OpenVPN ChangeLog
Copyright (C) 2002-2022 OpenVPN Inc <sales@openvpn.net>
+2022.12.15 -- Version 2.6_beta2
+
+Antonio Quartulli (1):
+ disable DCO if --secret is specified
+
+Arne Schwabe (7):
+ Fix connection cookie not including address and fix endianness in test
+ Fix unit test of test_pkt on little endian Linux
+ Disable DCO when TLS mode is not used
+ Ignore connection attempts while server is shutting down
+ Improve debug logging of DCO swap key message and Linux dco_new_peer
+ Trigger a USR1 if dco_update_keys fails
+ Set DCO_NOT_INSTALLED also for keys not in the get_key_scan range
+
+Frank Lichtenheld (1):
+ ChangeLog: Fix encoding
+
+Kristof Provost (4):
+ Read DCO traffic stats from the kernel
+ dco: Update counters when a client disconnects
+ Read the peer deletion reason from the kernel
+ dco: cleanup FreeBSD dco_do_read()
+
+Lev Stipakov (3):
+ Rename dco_get_peer_stats to dco_get_peer_stats_multi
+ management: add timer to output BYTECOUNT
+ Introduce dco_get_peer_stats API and Windows implementation
+
+Marc Becker (4):
+ unify code path for adding PKCS#11 providers
+ use new pkcs11-helper interface to add providers
+ special handling for PKCS11 providers on win32
+ vcpkg-ports/pkcs11-helper: support loader flags
+
+Max Fillinger (2):
+ Correct tls-crypt-v2 metadata length in man page
+ Fix message for too long tls-crypt-v2 metadata
+
+
2022.12.01 -- Version 2.6_beta1
Adrian (1):
+Overview of changes in 2.6_beta2
+================================
+
+New features
+------------
+Transport statistics (bytes in/out) for DCO environments
+ With DCO, OpenVPN userland will not see data packets and can not
+ count them, thus, no statistics. This feature implements server-side
+ statistics for FreeBSD+DCO and client-side statistics for Windows+DCO,
+ Linux and FreeBSD client will follow.
+
+pkcs11-helper updates
+ improve shared library loading on Windows, so "copy .dll to application
+ directory" recipes should no longer be necessary for pkcs#11 providers
+
+Bugfixes / minor improvements
+-----------------------------
+- add proper documentation for tls-crypt-v2 metadata limits, and better
+ error messages when these are exceeded
+
+- trigger SIGUSR1 if dco_update_keys() fails - this is, when OpenVPN
+ userland and kernel side key handling gets out of sync, restart instance
+ to recover.
+
+- improve logging for DCO key update handling
+
+- ignore incoming client connects while server is being shutdown
+ (Github: OpenVPN/openvpn#189)
+
+- disable DCO for p2p modes with no crypto or --secret pre-shared key
+ (= everything that is not TLS)
+
+- fix endianness issues for TLS cookie handling and unit test
+
+
+
Overview of changes in 2.6
==========================
define([PRODUCT_TARNAME], [openvpn])
define([PRODUCT_VERSION_MAJOR], [2])
define([PRODUCT_VERSION_MINOR], [6])
-define([PRODUCT_VERSION_PATCH], [_beta1])
+define([PRODUCT_VERSION_PATCH], [_beta2])
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR])
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]])
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]])
define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net])
-define([PRODUCT_VERSION_RESOURCE], [2,6,0,1])
+define([PRODUCT_VERSION_RESOURCE], [2,6,0,2])
dnl define the TAP version
define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901])
define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])