openvpn: update to 2.6.9

- license change is now complete, and all code has been re-licensed
  under the new license (still GPLv2, but with new linking exception
  for Apache2 licensed code).
  Code that could not be re-licensed has been removed or rewritten.

- add support for building with mbedTLS 3.x.x

- new option "--force-tls-key-material-export" to only accept clients
  that can do TLS keying material export to generate session keys
  (mostly an internal option to better deal with TLS 1.0 PRF failures).

- Windows: bump vcpkg-ports/pkcs11-helper to 1.30

- Log incoming SSL alerts in easier to understand form and move logging
  from "--verb 8" to "--verb 3".

- protocol_dump(): add support for printing "--tls-crypt" packets

and other fixes

For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.9/Changes.rst

Signed-off-by: Ivan Pavlov <redacted>

diff --git a/net/openvpn/Makefile b/net/openvpn/Makefile
index 8d35c74770d6cb6e034e1cd30de8bb5e8522ff38..81e5a7274071e84995696a79c023fdf8e56e4262 100644 (file)
--- a/net/openvpn/Makefile
+++ b/net/openvpn/Makefile
@@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openvpn
 
-PKG_VERSION:=2.6.8
-PKG_RELEASE:=6
+PKG_VERSION:=2.6.9
+PKG_RELEASE:=1
 
 PKG_SOURCE_URL:=\
        https://build.openvpn.net/downloads/releases/ \
        https://swupdate.openvpn.net/community/releases/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=5ede1565c8a6d880100f7f235317a7ee9eea83d5052db5547f13a9e76af7805d
+PKG_HASH:=e08d147e15b4508dfcd1d6618a1f21f1495f9817a8dadc1eddf0532fa116d7e3
 
 PKG_MAINTAINER:=
 

diff --git a/net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch b/net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
index 6ac30df594743d1db6d2793830c70c0c91bb0835..4831de9c7108b5446e9925de1bf1b2d486c356ee 100644 (file)
--- a/net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
+++ b/net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
@@ -1,6 +1,6 @@
 --- a/src/openvpn/ssl_mbedtls.c
 +++ b/src/openvpn/ssl_mbedtls.c
-@@ -1533,7 +1533,7 @@ const char *
+@@ -1612,7 +1612,7 @@ const char *
  get_ssl_library_version(void)
  {
      static char mbedtls_version[30];