Muutoshistoria ohjelmalle OpenVPN (64-bit)
<<Takaisin ohjelman lataussivulle
Muutokset v2.3.12 - v2.3.13
Muutokset v2.3.10 - v2.3.12
Muutokset v2.3.9 - v2.3.10
Muutokset v2.3.7 - v2.3.8
Muutokset v2.3.5 - v2.3.6
- systemd: Reworked the systemd unit file to handle server and client configs better
- Add client-only support for peer-id.
- Preparing for release v2.3.6 (ChangeLog, version.m4)
- Fix to --shaper documentation on the man-page
- Fix assertion error when using --cipher none
- Add --tls-version-max
- Modernize sample keys and sample configs
- Drop too-short control channel packets instead of asserting out.
Muutokset v2.3.4 - v2.3.5
- Fix some typos in the man page.
- Do not upcase x509-username-field for mixed-case arguments.
- Fix server routes not working in topology subnet with --server [v3]
- Improve error reporting on file access to --client-config-dir and --ccd-exclusive
- Don't let openvpn_popen() keep zombies around
- Add systemd unit file for OpenVPN
- systemd: Use systemd functions to consider systemd availability
- Drop incoming fe80:: packets silently now.
- Fix t_lpback.sh platform-dependent failures
- Call init script helpers with explicit path (./)
- Preparing for release v2.3.5 (ChangeLog, version.m4)
- refine assertion to allow other modes than CBC
- ocsp_check - signature verification and cert staus results are separate
- ocsp_check - double check if ocsp didn't report any errors in execution
- Fix socket-flag/TCP_NODELAY on Mac OS X
- Fixed several instances of declarations after statements.
- In socket.c, fixed issue where uninitialized value (err) is being passed to to gai_strerror.
- Explicitly cast the third parameter of setsockopt to const void * to avoid warning.
- MSVC 2008 doesn't support dimensioning an array with a const var nor using %z as a printf format specifier.
- Define PATH_SEPARATOR for MSVC builds.
- Fixed some compile issues with show_library_versions()
- Remove quadratic complexity from openvpn_base64_decode()
- Add configure check for the path to systemd-ask-password
- Add topology in sample server configuration file
- Implement on-link route adding for iproute2
- Ensure that client-connect files are always deleted
- Remove function without effect (cipher_ok() always returned true).
- Remove unneeded wrapper functions in crypto_openssl.c
- Fix bug that incorrectly refuses oid representation eku's in polar builds
- Update README.polarssl
- Rename ALLOW_NON_CBC_CIPHERS to ENABLE_OFB_CFB_MODE, and add to configure.
- Improve --show-ciphers to show if a cipher can be used in static key mode
- Extend t_lpback tests to test all ciphers reported by --show-ciphers
- Don't exit daemon if opening or parsing the CRL fails.
- Fix typo in cipher_kt_mode_{cbc, ofb_cfb}() doxygen.
- Fix regression with password protected private keys (polarssl)
- ssl_polarssl.c: fix includes and make casts explicit
- Remove unused variables from ssl_verify_openssl.c extract_x509_extension()
- Fix "code=995" bug with windows NDIS6 tap driver.
Muutokset v2.3.3 - v2.3.4
Muutokset v2.3.2-I003 - v2.3.3
- Alon Bar-Lev (1):
- pkcs11: use generic evp key instead of rsa
- Arne Schwabe (8):
- Add support of utun devices under Mac OS X
- Add support to ignore specific options.
- Add a note what setenv opt does for OpenVPN < 2.3.3
- Add reporting of UI version to basic push-peer-info set.
- Fix compile error in ssl_openssl introduced by polar external-management patch
- Fix assertion when SIGUSR1 is received while getaddrinfo is successful
- Add warning for using connection block variables after connection blocks
- Introduce safety check for http proxy options
- David Sommerseth (5):
- man page: Update man page about the tls_digest_{n} environment variable
- Remove the --disable-eurephia configure option
- plugin: Extend the plug-in v3 API to identify the SSL implementation used
- autoconf: Fix typo
- Fix file checks when --chroot is being used
- Davide Brini (1):
- Document authfile for socks server
- Gert Doering (9):
- Fix IPv6 examples in t_client.rc-sample
- Fix slow memory drain on each client renegotiation.
- t_client.sh: ignore fields from "ip -6 route show" output that distort results.
- Make code and documentation for --remote-random-hostname consistent.
- Reduce IV_OPENVPN_GUI_VERSION= to IV_GUI_VER=
- Document issue with --chroot, /dev/urandom and PolarSSL.
- Rename 'struct route' to 'struct route_ipv4'
- Replace copied structure elements with including
- Workaround missing SSL_OP_NO_TICKET in earlier OpenSSL versions
- Heikki Hannikainen (1):
- Always load intermediate certificates from a PKCS#12 file
- Heiko Hund (2):
- Support non-ASCII TAP adapter names on Windows
- Support non-ASCII characters in Windows tmp path
- James Yonan (3):
- TLS version negotiation
- Added "setenv opt" directive prefix.
- Set SSL_OP_NO_TICKET flag in SSL context for OpenSSL builds, to disable TLS stateless session resumption.
- Jens Wagner (1):
- Fix spurious ignoring of pushed config options (trac#349).
- Joachim Schipper (3):
- Refactor tls_ctx_use_external_private_key()
- --management-external-key for PolarSSL
- external_pkcs1_sign: Support non-RSA_SIG_RAW hash_ids
- Josh Cepek (2):
- Correct error text when no Windows TAP device is present
- Require a 1.2.x PolarSSL version
- Klee Dienes (1):
- tls_ctx_load_ca: Improve certificate error messages
- Max Muster (1):
- Remove duplicate cipher entries from TLS translation table.
- Peter Sagerson (1):
- Fix configure interaction with static OpenSSL libraries
- Steffan Karger (7):
- Do not pass struct tls_session* as void* in key_state_ssl_init().
- Require polarssl >= 1.2.10 for polarssl-builds, which fixes CVE-2013-5915.
- Use RSA_generate_key_ex() instead of deprecated, RSA_generate_key()
- Also update TLSv1_method() calls in support code to SSLv23_method() calls.
- Update TLSv1 error messages to SSLv23 to reflect changes from commit 4b67f98
- If --tls-cipher is supplied, make --show-tls parse the list.
- Add openssl-specific common cipher list names to ssl.c.
- Tamas TEVESZ (1):
- Add support for client-cert-not-required for PolarSSL.
- Thomas Veerman (1):
- Fix "." in description of utun.
Muutokset v2.3.1 - v2.3.2
Muutokset v2.3.0 - v2.3.1
- Arne Schwabe (4):
- Remove dead code path and putenv functionality
- Remove unused function xor
- Move static prototype definition from header into c file
- Remove unused function no_tap_ifconfig
- Christian Hesse (1):
- fix build with automake 1.13(.1)
- Christian Niessner (1):
- Fix corner case in NTLM authentication (trac #172)
- Gert Doering (6):
- Update README.IPv6 to match what is in 2.3.0
- Repair "tcp server queue overflow" brokenness, more
fallout. - Permit pool size of /64.../112 for ifconfig-ipv6-pool
- Add MIN() compatibility macro
- Fix directly connected routes for "topology subnet" on Solaris.
- Preparing for v2.3.1 (ChangeLog, version.m4)
- Heiko Hund (5):
- close more file descriptors on exec
- Ignore UTF-8 byte order mark
- reintroduce --no-name-remapping option
- make --tls-remote compatible with pre 2.3 configs
- add new option for X.509 name verification
- Jan Just Keijser (1):
- man page patch for missing options
- Josh Cepek (2):
- Fix parameter listing in non-debug builds at verb 4
- (updated) [PATCH] Warn when using verb levels >=7 without debug
- Matthias Andree (1):
- Enable TCP_NODELAY configuration on FreeBSD.
- Samuli Seppänen (4):
- Removed ChangeLog.IPv6
- Added cross-compilation information INSTALL-win32.txt
- Updated README
- Cleaned up and updated INSTALL
- Steffan Karger (7):
- PolarSSL-1.2 support
- Improve PolarSSL key_state_read_{cipher, plain}text messages
- Improve verify_callback messages
- Config compatibility patch. Added translate_cipher_name.
- Switch to IANA names for TLS ciphers.
- Fixed autoconf script to properly detect missing pkcs11 with polarssl.
- Use constant time memcmp when comparing HMACs in openvpn_decrypt.