summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorAlberto Gonzalez Iniesta <agi@inittab.org>2014-04-16 17:32:08 +0200
committerAlberto Gonzalez Iniesta <agi@inittab.org>2014-04-16 17:32:08 +0200
commit0af7f64094c65cba7ee45bd2679e6826bcf598cb (patch)
tree43702d27f33b48a461e3f84d1931b89aa3070d4f /ChangeLog
parent70b71e008cc968ee53d6b8af9f7a006f13c27e2a (diff)
Imported Upstream version 2.3.3upstream/2.3.3
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog84
1 files changed, 84 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index d451877..112a3b2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,90 @@
OpenVPN Change Log
Copyright (C) 2002-2012 OpenVPN Technologies, Inc. <sales@openvpn.net>
+2014.04.08 -- Version 2.3.3
+Alon Bar-Lev (1):
+ pkcs11: use generic evp key instead of rsa
+
+Arne Schwabe (8):
+ Add support of utun devices under Mac OS X
+ Add support to ignore specific options.
+ Add a note what setenv opt does for OpenVPN < 2.3.3
+ Add reporting of UI version to basic push-peer-info set.
+ Fix compile error in ssl_openssl introduced by polar external-management patch
+ Fix assertion when SIGUSR1 is received while getaddrinfo is successful
+ Add warning for using connection block variables after connection blocks
+ Introduce safety check for http proxy options
+
+David Sommerseth (5):
+ man page: Update man page about the tls_digest_{n} environment variable
+ Remove the --disable-eurephia configure option
+ plugin: Extend the plug-in v3 API to identify the SSL implementation used
+ autoconf: Fix typo
+ Fix file checks when --chroot is being used
+
+Davide Brini (1):
+ Document authfile for socks server
+
+Gert Doering (9):
+ Fix IPv6 examples in t_client.rc-sample
+ Fix slow memory drain on each client renegotiation.
+ t_client.sh: ignore fields from "ip -6 route show" output that distort results.
+ Make code and documentation for --remote-random-hostname consistent.
+ Reduce IV_OPENVPN_GUI_VERSION= to IV_GUI_VER=
+ Document issue with --chroot, /dev/urandom and PolarSSL.
+ Rename 'struct route' to 'struct route_ipv4'
+ Replace copied structure elements with including <net/route.h>
+ Workaround missing SSL_OP_NO_TICKET in earlier OpenSSL versions
+
+Heikki Hannikainen (1):
+ Always load intermediate certificates from a PKCS#12 file
+
+Heiko Hund (2):
+ Support non-ASCII TAP adapter names on Windows
+ Support non-ASCII characters in Windows tmp path
+
+James Yonan (3):
+ TLS version negotiation
+ Added "setenv opt" directive prefix.
+ Set SSL_OP_NO_TICKET flag in SSL context for OpenSSL builds, to disable TLS stateless session resumption.
+
+Jens Wagner (1):
+ Fix spurious ignoring of pushed config options (trac#349).
+
+Joachim Schipper (3):
+ Refactor tls_ctx_use_external_private_key()
+ --management-external-key for PolarSSL
+ external_pkcs1_sign: Support non-RSA_SIG_RAW hash_ids
+
+Josh Cepek (2):
+ Correct error text when no Windows TAP device is present
+ Require a 1.2.x PolarSSL version
+
+Klee Dienes (1):
+ tls_ctx_load_ca: Improve certificate error messages
+
+Max Muster (1):
+ Remove duplicate cipher entries from TLS translation table.
+
+Peter Sagerson (1):
+ Fix configure interaction with static OpenSSL libraries
+
+Steffan Karger (7):
+ Do not pass struct tls_session* as void* in key_state_ssl_init().
+ Require polarssl >= 1.2.10 for polarssl-builds, which fixes CVE-2013-5915.
+ Use RSA_generate_key_ex() instead of deprecated, RSA_generate_key()
+ Also update TLSv1_method() calls in support code to SSLv23_method() calls.
+ Update TLSv1 error messages to SSLv23 to reflect changes from commit 4b67f98
+ If --tls-cipher is supplied, make --show-tls parse the list.
+ Add openssl-specific common cipher list names to ssl.c.
+
+Tamas TEVESZ (1):
+ Add support for client-cert-not-required for PolarSSL.
+
+Thomas Veerman (1):
+ Fix "." in description of utun.
+
+
2013.05.31 -- Version 2.3.2
Arne Schwabe (3):
Only print script warnings when a script is used. Remove stray mention of script-security system.