q1-base:1.1; locks; strict; comment @# @; 1.11 date 2023.05.05.13.20.56; author schmonz; state Exp; branches; next 1.10; commitid H6CbBGlw1Tc6dMnE; 1.10 date 2022.10.20.19.13.41; author schmonz; state Exp; branches; next 1.9; commitid GsS7TIe8uT5HuuYD; 1.9 date 2022.10.18.01.17.53; author schmonz; state Exp; branches; next 1.8; commitid IF5x9cB7MKwDB8YD; 1.8 date 2021.05.22.09.12.05; author schmonz; state Exp; branches; next 1.7; commitid hsyHT7US6E4FK7UC; 1.7 date 2019.06.24.20.39.55; author schmonz; state Exp; branches; next 1.6; commitid D6cUoL2jk13GZtsB; 1.6 date 2019.05.14.18.26.42; author schmonz; state Exp; branches; next 1.5; commitid DzlPLuYY6S0GzcnB; 1.5 date 2019.03.06.21.13.09; author schmonz; state Exp; branches; next 1.4; commitid Z7btYLmZvGtiIleB; 1.4 date 2019.01.07.22.32.17; author schmonz; state Exp; branches; next 1.3; commitid caGvB0IL28521U6B; 1.3 date 2016.10.28.10.01.51; author wiz; state Exp; branches; next 1.2; commitid Biba00Ncy4yNBTrz; 1.2 date 2016.05.17.10.32.08; author fhajny; state Exp; branches; next 1.1; commitid 6I4MSY4qjd2M1P6z; 1.1 date 2015.03.02.15.24.12; author wiz; state Exp; branches; next ; commitid NzAenUZYrXYaS2cy; desc @@ 1.11 log @Update to 20230103. From the changelog: - No need to specify FAMILY in IPv4 only functions - Avoid "ip route flush cache" for IPv4 @ text @# $NetBSD: Makefile,v 1.10 2022/10/20 19:13:41 schmonz Exp $ DISTNAME= vpnc-script-20230103 CATEGORIES= net security MASTER_SITES= ${MASTER_SITE_GITLAB:=openconnect/vpnc-scripts/-/raw/22756827/} DIST_SUBDIR= ${PKGNAME_NOREV} DISTFILES= vpnc-script MAINTAINER= schmonz@@NetBSD.org HOMEPAGE= http://www.infradead.org/openconnect/vpnc-script.html COMMENT= Improved config script for OpenConnect and vpnc LICENSE= gnu-gpl-v2 NO_BUILD= YES WRKSRC= ${WRKDIR} EGDIR= ${PREFIX}/share/examples/vpnc-script INSTALLATION_DIRS= ${EGDIR} CONF_FILES_PERMS= ${EGDIR}/vpnc-script \ ${PKG_SYSCONFDIR}/vpnc-script \ ${REAL_ROOT_USER} ${REAL_ROOT_GROUP} 555 do-install: ${INSTALL_SCRIPT} ${WRKSRC}/vpnc-script ${DESTDIR}${EGDIR} .include "../../mk/bsd.pkg.mk" @ 1.10 log @Take MAINTAINER. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.9 2022/10/18 01:17:53 schmonz Exp $ d3 1 a3 1 DISTNAME= vpnc-script-20220917 d5 1 a5 1 MASTER_SITES= ${MASTER_SITE_GITLAB:=openconnect/vpnc-scripts/-/raw/fc87e112/} @ 1.9 log @Update to 20220917. From the changelog: - Use 'ps -c -o command=' rather than 'cmd=' [chris vogan] - Use full names of Windows 'netsh' sub-commands, not abbreviations [Dimitri Papadopoulos] - Don't try to condition 'validate=no' flag on Windows version [Daniel Lenski] - add networksetup for darwin to fix dns setup on newer versions of MacOS [Tobias Breitwieser] - Removed automatic adding of NS routes [Heiko Schabert] - Add configuration for OBS workflow [Luca Boccassi] - Add RPM packaging for OBS workflow [Luca Boccassi] - Add Debian packaging for OBS workflow [Luca Boccassi] - vpnc-script-sshd: use ip link peer name syntax [Luca Boccassi] - vpnc-script: Detect systemd with resolvectl status [Jordan Justen] - Cleanup error status in vpnc-script-win.js [Dimitri Papadopoulos] - Update copyright/origin notices in scripts [Daniel Lenski] - On newer versions of Windows, need `validate=no` when adding DNS servers [Daniel Lenski] - Better ordering, more logging, and disconnect handler fixes on Windows [Daniel Lenski] - Add logLevel and logTimestamps options to vpnc-script-win.js [Daniel Lenski] - On newer versions of Windows, need `validate=no` when adding DNS servers [Daniel Lenski] - Better ordering, more logging, and disconnect handler fixes on Windows [Daniel Lenski] - Add logLevel and logTimestamps options to vpnc-script-win.js [Daniel Lenski] - Remove unnecessary quotes around numeric interface identifier (TUNIDX) in vpnc-script-win.js [Daniel Lenski] - vpnc-script-win.js: replace incorrect exec() call with run() [Tim De Baets] - Always use INTERNAL_IP4_ADDRESS as "gateway" on Windows [Daniel Lenski] - Support for OpenBSD's resolvd via route messages [Andrew Hewus Fresh] - Another bugfix when determining the controlling PID [Daniel Lenski] - Use `type -P` instead of `command -v` in tests/ bash scripts [Ville Skyttä] - Use `grep -E` instead of `egrep` [Ville Skyttä] - Use `command -v` instead of `which` [Ville Skyttä] - Ensure that vpnc-script-win.js works even if INTERNAL_IP4_{NETADDR,NETMASK} are unset [Daniel Lenski] - Add polyfill for String.prototype.trim in vpnc-script-win.js [Daniel Lenski] - Minor typo [Dimitri Papadopoulos] - Fix spacing [Daniel Lenski] - Use $VPNPID when provided by OpenConnect [Daniel Lenski] - Also include controlling process identifier in resolv.conf backup path [Daniel Lenski] - Bugfix default route handling by using GRANDparent process ID to uniquely identify connection [Daniel Lenski] - Typos found by codespell [Dimitri Papadopoulos] - Ensure that vpnc-script-win.js picks a legal "internal gateway" address even for /32 netmask [Daniel Lenski] - tests: fix error message about missing ocserv [Luca Boccassi] - Typos caught by codespell [Dimitri Papadopoulos] - Fix set_vpngateway_route [Daniel Lenski] - Exclude routes may use a different address family from VPNGATEWAY [Daniel Lenski] - factor out list_non_loopback_routes and use for split-exclude routes as well [Daniel Lenski] - tests: 'route flush' doesn't work properly on Linux' [Daniel Lenski] - Linux: fix IPv6 route flushing [Daniel Lenski] - test timing: wait up to 10s for OpenConnect client to terminating [Daniel Lenski] - re-add tests for IPv6 support [Daniel Lenski] - always exclude TUNDEV when finding/setting gateway route [Daniel Lenski] - preserve onlink flag in gateway/exclude routes [Daniel Lenski] @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.8 2021/05/22 09:12:05 schmonz Exp $ d9 1 a9 1 MAINTAINER= pkgsrc-users@@NetBSD.org @ 1.8 log @Update to 20210401. From the changelog: - fix IPv6 split masklen - vpnc-script-win: tidy up, more logging - vpnc-script-win: make VPN addresses/gateways "non-persistent", and delete them on disconnect - vpnc-script-win: delete DNS and WINS servers before adding them - vpnc-script-win: dump stdout and stderr when a command fails - vpnc-script-win: use TUNIDX in all netsh commands, remove waitForInterface() - vpnc-script-win: add FIXMEs regard IPv6 split-excludes and gateways - vpnc-script-win: add legacy IP split-exclude handling - vpnc-script-win: cleanup spacing, clarify comments - vpnc-script-win: simplify 'internal gateway' calculation - GNU awk regex fix - move destroy_tun_device into do_disconnect (called only here) - remove bits for ancient Linux 2.6.x kernels - mention IDLE_TIMEOUT - cleanup whitespace and clarify comments - tweak warning message about un-routable exclude routes - Ignore unreachable exclude routes - Document split tunnel EXC variables - ignore bogus non-forwardable exclude routes on disconnect too - *BSDs: get_default_gw needs to EXCLUDE routes through tunnel for attempt-reconnect, but should NOT exclude them otherwise - mark tunnel device 'down' before destroying - Add DragonFly BSD support and improve FreeBSD support - Use '[[:space:]]' instead of '\s' to support POSIX awk - *BSDs: don't inadvertently pick up a bogus 0.0.0.0/32 route as a default route - Fix basename invocation on *BSD shells - fix another ifconfig syntax difference between Linux and *BSDs - use `ip netns` instead of ocserv `listen-netns` config option for test configs - match preexisting code style - Use systemd-resolve to check if resolved is running - FIXME add mock IPv6 configuration to get CI to work - add a bit more logging to test scripts - split iproute2 and *BSD-ish into separate CI runs - CI: don't need to install ocserv and which - numerous fixes for Linux IPv6 configuration using ifconfig/route/netstat - try running tests with *BSD-ish tools (ifconfig/route/netstat) for additional coverage - match code style - Don't use /sbin/resolvconf if it just points to resolvectl. - include calling process ID in DEFAULT_ROUTE_FILE{,_IPV6} - with BSD 'route', save-and-restore IPv6 default routes - simplify cases and add ifconfig_syntax_del variable - Patch: make ipv6 in ipv4 and ipv6 in ipv6 tunnels work on (Net)BSD - vpnc-scripts: added a sanity check of routes and resolv.conf generation - preserve metric in fix_ip_get_output - with iproute2, sort the routes to the VPN gateway by metric before trying to create an explicit route to the gateway via each of them - make do_attempt_reconnect work with route/ifconfig - add working do_attempt_reconnect - don't try to set an explicit route to VPN gateway if localhost, and ignore bogus non-forwardable exclude routes - Ignore link-local routes in set_default_route - leave support for older systemd-resolved (v229-v238) in place - Windows IPv6: remove hard-coded next-hop of fe80::8 - Add split DNS support for systemd-resolved - Use resolvectl for systemd-resolved - fix tabs/spaces in POSIX vpnc-script as well - cleanup whitespace in vpnc-script-win.js - specify interface when adding routes - fix Slackware issue (netconfig is an unrelated tool, not relevant for resolv.conf handling) - No need to add a separate sed invocation for `$NETMASKLEN` fixing - iproute2 5.1+ doesn't allow prefixlen!=32 in get @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.7 2019/06/24 20:39:55 schmonz Exp $ d3 1 a3 1 DISTNAME= vpnc-script-20210401 d5 1 a5 1 MASTER_SITES= http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/8fff06090ed193c4a7285e9a10b42e6679e8ecf3:/ a10 1 # see also http://git.infradead.org/users/dwmw2/vpnc-scripts.git @ 1.7 log @Update to 20190606. From the changelog: Previously, an IPv6 split tunnel with a /128 request would result in a default tunnel, rather than a specific route. Correctly set the default route if we request a /0. If `which ip` returns something on a non-Linux OS, it's an unrelated tool that won't work for routing configuration; don't try to set IPROUTE on another OS. This should fix the macOS issue discovered at: @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 2019/05/14 18:26:42 schmonz Exp $ d3 1 a3 1 DISTNAME= vpnc-script-20190606 d5 1 a5 1 MASTER_SITES= http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/c84fb8e5a523a647a01a1229a9104db934e19f00:/ @ 1.6 log @Update to 20190424. From the changelog: Some vpn clients pass multiple domains for DNS search scope, which requires that we use search rather than domain. The generic path was already using search, so just switch the resolvconf path to also use search. In a container, /etc/nsswitch.conf might not exist. Silence the error grep: /etc/nsswitch.conf: No such file or directory Inside a container, running 'ip route flush cache' can spam with "ip: can't open '/proc/sys/net/ipv4/route/flush': Read-only file system" Hide that the error output for that command. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.5 2019/03/06 21:13:09 schmonz Exp $ d3 1 a3 1 DISTNAME= vpnc-script-20190424 d5 1 a5 1 MASTER_SITES= http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/33b5d8198b5f375418379e483031d3ec9019225d:/ @ 1.5 log @Update to 20190116. From the changelog: - Add IPv6 DNS addresses using "netsh interface ipv6 add dns" command - Add attempt-reconnect invocation @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 2019/01/07 22:32:17 schmonz Exp $ d3 1 a3 1 DISTNAME= vpnc-script-20190116 d5 1 a5 1 MASTER_SITES= http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/1000e0f6dd7d6bff163169a46359211c1fc3a6d2:/ @ 1.4 log @Update to 20180226. From the changelog: - Support routes with different devs and gateways - Revive route cleanup for /sbin/route code - Support split-exclude rules from Pulse gateway - Check if resolved is enabled in nsswitch.conf prior to using it - Add support for systemd-resolved @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.3 2016/10/28 10:01:51 wiz Exp $ d3 1 a3 1 DISTNAME= vpnc-script-20180226 d5 1 a5 1 MASTER_SITES= http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/07c3518dd6b8dc424e9c3650a62bed994a4dcbe1:/ @ 1.3 log @Updated vpnc-script to 20160828. From Kai-Uwe Eckhardt in PR 51576. Changes: rewrite resolv.conf parsing master avoid multiple "domain" entries in resolv.conf fix comment OSX - Fix split DNS when doing split routing Enable resolvconf on FreeBSD too @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.2 2016/05/17 10:32:08 fhajny Exp $ d3 1 a3 1 DISTNAME= vpnc-script-20160828 d5 1 a5 1 MASTER_SITES= http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/HEAD:/ @ 1.2 log @Use REAL_ROOT_USER/REAL_ROOT_GROUP instead of ROOT_USER/ROOT_GROUP for all pkgsrc dir/file ownership rules. Fixes unprivileged user/group names from leaking into binary packages, manifest as non-fatal chown/chgrp failure messages at pkg_add time. Bump respective packages' PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.1 2015/03/02 15:24:12 wiz Exp $ d3 1 a3 2 DISTNAME= vpnc-script-20140805 PKGREVISION= 1 @ 1.1 log @Import vpnc-script-20140805 as net/vpnc-script, packaged for wip by pdtafti, hfath, asau, jakllsch, and keckhardt. This package provides David Woodhouse's modified vpnc config script with IPv6 support and bug fixes. It can be used in conjunction with net/vpnc and/or net/openconnect. @ text @d1 1 a1 1 # $NetBSD$ d4 1 d23 1 a23 1 ${ROOT_USER} ${ROOT_GROUP} 555 @