OpenVPN 2.5 released

Discussion in 'privacy technology' started by guest, Oct 28, 2020.

  1. guest

    guest Guest

    OpenVPN 2.5 Released (October 28, 2020)
    • Connections setup is now much faster
    • ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
    • Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
    • Client-specific tls-crypt keys (–tls-crypt-v2)
    • Improved Data channel cipher negotiation
    • Removal of BF-CBC support in default configuration (see below for possible incompatibilities)
    • HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
    • Asynchronous (deferred) authentication support for auth-pam plugin
    • Asynchronous (deferred) support for client-connect scripts and plugins
    • Support IPv4 configs with /31 netmasks now
    • 802.1q VLAN support on TAP servers
    • IPv6-only tunnels
    • New option –block-ipv6 to reject all IPv6 packets (ICMPv6)
    • VRF support
    • Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)
    • Wintun driver support, a faster alternative to tap-windows6
    • Setting tun/tap interface MTU
    • Setting DHCP search domain
    • Allow unicode search string in –cryptoapicert option
    • EasyRSA3, a modern take on OpenVPN CA management
    • MSI installer
  2. guest

    guest Guest

  3. guest

    guest Guest

  4. guest

    guest Guest

    OpenVPN 2.5.4 Released (October 5, 2021)
  5. guest

    guest Guest

    OpenVPN 2.5.6 Released (March 16, 2022)
    Changes in 2.5.6
    Antonio Quartulli (4):
    GitHub Actions: update script to same version as master
    update copyright year to 2022
    keyingmaterialexporter.c: include strings.h
    remove unused sitnl.h file

    David Sommerseth (2):
    sample-plugin: New plugin for testing multiple auth plugins
    plug-ins: Disallow multiple deferred authentication plug-ins

    Frank Lichtenheld (2):
    doc/Makefile: rebuild rst docs if input files change
    doc/options: clean up documentation for --proto and related options

    Gert Doering (4):
    fix Changes.rst errors in 2.5.3 and 2.5.5 announcement
    Repair --inactive with 'bytes' argument larger 2Gbytes.
    Fix --mtu-disc maybe|yes on Linux.
    Preparing release 2.5.6

    Ilya Shipitsin (1):
    CI: github actions: keep "pdb" in artifacts

    Lev Stipakov (7):
    auth_token.c: add NULL initialization
    vcpkg-ports/pkcs11-helper: bump to release 1.28
    vcpkg-ports/pkcs11-helper: indicate OpenSSL EC support
    msvc: cleanup
    vcpkg: link lzo statically
    vcpkg-ports/pkcs11-helper: adapt to new upstream URL
    vcpkg-ports: add openssl 1.1.1n
    Changes in 2.5.5
    Adrian (1):
    Fix error in example script

    Antonio Quartulli (1):
    configure: remove useless -Wno-* from default CFLAGS

    Arne Schwabe (2):
    Add argv_insert_head__empty_argv__head_only to argv tests
    Move deprecation of SWEET32/64bit block size ciphers to 2.7

    Gert Doering (4):
    Include --push-remove in the output of --help.
    Move '--push-peer-info' documentation from 'server' to 'client options'
    add test case(s) to notice 'openvpn --show-cipher' crashing
    Preparing release 2.5.5

    Ilya Shipitsin (1):
    BUILD: enable CFG and Spectre mitigation for MSVC

    Lev Stipakov (12):
    Fix loading PKCS12 files on Windows
    msvc: fix product version display
    msvc: add missing header to project file
    config-msvc.h: fix OpenSSL-related defines
    contrib/vcpkg-ports: remove openssl port
    GitHub Actions: use latest working lukka/run-vcpkg
    Use network address for emulated DHCP server as a default
    Load OpenSSL config on Windows from trusted location
    ring_buffer.h: fix GCC warning about unused function
    ssh_openssl.h: remove unused declaration
    vcpkg/pkcs11-helper: compatibility with latest vcpkg
    config-msvc.h: indicate key material export support

    Max Fillinger (2):
    Don't use BF-CBC in unit tests if we don't have it
    Define have_blowfish variable in ncp unit tests

    Richard T Bonhomme (1):
    doc link-options.rst: Use free open-source dynamic-DNS provider URL

    Selva Nair (3):
    Fix some more wrong defines in config-msvc.h
    Ensure the current common_name is in the environment for scripts
    Require EC key support in Windows builds

    Sergio E. Nemirowski (1):
    resolvconf fails with -p

    Todd Zullinger (2):
    Update IRC information in CONTRIBUTING.rst
    doc/man (vpn-network-options): fix foreign_option_{n} typo

    Ville Skyttä (1):
    README.down-root: Fix plugin module name
  6. imdb

    imdb Registered Member

    Nov 2, 2011
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.