Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

govpn-server-7.5-lp152.1.2 RPM for armv7hl

From OpenSuSE Ports Leap 15.2 for armv7hl

Name: govpn-server Distribution: openSUSE Leap 15.2
Version: 7.5 Vendor: openSUSE
Release: lp152.1.2 Build date: Wed Apr 15 23:25:02 2020
Group: Productivity/Networking/Web/Servers Build host: armbuild04
Size: 5144305 Source RPM: govpn-7.5-lp152.1.2.src.rpm
Packager: https://bugs.opensuse.org
Url: http://govpn.info/
Summary: Simple Virtual Private Network Server
GoVPN is a virtual private network daemon, written in Go.

It uses strong passphrase authenticated key agreement protocol with
augmented zero-knowledge mutual peers authentication (PAKE DH A-EKE).
It features encrypted authenticated data transport that hides
message's length and timestamps, has the Perfect Forward Secrecy
property, is resistant to offline dictionary attacks, replay attacks,
client's passphrases compromising and dictionary attacks on the
server side, has built-in heartbeating, rehandshaking, real-time
statistics, the ability to work through UDP, TCP and HTTP proxies,
and IPv4/IPv6-compatibility.

Provides

Requires

License

GPL-3.0-or-later

Changelog

* Wed Jul 24 2019 matthias.gerstner@suse.com
  - removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
    firewalld, see [1].
    [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
* Sat Oct 20 2018 sor.alexei@meowr.ru
  - Update to version 7.5:
    * Dependant cryptographic libraries are updated for compatibility
      with Go 1.11.
  - Remove govpn-go-1.7-compat.patch.
* Thu Nov 23 2017 sor.alexei@meowr.ru
  - Update to version 7.4:
    * Tiny refactoring. Go 1.9 is a minimal required version.
    * Dependant cryptographic libraries are updated.
  - Add govpn-go-1.7-compat.patch: Restore Go 1.7 compatibility.
    Apply it on openSUSE older than Leap 15.0.
* Thu May 11 2017 jengelh@inai.de
  - Do not suppress errors from user/group creation
  - Fix grammar problems in description, and drop filler wording.
* Tue May 09 2017 sor.alexei@meowr.ru
  - Update to version 7.3 (changes since 5.10):
    * Argon2d is replaced with Balloon hashing. Found Argon2
      libraries written on pure Go have various problems. Moreover
      Argon2i should be used instead, but it has some possible
      cryptographic defects (http://eprint.iacr.org/2016/027).
      So it is replaced with much more simpler (and seems even
      cryptographically better) Balloon hashing
      (https://crypto.stanford.edu/balloon/).
    * (X)Salsa20 is replaced with ChaCha20. Theoretically it should
      be faster and more secure. Previous versions are not compatible
      with it!
    * Ability to use TUN-interfaces under GNU/Linux.
    * Fix a bug in client’s identity generation and detection code:
      simultaneous clients may be incorrectly identified, preventing
      their connection establishing and allowing DPI to detect GoVPN
      packets.
    * Fix seldom possible segmentation fault on the server during
      rehandshake.
    * Dependant cryptographic libraries are updated.
* Sat Jul 23 2016 sor.alexei@meowr.ru
  - Update to version 5.10 (changes since 5.8):
    * Client reconnects in the loop when connection is lost.
      Optionally you can disable that behaviour: client will exit
      immediately, as it previously did.
    * -version option added, printing application version.
* Sat May 28 2016 sor.alexei@meowr.ru
  - Update to version 5.8:
    * Optional ability to use syslog for logging, with RFC 5424-like
      structured records.
    * XTEA algorithm is not used anymore for nonce obfuscation, but
      BLAKE2b-MAC instead. Encryptionless mode now really does not
      depend on encryption functions.
* Thu Mar 17 2016 sor.alexei@meowr.ru
  - Update to 5.7:
    * TAP interface name and remote peer's address are passed to up-
      and down- scripts through environment variables.
    * Update Argon2 library to use version 1.3 of the algorithm.
* Thu Feb 11 2016 sor.alexei@meowr.ru
  - Update to 5.6 (changes since 5.2):
    * Ability to read passphrases directly from the terminal (user's
      input) without using of keyfiles. storekey.sh utility removed.
    * Fix minor bug with newclient.sh that caught "Passphrase:"
      prompt and inserted it into example YAML output.
      Just replaced stdout output to stderr for that prompt.
    * Add optional Timesync requirement.
      It will add timestamps in handshake PRP authentication,
      disallowing to repeat captured packet and get reply from the
      server, making it visible to DPI.
    * Ability to work on 32-bit platforms. sync library has some
      specific issues that caused panics on previous versions.
    * Add up/down example script for replacing default route.
    * Fix documentation bug: .info was not being installed.
* Fri Jan 15 2016 sor.alexei@meowr.ru
  - Update to 5.2 (changes since 4.2):
    * New optional encryptionless mode of operation.
      Technically no encryption functions are applied for outgoing
      packets, so you can not be forced to reveal your encryption
      keys or sued for encryption usage.
    * MTUs are configured on per-user basis.
    * Simplified payload padding scheme, saving one byte of data.
    * Ability to specify TAP interface name explicitly without any
      up-scripts for convenience.
    * govpn-verifier utility now also can use EGD.
    * Server is configured using YAML file. It is very convenient to
      have comments and templates, comparing to JSON.
    * Incompatible with previous versions replacement of HSalsa20
      with BLAKE2b in handshake code.
    * Ability to read passphrases directly from the terminal (user's
      input) without using of keyfiles. storekey.sh utility removed.
* Fri Nov 20 2015 sor.alexei@meowr.ru
  - Update to 4.2 (changes since 4.0):
    * Argon2d is used instead of PBKDF2 for password verifier hashing.
    * Client's identity is stored inside the verifier, so it
      simplifies server-side configuration and the code.
    * Fix non-critical bug when server may fail if up-script is not
      executed successfully.
* Sun Sep 20 2015 sor.alexei@meowr.ru
  - Initial package.

Files

/etc/govpn.conf
/etc/govpn.d
/usr/bin/govpn-server
/usr/lib/systemd/system/govpn.target
/usr/lib/systemd/system/govpn@.service


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 9 12:35:51 2024