summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog1242
1 files changed, 785 insertions, 457 deletions
diff --git a/ChangeLog b/ChangeLog
index b0b0dd7..ea1e930 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,304 +1,17 @@
OpenVPN Change Log
-Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
+Copyright (C) 2002-2020 OpenVPN Inc <sales@openvpn.net>
-2020.04.16 -- Version 2.4.9
-Antonio Quartulli (1):
- socks: use the right function when printing struct openvpn_sockaddr
-
-Arne Schwabe (3):
- Fetch OpenSSL versions via source/old links
- Fix OpenSSL error stack handling of tls_ctx_add_extra_certs
- Fix OpenSSL 1.1.1 not using auto elliptic curve selection
-
-Lev Stipakov (4):
- Fix broken fragmentation logic when using NCP
- Fix building with --enable-async-push in FreeBSD
- Fix broken async push with NCP is used
- Fix illegal client float (CVE-2020-11810)
-
-Maxim Plotnikov (1):
- OpenSSL: Fix --crl-verify not loading multiple CRLs in one file
-
-Santtu Lakkala (1):
- Fix OpenSSL private key passphrase notices
-
-Selva Nair (7):
- Swap the order of checks for validating interactive service user
- Move querying username/password from management interface to a function
- When auth-user-pass file has no password query the management interface (if available).
- Fix possibly uninitialized return value in GetOpenvpnSettings()
- Fix possible access of uninitialized pipe handles
- Skip expired certificates in Windows certificate store
- Allow unicode search string in --cryptoapicert option
-
-Tom van Leeuwen (1):
- mbedTLS: Make sure TLS session survives move
-
-WGH (1):
- docs: Add reference to X509_LOOKUP_hash_dir(3)
-
-
-2019.10.30 -- Version 2.4.8
-Antonio Quartulli (1):
- mbedtls: fix segfault by calling mbedtls_cipher_free() in cipher_ctx_free()
-
-Arne Schwabe (1):
- Remove -no-cpp-precomp flag from Darwin builds
-
-David Sommerseth (3):
- cleanup: Remove RPM openvpn.spec build approach
- docs: Update INSTALL
- build: Package missing mock_msg.h
-
-Gert Doering (4):
- repair windows builds (2.4)
- Increase listen() backlog queue to 32
- Force combinationation of --socks-proxy and --proto UDP to use IPv4.
- Fix IPv6 routes on tap interfaces on OpenSolaris/OpenIndiana
-
-Gisle Vanem (1):
- Wrong FILETYPE in .rc files
-
-Hilko Bengen (1):
- Do not set pkcs11-helper 'safe fork mode'
-
-Ilya Shipitsin (2):
- travis-ci: add "linux-ppc64le" to build matrix, change trusty image to xenial, update osx to xcode9.4 and modernize brew management
- travis-ci: fix osx builds
-
-Kyle Evans (1):
- tests/t_lpback.sh: Switch sed(1) to POSIX-compatible regex.
-
-Lev Stipakov (1):
- Fix various compiler warnings
-
-Matthias Andree (1):
- Fix regression, reinstate LibreSSL support.
-
-Michal Soltys (1):
- man: correct the description of --capath and --crl-verify regarding CRLs
+2020.08.12 -- Version 2.5_beta1
-Mykola Baibuz (1):
- Fix typo in NTLM proxy debug message
-
-Richard Bonhomme (1):
- Ignore --pull-filter for --mode server
-
-Rosen Penev (1):
- openssl: Fix compilation without deprecated OpenSSL 1.1 APIs
-
-Selva Nair (3):
- Better error message when script fails due to script-security setting
- Correct the return value of cryptoapi RSA signature callbacks
- Handle PSS padding in cryptoapicert
-
-Steffan Karger (1):
- cmocka: use relative paths
-
-Thomas Quinot (1):
- Fix documentation of tls-verify script argument
-
-
-2019.02.18 -- Version 2.4.7
Adam Ciarcin?ski (1):
- Fix subnet topology on NetBSD (2.4).
-
-Antonio Quartulli (3):
- add support for %lu in argv_printf and prevent ASSERT
- buffer_list: add functions documentation
- ifconfig-ipv6(-push): allow using hostnames
-
-Arne Schwabe (7):
- Properly free tuntap struct on android when emulating persist-tun
- Add OpenSSL compat definition for RSA_meth_set_sign
- Add support for tls-ciphersuites for TLS 1.3
- Add better support for showing TLS 1.3 ciphersuites in --show-tls
- Use right function to set TLS1.3 restrictions in show-tls
- Add message explaining early TLS client hello failure
- Fallback to password authentication when auth-token fails
-
-Christian Ehrhardt (1):
- systemd: extend CapabilityBoundingSet for auth_pam
-
-David Sommerseth (1):
- plugin: Export base64 encode and decode functions
-
-Gert Doering (3):
- Add %d, %u and %lu tests to test_argv unit tests.
- Fix combination of --dev tap and --topology subnet across multiple platforms.
- Add 'printing of port number' to mroute_addr_print_ex() for v4-mapped v6.
-
-Gert van Dijk (1):
- Minor reliability layer documentation fixes
-
-James Bekkema (1):
- Resolves small IV_GUI_VER typo in the documentation.
-
-Jonathan K. Bullard (1):
- Clarify and expand management interface documentation
-
-Lev Stipakov (5):
- Refactor NCP-negotiable options handling
- init.c: refine functions names and description
- interactive.c: fix usage of potentially uninitialized variable
- options.c: fix broken unary minus usage
- Remove extra token after #endif
-
-Richard van den Berg via Openvpn-devel (1):
- Fix error message when using RHEL init script
-
-Samy Mahmoudi (1):
- man: correct a --redirection-gateway option flag
-
-Selva Nair (7):
- Replace M_DEBUG with D_LOW as the former is too verbose
- Correct the declaration of handle in 'struct openvpn_plugin_args_open_return'
- Bump version of openvpn plugin argument structs to 5
- Move get system directory to a separate function
- Enable dhcp on tap adapter using interactive service
- Pass the hash without the DigestInfo header to NCryptSignHash()
- White-list pull-filter and script-security in interactive service
-
-Simon Rozman (2):
- Add Interactive Service developer documentation
- Detect TAP interfaces with root-enumerated hardware ID
-
-Steffan Karger (7):
- man: add security considerations to --compress section
- mbedtls: print warning if random personalisation fails
- Fix memory leak after sighup
- travis: add OpenSSL 1.1 Windows build
- Fix --disable-crypto build
- Don't print OCC warnings about 'key-method', 'keydir' and 'tls-auth'
- buffer_list_aggregate_separator(): simplify code
-
-
-2018.04.19 -- Version 2.4.6
-David Sommerseth (1):
- management: Warn if TCP port is used without password
-
-Gert Doering (2):
- Correct version in ChangeLog - should be 2.4.5, was mistyped as 2.4.4
- Fix potential double-free() in Interactive Service (CVE-2018-9336)
-
-Gert van Dijk (1):
- manpage: improve description of --status and --status-version
-
-Joost Rijneveld (1):
- Make return code external tls key match docs
-
-Selva Nair (3):
- Delete the IPv6 route to the "connected" network on tun close
- Management: warn about password only when the option is in use
- Avoid overflow in wakeup time computation
-
-Simon Matter (1):
- Add missing #ifdef SSL_OP_NO_TLSv1_1/2
-
-Steffan Karger (1):
- Check for more data in control channel
-
-
-2018.02.28 -- Version 2.4.5
-Antonio Quartulli (4):
- reload HTTP proxy credentials when moving to the next connection profile
- Allow learning iroutes with network made up of all 0s (only if netbits < 8)
- mbedtls: fix typ0 in comment
- manpage: fix simple typ0
+ Fix subnet topology on NetBSD.
-Arne Schwabe (2):
- Treat dhcp-option DNS6 and DNS identical
- show the right string for key-direction
-
-Bertrand Bonnefoy-Claudet (1):
- Fix typo in error message: "optione" -> "option"
-
-David Sommerseth (8):
- lz4: Fix confused version check
- lz4: Fix broken builds when pkg-config is not present but system library is
- Remove references to keychain-mcd in Changes.rst
- lz4: Rebase compat-lz4 against upstream v1.7.5
- systemd: Add and ship README.systemd
- Update copyright to include 2018 plus company name change
- man: Add .TQ groff support macro
- man: Reword --management to prefer unix sockets over TCP
-
-Emmanuel Deloget (1):
- OpenSSL: check EVP_PKEY key types before returning the pkey
-
-Gert Doering (2):
- Remove warning on pushed tun-ipv6 option.
- Fix removal of on-link prefix on windows with netsh
-
-Ilya Shipitsin (2):
- travis-ci: add brew cache, remove ccache
- travis-ci: modify openssl build script to support openssl-1.1.0
-
-James Bottomley (1):
- autoconf: Fix engine checks for openssl 1.1
-
-Jeremie Courreges-Anglas (2):
- Cast time_t to long long in order to print it.
- Fix build with LibreSSL
-
-Selva Nair (14):
- Check whether in pull_mode before warning about previous connection blocks
- Avoid illegal memory access when malformed data is read from the pipe
- Fix missing check for return value of malloc'd buffer
- Return NULL if GetAdaptersInfo fails
- Use RSA_meth_free instead of free
- Bring cryptoapi.c upto speed with openssl 1.1
- Add SSL_CTX_get_max_proto_version() not in openssl 1.0
- TLS v1.2 support for cryptoapicert -- RSA only
- Refactor get_interface_metric to return metric and auto flag separately
- Ensure strings read from registry are null-terminated
- Make most registry values optional
- Use lowest metric interface when multiple interfaces match a route
- Adapt to RegGetValue brokenness in Windows 7
- Fix format spec errors in Windows builds
-
-Simon Rozman (11):
- Local functions are not supported in MSVC. Bummer.
- Mixing wide and regular strings in concatenations is not allowed in MSVC.
- RtlIpv6AddressToStringW() and RtlIpv4AddressToStringW() require mstcpip.h
- Simplify iphlpapi.dll API calls
- Fix local #include to use quoted form
- Document ">PASSWORD:Auth-Token" real-time message
- Fix typo in "verb" command examples
- Uniform swprintf() across MinGW and MSVC compilers
- MSVC meta files added to .gitignore list
- openvpnserv: Add support for multi-instances
- Document missing OpenVPN states
-
-Steffan Karger (21):
- make struct key * argument of init_key_ctx const
- buffer_list_aggregate_separator(): add unit tests
- Add --tls-cert-profile option.
- Use P_DATA_V2 for server->client packets too
- Fix memory leak in buffer unit tests
- buffer_list_aggregate_separator(): update list size after aggregating
- buffer_list_aggregate_separator(): don't exceed max_len
- buffer_list_aggregate_separator(): prevent 0-byte malloc
- Fix types around buffer_list_push(_data)
- ssl_openssl: fix compiler warning by removing getbio() wrapper
- travis: use clang's -fsanitize=address to catch more bugs
- Fix --tls-version-min and --tls-version-max for OpenSSL 1.1+
- Add support for TLS 1.3 in --tls-version-{min, max}
- Plug memory leak if push is interrupted
- Fix format errors when cross-compiling for Windows
- Log pre-handshake packet drops using D_MULTI_DROPPED
- Enable stricter compiler warnings by default
- Get rid of ax_check_compile_flag.m4
- mbedtls: don't use API deprecated in mbed 2.7
- Warn if tls-version-max < tls-version-min
- Don't throw fatal errors from create_temp_file()
-
-hashiz (1):
- Fix '--bind ipv6only'
-
-
-2017.09.25 -- Version 2.4.4
-Antonio Quartulli (23):
+Antonio Quartulli (113):
+ attempt to add IPv6 route even when no IPv6 address was configured
+ fix redirect-gateway behaviour when an IPv4 default route does not exist
+ CRL: use time_t instead of struct timespec to store last mtime
+ ignore remote-random-hostname if a numeric host is provided
+ Ignore auth-nocache for auth-user-pass if auth-token is pushed
crypto: correct typ0 in error message
use M_ERRNO instead of explicitly printing errno
don't print errno twice
@@ -322,80 +35,321 @@ Antonio Quartulli (23):
fix a couple of typ0s in comments and strings
fragment.c: simplify boolean expression
tcp-server: ensure AF family is propagated to child context
-
-Arne Schwabe (2):
+ Remove ENABLE_CRYPTO
+ Remove option to disable crypto engine
+ Remove ENABLE_PUSH_PEER_INFO
+ Remove SSL_LIB_VER_STR
+ Remove MD5SUM
+ reload HTTP proxy credentials when moving to the next connection profile
+ Allow learning iroutes with network made up of all 0s (only if netbits < 8)
+ mbedtls: fix typ0 in comment
+ manpage: fix simple typ0
+ pool: restyle ipv4/ipv6 members to improve readability
+ pool: convert pool 'type' to enum
+ tun: ensure gc and argv are properly handled
+ tun: always pass a valid tt pointer
+ tun: get rid of tt->did_ifconfig member
+ tun: ensure interface can be configured with IPv6 only
+ add support for %lu in argv_printf and prevent ASSERT
+ windows: properly configure TAP driver when no IPv4 is configured
+ socket: make stream_buf_* functions static
+ crypto: always reload tls-auth/crypt key contexts
+ make tls-auth and tls-crypt per-connection-block options
+ pf: restyle pf_c2c/addr_test() to make them 'struct context' agnostic
+ merge *-inline.h files with their main header
+ ensure function declarations are compiled with their definitions
+ buffer_list: add functions documentation
+ ifconfig-ipv6(-push): allow using hostnames
+ tls-crypt: properly cast time_t to uint64_t
+ implement platform generic networking API
+ implement networking API for iproute2
+ introduce sitnl: Simplified Interface To NetLink
+ tun.c: use new networking API to handle tun interface on Linux
+ travis.yml: add test for iproute2 net implementation
+ route.c: use new networking API to handle routing table on Linux
+ unit tests: implement test for sitnl
+ t_net.sh: make bash dep explicit and run only if SITNL is compiled
+ t_net.sh: properly perform sudo check and print test steps
+ route.c: fix windows build by removing mismatching function parameter
+ t_net.sh: fixes for the networking test script
+ route.c: use sitnl to implement get_default_gateway_ipv6()
+ networking/best_gw: remove useless prefixlen parameter
+ sitnl: harden strncpy() by forcing arguments to have the same length
+ mbedtls: fix segfault by calling mbedtls_cipher_free() in cipher_ctx_free()
+ networking: extend API for better memory management
+ tun.c: undo_ifconfig_ipv4/6 remove useless gc argument
+ networking_sitnl.c: uncrustify file
+ route.c: simplify ifdef logic
+ t_net.sh: wait for NO-CARRIER bit to settle before starting test
+ t_net.sh: execute sleep after checking exit code of previous command
+ maddr: create helper function to populate maddr object from eth_addr
+ VLAN: add basic VLAN tagging support
+ maddr: export VLAN ID from client context to maddr object
+ VLAN: filter multicast and client-to-client unicast traffic
+ is_ipv_X: add support for parsing IP header inside a 802.1q frame
+ VLAN: implement support for forwarding only pre-tagged VLAN packets
+ VLAN: allow forwarding tagged and untagged packets on the server TAP device
+ VLAN: add documentation to manpage
+ socks: use the right function when printing struct openvpn_sockaddr
+ add -Wno-stringop-truncation to CFLAGS on linux
+ get rid of 'broadcast' argument when configuring the tun device
+ auth_token_kt: ensure key_type object is initialized
+ auth.c: make cast explicit in the crypto API
+ travis: compile with -Werror on Linux
+ travis: fix CFLAGS assignment error and add -Werror only when compiling on Linux for Linux
+ sitnl: fix failure reporting by keeping error negative
+ sitnl: fix TUN/TAP confusion in error messages
+ sitnl: fix ignoring EEXIST when sending a netlink command
+ t_net.sh: use dummy interface instead of tun
+ remove bogus file check on --genkey argument
+ t_net.sh: assign MAC address directly during interface creation
+ convert *_inline attributes to bool
+ options: fix inlining auth-gen-token-secret file
+ tls-crypt-v2: fix testing of inline key
+ get rid of INLINE_FILE_TAG constant
+ pool: prevent IPv6 pools to be larger than 2^16 addresses
+ pool: allow to configure an IPv6-only ifconfig-pool
+ allow usage of --server-ipv6 even when no --server is specified
+ pool: add support for ifconfig-pool-persist with IPv6 only
+ route: warn on IPv4 routes installation when no IPv4 is configured
+ options: enable IPv4 redirection logic only if really required
+ ipv6-pool: get rid of size constraint
+ pool: remove useless 'options.h' include
+ multi: skip IPv4 logic in multi_select_virtual_addr() if no pool is configured
+ multi.c: use mi->cc_config instead of config variable
+ options: don't leak inline'd key material in logfile
+ t_net.sh: drop hard dependency on t_client.rc
+ travis: don't run t_net.sh test
+
+Arne Schwabe (124):
Set tls-cipher restriction before loading certificates
Print ec bit details, refuse management-external-key if key is not RSA
+ Replace buffer backed strings for management_android_control with simple stack variables
+ Treat dhcp-option DNS6 and DNS identical
+ show the right string for key-direction
+ Add MTU to Android IFCONFIG6 control command
+ Properly free tuntap struct on android when emulating persist-tun
+ Add OpenSSL compat definition for RSA_meth_set_sign
+ Skip error about ioctl(SIOCGIFCONF) failed on Android
+ Factor out convert_tls_list_to_openssl method
+ Remove AUTO_USERID feature
+ Remove MANAGMENT_EXTERNAL_KEY, MANAGMENT_IN_EXTRA, ENABLE_CLIENT_CR
+ Add support for tls-ciphersuites for TLS 1.3
+ Add better support for showing TLS 1.3 ciphersuites in --show-tls
+ Use right function to set TLS1.3 restrictions in show-tls
+ Refuse mbed TLS external key with non RSA certificates
+ Add message explaining early TLS client hello failure
+ Add tls-crypt-v2 to the list of supported inline options
+ Implement block-ipv6
+ Fallback to password authentication when auth-token fails
+ Fix loading inline tls-crypt-v2 keys with mbed TLS
+ Refactor tls_crypt_v2_write_server_key_file into crypto.c
+ Add send_control_channel_string_dowork variant
+ Rename tls_crypt_v2_read_keyfile into generic pem_read_key_file
+ Fix poll.h logic in syshead.h
+ Write key to stdout if filename is not given
+ Implement --genkey type keyfile syntax and migrate tls-crypt-v2
+ Add generate_ephemeral_key that allows a random ephermal key
+ Remove -no-cpp-precomp flag from Darwin builds
+ Fix check if iface name is set
+ Adjust Android code after sitnl patch merge
+ Rewrite auth-token-gen to be based on HMAC based tokens
+ Implement a permanent session id in auth-token
+ Sent indication that a session is expired to clients
+ Implement unit tests for auth-gen-token
+ Make tls_version_max return the actual maximum version
+ Add support for OpenSSL TLS 1.3 when using management-external-key
+ Document tls-ciphersuites also in --help output
+ Only announce IV_NCP=2 when we are willing to support these ciphers
+ Add strsep compat function
+ Implement dynamic NCP negotiation
+ Warn about insecure ciphers also in init_key_type
+ Move NCP related function into a seperate file and add unit tests
+ Normalise ncp-ciphers option and restrict it to 127 bytes
+ Fetch OpenSSL versions via source/old links
+ Fix OpenSSL error stack handling of tls_ctx_add_extra_certs
+ Fix off-by-one in tls-crypt-v2 client wrapping with custom metadata
+ Fix OpenSSL 1.1.1 not using auto elliptic curve selection
+ Refactor counting number of element in a : delimited list into function
+ Minor style change to improve code style
+ Another round of uncrustify code cleanup.
+ Fix tls_ctx_client/server_new leaving error on OpenSSL error stack
+ Add tls-crypt-v2 test writing metadata
+ Use crypto library functions for const time memcmp when possible
+ Fix session id in env missing first byte
+ Document reneweal mechanic of auth-token in manual
+ Fix session id and initial timestamp not being preserved
+ Do not write extra 0 byte for --gen-key with auth-token/tls-crypt-v2
+ Refuse server mode on Android
+ Add .git-blame-ignore-revs with reformat commits
+ Make cipher_kt_name always return normalised cipher name
+ Make cipher_kt_get also accept OpenVPN config cipher name
+ Implement parsing and sending INFO and INFO_PRE control messages
+ Implement support for signalling IV_SSO to server
+ Implement sending response to challenge via CR_RESPONSE
+ Implement sending AUTH_PENDING challenges to clients
+ Implement forwarding client CR_RESPONSE messages to management
+ Add unit test for cipher name translations
+ Make compression asymmetric by default and add warnings
+ Reformat files using uncrustify
+ Remove parameter config from multi_client_connect_mda
+ Remove push_reply_deferred variable
+ Remove did_open_context, defined and connection_established_flag
+ merge key_state->authenticated and key_state->auth_deferred
+ Simplify multi_connection_established.
+ Deprecate ncp-disable and add improved ncp to Changes.rst
+ Make key_state->authenticated more state machine like
+ Extract process_incoming_push_reply from process_incoming_push_msg
+ Removed unused definition
+ Code cleanup: remove superflous variable
+ Move protocol option negotiation from push_prepare to new function
+ Generate data channel keys after connect options have been parsed
+ Cleanup: Remove special case code for old poor man's NCP.
+ Allow changing fallback cipher from ccd files/client-connect
+ client-connect: Change cas_context from int to enum
+ client-connect: Move adding inotify watch into its own function
+ reformat multi_client_generate_tls_keys according to uncrustify
+ client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect
+ Remove CAS_PARTIAL state
+ client-connect: Use inotify for the deferred client-connect status file
+ client-connect: Implement deferred connect support for plugin API v2
+ Drop support for OpenSSL 1.0.1
+ Require AEAD support in the crypto library
+ Remove key-method 1
+ Remove ENABLE_OCC #define
+ Implement tls-groups option to specify eliptic curves/groups
+ Avoid sending --cipher to clients not supporting NCP
+ Indicate that a client is in pull mode in IV_PROTO
+ Deprecate --inetd
+ Include utun device number in utun error messages
+ Simplify calling logic of check_connection_established_dowork
+ Avoid sending push request after receving push reply
+ Rename ncp-ciphers to data-ciphers
+ Add a note that ncp-ciphers is replaced by data-ciphers
+ client-connect: Add documentation for the deferred client connect feature
+ Rework NCP compability logic and drop BF-CBC support by default
+ Document different behaviour of dynamic cipher negotiation
+ Minor cleanup in push.c
+ Clean up a number of leftover C89 initialisations in ssl.c
+ Remove buf argument from link_socket_set_outgoing_addr
+ Remove a number of check/do_work wrapper calls from coarse_timers
+ Split pf_check_reload check and check timer in process_coarse_timers
+ Rename check_ping_restart_dowork to trigger_ping_timeout_signal
+ Eliminate check_fragment function
+ Eliminate check_incoming_control_channel wrapper function
+ Eliminate check_tls wrapper function
+ Merge check_coarse_timers and check_coarse_timers_dowork
+ Skip existing interfaces on opening the first available utun on macOS
+ Move parsing IV_PROTO to separate function
+ Remove S_OP_NORMAL key state.
+ Document comp-lzo no and compress being incompatible
+ Refactor/Reformat tls_pre_decrypt
+ Cleanup tls_pre_decrypt_lite and tls_pre_encrypt
+ Improve sections about older OpenVPN clients in cipher-negotiation.rst
+
+Bertrand Bonnefoy-Claudet (1):
+ Fix typo in error message: "optione" -> "option"
+
+Christian Ehrhardt (1):
+ systemd: extend CapabilityBoundingSet for auth_pam
+
+Christian Hesse (7):
+ man: fix formatting for alternative option
+ systemd: Use automake tools to install unit files
+ systemd: Do not race on RuntimeDirectory
+ systemd: Add more security feature for systemd units
+ Clean up plugin path handling
+ plugin: Remove GNUism in openvpn-plugin.h generation
+ fix typo in notification message
+
+Christopher Schenk (3):
+ Set the correct mtu on windows based systems
+ Log a note if someone wants to set a MTU below 1280 on IPv6
+ Unified success messages for setting mtu
Conrad Hoffmann (2):
Use provided env vars in up/down script.
Document down-root plugin usage in client.down
-David Sommerseth (11):
+David Sommerseth (64):
+ docs: Further enhance the documentation related to SWEET32
+ man: Remove references to no longer present IV_RGI6 peer-info
+ build: Ensure Changes.rst is shipped and installed as a doc file
+ management: >REMOTE operation would overwrite ce change indicator
+ management: Remove a redundant #ifdef block
+ git: Merge .gitignore files into a single file
+ systemd: Move the READY=1 signalling to an earlier point
+ dev-tools: Simple tool which automates rebasing LZ4 compat library
+ dev-tools: lz4-rebaser tool carried a typo
+ plugin: Improve the handling of default plug-in directory
+ cleanup: Remove faulty env processing functions
+ auth-token: Ensure tokens are always wiped on de-auth
+ docs: Fixed man-page warnings discoverd by rpmlint
+ Make --cipher/--auth none more explicit on the risks
+ Require minimum OpenSSL 1.0.1
+ Fix broken ./configure on systems without openssl.pc
+ plugin: Fix documentation typo for type_mask
+ plugin: Export secure_memzero() to plug-ins
+ crypto: Enable SHA256 fingerprint checking in --verify-hash
+ copyright: Update GPLv2 license texts
+ dev-tools: Script generating the source releases in an automated fashion
+ auth-token with auth-nocache fix broke --disable-crypto builds
doc: The CRL processing is not a deprecated feature
cleanup: Move write_pid() to where it is being used
contrib: Remove keychain-mcd code
cleanup: Move init_random_seed() to where it is being used
- sample-plugins: fix ASN1_STRING_to_UTF8 return value checks
Highlight deprecated features
Use consistent version references
docs: Replace all PolarSSL references to mbed TLS
systemd: Ensure systemd shuts down OpenVPN in a proper way
systemd: Enable systemd's auto-restart feature for server profiles
lz4: Move towards a newer LZ4 API
-
-Emmanuel Deloget (3):
- OpenSSL: remove pre-1.1 function from the OpenSSL compat interface
- OpenSSL: remove EVP_CIPHER_CTX_new() from the compat layer
- OpenSSL: remove EVP_CIPHER_CTX_free() from the compat layer
-
-Gert van Dijk (1):
- Warn that DH config option is only meaningful in a tls-server context
-
-Ilya Shipitsin (3):
- travis-ci: add 3 missing patches from master to release/2.4
- travis-ci: update openssl to 1.0.2l, update mbedtls to 2.5.1
- travis-ci: update pkcs11-helper to 1.22
-
-Richard Bonhomme (1):
- man: Corrections to doc/openvpn.8
-
-Steffan Karger (17):
- Fix typo in extract_x509_extension() debug message
- Move adjust_power_of_2() to integer.h
- Undo cipher push in client options state if cipher is rejected
- Remove strerror_ts()
- Move openvpn_sleep() to manage.c
- fixup: also change missed openvpn_sleep() occurrences
- Always use default keysize for NCP'd ciphers
- Move create_temp_file() out of #ifdef ENABLE_CRYPTO
- Deprecate --keysize
- Deprecate --no-replay
- Move run_up_down() to init.c
- tls-crypt: introduce tls_crypt_kt()
- crypto: create function to initialize encrypt and decrypt key
- Add coverity static analysis to Travis CI config
- tls-crypt: don't leak memory for incorrect tls-crypt messages
- travis: reorder matrix to speed up build
- Fix bounds check in read_key()
-
-Szilárd Pfeiffer (1):
- OpenSSL: Always set SSL_OP_CIPHER_SERVER_PREFERENCE flag
-
-Thomas Veerman via Openvpn-devel (1):
- Fix socks_proxy_port pointing to invalid data
-
-
-2017.06.21 -- Version 2.4.3
-Antonio Quartulli (1):
- Ignore auth-nocache for auth-user-pass if auth-token is pushed
-
-David Sommerseth (3):
- crypto: Enable SHA256 fingerprint checking in --verify-hash
- copyright: Update GPLv2 license texts
- auth-token with auth-nocache fix broke --disable-crypto builds
-
-Emmanuel Deloget (8):
+ lz4: Fix confused version check
+ lz4: Fix broken builds when pkg-config is not present but system library is
+ Remove references to keychain-mcd in Changes.rst
+ lz4: Rebase compat-lz4 against upstream v1.7.5
+ systemd: Add and ship README.systemd
+ Update copyright to include 2018 plus company name change
+ man: Add .TQ groff support macro
+ man: Reword --management to prefer unix sockets over TCP
+ management: Warn if TCP port is used without password
+ plugin: Export base64 encode and decode functions
+ build: Fix build warnings related to get_random()
+ build: Fix another compile warning in console_systemd.c
+ cleanup: Remove RPM openvpn.spec build approach
+ docs: Update INSTALL
+ build: Package missing mock_msg.h
+ auth-token: Fix building with --disable-server
+ auth-token: Fix compiler complaints with --disable-management
+ Improve the comments related to auth-token-hmac patches
+ Documented all the argv related code with minor refactoring
+ build: Remove --disable-server from ./configure
+ options: Fix failing inline tls-auth/crypt with persist-key
+ options: Restore --tls-crypt-v2 inline file capability
+ doc/man: convert openvpn.8 to split-up .rst files
+ doc/man: Mark compression options as deprecated
+ doc/man: Adopt compression documentation
+ doc/man: Documentation for --bind-dev / VRFs on Linux
+ doc/man: Add misssing renegotiation.rst to Makefile.am
+ Remove --no-iv
+ doc/man: Do not install man *.rst files
+ travis: Fix make distcheck failure
+ Remove --ifconfig-pool-linear
+ Remove --client-cert-not-required
+
+Domagoj Pensa (2):
+ Fix linking issues on MinGW
+ Skip DNS address validation
+
+Emmanuel Deloget (20):
+ OpenSSL: check for the SSL reason, not the full error
+ OpenSSL: don't use direct access to the internal of X509_STORE_CTX
+ OpenSSL: don't use direct access to the internal of SSL_CTX
+ OpenSSL: don't use direct access to the internal of X509_STORE
+ OpenSSL: don't use direct access to the internal of X509_OBJECT
+ OpenSSL: don't use direct access to the internal of RSA_METHOD
+ OpenSSL: SSLeay symbols are no longer available in OpenSSL 1.1
+ OpenSSL: use EVP_CipherInit_ex() instead of EVP_CipherInit()
OpenSSL: don't use direct access to the internal of X509
OpenSSL: don't use direct access to the internal of EVP_PKEY
OpenSSL: don't use direct access to the internal of RSA
@@ -404,14 +358,87 @@ Emmanuel Deloget (8):
OpenSSL: don't use direct access to the internal of EVP_MD_CTX
OpenSSL: don't use direct access to the internal of EVP_CIPHER_CTX
OpenSSL: don't use direct access to the internal of HMAC_CTX
+ OpenSSL: remove pre-1.1 function from the OpenSSL compat interface
+ OpenSSL: remove EVP_CIPHER_CTX_new() from the compat layer
+ OpenSSL: remove EVP_CIPHER_CTX_free() from the compat layer
+ OpenSSL: check EVP_PKEY key types before returning the pkey
+
+Eric Thorpe (1):
+ Fix Building Using MSVC
-Gert Doering (6):
+Fabian Knittel (7):
+ client-connect: Split multi_connection_established into separate functions
+ client-connect: Refactor multi_client_connect_source_ccd
+ client-connect: Move multi_client_connect_setenv into early_setup
+ client-connect: Refactor to use return values instead of modifying a passed-in flag
+ client-connect: Refactor client-connect handling to calling a bunch of hooks in a loop
+ client-connect: Add deferred support to the client-connect script handler
+ client-connect: Add deferred support to the client-connect v1 plugin handler
+
+Gert Doering (50):
+ Remove IV_RGI6=1 peer-info signalling.
+ Add openssl_compat.h to openvpn_SOURCES
+ Fix '--dev null'
+ Fix installation of IPv6 host route to VPN server when using iservice.
+ Make ENABLE_OCC no longer depend on !ENABLE_SMALL
Fix NCP behaviour on TLS reconnect.
Remove erroneous limitation on max number of args for --plugin
+ proxy.c refactoring: remove always-NULL gc parameter
Fix edge case with clients failing to set up cipher on empty PUSH_REPLY.
Fix potential 1-byte overread in TCP option parsing.
Fix remotely-triggerable ASSERT() on malformed IPv6 packet.
Update Changes.rst with relevant info for 2.4.3 release.
+ Remove warning on pushed tun-ipv6 option.
+ Fix removal of on-link prefix on windows with netsh
+ Fix potential double-free() in Interactive Service (CVE-2018-9336)
+ Add %d, %u and %lu tests to test_argv unit tests.
+ Extend push-remove to also handle 'ifconfig'.
+ Print lzo_init() return code in case of errors
+ Uncrustify sample-plugin sources according to code style
+ uncrustify openvpnserv/ sources
+ uncrustify openvpn/ sources
+ Add 'printing of port number' to mroute_addr_print_ex() for v4-mapped v6.
+ Stop complaining about IPv6 routes without gateway address.
+ Copy one byte less in strncpynt()
+ Remove cmocka submodule, rely on system-wide installation instead.
+ Increase listen() backlog queue to 32
+ repair tap mode on OpenSolaris/OpenIndiana
+ Fix IPv6 routes on tap interfaces on OpenSolaris/OpenIndiana
+ OpenSolaris/OpenIllumos: use /bin/bash if available for test scripts.
+ Force combinationation of --socks-proxy and --proto UDP to use IPv4.
+ Uncrustify the tests/unit_tests/ part of our tree.
+ Change client side of t_lpback.sh configs to use inline material.
+ Simplify pool size handling, fix possible array overrun on pool reading.
+ Change timestamps in file-based logging to ISO 8601 time format.
+ Depreciation warning for --topology net30 on servers with IPv4 pools.
+ Convert plugin/auth-pam.c from stderr logging to plugin_log().
+ Add c1ff8f247f91c88a2df5502eeedf42857f9a6831 (engine, pool, SSO) to .git-blame-ignore-revs
+ Linux: do not change --txqueuelen OS default if not configured.
+ Fix 'engine' unit test on FreeBSD (specifically 'not GNU make')
+ t_client.sh: correctly report all failed instances in summary
+ Remove --writepid file on program exit.
+ Handle connecting clients without NCP or OCC without crashing.
+ Add deferred authentication support to plugin-auth-pam
+ Separate handling of non-deferred return values for client-connect-scripts.
+ Repair --inetd
+ Fix sequence of events for async plugin v1 handler.
+ Abort client-connect handler loop after first handler sets 'disable'.
+ Add depreciation notice for --ncp-disable to protocol-options.rst
+ Changes.rst updates in preparation to 2.5_beta1
+ Preparing release 2.5_beta1
+
+Gert van Dijk (7):
+ Warn that DH config option is only meaningful in a tls-server context
+ Add generated openvpn.doxyfile to .gitignore
+ manpage: improve description of --status and --status-version
+ Add negotiated cipher to status file format 2 and 3
+ Minor reliability layer documentation fixes
+ Make second parameter to reliable_send_purge() const
+ Remove unneeded newline in debug message in reliable.c
+
+Gisle Vanem (2):
+ Crash in options.c
+ Wrong FILETYPE in .rc files
Guido Vranken (6):
refactor my_strupr
@@ -421,125 +448,303 @@ Guido Vranken (6):
Fix a null-pointer dereference in establish_http_proxy_passthru()
Prevent two kinds of stack buffer OOB reads and a crash for invalid input data
-Jérémie Courrèges-Anglas (2):
- Fix an unaligned access on OpenBSD/sparc64
- Missing include for socket-flags TCP_NODELAY on OpenBSD
+Heiko Hund (3):
+ re-implement argv_printf_*()
+ argv: do fewer memory re-allocations
+ Add gc_arena to struct argv to save allocations
-Matthias Andree (1):
- Make openvpn-plugin.h self-contained again.
+Hilko Bengen (1):
+ Do not set pkcs11-helper 'safe fork mode'
-Selva Nair (1):
- Pass correct buffer size to GetModuleFileNameW()
+Hristo Venev (1):
+ Fix extract_x509_field_ssl for external objects, v2
-Steffan Karger (11):
- Log the negotiated (NCP) cipher
- Avoid a 1 byte overcopy in x509_get_subject (ssl_verify_openssl.c)
- Skip tls-crypt unit tests if required crypto mode not supported
- openssl: fix overflow check for long --tls-cipher option
- Add a DSA test key/cert pair to sample-keys
- Fix mbedtls fingerprint calculation
- mbedtls: fix --x509-track post-authentication remote DoS (CVE-2017-7522)
- mbedtls: require C-string compatible types for --x509-username-field
- Fix remote-triggerable memory leaks (CVE-2017-7521)
- Restrict --x509-alt-username extension types
- Fix potential double-free in --x509-alt-username (CVE-2017-7521)
+Ilya Shipitsin (18):
+ Resolve several travis-ci issues
+ github: Add PR template with contributor related information
+ travis-ci: add 'make distcheck' to test scenario, V2
+ travis-ci: remove unused files
+ v4, travis-ci: add 2 mingw "build only" configurations
+ travis-ci: added gcc and clang openssl-1.1.0 builds
+ travis-ci: update openssl to 1.0.2l, update mbedtls to 2.5.1
+ travis-ci: update pkcs11-helper to 1.22
+ travis-ci: add brew cache, remove ccache
+ travis-ci: modify openssl build script to support openssl-1.1.0
+ travis-ci: cleanup, refactor, upgrade ssl libraries
+ travis-ci: add "linux-ppc64le" to build matrix
+ travis-ci: change trusty image to xenial
+ travis-ci: update osx to xcode9.4 and modernize brew management
+ configure.ac: fix compile-time error in argv_testdriver
+ travis-ci: fix osx builds
+ travis-ci: update components versions
+ travis-ci: add arm64, s390x builds.
-Steven McDonald (1):
- Fix gateway detection with OpenBSD routing domains
+James Bekkema (2):
+ Resolves small IV_GUI_VER typo in the documentation.
+ Adds support for setting the default IPv6 gateway for routes using the route-ipv6-gateway option.
+James Bottomley (7):
+ autoconf: Fix engine checks for openssl 1.1
+ openssl: add engine method for loading the key
+ crypto_openssl: add initialization to pick up local configuration
+ crypto_openssl: add include for openssl/conf.h
+ Add unit tests for engine keys
+ Fix make distcheck for new engine key unit test
+ engine-key tests: make check_engine_keys.sh work with --enable-small
-2017.05.11 -- Version 2.4.2
-David Sommerseth (5):
- auth-token: Ensure tokens are always wiped on de-auth
- docs: Fixed man-page warnings discoverd by rpmlint
- Make --cipher/--auth none more explicit on the risks
- plugin: Fix documentation typo for type_mask
- plugin: Export secure_memzero() to plug-ins
+Jan Just Keijser (1):
+ Added support for DHCP option 119 (dns search suffix list) for Windows.
-Hristo Venev (1):
- Fix extract_x509_field_ssl for external objects, v2
+Jeremie Courreges-Anglas (5):
+ Cast time_t to long long in order to print it.
+ Print time_t as long long and suseconds_t as long
+ Cast and print another suseconds_t as long
+ Use long long to format time_t-related environment variables
+ Fix build with LibreSSL
-Selva Nair (1):
- In auth-pam plugin clear the password after use
+Jeremy Evans (1):
+ Switch assertion failure to returning false
-Steffan Karger (10):
- cleanup: merge packet_id_alloc_outgoing() into packet_id_write()
- Don't run packet_id unit tests for --disable-crypto builds
- Fix Changes.rst layout
- Fix memory leak in x509_verify_cert_ku()
- mbedtls: correctly check return value in pkcs11_certificate_dn()
- Restore pre-NCP frame parameters for new sessions
- Always clear username/password from memory on error
- Document tls-crypt security considerations in man page
- Don't assert out on receiving too-large control packets (CVE-2017-7478)
- Drop packets instead of assert out if packet id rolls over (CVE-2017-7479)
+Jonathan K. Bullard (1):
+ Clarify and expand management interface documentation
-ValdikSS (1):
- Set a low interface metric for tap adapter when block-outside-dns is in use
+Jonathan Tooker (1):
+ Fix various spelling mistakes
-2017.03.21 -- Version 2.4.1
-Antonio Quartulli (4):
- attempt to add IPv6 route even when no IPv6 address was configured
- fix redirect-gateway behaviour when an IPv4 default route does not exist
- CRL: use time_t instead of struct timespec to store last mtime
- ignore remote-random-hostname if a numeric host is provided
+Joost Rijneveld (1):
+ Make return code external tls key match docs
-Christian Hesse (7):
- man: fix formatting for alternative option
- systemd: Use automake tools to install unit files
- systemd: Do not race on RuntimeDirectory
- systemd: Add more security feature for systemd units
- Clean up plugin path handling
- plugin: Remove GNUism in openvpn-plugin.h generation
- fix typo in notification message
+Jérémie Courrèges-Anglas (2):
+ Fix an unaligned access on OpenBSD/sparc64
+ Missing include for socket-flags TCP_NODELAY on OpenBSD
-David Sommerseth (6):
- management: >REMOTE operation would overwrite ce change indicator
- management: Remove a redundant #ifdef block
- git: Merge .gitignore files into a single file
- systemd: Move the READY=1 signalling to an earlier point
- plugin: Improve the handling of default plug-in directory
- cleanup: Remove faulty env processing functions
+Kyle Evans (1):
+ tests/t_lpback.sh: Switch sed(1) to POSIX-compatible regex.
-Emmanuel Deloget (8):
- OpenSSL: check for the SSL reason, not the full error
- OpenSSL: don't use direct access to the internal of X509_STORE_CTX
- OpenSSL: don't use direct access to the internal of SSL_CTX
- OpenSSL: don't use direct access to the internal of X509_STORE
- OpenSSL: don't use direct access to the internal of X509_OBJECT
- OpenSSL: don't use direct access to the internal of RSA_METHOD
- OpenSSL: SSLeay symbols are no longer available in OpenSSL 1.1
- OpenSSL: use EVP_CipherInit_ex() instead of EVP_CipherInit()
+Lev Stipakov (46):
+ win: support for Visual Studio 2017
+ Refactor NCP-negotiable options handling
+ init.c: refine functions names and description
+ openvpnserv: clarify return values type
+ crypto.h: remove unused function declaration
+ interactive.c: fix usage of potentially uninitialized variable
+ options.c: fix broken unary minus usage
+ Introduce openvpn_swprintf() with nul termination guarantee
+ Wrap openvpn_swprintf into Windows define
+ test_tls_crypt.c: fix global-buffer-overflow found by AddressSanitizer
+ crypto_openssl.c: fix heap-buffer-overflow found by AddressSanitizer
+ Fix various compiler warnings
+ Fix broken fragment/mssfix with NCP
+ crypto.c: fix Visual Studio build
+ tun.h: change tun_set() return value type to void
+ tun.h: remove TUN_PASS_BUFFER define
+ tapctl: add optional 'hardware id' parameter
+ vcxproj: add missing source files
+ push.c: fix Visual Studio build
+ Visual Studio: make it easier to build with VS
+ msvc: OpenSSL 1.1.x support
+ travis: add Visual Studio build
+ Visual Studio: upgrade project files to VS2019
+ wintun: add --windows-driver config option
+ wintun: implement opening wintun device
+ travis: bump MSVC to 2019
+ travis: bump clang version
+ wintun: ring buffers based I/O
+ wintun: interactive service support
+ wintun: set adapter properties via interactive service
+ wintun: clear adapter settings on tun close
+ tun.c: refactor open_tun() implementation
+ tun.c: do not add/remove on-link IPv4 route on tun open/close
+ options.c: do not force route delay when not using DHCP
+ configure.ac: simplify AC_CHECK_FUNCS statements
+ cryptoapi.c: fix run-time check failure in msvc debugger
+ interactive.c: remove unused function
+ tun.c: fix 'use after free' error
+ Fix building with --enable-async-push in FreeBSD
+ Fix broken async push with NCP is used
+ Fix illegal client float (CVE-2020-11810)
+ msvc: fix various level2 warnings
+ tap.c: fix adapter renaming
+ Improve Windows version detection with manifest
+ wintun: remove SYSTEM elevation hack
+ Fix compilation with --disable-lzo and --disable-lz4
-Eric Thorpe (1):
- Fix Building Using MSVC
+Matthias Andree (3):
+ Make openvpn-plugin.h self-contained again.
+ Merge Makefile.am's AUTOMAKE_OPTIONS into configure.ac's AM_INIT_AUTOMAKE.
+ Fix stack buffer overruns in NEXTADDR() macro:
-Gert Doering (4):
- Add openssl_compat.h to openvpn_SOURCES
- Fix '--dev null'
- Fix installation of IPv6 host route to VPN server when using iservice.
- Make ENABLE_OCC no longer depend on !ENABLE_SMALL
+Maxim Plotnikov (1):
+ OpenSSL: Fix --crl-verify not loading multiple CRLs in one file
-Gisle Vanem (1):
- Crash in options.c
+Maximilian Wilhelm (1):
+ Add --bind-dev option.
-Ilya Shipitsin (2):
- Resolve several travis-ci issues
- travis-ci: remove unused files
+Michal Soltys (1):
+ man: correct the description of --capath and --crl-verify regarding CRLs
+
+Mykola Baibuz (1):
+ Fix typo in NTLM proxy debug message
Olivier Wahrenberger (1):
Fix building with LibreSSL 2.5.1 by cleaning a hack.
-Selva Nair (4):
+Richard Bonhomme (3):
+ man: Corrections to doc/openvpn.8
+ Ignore --pull-filter for --mode server
+ doc/man: Update --txqueuelen default setting (Now OS default)
+
+Richard van den Berg via Openvpn-devel (1):
+ Fix error message when using RHEL init script
+
+Rosen Penev (2):
+ Remove wrong poll.h include
+ openssl: Fix compilation without deprecated OpenSSL 1.1 APIs
+
+Samy Mahmoudi (1):
+ man: correct a --redirection-gateway option flag
+
+Santtu Lakkala (1):
+ Fix OpenSSL private key passphrase notices
+
+Selva Nair (55):
Fix push options digest update
Always release dhcp address in close_tun() on Windows.
Add a check for -Wl, --wrap support in linker
Fix user's group membership check in interactive service to work with domains
+ In auth-pam plugin clear the password after use
+ Pass correct buffer size to GetModuleFileNameW()
+ Check whether in pull_mode before warning about previous connection blocks
+ Avoid illegal memory access when malformed data is read from the pipe
+ Fix missing check for return value of malloc'd buffer
+ Return NULL if GetAdaptersInfo fails
+ Use RSA_meth_free instead of free
+ Bring cryptoapi.c upto speed with openssl 1.1
+ Add SSL_CTX_get_max_proto_version() not in openssl 1.0
+ TLS v1.2 support for cryptoapicert -- RSA only
+ Refactor ssl_openssl.c in prep for external EC key support
+ Refactor get_interface_metric to return metric and auto flag separately
+ Add management client version
+ Prompt for signature using '>PK_SIGN' if the client supports it
+ Allow external EC key through --management-external-key
+ Ensure strings read from registry are null-terminated
+ Make most registry values optional
+ Use lowest metric interface when multiple interfaces match a route
+ Move code to free cd to a function CAPI_DATA_free()
+ Disable external ec key support when building with libressl
+ Adapt to RegGetValue brokenness in Windows 7
+ Fix format spec errors in Windows builds
+ Move setting private key to a function in prep for EC support
+ Support EC certificates with cryptoapicert
+ Delete the IPv6 route to the "connected" network on tun close
+ Management: warn about password only when the option is in use
+ Avoid overflow in wakeup time computation
+ Replace M_DEBUG with D_LOW as the former is too verbose
+ Correct the declaration of handle in 'struct openvpn_plugin_args_open_return'
+ Parse static challenge response in auth-pam plugin
+ Bump version of openvpn plugin argument structs to 5
+ Accept empty password and/or response in auth-pam plugin
+ Pass the hash without the DigestInfo header to NCryptSignHash()
+ Move get system directory to a separate function
+ Enable dhcp on tap adapter using interactive service
+ Refactor sending commands to interactive service
+ Declare Windows version of openvpn_execve() before use
+ White-list pull-filter and script-security in interactive service
+ Move OpenSSL vs CNG signature digest type mapping to a function
+ Handle PSS padding in cryptoapicert
+ Better error message when script fails due to script-security setting
+ Correct the return value of cryptoapi RSA signature callbacks
+ Fix ACL_CHECK_ADD_COMPILE_FLAGS to work with clang
+ Swap the order of checks for validating interactive service user
+ Skip expired certificates in Windows certificate store
+ Allow unicode search string in --cryptoapicert option
+ Fix possibly uninitialized return value in GetOpenvpnSettings()
+ Fix possible access of uninitialized pipe handles
+ Move querying username/password from management to a function
+ When auth-user-pass file has no password query the management interface (if available).
+ Persist management-query-remote and proxy prompts
-Simon Matter (1):
+Simon Matter (2):
Fix segfault when using crypto lib without AES-256-CTR or SHA256
+ Add per session pseudo-random jitter to --reneg-sec intervals
-Steffan Karger (8):
+Simon Rozman (67):
+ Local functions are not supported in MSVC. Bummer.
+ Mixing wide and regular strings in concatenations is not allowed in MSVC.
+ RtlIpv6AddressToStringW() and RtlIpv4AddressToStringW() require mstcpip.h
+ Simplify iphlpapi.dll API calls
+ Fix local #include to use quoted form
+ Document ">PASSWORD:Auth-Token" real-time message
+ Fix typo in "verb" command examples
+ Uniform swprintf() across MinGW and MSVC compilers
+ MSVC meta files added to .gitignore list
+ openvpnserv: Review MSVC down-casting warnings
+ openvpnserv: Add support for multi-instances
+ Document missing OpenVPN states
+ Add Interactive Service developer documentation
+ Change quoted to angled form when #including external .h files
+ Signed/unsigned warnings of MSVC resolved
+ Reference msvc-generate from compat to assure correct build order
+ msvc: Move common project settings to reusable property sheets
+ msvc: Unify Unicode/MultiByte string setting across all cfg|plat
+ Introduce tapctl.exe utility and openvpnmsica.dll MSI CA
+ Set output name to libopenvpnmsica.dll in MSVC builds too
+ Prevent __stdcall name mangling of MSVC
+ Define _WIN32_WINNT=_WIN32_WINNT_VISTA in MSVC
+ Add MSI custom action for reliable Windows 10 detection
+ Detect TAP interfaces with root-enumerated hardware ID
+ Change C++ to C comments
+ Make MSI custom action debug pop-up more informative
+ Delete TAP interface before the TAP driver is uninstalled
+ Add detection of active VPN connections for MSI packages
+ Add a MSI custom actions to close and relaunch OpenVPN GUI
+ Make DriverCertification MSI property public
+ Extend FindSystemInfo custom action to detect OpenVPNService state
+ Uncrustify tapctl and openvpnmsica
+ Strip _stdcall suffixes (@nn) for 32-bit builds
+ Detect missing TAP driver and bail out gracefully
+ Disambiguate thread local storage references from TLS
+ Add NULL checks
+ Add user manual and developer notes URL for tapctl.exe
+ Refactor OpenVPNService state detection code
+ Add developer notes URL for openvpnmsica.dll
+ Limit tapctl.exe and openvpnmsica.dll to TAP-Windows6 adapters only
+ msvc: Add vlan.c/h
+ tun.c: make Windows device lookup functions more general
+ tun.c: upgrade get_device_guid() to return the Windows driver type
+ tun.c: make wintun_register_ring_buffer() non-fatal on failures
+ wintun: register ring buffers when iterating adapters
+ wintun: add support for --dev-node
+ tun.c: reword the at_least_one_tap_win() error
+ wintun: stop sending TAP-Windows6 ioctls to NDIS device
+ wintun: refactor code to use enum driver type
+ tun.c: refactor driver detection and make it case-insensitive
+ tun.c: uncrustify
+ wintun: check for conflicting options
+ openvpnmsica: Remove required Windows driver certification detection
+ openvpnmsica: Fix TAPInterface.DisplayName field interpretation
+ tapctl: Update documentation
+ wintun: upgrade error message in case of ring registration failure
+ tun.c: reorder IPv6 ifconfig on Windows
+ tapctl: Add functions for enabling/disabling adapters
+ openvpnmsica: Revise MSI custom actions interop
+ openvpnmsica: Simplify static function names
+ openvpnmsica, tapctl: "interface" => "adapter"
+ openvpnmsica: "TAP" => "TUN/TAP"
+ openvpnmsica: Extend to support arbitrary HWID network adapters
+ openvpnmsica, tapctl: Revise default hardware ID management
+ openvpnmsica: Merge FindTUNTAPAdapters into FindSystemInfo
+ tapctl: Support multiple hardware IDs
+ tun.c: revise the IPv4 ifconfig flow on Windows
+
+Stefan Strogin (1):
+ Use correct ifdefs for LibreSSL support
+
+Steffan Karger (122):
+ Document that RSA_SIGN can also request TLS 1.2 signatures
+ man: encourage user to read on about --tls-crypt
+ Textual fixes for Changes.rst
+ Remove deprecated --no-iv option
More broadly enforce Allman style and braces-around-conditionals
Use SHA256 for the internal digest, instead of MD5
OpenSSL: 1.1 fallout - fix configure on old autoconf
@@ -548,23 +753,146 @@ Steffan Karger (8):
Fix non-C99-compliant builds: don't use const size_t as array length
Deprecate --ns-cert-type
Be less picky about keyUsage extensions
+ cleanup: merge packet_id_alloc_outgoing() into packet_id_write()
+ Don't run packet_id unit tests for --disable-crypto builds
+ Fix Changes.rst layout
+ Fix memory leak in x509_verify_cert_ku()
+ mbedtls: correctly check return value in pkcs11_certificate_dn()
+ Restore pre-NCP frame parameters for new sessions
+ Always clear username/password from memory on error
+ Document tls-crypt security considerations in man page
+ Don't assert out on receiving too-large control packets (CVE-2017-7478)
+ Drop packets instead of assert out if packet id rolls over (CVE-2017-7479)
+ Log the negotiated (NCP) cipher
+ Avoid a 1 byte overcopy in x509_get_subject (ssl_verify_openssl.c)
+ Skip tls-crypt unit tests if required crypto mode not supported
+ openssl: fix overflow check for long --tls-cipher option
+ Add a DSA test key/cert pair to sample-keys
+ Fix mbedtls fingerprint calculation
+ mbedtls: fix --x509-track post-authentication remote DoS (CVE-2017-7522)
+ mbedtls: require C-string compatible types for --x509-username-field
+ Fix remote-triggerable memory leaks (CVE-2017-7521)
+ Restrict --x509-alt-username extension types
+ Fix potential double-free in --x509-alt-username (CVE-2017-7521)
+ Fix typo in extract_x509_extension() debug message
+ init_key_ctx: key and iv arguments can (now) be const
+ Move adjust_power_of_2() to integer.h
+ Undo cipher push in client options state if cipher is rejected
+ Remove strerror_ts()
+ Move openvpn_sleep() to manage.c
+ fixup: also change missed openvpn_sleep() occurrences
+ Always use default keysize for NCP'd ciphers
+ Move create_temp_file() out of #ifdef ENABLE_CRYPTO
+ sample-plugins: fix ASN1_STRING_to_UTF8 return value checks
+ Deprecate --keysize
+ Move run_up_down() to init.c
+ tls-crypt: introduce tls_crypt_kt()
+ crypto: create function to initialize encrypt and decrypt key
+ Add coverity static analysis to Travis CI config
+ tls-crypt: don't leak memory for incorrect tls-crypt messages
+ travis: reorder matrix to speed up build
+ Fix bounds check in read_key()
+ buffer_list_aggregate_separator(): add unit tests
+ doxygen: add make target and use relative paths
+ Simplify and inline clear_buf()
+ Add --tls-cert-profile option.
+ pf: clean up temporary files if plugin init fails
+ pf: reject client if PF plugin is configured, but init fails
+ Don't throw fatal errors from create_temp_file()
+ create_temp_file/gen_path: prevent memory leak if gc == NULL
+ Use P_DATA_V2 for server->client packets too
+ Fix memory leak in buffer unit tests
+ travis: use clang's -fsanitize=address to catch more bugs
+ Don't throw fatal errors from verify_cert_export_cert()
+ buffer_list_aggregate_separator(): update list size after aggregating
+ buffer_list_aggregate_separator(): don't exceed max_len
+ buffer_list_aggregate_separator(): prevent 0-byte malloc
+ Fix types around buffer_list_push(_data)
+ ssl_openssl: fix compiler warning by removing getbio() wrapper
+ Fix --tls-version-min and --tls-version-max for OpenSSL 1.1+
+ Add support for TLS 1.3 in --tls-version-{min, max}
+ tls_ctx_set_tls_versions: move verify_flags to where it is used
+ Plug memory leak if push is interrupted
+ Log pre-handshake packet drops using D_MULTI_DROPPED
+ Enable stricter compiler warnings by default
+ reliable: remove reliable_unique_retry()
+ Get rid of ax_check_compile_flag.m4
+ mbedtls: don't use API deprecated in mbed 2.7
+ Warn if tls-version-max < tls-version-min
+ Check for more data in control channel
+ Move env helper functions into their own module/file
+ man: add security considerations to --compress section
+ openssl: don't use deprecated SSLEAY/SSLeay symbols
+ openssl: add missing #include statements
+ Move file-related functions from misc.c to platform.c
+ Move execve/run_script helper functions to run_command.c
+ Add crypto_pem_{encode,decode}()
+ Introduce buffer_write_file()
+ mbedtls: print warning if random personalisation fails
+ Fix memory leak after sighup
+ Remove unused void_ptr_hash_function and void_ptr_compare_function
+ Do not load certificate from tls_ctx_use_external_private_key()
+ mbedtls: make external signing code generic
+ mbedtls: remove dependency on mbedtls pkcs11 module
+ Fix memory leak in SSL_CTX_use_certificate
+ travis: add OpenSSL 1.1 Windows build
+ Fix use-after-free in tls_ctx_use_management_external_key
+ Simplify --genkey option syntax
+ Don't print OCC warnings about 'key-method', 'keydir' and 'tls-auth'
+ Add support for CHACHA20-POLY1305 in the data channel
+ List ChaCha20-Poly1305 as stream cipher
+ mbedtls: don't print unsupported ciphers in insecure cipher list
+ Fix mbedtls unit tests
+ buffer_list_aggregate_separator(): simplify code
+ tls-crypt-v2: add specification to doc/
+ tls-crypt-v2: generate tls-crypt-v2 keys
+ tls-crypt-v2: add unwrap_client_key
+ tls-crypt-v2: add P_CONTROL_HARD_RESET_CLIENT_V3 opcode
+ tls-crypt-v2: implement tls-crypt-v2 handshake
+ tls-crypt-v2: add script hook to verify metadata
+ tls-crypt-v2: clarify --tls-crypt-v2-genkey man page section
+ tls-crypt-v2: fix client reconnect bug
+ Remove deprecated --compat-x509-names and --no-name-remapping
+ Extend tls-crypt-v2 unit tests
+ Fix tls-auth/crypt in connection blocks with --persist-key
+ cmocka: use relative paths
+ tests: remove dependency on base64
+ configure.ac: add lzo CFLAGS/LIBS to the test flags
+ Update sample configs to use modern cipher, remove static key examples
+ mbedtls: add RFC 5705 keying material exporter support
+ Move keying material exporter check from syshead.h to configure.ac
+ Make openvpn --version exit with exit code 0
+ Gently push users towards --data-ciphers in --show-ciphers output
+Steven McDonald (1):
+ Fix gateway detection with OpenBSD routing domains
-2016.12.26 -- Version 2.4.0
-David Sommerseth (5):
- dev-tools: Added script for updating copyright years in files
- Update copyrights
- docs: Further enhance the documentation related to SWEET32
- man: Remove references to no longer present IV_RGI6 peer-info
- build: Ensure Changes.rst is shipped and installed as a doc file
+Szilárd Pfeiffer (1):
+ OpenSSL: Always set SSL_OP_CIPHER_SERVER_PREFERENCE flag
-Gert Doering (1):
- Remove IV_RGI6=1 peer-info signalling.
+Thomas Quinot (1):
+ Fix documentation of tls-verify script argument
-Steffan Karger (3):
- Document that RSA_SIGN can also request TLS 1.2 signatures
- man: encourage user to read on about --tls-crypt
- Textual fixes for Changes.rst
+Thomas Veerman via Openvpn-devel (1):
+ Fix socks_proxy_port pointing to invalid data
+
+Tom van Leeuwen (1):
+ mbedTLS: Make sure TLS session survives move
+
+ValdikSS (1):
+ Set a low interface metric for tap adapter when block-outside-dns is in use
+
+Vladislav Grishenko (1):
+ Log serial number of revoked certificate
+
+WGH (1):
+ docs: Add reference to X509_LOOKUP_hash_dir(3)
+
+hashiz (1):
+ Fix '--bind ipv6only'
+
+tincanteksup (1):
+ Correct error message for --tls-crypt-v2-genkey client
2016.12.16 -- Version 2.4_rc2