From 4201e4610f6d434330c27c6e7d82a1771d77d459 Mon Sep 17 00:00:00 2001 From: Michael Date: Mon, 3 Jun 2019 08:41:59 +0200 Subject: [PATCH] security/openconnect: add pin-sha256 to certificate hash (#1356) --- security/openconnect/Makefile | 2 +- security/openconnect/pkg-descr | 4 ++++ .../opnsense/mvc/app/models/OPNsense/Openconnect/General.xml | 3 ++- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/security/openconnect/Makefile b/security/openconnect/Makefile index f313dc9ed..e922426b2 100644 --- a/security/openconnect/Makefile +++ b/security/openconnect/Makefile @@ -1,5 +1,5 @@ PLUGIN_NAME= openconnect -PLUGIN_VERSION= 1.3.3 +PLUGIN_VERSION= 1.4.0 PLUGIN_COMMENT= OpenConnect Client PLUGIN_DEPENDS= openconnect PLUGIN_MAINTAINER= m.muenz@gmail.com diff --git a/security/openconnect/pkg-descr b/security/openconnect/pkg-descr index 6338929ed..cba5a5c27 100644 --- a/security/openconnect/pkg-descr +++ b/security/openconnect/pkg-descr @@ -6,6 +6,10 @@ the Juniper SSL VPN which is now known as Pulse Connect Secure. Plugin Changelog ================ +1.4.0 + +* Add "pin-sha256" certificate hash + 1.3.3 * Enhance allowed characters in group name diff --git a/security/openconnect/src/opnsense/mvc/app/models/OPNsense/Openconnect/General.xml b/security/openconnect/src/opnsense/mvc/app/models/OPNsense/Openconnect/General.xml index a698445cd..73924acf6 100644 --- a/security/openconnect/src/opnsense/mvc/app/models/OPNsense/Openconnect/General.xml +++ b/security/openconnect/src/opnsense/mvc/app/models/OPNsense/Openconnect/General.xml @@ -25,7 +25,7 @@ N - /^[a-z0-9]{40,64}$/ + /^([a-zA-Z0-9\/\+\=]){40,64}$/u Please provide a valid hash. @@ -35,6 +35,7 @@ SHA256 SHA1 + PIN-SHA256