diff options
author | Alberto Gonzalez Iniesta <agi@inittab.org> | 2014-04-16 17:32:08 +0200 |
---|---|---|
committer | Alberto Gonzalez Iniesta <agi@inittab.org> | 2014-04-16 17:32:08 +0200 |
commit | 0af7f64094c65cba7ee45bd2679e6826bcf598cb (patch) | |
tree | 43702d27f33b48a461e3f84d1931b89aa3070d4f /ChangeLog | |
parent | 70b71e008cc968ee53d6b8af9f7a006f13c27e2a (diff) |
Imported Upstream version 2.3.3upstream/2.3.3
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 84 |
1 files changed, 84 insertions, 0 deletions
@@ -1,6 +1,90 @@ OpenVPN Change Log Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net> +2014.04.08 -- Version 2.3.3 +Alon Bar-Lev (1): + pkcs11: use generic evp key instead of rsa + +Arne Schwabe (8): + Add support of utun devices under Mac OS X + Add support to ignore specific options. + Add a note what setenv opt does for OpenVPN < 2.3.3 + Add reporting of UI version to basic push-peer-info set. + Fix compile error in ssl_openssl introduced by polar external-management patch + Fix assertion when SIGUSR1 is received while getaddrinfo is successful + Add warning for using connection block variables after connection blocks + Introduce safety check for http proxy options + +David Sommerseth (5): + man page: Update man page about the tls_digest_{n} environment variable + Remove the --disable-eurephia configure option + plugin: Extend the plug-in v3 API to identify the SSL implementation used + autoconf: Fix typo + Fix file checks when --chroot is being used + +Davide Brini (1): + Document authfile for socks server + +Gert Doering (9): + Fix IPv6 examples in t_client.rc-sample + Fix slow memory drain on each client renegotiation. + t_client.sh: ignore fields from "ip -6 route show" output that distort results. + Make code and documentation for --remote-random-hostname consistent. + Reduce IV_OPENVPN_GUI_VERSION= to IV_GUI_VER= + Document issue with --chroot, /dev/urandom and PolarSSL. + Rename 'struct route' to 'struct route_ipv4' + Replace copied structure elements with including <net/route.h> + Workaround missing SSL_OP_NO_TICKET in earlier OpenSSL versions + +Heikki Hannikainen (1): + Always load intermediate certificates from a PKCS#12 file + +Heiko Hund (2): + Support non-ASCII TAP adapter names on Windows + Support non-ASCII characters in Windows tmp path + +James Yonan (3): + TLS version negotiation + Added "setenv opt" directive prefix. + Set SSL_OP_NO_TICKET flag in SSL context for OpenSSL builds, to disable TLS stateless session resumption. + +Jens Wagner (1): + Fix spurious ignoring of pushed config options (trac#349). + +Joachim Schipper (3): + Refactor tls_ctx_use_external_private_key() + --management-external-key for PolarSSL + external_pkcs1_sign: Support non-RSA_SIG_RAW hash_ids + +Josh Cepek (2): + Correct error text when no Windows TAP device is present + Require a 1.2.x PolarSSL version + +Klee Dienes (1): + tls_ctx_load_ca: Improve certificate error messages + +Max Muster (1): + Remove duplicate cipher entries from TLS translation table. + +Peter Sagerson (1): + Fix configure interaction with static OpenSSL libraries + +Steffan Karger (7): + Do not pass struct tls_session* as void* in key_state_ssl_init(). + Require polarssl >= 1.2.10 for polarssl-builds, which fixes CVE-2013-5915. + Use RSA_generate_key_ex() instead of deprecated, RSA_generate_key() + Also update TLSv1_method() calls in support code to SSLv23_method() calls. + Update TLSv1 error messages to SSLv23 to reflect changes from commit 4b67f98 + If --tls-cipher is supplied, make --show-tls parse the list. + Add openssl-specific common cipher list names to ssl.c. + +Tamas TEVESZ (1): + Add support for client-cert-not-required for PolarSSL. + +Thomas Veerman (1): + Fix "." in description of utun. + + 2013.05.31 -- Version 2.3.2 Arne Schwabe (3): Only print script warnings when a script is used. Remove stray mention of script-security system. |