mirror of
https://git.FreeBSD.org/ports.git
synced 2025-01-31 10:46:16 +00:00
9f4aa322fb
- Update WWW in pkg-descr Noteworthy changes in 0.11.9 - Fixed bug which caused the acceptable of invalid IPv4 address as valid. - Fixed compatibility with gnutls 3.3.8 by avoiding the use of the 'VERS-ALL' priority string which was introduced in 3.3.24. - Fixed null pointer dereference when parsing locked accounts in plain password authentication. - Add support for RSA-PSS and Ed25519 private keys when used with GnuTLS 3.6.0. - ocpasswd: when locking an account multiple times, add the '!' character only once. Based on patch by Frank Huang. Changes: http://lists.infradead.org/pipermail/openconnect-devel/2017-October/004529.html MFH: 2017Q4
21 lines
1.0 KiB
Plaintext
21 lines
1.0 KiB
Plaintext
OpenConnect server (ocserv) is an SSL VPN server. Its purpose is
|
|
to be a secure, small, fast and configurable VPN server. It implements
|
|
the OpenConnect SSL VPN protocol, and has also (currently experimental)
|
|
compatibility with clients using the AnyConnect SSL VPN protocol.
|
|
The OpenConnect protocol provides a dual TCP/UDP VPN channel, and
|
|
uses the standard IETF security protocols to secure it. Both IPv4
|
|
and IPv6 are supported.
|
|
|
|
Ocserv's main features are security through provilege separation
|
|
and sandboxing, accounting, and resilience due to a combined use
|
|
of TCP and UDP. Authentication occurs in an isolated security
|
|
module process, and each user is assigned an unprivileged worker
|
|
process, and a networking (tun) device. That not only eases the
|
|
control of the resources of each user or group of users, but also
|
|
prevents data leak (e.g., heartbleed-style attacks), and privilege
|
|
escalation due to any bug on the VPN handling (worker) process. A
|
|
management interface allows for viewing and querying logged-in
|
|
users.
|
|
|
|
WWW: https://ocserv.gitlab.io/www/index.html
|