OpenVPN 2.5 released

Discussion in 'privacy technology' started by mood, Oct 28, 2020.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,334
    OpenVPN 2.5 Released (October 28, 2020)
    https://openvpn.net/community-downloads/
    OVERVIEW OF CHANGES SINCE OPENVPN 2.4
    FASTER CONNECTIONS
    • Connections setup is now much faster
    CRYPTO SPECIFIC CHANGES
    • ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
    • Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
    • Client-specific tls-crypt keys (–tls-crypt-v2)
    • Improved Data channel cipher negotiation
    • Removal of BF-CBC support in default configuration (see below for possible incompatibilities)
    SERVER-SIDE IMPROVEMENTS
    • HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
    • Asynchronous (deferred) authentication support for auth-pam plugin
    • Asynchronous (deferred) support for client-connect scripts and plugins
    NETWORK-RELATED CHANGES
    • Support IPv4 configs with /31 netmasks now
    • 802.1q VLAN support on TAP servers
    • IPv6-only tunnels
    • New option –block-ipv6 to reject all IPv6 packets (ICMPv6)
    LINUX-SPECIFIC FEATURES
    • VRF support
    • Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)
    WINDOWS-SPECIFIC FEATURES
    • Wintun driver support, a faster alternative to tap-windows6
    • Setting tun/tap interface MTU
    • Setting DHCP search domain
    • Allow unicode search string in –cryptoapicert option
    • EasyRSA3, a modern take on OpenVPN CA management
    • MSI installer
     
  2. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,334
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,334
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,334
    OpenVPN 2.5.4 Released (October 5, 2021)
    https://openvpn.net/community-downloads/
    Changelog
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,334
    OpenVPN 2.5.6 Released (March 16, 2022)
    https://openvpn.net/community-downloads/
    Changelog
    Changes in 2.5.6
    Antonio Quartulli (4):
    GitHub Actions: update script to same version as master
    update copyright year to 2022
    keyingmaterialexporter.c: include strings.h
    remove unused sitnl.h file

    David Sommerseth (2):
    sample-plugin: New plugin for testing multiple auth plugins
    plug-ins: Disallow multiple deferred authentication plug-ins

    Frank Lichtenheld (2):
    doc/Makefile: rebuild rst docs if input files change
    doc/options: clean up documentation for --proto and related options

    Gert Doering (4):
    fix Changes.rst errors in 2.5.3 and 2.5.5 announcement
    Repair --inactive with 'bytes' argument larger 2Gbytes.
    Fix --mtu-disc maybe|yes on Linux.
    Preparing release 2.5.6

    Ilya Shipitsin (1):
    CI: github actions: keep "pdb" in artifacts

    Lev Stipakov (7):
    auth_token.c: add NULL initialization
    vcpkg-ports/pkcs11-helper: bump to release 1.28
    vcpkg-ports/pkcs11-helper: indicate OpenSSL EC support
    msvc: cleanup
    vcpkg: link lzo statically
    vcpkg-ports/pkcs11-helper: adapt to new upstream URL
    vcpkg-ports: add openssl 1.1.1n
    Changes in 2.5.5
    Adrian (1):
    Fix error in example firewall.sh script

    Antonio Quartulli (1):
    configure: remove useless -Wno-* from default CFLAGS

    Arne Schwabe (2):
    Add argv_insert_head__empty_argv__head_only to argv tests
    Move deprecation of SWEET32/64bit block size ciphers to 2.7

    Gert Doering (4):
    Include --push-remove in the output of --help.
    Move '--push-peer-info' documentation from 'server' to 'client options'
    add test case(s) to notice 'openvpn --show-cipher' crashing
    Preparing release 2.5.5

    Ilya Shipitsin (1):
    BUILD: enable CFG and Spectre mitigation for MSVC

    Lev Stipakov (12):
    Fix loading PKCS12 files on Windows
    msvc: fix product version display
    msvc: add missing header to project file
    config-msvc.h: fix OpenSSL-related defines
    contrib/vcpkg-ports: remove openssl port
    GitHub Actions: use latest working lukka/run-vcpkg
    Use network address for emulated DHCP server as a default
    Load OpenSSL config on Windows from trusted location
    ring_buffer.h: fix GCC warning about unused function
    ssh_openssl.h: remove unused declaration
    vcpkg/pkcs11-helper: compatibility with latest vcpkg
    config-msvc.h: indicate key material export support

    Max Fillinger (2):
    Don't use BF-CBC in unit tests if we don't have it
    Define have_blowfish variable in ncp unit tests

    Richard T Bonhomme (1):
    doc link-options.rst: Use free open-source dynamic-DNS provider URL

    Selva Nair (3):
    Fix some more wrong defines in config-msvc.h
    Ensure the current common_name is in the environment for scripts
    Require EC key support in Windows builds

    Sergio E. Nemirowski (1):
    resolvconf fails with -p

    Todd Zullinger (2):
    Update IRC information in CONTRIBUTING.rst
    doc/man (vpn-network-options): fix foreign_option_{n} typo

    Ville Skyttä (1):
    README.down-root: Fix plugin module name
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.