Port details |
- rosenpass Wireguard-based post-quantum VPN
- 0.2.2_5 net =2 0.2.2_3Version of this port present on the latest quarterly branch.
- Maintainer: fuz@FreeBSD.org
- Port Added: 2023-09-10 16:22:08
- Last Update: 2024-12-01 09:24:18
- Commit Hash: 1d1fd15
- People watching this port, also watch:: jdictionary, py311-Automat, py311-python-gdsii, py39-PyOpenGL, p5-Sane
- Also Listed In: net-vpn security
- License: MIT APACHE20
- WWW:
- https://rosenpass.eu/
- Description:
- Rosenpass implements a post-quantum-secure key exchange in the spirit of
a Noise protocol. The motivating use case is integrating with the
WireGuard VPN: In this mode, the key generated by Rosenpass is supplied
to WireGuard as its pre-shared symmetric key (PSK). This results in a
WireGuard VPN connection with hybrid post-quantum security.
While Rosenpass is designed with WireGuard in mind, it can be used as a
stand-alone tool to exchange keys. Using this mode, it can be used to
secure other protocols against attacks from quantum computers, given
that they offer using a PSK, and that a secure PSK is sufficient for
security of the protocol. To use this mode, the rosenpass binary must be
used together with the outfile <FILE> parameter. Then, Rosenpass will
write a key to the given file every two minutes, and print a message on
standard out to notify the user or the calling script that the key has
changed.
The implementation is written in Rust but uses libsodium and liboqs --
both of which are C libraries. This does not result in pretty code
everywhere, but enables some advanced security features such as using
libsodium's sodium_malloc. We use a couple of techniques to make sure
the code is secure: We use variable colouring (gating use of a secret
value through a .secret() method), and the code zeroizes all key
material.
- ¦ ¦ ¦ ¦
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- rosenpass>0:net/rosenpass
- To install the port:
- cd /usr/ports/net/rosenpass/ && make install clean
- To add the package, run one of these commands:
- pkg install net/rosenpass
- pkg install rosenpass
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: rosenpass
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1718470305
SHA256 (rust/crates/addr2line-0.21.0.crate) = 8a30b2e23b9e17a9f90641c7ab1549cd9b44f296d3ccbf309d2863cfe398a0cb
SIZE (rust/crates/addr2line-0.21.0.crate) = 40807
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- rust>=1.83.0 : lang/rust
- cmake : devel/cmake-core
- pkgconf>=1.3.0_1 : devel/pkgconf
- llvm-config15 : devel/llvm15
- Runtime dependencies:
-
- bash : shells/bash
- wireguard-tools>0 : net/wireguard-tools
- Library dependencies:
-
- libsodium.so : security/libsodium
- There are no ports dependent upon this port
Configuration Options:
- No options to configure
- Options name:
- net_rosenpass
- USES:
- cargo llvm:build pkgconfig shebangfix
- FreshPorts was unable to extract/find any pkg message
- Master Sites:
|
Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
0.2.2_5 01 Dec 2024 09:24:18 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.83.0
PR: 283000 |
0.2.2_4 08 Nov 2024 08:24:20 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.82.0
PR: 282516 |
0.2.2_3 10 Sep 2024 11:00:34 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.81.0
PR: 281300 |
0.2.2_2 10 Sep 2024 10:58:07 |
Mikael Urankar (mikael) Author: Siva Mahadevan |
*/*: remove STRIP_CMD calls in rust based ports
This is not needed after bc4fedc1fec0d359365c04d43be9e32bf101a50e
PR: 246993
Differential Revision: https://reviews.freebsd.org/D46503 |
0.2.2_2 26 Aug 2024 08:08:01 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.80.1
PR: 280490 |
0.2.2_1 18 Jun 2024 10:59:14 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.79.0
PR: 279707 |
0.2.2 16 Jun 2024 11:53:28 |
Robert Clausecker (fuz) |
net/rosenpass: update to 0.22.2
- remove now obsolete patch
- security fix for an anticipated protocol weakness
Changelog: https://github.com/rosenpass/rosenpass/releases/tag/v0.2.2
MFH: 2024Q2 |
0.2.1_8 20 May 2024 10:33:03 |
Vsevolod Stakhov (vsevolod) |
security/libsodium: update to 1.0.19, bump dependent ports
PR: 278259
Reported by: Andrey Korobkov <alster-vinterdalen.se> |
0.2.1_7 13 May 2024 11:03:24 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.78.0
PR: 278834 |
0.2.1_6 13 May 2024 11:03:21 |
Mikael Urankar (mikael) |
net/rosenpass: Fix build with rust 1.78.0
PR: 278834
Approved by: portmgr (build fix blanket) |
0.2.1_6 23 Mar 2024 09:41:46 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.77.0
PR: 277786 |
0.2.1_5 19 Feb 2024 11:59:23 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.76.0
PR: 276920 |
0.2.1_4 21 Jan 2024 20:24:10 |
Muhammad Moinur Rahman (bofh) |
net/rosenpass: Sanitize MANPREFIX
Approved by: portmgr (blanket) |
0.2.1_3 09 Jan 2024 12:15:54 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.75.0
PR: 276033 |
0.2.1_2 30 Dec 2023 07:16:41 |
Muhammad Moinur Rahman (bofh) |
net/rosenpass: Update dependency
As weireguard is about to be expired from the tree switch dependency to
wireguard-tools.
Approved by: fuz (IRC) |
0.2.1_1 08 Dec 2023 15:04:09 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.74.1
PR: 275243 |
0.2.1 03 Dec 2023 10:18:35 |
Robert Clausecker (fuz) |
net/rosenpass: update to 0.2.1
liboqs cannot yet be unbundled as rosenpass uses an old, incompatible
version. Perhaps with a future release.
No release notes yet.
Changelog: https://github.com/rosenpass/rosenpass/compare/v0.2.0...v0.2.1 |
0.2.0_1 24 Oct 2023 10:22:32 |
Mikael Urankar (mikael) |
lang/rust: Bump revisions after 1.73.0
PR: 274499 |
0.2.0 10 Sep 2023 16:13:03 |
Robert Clausecker (fuz) |
net/rosenpass: Wireguard-based post-quantum VPN
Rosenpass implements a post-quantum-secure key exchange in the spirit of
a Noise protocol. The motivating use case is integrating with the
WireGuard VPN: In this mode, the key generated by Rosenpass is supplied
to WireGuard as its pre-shared symmetric key (PSK). This results in a
WireGuard VPN connection with hybrid post-quantum security.
While Rosenpass is designed with WireGuard in mind, it can be used as a
stand-alone tool to exchange keys. Using this mode, it can be used to
secure other protocols against attacks from quantum computers, given
that they offer using a PSK, and that a secure PSK is sufficient for
security of the protocol. To use this mode, the rosenpass binary must be
used together with the outfile <FILE> parameter. Then, Rosenpass will
write a key to the given file every two minutes, and print a message on (Only the first 15 lines of the commit message are shown above ) |