summaryrefslogtreecommitdiff
path: root/Changes.rst
diff options
context:
space:
mode:
authorBernhard Schmidt <berni@debian.org>2021-02-24 19:54:19 +0100
committerBernhard Schmidt <berni@debian.org>2021-02-24 19:54:19 +0100
commitd717dbfa8d0807202f5ad05f7db53925cf63a446 (patch)
treeff434c729e3d55979ee85983296c424e637a1124 /Changes.rst
parent76fee93e6fe89e5575bae2840b585d2f025b9050 (diff)
parent4ee98f284a93c3b855092d35ac21371d9dcad65b (diff)
Update upstream source from tag 'upstream/2.5.1'
Update to upstream version '2.5.1' with Debian dir 7ffab8b9a1f4bee8b10a736ef58cdbac4bfd4b14
Diffstat (limited to 'Changes.rst')
-rw-r--r--Changes.rst74
1 files changed, 72 insertions, 2 deletions
diff --git a/Changes.rst b/Changes.rst
index f67e1d7..6128275 100644
--- a/Changes.rst
+++ b/Changes.rst
@@ -1,5 +1,75 @@
-Overview of changes in 2.5
-==========================
+Overview of changes in 2.5.1
+============================
+
+New features
+------------
+- "echo msg" support, to enable the server to pushed messages that are
+ then displayed by the client-side GUI. See doc/gui-notes.txt and
+ doc/management-notes.txt.
+
+ Supported by the Windows GUI shipped in 2.5.1, not yet supported by
+ Tunnelblick and the Android GUI.
+
+User-visible Changes
+--------------------
+- make OPENVPN_PLUGIN_ENABLE_PF plugin failures FATAL - if a plugin offers
+ to set the "openvpn packet filter", and returns a failure when requested
+ to, OpenVPN 2.5.0 would crash trying to clean up not-yet-initialized
+ structure members. Since PF is going away in 2.6.0, this is just turning
+ the crash into a well-defined program abort, and no further effort has
+ been spent in rewriting the PF plugin error handling (see trac #1377).
+
+Documentation
+-------------
+- rework sample-plugins/defer/simple.c - this is an extensive rewrite
+ of the plugin to bring code quality to acceptable standards and add
+ documentation on the various plugin API aspects. Since it's just
+ example code, filed under "Documentation", not under "Bugfix".
+
+- various man page improvements.
+
+- clarify ``--block-ipv6`` intent and direction
+
+Bugfixes
+--------
+- fix installation of openvpn.8 manpage on systems without docutils.
+
+- Windows: fix DNS search list setup for domains with "-" chars.
+
+- Fix tls-auth mismatch OCC message when tls-cryptv2 is used.
+
+- Windows: Skip DHCP renew with Wintun adapter (Wintun does not support
+ DHCP, so this was just causing an - harmless - error and needless delay).
+
+- Windows: Remove 1 second delay before running netsh - speeds up
+ interface init for wintun setups not using the interactive service.
+
+- Windows: Fix too early argv freeing when registering DNS - this would
+ cause a client side crash on Windows if ``register-dns`` is used,
+ and the interactive service is not used.
+
+- Android: Zero initialise msghdr prior to calling sendmesg.
+
+- Fix line number reporting on config file errors after <inline> segments
+ (see Trac #1325).
+
+- Fix port-share option with TLS-Crypt v2.
+
+- tls-crypt-v2: also preload tls-crypt-v2 keys (if --persist-key), otherwise
+ dropping privs on the server would fail.
+
+- tls-crypt-v2: fix server memory leak (about 600 bytes per connecting
+ client with tls-crypt-v2)
+
+- rework handling of server-pushed ``--auth-token`` in combination with
+ ``--auth-nocache`` on reconnection / TLS renegotiation events. This
+ used to "forget" to update new incoming token after a reconnection event
+ (leading to failure to reauth some time later) and now works in all
+ tested cases.
+
+
+Overview of changes in 2.5.0
+============================
New features
------------