2 Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net>
4 2017.05.18 -- Version 2.3.16
6 fix redirect-gateway behaviour when an IPv4 default route does not exist
9 Avoid a 1 byte overcopy in x509_get_subject (ssl_verify_openssl.c)
12 Check for errors in the return value of GetModuleFileNameW()
15 Fix gateway detection with OpenBSD routing domains
18 2017.05.11 -- Version 2.3.15
20 dev-tools: Added script for updating copyright years in files
22 docs: Further improve --reneg-bytes and SWEET32 information
23 git: Merge .gitignore files into a single file
24 Make --cipher/--auth none more explicit on the risks
27 Document --proto udp6, tcp6, etc.
29 Julien Muchembled (1):
30 Fix implicit declarations when HAVE_OPENSSL_ENGINE is unset
33 Add missing includes in error.h
34 cleanup: merge packet_id_alloc_outgoing() into packet_id_write()
35 Document that OpenVPN 2.3 does not check the CRL signature
36 Introduce and use secure_memzero() to erase secrets
37 Drop packets instead of assert out if packet id rolls over (CVE-2017-7479)
38 Don't assert out on receiving too-large control packets (CVE-2017-7478)
41 2016.12.06 -- Version 2.3.14
43 update year in copyright message
46 Document the --auth-token option
49 Repair topology subnet on FreeBSD 11
50 Repair topology subnet on OpenBSD
53 Drop recursively routed packets
56 Support --block-outside-dns on multiple tunnels
57 When parsing '--setenv opt xx ..' make sure a third parameter is present
58 Map restart signals from event loop to SIGTERM during exit-notification wait
59 Correctly state the default dhcp server address in man page
62 Clean up format_hex_ex()
65 2016.11.02 -- Version 2.3.13
67 Use AES ciphers in our sample configuration files and add a few modern 2.4 examples
68 Incorporate the Debian typo fixes where appropriate and make show_opt default message clearer
71 t_client.sh: Make OpenVPN write PID file to avoid various sudo issues
72 t_client.sh: Add support for Kerberos/ksu
73 t_client.sh: Improve detection if the OpenVPN process did start during tests
74 t_client.sh: Add prepare/cleanup possibilties for each test case
77 Do not abort t_client run if OpenVPN instance does not start.
78 Fix t_client runs on OpenSolaris
79 make t_client robust against sudoers misconfiguration
80 add POSTINIT_CMD_suf to t_client.sh and sample config
81 Fix --multihome for IPv6 on 64bit BSD systems.
84 skip t_lpback.sh and t_cltsrv.sh if openvpn configured --disable-crypto
87 Exclude peer-id from pulled options digest
88 Fix compilation in pedantic mode
91 Automatically cache expected IPs for t_client.sh on the first run
94 Fix unittests for out-of-source builds
95 Make gnu89 support explicit
96 cleanup: remove code duplication in msg_test()
97 Update cipher-related man page text
98 Limit --reneg-bytes to 64MB when using small block ciphers
99 Add a revoked cert to the sample keys
102 2016.08.23 -- Version 2.3.12
104 Complete push-peer-info documentation and allow IV_PLAT_VER for other platforms than Windows if the client UI supplies it.
105 Move ASSERT so external-key with OpenSSL works again
107 David Sommerseth (3):
108 Only build and run cmocka unit tests if its submodule is initialized
109 Another fix related to unit test framework
110 Remove NOP function and callers
113 Add CHACHA20-POLY1305 ciphersuite IANA name translations.
116 Plug memory leak in mbedTLS backend
119 Update contrib/pull-resolv-conf/client.up for no DOMAIN
122 Add unit testing support via cmocka
123 Add a test for auth-pam searchandreplace
126 Push an IPv6 CIDR mask used by the server, not the pool's size
129 Add link to bug tracker
132 Update CONTRIBUTING.rst to allow GitHub PRs for code review purposes
133 Clarify the fact that build instructions in README are for release tarballs
136 Make error non-fatal while deleting address using netsh
137 Make block-outside-dns work with persist-tun
138 Ignore SIGUSR1/SIGHUP during exit notification
139 Promptly close the netcmd_semaphore handle after use
142 Fix polarssl / mbedtls builds
143 Don't limit max incoming message size based on c2->frame
144 Fix '--cipher none --cipher' crash
145 Discourage using 64-bit block ciphers
148 2016.05.09 -- Version 2.3.11
150 Fixed port-share bug with DoS potential
153 Make intent of utun device name validation clear
154 Fix buffer overflow by user supplied data
156 Leonardo Basilio (1):
157 Correctly report TCP connection timeout on windows.
160 Report Windows bitness
162 Michael McConville (1):
163 Fix undefined signed shift overflow
165 Niels Ole Salscheider (1):
166 Fix build with libressl
169 Improve LZO, PAM and OpenSSL documentation
172 Ensure input read using systemd-ask-password is null terminated
173 Support reading the challenge-response from console
176 openssl: improve logging
177 polarssl: improve logging
178 Update manpage: OpenSSL might also need /dev/urandom inside chroot
179 socks.c: fix check on get_user_pass() return value(s)
181 hardening: add safe FD_SET() wrapper openvpn_fd_set()
182 Fix memory leak in argv_extract_cmd_name()
183 Replace MSG_TEST() macro for static inline msg_test()
184 Restrict default TLS cipher list
185 Various Changes.rst fixes
188 Clarify mssfix documentation
189 Clarify --block-outside-dns documentation
190 Update --block-outside-dns to work on Windows Vista
193 2016.01.04 -- Version 2.3.10
195 Prepare for v2.3.10 release, list PolarSSL 1.2 to 1.3 upgrade
197 Jan Just Keijser (1):
198 Make certificate expiry warning patch (091edd8e299686) work on OpenSSL 1.0.1 and earlier.
201 Repair IPv6 netsh calls if Win XP is detected
204 Use bob.example.com and alice.example.com to improve clarity of documentation
207 Remove unused variables from ssl_verify_polarssl.c's x509_get_serial()
208 Upgrade OpenVPN 2.3 to PolarSSL 1.3
209 Warn user if their certificate has expired
210 Make assert_failed() print the failed condition
211 cleanup: get rid of httpdigest.c type warnings
212 Fix regression in setups without a client certificate
215 polarssl: fix unreachable code
217 2015.12.15 -- Version 2.3.9
219 Show extra-certs in current parameters.
220 Fix commit a3160fc1bd7368395745b9cee6e40fb819f5564c
221 Do not set the buffer size by default but rely on the operation system default.
222 Remove --enable-password-save option
223 Reflect enable-password-save change in documentation
224 Also remove second instance of enable-password-save in the man page
225 Detect config lines that are too long and give a warning/error
228 Log serial number of revoked certificate
230 Christos Trochalakis (1):
231 Adjust server-ipv6 documentation
233 David Sommerseth (1):
234 Avoid partial authentication state when using --disabled in CCD configs
237 Make "block-outside-dns" option platform agnostic
240 Un-break --auth-user-pass on windows
241 Replace unaligned 16bit access to TCP MSS value with bytewise access
242 Repair test_local_addr() on WIN32
243 Fix possible heap overflow on read accessing getaddrinfo() result.
244 Fix FreeBSD-specific mishandling of gc arena pointer in create_arbitrary_remote()
245 remove unused gc_arena in FreeBSD close_tun()
246 Fix isatty() check for good.
249 put virtual IPv6 addresses into env
252 Use adapter index instead of name for windows IPv6 interface config
253 Client-side part for server restart notification
254 Use adapter index for add/delete_route_ipv6
255 Pass adapter index to up/down scripts
256 Fix VS2013 compilation
259 Fix privilege drop if first connection attempt fails
262 Support for username-only auth file.
266 Updates to Changes.rst
269 Fix termination when windows suspends/sleeps
270 Do not hard-code windows systemroot in env_block
271 Handle ctrl-C and ctrl-break events on Windows
272 Unbreak read username password from management
275 Replace strdup() calls for string_alloc() calls
276 Check return value of ms_error_text()
277 Increase control channel packet size for faster handshakes
278 hardening: add insurance to exit on a failed ASSERT()
279 Fix memory leak in auth-pam plugin
280 Fix (potential) memory leak in init_route_list()
281 Fix unintialized variable in plugin_vlog()
282 Add macro to ensure we exit on fatal errors
283 Fix memory leak in add_option() by simplifying get_ipv6_addr
284 openssl: properly check return value of RAND_bytes()
285 Fix rand_bytes return value checking
288 Add Windows DNS Leak fix using WFP ('block-outside-dns')
291 Fix "White space before end tags can break the config parser"
294 2015.08.03 -- Version 2.3.8
296 Report missing endtags of inline files as warnings
297 Fix commit e473b7c if an inline file happens to have a line break exactly at buffer limit
300 Produce a meaningful error message if --daemon gets in the way of asking for passwords.
301 Document --daemon changes and consequences (--askpass, --auth-nocache).
304 Del ipv6 addr on close of linux tun interface
307 Fix --askpass not allowing for password input via stdin
310 write pid file immediately after daemonizing
311 Make __func__ work with Visual Studio too
312 fix regression: query password before becoming daemon
313 Fix using management interface to get passwords.
314 Fix overflow check in openvpn_decrypt()
317 2015.06.02 -- Version 2.3.7
318 Alexander Pyhalov (1):
319 Default gateway can't be determined on illumos/Solaris platforms
322 Warn that tls-auth with free form files is going to be removed from OpenVPN 2.4
324 David Sommerseth (6):
325 autotools: Fix wrong ./configure help screen default values
326 down-root plugin: Replaced system() calls with execve()
327 down-root: Improve error messages
328 plugin, down-root: Fix compiler warnings
329 sockets: Remove the limitation of --tcp-nodelay to be server-only
330 plugins, down-root: Code style clean-up
333 pkcs11: Load p11-kit-proxy.so module by default
334 Make 'provider' option to --show-pkcs11-ids optional where p11-kit is present
337 Use OPENVPN_ETH_P_* so that <netinet/if_ether.h> is unecessary
340 New approach to handle peer-id related changes to link-mtu (2.3 version)
341 Fix incorrect use of get_ipv6_addr() for iroute options.
342 Print helpful error message on --mktun/--rmtun if not available.
343 explain effect of --topology subnet on --ifconfig
344 Add note about file permissions and --crl-verify to manpage.
345 repair --dev null breakage caused by db950be85d37
346 assume res_init() is always there.
347 Correct note about DNS randomization in openvpn.8
348 Disallow usage of --server-poll-timeout in --secret key mode.
349 slightly enhance documentation about --cipher
350 Enforce "serial-tests" behaviour for tests/Makefile
351 Revert "Enforce "serial-tests" behaviour for tests/Makefile"
352 On signal reception, return EAI_SYSTEM from openvpn_getaddrinfo().
353 Use configure.ac hack to apply serial_test AM option only if supported.
354 Use EAI_AGAIN instead of EAI_SYSTEM for openvpn_getaddrinfo().
355 Move res_init() call to inner openvpn_getaddrinfo() loop
356 Fix FreeBSD ifconfig for topology subnet tunnels.
359 Fix --redirect-private in --dev tap mode.
361 Jan Just Keijser (1):
362 include ifconfig_ environment variables in --up-restart env set
364 Jonathan K. Bullard (1):
365 Fix null pointer dereference in options.c
368 Fix mssfix default value in connection_list context
371 Manual page update for Re-enabled TLS version negotiation.
374 Include systemd units in the source tarball (make dist)
377 Updated manpage for --rport and --lport
380 Properly escape dashes on the man-page
381 Improve documentation in --script-security section of the man-page
384 Really fix '--cipher none' regression
385 Update doxygen (a bit)
386 Set tls-version-max to 1.1 if cryptoapicert is used
387 Account for peer-id in frame size calculation
388 Disable SSL compression
389 Fix frame size calculation for non-CBC modes.
390 Allow for CN/username of 64 characters (fixes off-by-one)
391 Remove unneeded parameter 'first_time' from possibly_become_daemon()
392 Re-enable TLS version negotiation by default
393 Remove size limit for files inlined in config
394 Improve --tls-cipher and --show-tls man page description
395 Re-read auth-user-pass file on (re)connect if required
396 Clarify --capath option in manpage
397 Call daemon() before initializing crypto library
400 2014.11.28 -- Version 2.3.6
401 David Sommerseth (1):
402 systemd: Reworked the systemd unit file to handle server and client configs better
405 Add client-only support for peer-id.
408 Fix to --shaper documentation on the man-page
411 Fix assertion error when using --cipher none
412 Add --tls-version-max
413 Modernize sample keys and sample configs
414 Drop too-short control channel packets instead of asserting out.
417 2014.10.24 -- Version 2.3.5
418 Andris Kalnozols (2):
419 Fix some typos in the man page.
420 Do not upcase x509-username-field for mixed-case arguments.
423 Fix server routes not working in topology subnet with --server [v3]
425 David Sommerseth (4):
426 Improve error reporting on file access to --client-config-dir and --ccd-exclusive
427 Don't let openvpn_popen() keep zombies around
428 Add systemd unit file for OpenVPN
429 systemd: Use systemd functions to consider systemd availability
432 Drop incoming fe80:: packets silently now.
433 Fix t_lpback.sh platform-dependent failures
434 Call init script helpers with explicit path (./)
437 refine assertion to allow other modes than CBC
440 ocsp_check - signature verification and cert staus results are separate
441 ocsp_check - double check if ocsp didn't report any errors in execution
444 Fix socket-flag/TCP_NODELAY on Mac OS X
447 Fixed several instances of declarations after statements.
448 In socket.c, fixed issue where uninitialized value (err) is being passed to to gai_strerror.
449 Explicitly cast the third parameter of setsockopt to const void * to avoid warning.
450 MSVC 2008 doesn't support dimensioning an array with a const var nor using %z as a printf format specifier.
451 Define PATH_SEPARATOR for MSVC builds.
452 Fixed some compile issues with show_library_versions()
455 Remove quadratic complexity from openvpn_base64_decode()
458 Add configure check for the path to systemd-ask-password
460 Philipp Hagemeister (2):
461 Add topology in sample server configuration file
462 Implement on-link route adding for iproute2
465 Ensure that client-connect files are always deleted
468 Remove function without effect (cipher_ok() always returned true).
469 Remove unneeded wrapper functions in crypto_openssl.c
470 Fix bug that incorrectly refuses oid representation eku's in polar builds
471 Update README.polarssl
472 Rename ALLOW_NON_CBC_CIPHERS to ENABLE_OFB_CFB_MODE, and add to configure.
473 Add proper check for crypto modes (CBC or OFB/CFB)
474 Improve --show-ciphers to show if a cipher can be used in static key mode
475 Extend t_lpback tests to test all ciphers reported by --show-ciphers
476 Don't exit daemon if opening or parsing the CRL fails.
477 Fix typo in cipher_kt_mode_{cbc, ofb_cfb}() doxygen.
478 Fix regression with password protected private keys (polarssl)
479 ssl_polarssl.c: fix includes and make casts explicit
480 Remove unused variables from ssl_verify_openssl.c extract_x509_extension()
483 Fix "code=995" bug with windows NDIS6 tap driver.
486 2014.04.30 -- Version 2.3.4
488 Fix man page and OSCP script: tls_serial_{n} is decimal
491 Fix is_ipv6 in case of tap interface.
494 IPv6 address/route delete fix for Win8
495 Add SSL library version reporting.
496 Minor t_client.sh cleanups
497 Repair --multihome on FreeBSD for IPv4 sockets.
498 Rewrite manpage section about --multihome
499 More IPv6-related updates to the openvpn man page.
500 Conditionalize calls to print_default_gateway on !ENABLE_SMALL
503 Use native strtoull() with MSVC 2013.
504 When tls-version-min is unspecified, revert to original versioning approach.
507 Change signedness of hash in x509_get_sha1_hash(), fixes compiler warning.
508 Fix OCSP_check.sh to also use decimal for stdout verification.
509 Fix build system to accept non-system crypto library locations for plugins.
510 Make serial env exporting consistent amongst OpenSSL and PolarSSL builds.
513 Fix SOCKSv5 method selection
516 Fix typo in sample build script to use LDFLAGS
519 2014.04.08 -- Version 2.3.3
521 pkcs11: use generic evp key instead of rsa
524 Add support of utun devices under Mac OS X
525 Add support to ignore specific options.
526 Add a note what setenv opt does for OpenVPN < 2.3.3
527 Add reporting of UI version to basic push-peer-info set.
528 Fix compile error in ssl_openssl introduced by polar external-management patch
529 Fix assertion when SIGUSR1 is received while getaddrinfo is successful
530 Add warning for using connection block variables after connection blocks
531 Introduce safety check for http proxy options
533 David Sommerseth (5):
534 man page: Update man page about the tls_digest_{n} environment variable
535 Remove the --disable-eurephia configure option
536 plugin: Extend the plug-in v3 API to identify the SSL implementation used
538 Fix file checks when --chroot is being used
541 Document authfile for socks server
544 Fix IPv6 examples in t_client.rc-sample
545 Fix slow memory drain on each client renegotiation.
546 t_client.sh: ignore fields from "ip -6 route show" output that distort results.
547 Make code and documentation for --remote-random-hostname consistent.
548 Reduce IV_OPENVPN_GUI_VERSION= to IV_GUI_VER=
549 Document issue with --chroot, /dev/urandom and PolarSSL.
550 Rename 'struct route' to 'struct route_ipv4'
551 Replace copied structure elements with including <net/route.h>
552 Workaround missing SSL_OP_NO_TICKET in earlier OpenSSL versions
554 Heikki Hannikainen (1):
555 Always load intermediate certificates from a PKCS#12 file
558 Support non-ASCII TAP adapter names on Windows
559 Support non-ASCII characters in Windows tmp path
562 TLS version negotiation
563 Added "setenv opt" directive prefix.
564 Set SSL_OP_NO_TICKET flag in SSL context for OpenSSL builds, to disable TLS stateless session resumption.
567 Fix spurious ignoring of pushed config options (trac#349).
569 Joachim Schipper (3):
570 Refactor tls_ctx_use_external_private_key()
571 --management-external-key for PolarSSL
572 external_pkcs1_sign: Support non-RSA_SIG_RAW hash_ids
575 Correct error text when no Windows TAP device is present
576 Require a 1.2.x PolarSSL version
579 tls_ctx_load_ca: Improve certificate error messages
582 Remove duplicate cipher entries from TLS translation table.
585 Fix configure interaction with static OpenSSL libraries
588 Do not pass struct tls_session* as void* in key_state_ssl_init().
589 Require polarssl >= 1.2.10 for polarssl-builds, which fixes CVE-2013-5915.
590 Use RSA_generate_key_ex() instead of deprecated, RSA_generate_key()
591 Also update TLSv1_method() calls in support code to SSLv23_method() calls.
592 Update TLSv1 error messages to SSLv23 to reflect changes from commit 4b67f98
593 If --tls-cipher is supplied, make --show-tls parse the list.
594 Add openssl-specific common cipher list names to ssl.c.
597 Add support for client-cert-not-required for PolarSSL.
600 Fix "." in description of utun.
603 2013.05.31 -- Version 2.3.2
605 Only print script warnings when a script is used. Remove stray mention of script-security system.
606 Move settings of user script into set_user_script function
607 Move checking of script file access into set_user_script
610 Provide more accurate warning message
613 Fix NULL-pointer crash in route_list_add_vpn_gateway().
614 Fix problem with UDP tunneling due to mishandled pktinfo structures.
617 Always push basic set of peer info values to server.
619 Jan Just Keijser (1):
620 make 'explicit-exit-notify' pullable again
623 Fix proto tcp6 for server & non-P2MP modes
624 Fix Windows script execution when called from script hooks
627 Fixed tls-cipher translation bug in openssl-build
628 Fixed usage of stale define USE_SSL to ENABLE_SSL
631 Fix segfault when enabling pf plug-ins
635 2013.03.29 -- Version 2.3.1
637 Remove dead code path and putenv functionality
638 Remove unused function xor
639 Move static prototype definition from header into c file
640 Remove unused function no_tap_ifconfig
643 fix build with automake 1.13(.1)
645 Christian Niessner (1):
646 Fix corner case in NTLM authentication (trac #172)
649 Update README.IPv6 to match what is in 2.3.0
650 Repair "tcp server queue overflow" brokenness, more <stdbool.h> fallout.
651 Permit pool size of /64.../112 for ifconfig-ipv6-pool
652 Add MIN() compatibility macro
653 Fix directly connected routes for "topology subnet" on Solaris.
656 close more file descriptors on exec
657 Ignore UTF-8 byte order mark
658 reintroduce --no-name-remapping option
659 make --tls-remote compatible with pre 2.3 configs
660 add new option for X.509 name verification
662 Jan Just Keijser (1):
663 man page patch for missing options
666 Fix parameter listing in non-debug builds at verb 4
667 (updated) [PATCH] Warn when using verb levels >=7 without debug
670 Enable TCP_NODELAY configuration on FreeBSD.
673 Removed ChangeLog.IPv6
674 Added cross-compilation information INSTALL-win32.txt
676 Cleaned up and updated INSTALL
680 Improve PolarSSL key_state_read_{cipher, plain}text messages
681 Improve verify_callback messages
682 Config compatibility patch. Added translate_cipher_name.
683 Switch to IANA names for TLS ciphers.
684 Fixed autoconf script to properly detect missing pkcs11 with polarssl.
685 Use constant time memcmp when comparing HMACs in openvpn_decrypt.
688 2013.01.07 -- Version 2.3.0
690 Fix parameter type for IP_TOS setsockopt on non-Linux systems.
691 Fix client crash on double PUSH_REPLY.
693 2012.12.17 -- Version 2.3_rc2
695 Fix --show-pkcs11-ids (Bug #239)
698 Error message if max-routes used incorrectly
699 Properly require --key even if defined(MANAGMENT_EXTERNAL_KEY)
700 Remove dnsflags_to_socktype, it is not used anywhere
701 Fix the proto is used inconsistently warning
703 David Sommerseth (3):
704 Fix double-free issue in pf_destroy_context()
705 The get_default_gateway() function uses warn() instead of msg()
706 Avoid recursion in virtual_output_callback_func()
709 Implement --mssfix handling for IPv6 packets.
710 Fix option inconsistency warnings about "proto" and "tun-ipv6"
712 Joachim Schipper (2):
713 doc/management-notes.txt: fix typo
714 Fix typo in ./configure message
716 2012.10.31 -- Version 2.3_rc1
718 Fixed a bug where PolarSSL gave an error when using an inline file tag.
721 Document man agent-external-key
722 Options parsing demands unnecessary configuration if PKCS11 is used
724 David Sommerseth (2):
725 Make git ignore some more files
726 Remove the support for using system() when executing external programs or scripts
729 Fix display of plugin hook types
730 Support UTF-8 --client-config-dir
733 Fix v3 plugins to support returning values back to OpenVPN.
735 2012.09.12 -- Version 2.3_beta1
737 Fixes error: --key fails with EXTERNAL_PRIVATE_KEY: No such file or directory if --management-external-key is used
738 Merge almost identical create_socket_tcp and create_socket_tcp6
739 Document the inlining of files in openvpn and document key-direction
740 Merge getaddr_multi and getaddr6 into one function
741 Document --management-client and --management-signal a bit better
742 Document that keep alive will double the second value in server mode and give a short explanation why the value is chosen.
743 Add checks for external-key-managements
745 David Sommerseth (1):
746 Fix reconnect issues when --push and UDP is used on the server
749 Reduce --version string detail about IPv6 to just "[IPv6]".
750 Put actual OpenVPN command line on top of corresponding log file.
751 Keep pre-existing tun/tap devices around on *BSD
752 make "ipv6 ifconfig" on linux compatible with busybox ifconfig
755 fix regression with --http-proxy[-*] options
756 add x_msg_va() log function
757 add API for plug-ins to write to openvpn log
758 remove stale _openssl_get_subject() prototype
759 remove unused flag SSLF_NO_NAME_REMAPPING
760 Add --compat-names option
762 2012.07.20 -- Version 2.3_alpha3
764 Fix compiling with --disable-management
767 Repair "tap server" mode brokenness caused by <stdbool.h> fallout
770 make non-blocking connect work on Windows
771 don't treat socket related errors special anymore
772 remove unused show_connection_list debug function
773 add option --management-query-proxy
775 2012.06.29 -- Version 2.3_alpha2
776 Adriaan de Jong (11):
777 Fixed off-by-one in serial length calculation
778 Migrated x509_get_subject to use of the garbage collector
779 Migrated x509_get_serial to use the garbage collector
780 Migrated x509_get_sha1_hash to use the garbage collector
781 Ensure sys/un.h autoconf detection includes sys/socket.h
782 Added support for new PolarSSL 1.1 RNG
783 Added a configuration option to enable prediction resistance in the PolarSSL random number generator.
784 Use POLARSSL_CFLAGS instead of POLARSSL_CRYPTO_CFLAGS in configure.ac
785 Removed support for PolarSSL < 1.1
786 Updated README.polarssl with build system changes.
787 Removed stray "Fox-IT hardening" string.
790 build: version should not contain '-'
791 package: rpm: strip should be handled by package management
792 cleanup: options.c: remove redundant include
793 cleanup: remove C++ warnings
794 cleanup: win32.c: wrong printf format
795 cleanup: remove redundant ';'
796 cleanup: crypto_openssl.c: remove support for pre-openssl-0.9.6
797 cleanup: tun.c: fix incorrect option in message (ip-win32)
798 cleanup: memcmp.c: remove unused source
799 fixup: init.c: add missing conditional for ENABLE_CLIENT_CR
800 build: correct place to alter WINVER is at build system
802 build: handle printf style format in mingw
803 build: rename plugin directory to plugins
804 build: plugins: properly use CC, CFLAGS and LDFLAGS
805 build: we need the sample.ovpn in future
809 cleanup: rename tap-windows function from win32 to win
810 build: remove windows specific build system
811 build: split acinclude.m4 into m4/*
812 build: m4/ax_varargs.m4: cleanup
813 build: m4/ax_emptyarray.m4: cleanup
814 build: m4/ax_socklen_t.m4: cleanup
815 build: autotools: first pass of trivial autotools changes
816 build: autoconf: remove OPENVPN_ADD_LIBS useless macro
817 build: remove awk and non-standard autoconf output processing
818 build: standard directory layout
819 build: add libtool + windows resources for executables
820 build: autoconf: commands as environment
822 build: properly detect and use socket libs
823 build: autoconf: minor cleanups
824 build: proper selinux detection and usage
825 build: distribute pkg.m4
826 build: proper pkcs11-helper detection and usage
827 build: properly process lzo-stub
828 build: proper lzo detection and usage
829 build: proper crypto detection and usage
830 build: autoconf: update defaults for options
831 build: win-msvc: msbuild format
832 build: move out config.h include from syshead
833 build: split out compat
834 build: move gettimeofday() emulation to compat
835 build: move daemon() emulation into compat
836 build: move inet_ntop(), inet_pton() emulation into compat
837 cleanup: move console related function into its own module
838 build: move wrappers into platform module
839 build: windows: install version.sh to allow installer read version
840 build: distribute samples in windows
841 build: use tap-windows.h as external dependency
842 build: ax_varargs.m4: fixups
843 build: autoconf: misc sockets fixups
844 build: enable lzo by default
845 build: windows: set vendor to openvpn project + cleanups
846 build: assume dlfcn is available on all supported platforms
847 build: openbsd: detect netinet/ip.h correctly
848 build: tap: search for tap header
849 build: msvc: upgrade to Visual Studio 2010 + fixups
850 Enable pedantic in windows compilation
851 cleanup: flags should not be bool
852 cleanup: avoid using ~0 - generic
853 cleanup: avoid using ~0 - ipv6
854 cleanup: avoid using ~0 - netmask
855 cleanup: avoid using ~0 - windows
857 build: fix some statement left from conversion
858 build: properly detect netinet/ip.h structs
859 build: properly detect TUNSETPERSIST
860 cleanup: plugin: support C++ plugin
861 cleanup: remove C++ comments
862 cleanup: add .gitattributes to control eol style explicitly
863 crash: packet_id_debug_print: sl may be null
864 build: use stdbool.h if available
865 build: fix typo in --enable-save-password
866 build: windows: convert resources to UTF-8
867 build: check minimum polarssl version
868 cleanup: update .gitignore
869 cleanup: spec: make space/tab consistent
870 build: spec: we support openssl >= 0.9.7
871 build: insall README* document using build system
872 build: detect sys/wait.h required for *bsd
873 build: add git revision to --version output if build from git repository
874 build: cleanup: yet another forgotten brackets
875 build: update INSTALL to recent changes
876 build: support platforms that does not need explicit tun headers
877 build: do not support <polarssl-1.1.0
878 build: add --with-special-build to provide special build string
879 cleanup: pkcs11.c: resolve wanings
880 build: integrate plugins build into core build
881 build: plugins: set defaults based on platform
882 cleanup: windows: convert argv (UCS-2 to UTF-8) at earliest
883 build: msvc: chdir with change drive to script location
886 Add the query to the error message.
887 Explain that route-nopull also causes the client to ignore dhcp options.
888 Add the name of the context where option is not allowed to the error message.
889 Only use tmpdir if tmp_dir is really used.
890 Completely remove ancient IANA port warning.
891 Remove ENABLE_INLINE_FILES conditionals
892 Remove ENABLE_CONNECTIONS ifdefs
894 David Sommerseth (5):
895 Clean-up: Presume that Linux is always IPv6 capable at build time
896 Simplify check_cmd_access() function
897 Change version to indicate the master branch is not a version
898 Some filesystems don't like ':', which is a path 'make dist' would use
899 Remove two unused functions
901 Frank de Brabander (1):
902 Fix reported compile issues on OSX 10.6.8
905 repair t_client.sh test after build system revolution
906 t_client.sh iproute2 script fixes
907 t_client.sh - fix for iproute2, print summary line
908 Implement search for "first free" tun/tap device on Solaris
909 cleanup and redefine metric handling for IPv6 routes
910 remove "*option" element in "struct route_ipv6"
911 Remove warning about explicit support for IPv6 support not provided MacOS X
912 Add missing pieces to IPv6 route gateway handling.
913 Update TODO.IPv6 list
914 Remove #include "config.h" from ssl_polarssl.h
917 remove wrapper code for Windows CryptoAPI function
918 fix warnings in event.c when building for win32-64
919 remove the --auto-proxy option from openvpn
922 Remove calls to OpenSSL when building with --disable-ssl
924 Jonathan K. Bullard (2):
925 Fix file access checks on commands
926 Clarified the docs and help screen about what a 'cmd' is
929 Added notes about upgrading from 2.3-alpha1 and earlier to INSTALL-win32.txt
931 2012.02.21 -- Version 2.3-alpha1
932 Adriaan de Jong (127):
933 Added Doxygen doxyfile
934 Changed configure to accept --with-ssl-type=openssl
935 Refactored to rand_bytes for OpenSSL-independency
936 Refactored OpenSSL-specific constants
937 Refactored maximum cipher and hmac length constants
938 Refactored show_available_* functions
939 Refactored SSL_clear_error()
940 Refactored crypto initialisation functions
941 Refactored DES key manipulation functions
942 Refactored NTLM DES key generation
943 Refactored message digest type functions
944 Refactored message digest functions
945 Refactored HMAC functions
946 Refactored cipher key types
947 Refactored cipher functions
949 Refactored: Moved crypto.h inline functions to end of file
950 Removed stale OpenSSL defines from crypto.h
951 Added a check for Openssl or PolarSSL defines
952 Refactored: Added stubs for new files
953 Refactored SSL initialisation functions
954 Refactored TLS_PRF to new hmac and md primitives
955 Refactored tls_show_available_ciphers
956 Refactored get_highest_preference_tls_cipher
957 Refactored root SSL context initialisation
958 Refactored new external key code
959 Refactored DH paramater loading
960 Refactored root TLS option settings
961 Refactored PKCS#12 key loading
962 Refactored PKCS#11 loading
963 Refactored windows cert loading
964 Refactored load certificate functions
965 Refactored private key loading code
966 Refactored external key loading from management
967 Refactored CA and extra certs code
968 Refactored cipher restriction code
969 Refactored tls_options, key_state, and key_source data structures
970 Refactored initalisation of key_states
971 Refactored key_state free code
972 Refactored print_details
973 Refactored key_state read code (including bio_read())
974 Refactored key_state write functions
975 Refactored: Moved BIO debug functions to OpenSSL backend
976 Refactored: removed ks and ks_lame macro for clarity
977 Refactored: moved write_empty_string function back
978 Refactored Doxygen for tls_multi functions
979 Migrated data structures needed by verification functions to ssl_common.h
980 Refactored client_config_dir_exclusive function
981 Refactored certificate hash lock checks
982 Refactored common name locking functions
983 Refactored username and password authentication code
984 Add some extra comments
985 Refactored: split verify_callback into two parts
986 Added function to extract and verify the subject from a certificate
987 Added function to verify and extract the username
988 Refactored: removed global x509_username_field
989 Refactored: separated environment setup during verification
990 Refactored: Netscape certificate type verification
991 Refactored key usage verification code
992 Refactored EKU verification
993 Refactored tls-remote checking
994 Refactored tls-verify-plugin code
995 Refactored tls-verify script code
996 Refactored CRL checks
997 Minor cleanup in verify_cert:
998 Refactored: Moved verify_cert to ssl_verify
1000 Refactored: made M_SSL dependent on USE_OPENSSL
1001 Refactored: renamed X509 functions from verify_*
1002 Separated OpenSSL-specific parts of the PKCS#11 driver
1003 Modified base64 code in preparation for PolarSSL merge
1004 Final cleanup before PolarSSL addition:
1005 Refactored X509 track feature to be contained within the openssl backend
1006 Added PolarSSL support:
1007 Fixed a missing include in ssl_backend.h
1008 Fixed a bug in the hash generation in ssl_verify_openssl.c
1009 Added SHA_DIGEST_SIZE definition
1010 Changed PolarSSL crypto backend to support v0.99-pre5
1011 Updated ssl_polarssl.c to work with 0.99-pre5
1012 Fixed a compilation warning for size_t key sizes
1013 Added a warning that the PolarSSL library does not support pkcs12 files.
1014 Added warning that --capath is not available with PolarSSL
1015 Disable CryptoAPI when not using OpenSSL, and document that fact.
1016 Removed support for management external keys in PolarSSL
1017 Removed stray X509_free from ssl.c
1018 Refactored (and disabled for PolarSSL) support for writing external cert files in scripts
1019 Added an extra define to allow building without PKCS#11
1020 Added SSL library to title string
1021 Disabled X.509 track and username selection for PolarSSL
1022 Hardening: periodically reset the PRNG's nonce value
1023 Fixes for the plugin system:
1024 Further improvements to plugin support:
1025 Fixed an unintentional change in the options calculated key size.
1026 Moved print messages back to generic crypto.c from cipher backends
1027 Moved HMAC prints back to main crypto module
1028 Added back checks for ks->authenticated in verify_user_pass
1029 Moved gc_new and gc_free to begin end of function
1030 Fixed a bug in the return value of ssl_verify when pre_verify failed
1031 Unified verification function return values:
1032 Removed a stray Fox-IT tag
1033 Fixed a typo: print the subject instead of the serial for verification errors
1034 Made SSL_CIPHER const in print_details, to fix warning
1035 Moved to PolarSSL 1.0.0:
1036 Added missing #ifdef to allow --disable-managent to work again
1037 Fixed disabling crypto and SSL
1038 Got rid of a few magic numbers in ntlm.c
1039 Removed obsolete des_cblock and des_keyschedule
1040 Further removal of des_old.h based calls
1041 Fixed missing comma in plugin.h
1042 Moved prng_uninit out of crypto_uninit_lib
1043 Moved CryptoAPI header include to the ssl_openssl.c
1044 Reordered functions to ensure warning-free Windows build
1045 Added options to switch between OpenSSL and PolarSSL and PKCS11...
1046 Moved from strsep to strtok, for Windows compatibility
1047 Minor cleanup to enable warning-free Windows build:
1048 Fixed a typo when initialising cryptoapi certs
1049 Minor code cleanup: cleaned up error handling in verify_cert.
1050 Moved out of memory prototype to error.h, as the definition is in error.c
1051 Removed support for calling gc_malloc with a NULL gc_arena struct
1053 (The follwing patches from Adriaan was mistakenly merged with
1054 the wrong commit author in the git tree)
1055 Doxygen: Added data channel crypto docs
1056 Added control channel crypto docs
1057 Added compression docs
1058 Added reliability layer documentation
1059 Added memory management documentation
1060 Added data channel fragmentation docs
1061 Added main/control docs
1062 Moved doxygen-specific files to a separate directory
1065 autoconf fixes for building on OSX
1067 David Sommerseth (50):
1068 Provide 'dev_type' environment variable to plug-ins and script hooks
1069 Define the new openvpn_plugin_{open,func}_v3() API
1070 Implement the core v3 plug-in function calls.
1071 Extend the v3 plug-in API to send over X509 certificates
1072 Added a simple plug-in demonstrating the v3 plug-in API.
1073 Separate the general plug-in version constant and v3 plug-in structs version
1074 Use a version-less version identifier on the master branch
1075 Fix the --client-cert-not-required feature
1076 Change the default --tmp-dir path to a more suitable path
1077 Improve the mysprintf() issue in openvpnserv.c
1078 Add a simple comment regarding openvpn_snprintf() is duplicated
1079 Merge branch 'feat_ipv6_transport'
1080 Merge branch 'feat_ipv6_payload'
1081 Merge branch 'svn-branch-2.1' into merge
1082 Solved hidden merge conflicts between master and svn-branch-2.1
1083 Fix const declarations in plug-in v3 structs
1084 Merge remote-tracking branch 'cron2/feat_ipv6_payload_2.3'
1085 Don't define ENABLE_PUSH_PEER_INFO if SSL is not available
1086 Fix compiling issues with pkcs11 when --disable-management is configured
1087 Remove support for Linux 2.2 configuration fallback
1088 Revert "Add new openssl.cnf to easy-rsa/Windows"
1089 Merge remote branch SVN 2.1 into the git tree
1090 Merge branch 'svn-merger'
1091 Fix Microsoft Visual Studio incompatibility in plugin.c
1092 Fixed compile issues on FreeBSD and Solaris
1093 Fix PolarSSL and --pkcs12 option issues
1094 Fix FreeBSD/OpenBSD/NetBSD compiler warnings in get_default_gateway()
1095 Make '--win-sys env' default
1096 Do some file/directory tests before really starting openvpn
1097 Fix bug after removing Linux 2.2 support
1098 Don't look for 'stdin' file when using --auth-user-pass
1099 Fix compiling with --disable-crypto and/or --disable-ssl
1100 Fix a couple of issues in openvpn_execve()
1101 Move away from openvpn_basename() over to platform provided basename()
1102 Enable access() when building in Visual Studio
1103 New Windows build fixes
1104 Fix compilation errors on Linux platforms without SO_MARK
1105 autotools ./configure don't like compat.h
1106 Fix pool logging when IPv6 is not enabled
1107 Don't check for file presence on inline files
1108 Add --route-pre-down/OPENVPN_PLUGIN_ROUTE_PREDOWN script/plug-in hook
1109 Enhance the error handling in _openssl_get_subject()
1110 Fix assert() situations where gc_malloc() is called without a gc_arena object
1111 Fix compile issues when plug-ins are disabled.
1112 Remove --show-gateway if debug info is not enabled (--disable-debug)
1113 Fix compile issues with status.c
1114 Connection entry {tun,link}_mtu_defined not set correctly
1115 Makefile.am referenced a now non-existing config-win32.h
1116 Makefile.am was missing ssl_common.h
1117 Revamp check_file_access() checks in stdin scenarios
1120 New feauture: Add --stale-routes-check
1122 Frank de Brabander (1):
1123 Fixed wrong return type of cipher_kt_mode
1125 Frederic Crozat (1):
1126 Add support to forward console query to systemd
1129 Add more detailed explanation regarding the function of "--rdns-internal"
1130 Enable IPv6 Payload in OpenVPN p2mp tun server mode. 20100104-1 release.
1131 remove NOTES file from commit - private scribbling
1132 NetBSD fixes - on 4.0 and up, use multi-af mode.
1133 new feature: "ifconfig-ipv6-push" (from ccd/ config)
1134 add some TODOs to TODO.IPv6
1135 undo accidential duplication of existing "--iroute" line in the help text
1136 basic documentation of IPv6 related options and their syntax
1137 Enable IPv6 Payload in OpenVPN p2mp tun server mode.
1138 remove NOTES file from commit - private scribbling
1139 env_block(): if PATH is not set, add standard PATH setting to env
1140 add IPv6 route add / route delete code for windows (using "netsh")
1141 - Win32 IPv6 ifconfig support, using "netsh" calls
1142 drop "book ipv6" from open_tun() and tuncfg() prototypes
1143 document recent changes and open TODOs, adapt --version info, tag release
1144 Win32: set next-hop for IPv6 routes according to TUN/TAP mode
1145 when deleting a route on win32, also add gateway address
1146 WIN32: if IPv6 requested in TUN mode, check if TUN/TAP driver < 9.7
1147 revert unconditionally-enabling of setenv_es() logging
1148 implement IPv6 ifconfig + route setup/deletion on OpenBSD
1149 full "VPN client connect" test framework for OpenVPN t_client.rc-sample
1150 renamed t_client.sh to t_client.sh.in
1151 2.2-beta3 has a signed TAP driver with the IPv6 code - test for 9.8
1152 correct URL for "more information about IPv6 patch is *here*"
1153 bugfix for linux/iproute2: IPv6 ifconfig code block was not called for "dev tun"+"topology subnet"
1154 bump IPv6 version number (openvpn --version) to 20100922-1
1155 Implement "ipv6 ifconfig" for TAP interfaces on Solaris interfaces
1156 rebased to 2.2RC2 (beta 2.2 branch)
1157 Windows IPv6 cleanup - properly remove IPv6 routes and interface config
1158 For all accesses to "struct route_list * rl", check first that rl is non-NULL
1159 Replace 32-bit-based add_in6_addr() implementation by an 8-bit based one
1160 Platform cleanup for NetBSD
1161 Move block for "stale-routes-check" config inside #ifdef P2MP_SERVER block
1162 add missing break between "case IPv4" and "case IPv6"
1163 bump tap driver version from 9.8 to 9.9
1164 log error message and exit for "win32, tun mode, tap driver version 9.8"
1165 work around inet_ntop/inet_pton problems for MSVC builds on WinXP
1166 Fix build-up of duplicate IPv6 routes on reconnect.
1167 Fix list-overrun checks in copy_route_[ipv6_]option_list()
1168 add "print test titles" and "use sudo" functionality to t_client.rc
1169 Platform cleanup for FreeBSD
1170 Implement IPv6 interface config with non-/64 prefix lengths.
1171 Fix RUN_SUDO functionality for t_client.sh
1172 Document IPv6-related environment variables.
1173 Platform cleanup for OpenBSD
1176 Avoid re-defining uint32_t when using mingw compiler
1178 Gustavo Zacarias (1):
1179 Fix compile issues when using --enable-small and --disable-ssl/--disable-crypto
1182 add .gitignore to official repository
1183 remove function is_proto_tcp()
1184 remove legacy code to query IE proxy information
1185 lowercase include header name in syshead.h
1186 define IN6_ARE_ADDR_EQUAL macro for WIN32
1187 add --mark option to set SO_MARK sockopt
1188 Windows UTF-8 input/output
1189 UTF-8 X.509 distinguished names
1190 set Windows environment variables as UCS-2
1191 handle Windows unicode paths
1192 replace check for TARGET_WIN32 with WIN32
1193 do not use mode_t on Windows
1194 use the underscore version of stat on Windows
1195 make MSVC link against shell32 as well
1196 move variable declaration to top of function
1197 define access mode flag X_OK as 0 on Windows
1199 Igor Novgorodov (1):
1200 The code blocks enabled by ENABLE_CLIENT_CR depends on management
1203 Added "management-external-key" option.
1204 Minor addition of logging info before and after execution of Windows net commands.
1205 Misc fixes to r6708.
1206 Added --x509-track option.
1207 * added --management-up-down option to allow management interface to be notified of tunnel up/down events.
1208 Fixed minor compile issue triggered on builds where MANAGEMENT_DEF_AUTH is not enabled.
1209 Implemented get_default_gateway_mac_addr for Mac OS X
1211 Properly handle certificate serial numbers > 32 bits.
1212 Added "client-nat" option for stateless, one-to-one NAT on the client side.
1213 Renamed branch to reflect that it is no longer beta.
1214 env_filter_match now includes the serial number of all certs
1215 Fixed issue where a client might receive multiple push replies from a server
1216 Fixed bug introduced in r7031 that might cause this error message:
1217 Extended "client-kill" management interface command (server-side)
1218 Client will now try to reconnect if no push reply received within handshake-window seconds.
1220 Fixed compiling issues when using --disable-crypto
1221 Added "management-external-key" option.
1222 Misc fixes to r6708.
1223 win/sign.py now accepts an optional tap-dir argument.
1224 Added "auth-token" client directive
1225 Added ./configure --enable-osxipconfig option for Mac OS X
1226 Added more packet ID debug info at debug level 3 for debugging false positive packet replays.
1227 Fixed bug that incorrectly placed stricter TCP packet replay rules on UDP sessions
1228 Fixed bug in port-share that could cause port share process to crash
1229 For Mac OSX, when DARWIN_USE_IPCONFIG is defined, retry ipconfig command on failure
1231 Revert r7092 and r7151, i.e. remove --enable-osxipconfig configure option.
1232 Added 'dir' flag to "crl-verify" (see man page for info).
1233 Added new "extra-certs" and "verify-hash" options
1234 Fixed compile issues on Windows.
1235 Added --enable-lzo-stub configure option to build an OpenVPN client without LZO
1236 Added optional journal directory argument to "port-share" directive
1237 Reduce log verbosity at level 3, with a focus on removing excessive log verbosity generated by port-share activity.
1238 env_filter_match now includes the serial number of all certs in chain
1239 Added support for static challenge/response protocol.
1241 Added redirect-gateway block-local flag, with support for Linux, Mac OS X
1242 Extended x509-track to allow SHA1 certificate hash to be extracted
1243 Added "management-query-remote" directive (client) to allow the management interface to override the "remote" directive.
1245 Fixed MSVC compile error related to r7408.
1246 Redact "echo" directive strings from log, since these strings (going forward) could conceivably contain security-sensitive data.
1247 Modified sanitize_control_message to remove redacted data from control string rather than blotting it out with "_" chars.
1248 Changed CC_PRINT character class to allow UTF-8 chars.
1249 Increased the --verb threshold for "PID_ERR replay" messages to 4 from 3.
1250 Fixed issue where redirect-gateway block-local code was not correctly calculating...
1251 CC_PRINT character class now allows any 8-bit character value >= 32.
1252 "status" management interface command (version >= 2) will now include the username for each connected user.
1253 Minor fix to CC_PRINT char class
1254 Fixed management interface bug where >FATAL notifications were not being output properly
1255 Raised D_PID_DEBUG_LOW from level 3 to 4 to reduce replay error verbosity at level 3.
1256 Added "memstats" option to maintain real-time operating stats in a memory-mapped file.
1257 Fixed client issues with DHCP Router option extraction/deletion when using layer 2 with DHCP proxy:
1258 Allow "tap-win32 dynamic <offset>" to be used in topology subnet mode.
1259 Added support for "on-link" routes on Linux client
1261 Jan Just Keijser (1):
1262 Made some options connection-entry specific
1265 common_name passing in auth_pam plugin
1267 JuanJo Ciarlante (40):
1268 * rebased openvpn-2.1_rc1b.jjo.20061206.d.patch
1269 * created getaddr6(), use it from resolve_remote()
1270 * migrated all getaddrinfo() to getaddr6
1271 * socket.c: use USE_PF_INET6 in switch constructs to actually toss them out,
1272 * support --disable-ipv6 build properly:
1273 * important fix for tcp6 reconnection was incorrectly creating a PF_INET socket
1274 * added README.ipv6.txt
1275 * fixed win32 non-ipv6 build
1276 * ipv6 on win32 "milestone": 1st snapshot that passes all unittests
1277 * document ipv6 milestone status
1278 * doc update w/unittests results
1279 * make possible to x-compile openvpn/win32 in Linux
1280 * correctly setup hints.ai_socktype for getaddrinfo(), althought sorta hacky, see TODO.ipv6.
1281 * renamed README.ipv6{.txt,}
1282 * updated {README,TODO}.ipv6 from feedback at openvpn-devel mlist
1283 * init.c: document the ENABLE_MANAGEMENT place to work on
1284 * init.c: small in-doc tweaks
1285 * fix multi-tcp crash (corrected assertion)
1287 * socket.c: better buf logic in print_sockaddr_ex
1288 * fixed segfault for undef address family in print_sockaddr_ex (thanks Marcel!)
1290 * openbsd: no IFF_MULTICAST, #ifdef around it
1291 * no new funcionality, just small cleanups
1292 * (prototype) fix for supporting "redirect-gateway" for tunneled ipv4 over ipv6 endpoints
1293 * polished redirect-gateway (ipv4 on ipv6 endpoints) support
1295 * fix --disable-ipv6 build
1297 * rebased to v2.1.1 release
1298 * undo mroute.c changes related to ipv6 payload
1299 * fix --multihome for ipv4
1300 * fix --multihome for ipv6
1301 * ipv6-0.4.14: fix xinetd usage
1302 * ipv6-0.4.15: add --multihome support to xBSD
1303 * ipv6-0.4.15b: rebase over openvpn-testing-master
1304 * ipv6-0.4.16: fix mingw32 build
1305 * make ipv6_payload compile under windowze
1306 USE_PF_INET6 by default for v2.3
1307 fix ipv6 compilation under macosx >= 1070 - v3
1310 Add extv3 X509 field support to --x509-username-field
1312 Matthew L. Creech (1):
1313 Fix 2.2.0 build failure when management interface disabled
1315 Matthias Andree (1):
1316 Skip rather than fail test in addressless FreeBSD jails.
1319 Update man page with info about --capath
1320 Update man page with info about --connect-timeout
1321 Added info about --show-proxy-settings
1322 Documented --x509-username-field option
1323 Documented --errors-to-stderr option
1324 Documented --push-peer-info option
1325 Update man page with info about --remote-random-hostname
1326 Added man page entry for --management-client
1328 Samuli Seppänen (19):
1329 Add man page entry for --redirect-private
1330 Change all CRLF linefeeds to LF linefeeds
1331 Fix a bug in devcon source code handling
1332 Removed Win2k from supported platforms list in INSTALL and win/openvpn.nsi
1333 Fixed copying of tapinstall.exe to dist/bin when using prebuilt TAP-drivers
1334 Fixed a bug with GUI icon deletion on upgrade from 2.2-RC or earlier
1335 Fix a build-ca issue on Windows
1336 Add new openssl.cnf to easy-rsa/Windows
1337 Updated "easy-rsa" for OpenSSL 1.0.0
1338 Made domake-win builds to use easy-rsa/2.0/openssl-1.0.0.cnf
1339 Fixes to easy-rsa/2.0
1340 Merged TODO.IPv6 with TODO.ipv6 and README.IPv6 with README.ipv6
1341 Fixed a number of fatal build errors on Visual Studio 2008
1342 Fix a Visual Studio 2008 build issue in socket.c
1343 Additional Visual Studio 2008 build fixes to tun.c
1344 Fixed a typo in win32.h that prevented building with Visual Studio
1345 Fixed a regression causing VS2008/Python build failure
1346 Fix a Visual Studio 2008 build error in tun.c
1347 Fix a Visual Studio 2008 build error in options.c
1350 Fix issues with some older GCC compilers
1352 Stefan Hellermann (2):
1353 plugin.h: update prototype of plugin_call dummy in !ENABLE_PLUGIN case
1354 Fixed typo in plugin.h
1357 Clarify --tmp-dir option
1360 Change the netsh.exe command from "add" to "set".
1362 2011.12.25 -- Version 2.x-master
1364 Added support for "on-link" routes on Linux client -- these are
1365 routes where the gateway is specified as an interface rather than
1366 an address. This allows redirect-gateway to work on Linux clients
1367 whose connection to the internet is via a point-to-point link
1370 Note that at the moment, this capability is incompatible with
1371 the "redirect-gateway block-local" directive -- this is because
1372 the block-local directive blocks all traffic from the local LAN
1373 except for the local and gateway addresses. Since a PPP link
1374 is essentially a subnet of two addresses, local and remote (i.e.
1375 gateway), the set of addresses that would be blocked by block-local
1376 is empty. Therefore, the "redirect-gateway block-local" directive
1377 will be ignored on PPP links.
1379 To view the OpenVPN client's current determination of the default
1380 gateway, use this command:
1382 ./openvpn --show-gateway
1384 2011.03.24 -- Version 2.2-RC2
1386 Windows cross-compile cleanup
1388 David Sommerseth (2):
1389 Open log files as text files on Windows
1390 Clarify default value for the --inactive option.
1393 Implement IPv6 in TUN mode for Windows TAP driver.
1395 Samuli Seppänen (6):
1396 Added support for prebuilt TAP-drivers. Automated embedding manifests.
1397 Fixes to win/openvpn.nsi
1398 Replaced config-win32.h with win/config.h.in
1399 Updated INSTALL-win32.txt
1400 Fixes to Makefile.am
1401 Clarified --client-config-dir section on the man-page.
1404 Fix line continuation in chkconfig init script description.
1406 2011.02.28 -- Version 2.2-RC
1407 David Sommerseth (3):
1408 Make the --x509-username-field feature an opt-in feature
1409 Fix compiler warning when compiling against OpenSSL 1.0.0
1410 Fix packaging of config-win32.h and service-win32/msvc.mak
1413 Minor addition of logging info before and after execution of Windows net commands.
1415 Matthias Andree (1):
1416 Change variadic macros to C99 style.
1418 Samuli Seppänen (15):
1419 Added ENABLE_PASSWORD_SAVE to config-win32.h
1420 Added a nmake makefile for openvpnserv.exe building
1421 Moved TAP-driver version info to version.m4. Cleaned up win/settings.in.
1422 Added helper functionality to win/wb.py
1423 Added support for viewing config-win32.h paramters to win/show.py
1424 Added comments and made small modifications to win/msvc.mak.in
1425 Added command-line switch to win/build_all.py to skip TAP driver building
1426 Added configure.h and version.m4 variable parsing to win/config.py
1427 Added openvpnserv.exe building to win/build.py
1428 Added comments to win/build_ddk.py
1429 Several modifications to win/make_dist.py to allow building the NSI installer
1430 Copied install-win32/setpath.nsi to win/setpath.nsi
1431 Added first version of NSI installer script to win/openvpn.nsi
1432 Changes to buildsystem patchset
1433 Temporary snprintf-related fix to service-win32/openvpnserv.c
1435 2010.11.25 -- Version 2.2-beta5
1437 Samuli Seppänen (1):
1438 Fixed an issue causing a build failure with MS Visual Studio 2008.
1440 2010.11.18 -- Version 2.2-beta4
1442 David Sommerseth (10):
1443 Clarified --explicit-exit-notify man page entry
1444 Clean-up: Remove pthread and mutex locking code
1445 Clean-up: Remove more dead and inactive code paths
1446 Clean-up: Removing useless code - hash related functions
1447 Use stricter snprintf() formatting in socks_username_password_auth() (v3)
1448 Fix compiler warnings about not used dummy() functions
1449 Fixed potential misinterpretation of boolean logic
1450 Only add some functions when really needed
1451 Removed functions not being used anywhere
1452 Merged add_bypass_address() and add_host_route_if_nonlocal()
1455 Integrate support for TAP mode on Solaris, written by Kazuyoshi Aizawa <admin2@whiteboard.ne.jp>.
1456 Make "topology subnet" work on Solaris
1457 Improved man page entry for script_type
1460 Fixed initialization bug in route_list_add_default_gateway (Gert Doering).
1461 Implement challenge/response authentication support in client mode
1462 Make base64.h have the same conditional compilation expression as base64.c.
1463 Fixed compiling issues when using --disable-crypto
1464 In verify_callback, the subject var should be freed by OPENSSL_free, not free
1467 Remove hardcoded path to resolvconf
1470 Add HTTP/1.1 Host header
1473 Adding support for SOCKS plain text authentication
1475 Samuli Seppänen (2):
1476 Added check for variable CONFIGURE_DEFINES into options.c
1477 Added command-line option parser and an unsigned build option to build_all.py
1479 2010.08.21 -- Version 2.2-beta3
1481 * Attempt to fix issue where domake-win build system was not properly
1482 signing drivers and .exe files.
1484 Added win/tap_span.py for building multiple versions of the TAP driver
1485 and tapinstall binaries using different DDK versions to span from Win2K
1489 David Sommerseth (2):
1490 Test framework improvment - Do not FAIL if t_client.rc is missing
1491 More t_client.sh updates - exit with SKIP when we want to skip
1494 Fix compile problems on NetBSD and OpenBSD
1495 Fix <net/if.h> compile time problems on OpenBSD for good
1496 full "VPN client connect" test framework for OpenVPN
1497 Build t_client.sh by configure at run-time.
1500 Fixes openssl-1.0.0 compilation warning
1502 2010.08.16 -- Version 2.2-beta2
1504 * Windows security issue:
1505 Fixed potential local privilege escalation vulnerability in
1506 Windows service. The Windows service did not properly quote the
1507 executable filename passed to CreateService. A local attacker
1508 with write access to the root directory C:\ could create an
1509 executable that would be run with the same privilege level as
1510 the OpenVPN Windows service. However, since non-Administrative
1511 users normally lack write permission on C:\, this vulnerability
1512 is generally not exploitable except on older versions of Windows
1513 (such as Win2K) where the default permissions on C:\ would allow
1514 any user to create files there.
1515 Credit: Scott Laurie, MWR InfoSecurity
1517 * Added Python-based based alternative build system for Windows using
1518 Visual Studio 2008 (in win directory).
1520 * When aborting in a non-graceful way, try to execute do_close_tun in
1521 init.c prior to daemon exit to ensure that the tun/tap interface is
1522 closed and any added routes are deleted.
1524 * Fixed an issue where AUTH_FAILED was not being properly delivered
1525 to the client when a bad password is given for mid-session reauth,
1526 causing the connection to fail without an error indication.
1528 * Don't advance to the next connection profile on AUTH_FAILED errors.
1530 * Fixed an issue in the Management Interface that could cause
1531 a process hang with 100% CPU utilization in --management-client
1532 mode if the management interface client disconnected at the
1533 point where credentials are queried.
1535 * Fixed an issue where if reneg-sec was set to 0 on the client,
1536 so that the server-side value would take precedence,
1537 the auth_deferred_expire_window function would incorrectly
1538 return a window period of 0 seconds. In this case, the
1539 correct window period should be the handshake window
1542 * Modified ">PASSWORD:Verification Failed" management interface
1543 notification to include a client reason string:
1545 >PASSWORD:Verification Failed: 'AUTH_TYPE' ['REASON_STRING']
1547 * Enable exponential backoff in reliability layer
1550 * Set socket buffers (SO_SNDBUF and SO_RCVBUF) immediately after
1551 socket is created rather than waiting until after connect/listen.
1553 * Management interface performance optimizations:
1555 1. Added env-filter MI command to perform filtering on env vars
1556 passed through as a part of --management-client-auth
1558 2. man_write will now try to aggregate output into larger blocks
1559 (up to 1024 bytes) for more efficient i/o
1561 * Fixed minor issue in Windows TAP driver DEBUG builds
1562 where non-null-terminated unicode strings were being
1563 printed incorrectly.
1565 * Fixed issue on Windows with MSVC compiler, where TCP_NODELAY support
1566 was not being compiled in.
1568 * Proxy improvements:
1570 Improved the ability of http-auth "auto" flag to dynamically detect
1571 the auth method required by the proxy.
1573 Added http-auth "auto-nct" flag to reject weak proxy auth methods.
1575 Added HTTP proxy digest authentication method.
1577 Removed extraneous openvpn_sleep calls from proxy.c.
1579 * Implemented http-proxy-override and http-proxy-fallback directives to make it
1580 easier for OpenVPN client UIs to start a pre-existing client config file with
1581 proxy options, or to adaptively fall back to a proxy connection if a direct
1584 * Implemented a key/value auth channel from client to server.
1586 * Fixed issue where bad creds provided by the management interface
1587 for HTTP Proxy Basic Authentication would go into an infinite
1588 retry-fail loop instead of requerying the management interface for
1591 * Added support for MSVC debugging of openvpn.exe in settings.in:
1593 # Build debugging version of openvpn.exe
1594 !define PRODUCT_OPENVPN_DEBUG
1596 * Implemented multi-address DNS expansion on the network field of route
1599 When only a single IP address is desired from a multi-address DNS
1600 expansion, use the first address rather than a random selection.
1602 * Added --register-dns option for Windows.
1604 Fixed some issues on Windows with --log, subprocess creation
1605 for command execution, and stdout/stderr redirection.
1607 * Fixed an issue where application payload transmissions on the
1608 TLS control channel (such as AUTH_FAILED) that occur during
1609 or immediately after a TLS renegotiation might be dropped.
1611 * Added warning about tls-remote option in man page.
1613 2009.12.11 -- Version 2.1.1
1615 * Fixed some breakage in openvpn.spec (which is required to build an
1616 RPM distribution) where it was referencing a non-existent
1617 subdirectory in the tarball, causing it to fail (patch from
1620 2009.12.11 -- Version 2.1.0
1622 * Fixed a couple issues in sample plugins auth-pam.c and down-root.c.
1623 (1) Fail gracefully rather than segfault if calloc returns NULL.
1624 (2) The openvpn_plugin_abort_v1 function can potentially be called
1625 with handle == NULL. Add code to detect this case, and if so, avoid
1626 dereferencing pointers derived from handle (Thanks to David
1627 Sommerseth for finding this bug).
1629 * Documented "multihome" option in the man page.
1631 2009.11.20 -- Version 2.1_rc22
1633 * Fixed a client-side bug on Windows that occurred when the
1634 "dhcp-pre-release" or "dhcp-renew" options were combined with
1635 "route-gateway dhcp". The release/renew would not occur
1636 because the Windows DHCP renew function is blocking and
1637 therefore must be called from another process or thread
1638 so as not to stall the tunnel.
1640 * Added a hard failure when peer provides a certificate chain
1641 with depth > 16. Previously, a warning was issued.
1643 2009.11.12 -- Version 2.1_rc21
1645 * Rebuilt OpenVPN Windows installer with OpenSSL 0.9.8l to address
1646 CVE-2009-3555. Note that OpenVPN has never relied on the session
1647 renegotiation capabilities that are built into the SSL/TLS protocol,
1648 therefore the fix in OpenSSL 0.9.8l (disable SSL/TLS renegotiation
1649 completely) will not adversely affect OpenVPN mid-session SSL/TLS
1650 renegotation or any other OpenVPN capabilities.
1652 * Added additional session renegotiation hardening. OpenVPN has always
1653 required that mid-session renegotiations build up a new SSL/TLS
1654 session from scratch. While the client certificate common name is
1655 already locked against changes in mid-session TLS renegotiations, we
1656 now extend this locking to the auth-user-pass username as well as all
1657 certificate content in the full client certificate chain.
1659 2009.10.01 -- Version 2.1_rc20
1661 * Fixed a bug introduced in 2.1_rc17 (svn r4436) where using the
1662 redirect-gateway option by itself, without any extra parameters,
1663 would cause the option to be ignored.
1665 * Fixed build problem when ./configure --disable-server is used.
1667 * Fixed ifconfig command for "topology subnet" on FreeBSD (Stefan Bethke).
1669 * Added --remote-random-hostname option.
1671 * Added "load-stats" management interface command to get global server
1674 * Added new ./configure flags:
1676 --disable-def-auth Disable deferred authentication
1677 --disable-pf Disable internal packet filter
1679 * Added "setcon" directive for interoperability with SELinux (Sebastien
1682 * Optimized PUSH_REQUEST handshake sequence to shave several seconds
1683 off of a typical client connection initiation.
1685 * The maximum number of "route" directives (specified in the config
1686 file or pulled from a server) can now be configured via the new
1687 "max-routes" directive.
1689 * Eliminated the limitation on the number of options that can be pushed
1690 to clients, including routes. Previously, all pushed options needed
1691 to fit within a 1024 byte options string.
1693 * Added --server-poll-timeout option : when polling possible remote
1694 servers to connect to in a round-robin fashion, spend no more than
1695 n seconds waiting for a response before trying the next server.
1697 * Added the ability for the server to provide a custom reason string
1698 when an AUTH_FAILED message is returned to the client. This
1699 string can be set by the server-side managment interface and read
1700 by the client-side management interface.
1702 * client-kill management interface command, when issued on server, will
1703 now send a RESTART message to client.
1704 This feature is intended to make UDP clients respond the same as TCP
1705 clients in the case where the server issues a RESTART message in
1706 order to force the client to reconnect and pull a new options/route
1709 2009.07.16 -- Version 2.1_rc19
1711 * In Windows TAP driver, refactor DHCP/ARP packet injection code to
1712 use a DPC (deferred procedure call) to defer packet injection until
1713 IRQL < DISPATCH_LEVEL, rather than calling NdisMEthIndicateReceive
1714 in the context of AdapterTransmit. This is an attempt to reduce kernel
1715 stack usage, and prevent EXCEPTION_DOUBLE_FAULT BSODs that have been
1716 observed on Vista. Updated TAP driver version number to 9.6.
1718 * In configure.ac, use datadir instead of datarootdir for compatibility
1719 with <autoconf-2.60.
1721 2009.06.07 -- Version 2.1_rc18
1723 * Fixed compile error on ./configure --enable-small
1725 * Fixed issue introduced in r4475 (2.1-rc17) where cryptoapi.c change
1726 does not build on Windows on non-MINGW32.
1728 2009.05.30 -- Version 2.1_rc17
1730 * Reduce the debug level (--verb) at which received management interface
1731 commands are echoed from 7 to 3. Passwords will be filtered.
1733 * Fixed race condition in management interface recv code on
1734 Windows, where sending a set of several commands to the
1735 management interface in quick succession might cause the
1736 latter commands in the set to be ignored.
1738 * Increased management interface input command buffer size
1739 from 256 to 1024 bytes.
1741 * Minor tweaks to Windows build system.
1743 * Added "redirect-private" option which allows private subnets
1744 to be pushed to the client in such a way that they don't accidently
1745 obscure critical local addresses such as the DHCP server address and
1746 DNS server addresses.
1748 * Added new 'autolocal' redirect-gateway flag. When enabled, the OpenVPN
1749 client will examine the routing table and determine whether (a) the
1750 OpenVPN server is reachable via a locally connected interface, or (b)
1751 traffic to the server must be forwarded through the default router.
1752 Only add a special bypass route for the OpenVPN server if (b) is true.
1753 If (a) is true, behave as if the 'local' flag is specified, and do not
1756 The new 'autolocal' flag depends on the non-portable test_local_addr()
1757 function in route.c, which is currently only implemented for Windows.
1758 The 'autolocal' flag will act as a no-op on platforms that have not
1759 yet defined a test_local_addr() function.
1761 * Increased TLS_CHANNEL_BUF_SIZE to 2048 from 1024 (this will allow for
1762 more option content to be pushed from server to client).
1764 * Raised D_MULTI_DROPPED debug level to 4 from 3 to filter out (at debug
1765 levels <=3) a common and usually innocuous warning.
1767 * Fixed issue of symbol conflicts interfering with Windows CryptoAPI
1768 functionality (Alon Bar-Lev).
1770 * Fixed bug where the remote_X environmental variables were not being
1771 set correctly when the 'local' option is specifed.
1773 2009.05.17 -- Version 2.1_rc16
1775 * Windows installer changes:
1777 1. ifdefed out the check Windows version code which is causing
1778 problems on Windows 7
1780 2. don't define SF_SELECTED if it is already defined
1782 3. Use LZMA instead of BZIP2 compression for better compression
1784 4. Upgraded OpenSSL to 0.9.8k
1786 * Added the ability to read the configuration file
1787 from stdin, when "stdin" is given as the config
1790 * Allow "management-client" directive to be used
1791 with unix domain sockets.
1793 * Added errors-to-stderr option. When enabled, fatal errors
1794 that result in the termination of the daemon will be written
1797 * Added optional "nogw" (no gateway) flag to --server-bridge
1798 to inhibit the pushing of the route-gateway parameter to
1801 * Added new management interface command "pid" to show the
1802 process ID of the current OpenVPN process (Angelo Laub).
1804 * Fixed issue where SIGUSR1 restarts would fail if private
1805 key was specified as an inline file.
1807 * Added daemon_start_time and daemon_pid environmental variables.
1809 * In management interface, added new ">CLIENT:ESTABLISHED" notification.
1813 1. Fixed some issues with C++ style comments that leaked into the code.
1815 2. Updated configure.ac to work on MinGW64.
1817 3. Updated common.h types for _WIN64.
1819 4. Fixed issue involving an #ifdef in a macro reference that breaks early gcc
1822 5. In cryptoapi.c, renamed CryptAcquireCertificatePrivateKey to
1823 OpenVPNCryptAcquireCertificatePrivateKey to work around
1824 a symbol conflict in MinGW-5.1.4.
1826 2008.11.19 -- Version 2.1_rc15
1828 * Fixed issue introduced in 2.1_rc14 that may cause a
1829 segfault when a --plugin module is used.
1831 * Added server-side --opt-verify option: clients that connect
1832 with options that are incompatible with those of the server
1833 will be disconnected (without this option, incompatible
1834 clients would trigger a warning message in the server log
1835 but would not be disconnected).
1837 * Added --tcp-nodelay option: Macro that sets TCP_NODELAY socket
1838 flag on the server as well as pushes it to connecting clients.
1840 * Minor options check fix: --no-name-remapping is a
1841 server-only option and should therefore generate an
1842 error when used on the client.
1844 * Added --prng option to control PRNG (pseudo-random
1845 number generator) parameters. In previous OpenVPN
1846 versions, the PRNG was hardcoded to use the SHA1
1847 hash. Now any OpenSSL hash may be used. This is
1848 part of an effort to remove hardcoded references to
1849 a specific cipher or cryptographic hash algorithm.
1851 * Cleaned up man page synopsis.
1853 2008.11.16 -- Version 2.1_rc14
1855 * Added AC_GNU_SOURCE to configure.ac to enable struct ucred,
1856 with the goal of fixing a build issue on Fedora 9 that was
1857 introduced in 2.1_rc13.
1859 * Added additional method parameter to --script-security to preserve
1860 backward compatibility with system() call semantics used in OpenVPN
1861 2.1_rc8 and earlier. To preserve backward compatibility use:
1863 script-security 3 system
1865 * Added additional warning messages about --script-security 2
1866 or higher being required to execute user-defined scripts or
1869 * Windows build system changes:
1871 Modified Windows domake-win build system to write all openvpn.nsi
1872 input files to gen, so that gen can be disconnected from
1873 the rest of the source tree and makensis openvpn.nsi will
1874 still function correctly.
1876 Added additional SAMPCONF_(CA|CRT|KEY) macros to settings.in
1877 (commented out by default).
1879 Added optional files SAMPCONF_CONF2 (second sample configuration
1880 file) and SAMPCONF_DH (Diffie-Helman parameters) to Windows
1881 build system, and may be defined in settings.in.
1883 * Extended Management Interface "bytecount" command
1884 to work when OpenVPN is running as a server.
1885 Documented Management Interface "bytecount" command in
1886 management/management-notes.txt.
1888 * Fixed informational message in ssl.c to properly indicate
1889 deferred authentication.
1891 * Added server-side --auth-user-pass-optional directive, to allow
1892 connections by clients that do not specify a username/password, when a
1893 user-defined authentication script/module is in place (via
1894 --auth-user-pass-verify, --management-client-auth, or a plugin module).
1896 * Changes to easy-rsa/2.0/pkitool and related openssl.cnf:
1898 Calling scripts can set the KEY_NAME environmental variable to set
1899 the "name" X509 subject field in generated certificates.
1901 Modified pkitool to allow flexibility in separating the Common Name
1902 convention from the cert/key filename convention.
1906 KEY_CN="James's Laptop" KEY_NAME="james" ./pkitool james
1908 will create a client certificate/key pair of james.crt/james.key
1909 having a Common Name of "James's Laptop" and a Name of "james".
1911 * Added --no-name-remapping option to allow Common Name, X509 Subject,
1912 and username strings to include any printable character including
1913 space, but excluding control characters such as tab, newline, and
1914 carriage-return (this is important for compatibility with external
1915 authentication systems).
1917 As a related change, added --status-version 3 format (and "status 3"
1918 in the management interface) which uses the version 2 format except
1919 that tabs are used as delimiters instead of commas so that there
1920 is no ambiguity when parsing a Common Name that contains a comma.
1922 Also, save X509 Subject fields to environment, using the naming
1925 X509_{cert_depth}_{name}={value}
1927 This is to avoid ambiguities when parsing out the X509 subject string
1928 since "/" characters could potentially be used in the common name.
1930 * Fixed some ifconfig-pool issues that precluded it from being combined
1931 with --server directive.
1933 Now, for example, we can configure thusly:
1935 server 10.8.0.0 255.255.255.0 nopool
1936 ifconfig-pool 10.8.0.2 10.8.0.99 255.255.255.0
1938 to have ifconfig-pool manage only a subset
1941 * Added config file option "setenv FORWARD_COMPATIBLE 1" to relax
1942 config file syntax checking to allow directives for future OpenVPN
1943 versions to be ignored.
1945 2008.10.07 -- Version 2.1_rc13
1947 * Bundled OpenSSL 0.9.8i with Windows installer.
1949 * Management interface can now listen on a unix
1950 domain socket, for example:
1952 management /tmp/openvpn unix
1954 Also added management-client-user and management-client-group
1955 directives to control which processes are allowed to connect
1958 * Copyright change to OpenVPN Technologies, Inc.
1960 2008.09.23 -- Version 2.1_rc12
1962 * Patched Makefile.am so that the new t_cltsrv-down.sh script becomes
1963 part of the tarball (Matthias Andree).
1965 * Fixed --lladdr bug introduced in 2.1-rc9 where input validation code
1966 was incorrectly expecting the lladdr parameter to be an IP address
1967 when it is actually a MAC address (HoverHell).
1969 2008.09.14 -- Version 2.1_rc11
1971 * Fixed a bug that can cause SSL/TLS negotiations in UDP mode
1972 to fail if UDP packets are dropped.
1974 2008.09.10 -- Version 2.1_rc10
1976 * Added "--server-bridge" (without parameters) to enable
1977 DHCP proxy mode: Configure server mode for ethernet
1978 bridging using a DHCP-proxy, where clients talk to the
1979 OpenVPN server-side DHCP server to receive their IP address
1980 allocation and DNS server addresses.
1982 * Added "--route-gateway dhcp", to enable the extraction
1983 of the gateway address from a DHCP negotiation with the
1984 OpenVPN server-side LAN.
1986 * Fixed minor issue with --redirect-gateway bypass-dhcp or bypass-dns
1987 on Windows. If the bypass IP address is 0.0.0.0 or 255.255.255.255,
1990 * Warn when ethernet bridging that the IP address of the bridge adapter
1991 is probably not the same address that the LAN adapter was set to
1994 * When running as a server, warn if the LAN network address is
1995 the all-popular 192.168.[0|1].x, since this condition commonly
1996 leads to subnet conflicts down the road.
1998 * Primarily on the client, check for subnet conflicts between
1999 the local LAN and the VPN subnet.
2001 * Added a 'netmask' parameter to get_default_gateway, to return
2002 the netmask of the adapter containing the default gateway.
2003 Only implemented on Windows so far. Other platforms will
2004 return 255.255.255.0. Currently the netmask information is
2005 only used to warn about subnet conflicts.
2007 * Minor fix to cryptoapi.c to not compile itself unless USE_CRYPTO
2008 and USE_SSL flags are enabled (Alon Bar-Lev).
2010 * Updated openvpn/t_cltsrv.sh (used by "make check") to conform to new
2011 --script-security rules. Also adds retrying if the addresses are in
2012 use (Matthias Andree).
2014 * Fixed build issue with ./configure --disable-socks --disable-http.
2016 * Fixed separate compile errors in options.c and ntlm.c that occur
2017 on strict C compilers (such as old versions of gcc) that require
2018 that C variable declarations occur at the start of a {} block,
2021 * Workaround bug in OpenSSL 0.9.6b ASN1_STRING_to_UTF8, which
2022 the new implementation of extract_x509_field_ssl depends on.
2024 * LZO compression buffer overflow errors will now invalidate
2025 the packet rather than trigger a fatal assertion.
2027 * Fixed minor compile issue in ntlm.c (mid-block declaration).
2029 * Added --allow-pull-fqdn option which allows client to pull DNS names
2030 from server (rather than only IP address) for --ifconfig, --route, and
2031 --route-gateway. OpenVPN versions 2.1_rc7 and earlier allowed DNS names
2032 for these options to be pulled and translated to IP addresses by default.
2033 Now --allow-pull-fqdn will be explicitly required on the client to enable
2034 DNS-name-to-IP-address translation of pulled options.
2036 * 2.1_rc8 and earlier did implicit shell expansion on script
2037 arguments since all scripts were called by system().
2038 The security hardening changes made to 2.1_rc9 no longer
2039 use system(), but rather use the safer execve or CreateProcess
2040 system calls. The security hardening also introduced a
2041 backward incompatibility with 2.1_rc8 and earlier in that
2042 script parameters were no longer shell-expanded, so
2045 client-connect "docc CLIENT-CONNECT"
2047 would fail to work because execve would try to execute
2048 a script called "docc CLIENT-CONNECT" instead of "docc"
2049 with "CLIENT-CONNECT" as the first argument.
2051 This patch fixes the issue, bringing the script argument
2052 semantics back to pre 2.1_rc9 behavior in order to preserve
2053 backward compatibility while still using execve or CreateProcess
2054 to execute the script/executable.
2056 * Modified ip_or_dns_addr_safe, which validates pulled DNS names,
2057 to more closely conform to RFC 3696:
2059 (1) DNS name length must not exceed 255 characters
2061 (2) DNS name characters must be limited to alphanumeric,
2062 dash ('-'), and dot ('.')
2064 * Fixed bug in intra-session TLS key rollover that was introduced with
2065 deferred authentication features in 2.1_rc8.
2067 2008.07.31 -- Version 2.1_rc9
2069 * Security Fix -- affects non-Windows OpenVPN clients running
2070 OpenVPN 2.1-beta14 through 2.1-rc8 (OpenVPN 2.0.x clients are NOT
2071 vulnerable nor are any versions of the OpenVPN server vulnerable).
2072 An OpenVPN client connecting to a malicious or compromised
2073 server could potentially receive an "lladdr" or "iproute" configuration
2074 directive from the server which could cause arbitrary code execution on
2075 the client. A successful attack requires that (a) the client has agreed
2076 to allow the server to push configuration directives to it by including
2077 "pull" or the macro "client" in its configuration file, (b) the client
2078 successfully authenticates the server, (c) the server is malicious or has
2079 been compromised and is under the control of the attacker, and (d) the
2080 client is running a non-Windows OS. Credit: David Wagner.
2083 * Miscellaneous defensive programming changes to multiple
2084 areas of the code. In particular, use of the system() call
2085 for calling executables such as ifconfig, route, and
2086 user-defined scripts has been completely revamped in favor
2087 of execve() on unix and CreateProcess() on Windows.
2089 * In Windows build, package a statically linked openssl.exe to work around
2090 observed instabilities in the dynamic build since the migration to
2093 2008.06.11 -- Version 2.1_rc8
2095 * Added client authentication and packet filtering capability
2096 to management interface. In addition, allow OpenVPN plugins
2097 to take advantage of deferred authentication and packet
2098 filtering capability.
2100 * Added support for client-side connection profiles.
2102 * Fixed unbounded memory growth bug in environmental variable
2103 code that could have caused long-running OpenVPN sessions
2104 with many TLS renegotiations to incrementally
2105 increase memory usage over time.
2107 * Windows release now packages openssl-0.9.8h.
2109 * Build system changes -- allow building on Windows using
2110 autoconf/automake scripts (Alon Bar-Lev).
2112 * Changes to Windows build system to make it easier to do
2113 partial builds, with a reduced set of prerequisites,
2114 where only a subset of OpenVPN installer
2115 components are built. See ./domake-win comments.
2117 * Cleanup IP address for persistence interfaces for tap and also
2118 using ifconfig, gentoo#209055 (Alon Bar-Lev).
2120 * Fall back to old version of extract_x509_field for OpenSSL 0.9.6.
2122 * Clarified tcp-queue-limit man page entry (Matti Linnanvuori).
2124 * Added new OpenVPN icon and installer graphic.
2126 * Minor pkitool changes.
2128 * Added --pkcs11-id-management option, which will cause OpenVPN to
2129 query the management interface via the new NEED-STR asynchronous
2130 notification query to get additional PKCS#11 options (Alon Bar-Lev).
2132 * Added NEED-STR management interface asynchronous query and
2133 "needstr" management interface command to respond to the query
2136 * Added Dragonfly BSD support (Francis-Gudin).
2138 * Quote device names before passing to up/down script (Josh Cepek).
2140 * Bracketed struct openvpn_pktinfo with #pragma pack(1) to
2141 prevent structure padding from causing an incorrect length
2142 to be returned by sizeof (struct openvpn_pktinfo) on 64-bit
2145 * On systems that support res_init, always call it
2146 before calling gethostbyname to ensure that
2147 resolver configuration state is current.
2149 * Added NTLMv2 proxy support (Miroslav Zajic).
2151 * Fixed an issue in extract_x509_field_ssl where the extraction
2152 would fail on the first field of the subject name, such as
2153 the common name in: /CN=foo/emailAddress=foo@bar.com
2155 * Made "Linux ip addr del failed" error nonfatal.
2157 * Amplified --client-cert-not-required warning.
2159 * Added #pragma pack to proto.h.
2161 2008.01.29 -- Version 2.1_rc7
2163 * Added a few extra files that exist in the svn repo but were
2164 not being copied into the tarball by make dist.
2166 * Fixup null interface on close, don't use ip addr flush (Alon Bar-Lev).
2168 2008.01.24 -- Version 2.1_rc6
2170 * Fixed options checking bug introduced in rc5 where legitimate configuration
2171 files might elicit the error: "Options error: Parameter pkcs11_private_mode
2172 can only be specified in TLS-mode, i.e. where --tls-server or --tls-client
2175 2008.01.23 -- Version 2.1_rc5
2177 * Fixed Win2K TAP driver bug that was introduced by Vista fixes,
2178 incremented driver version to 9.4.
2180 * Windows build system changes:
2182 Incremented included OpenSSL version to openssl-0.9.7m.
2184 Updated openssl.patch for openssl-0.9.7m and added some
2185 brief usage comments to the head of the patch.
2187 Added build-pkcs11-helper.sh for building the pkcs11-helper
2190 Integrated inclusion of pkcs11-helper into Windows build
2193 Upgraded TAP build scripts to use WDK 6001.17121
2194 (Windows 2008 Server pre-RTM).
2196 * Windows installer changes:
2198 Clean up the start menu folder.
2200 Allow for a site-specific sample configuration file and keys
2201 to be included in a custom installer (see SAMPCONF macros
2204 New icon (temporary).
2206 * Added "forget-passwords" command to the management interface
2209 * Added --management-signal option to signal SIGUSR1 when the
2210 management interface disconnects (Alon Bar-Lev).
2212 * Modified command line and config file parser to allow
2213 quoted strings using single quotes ('') (Alon Bar-Lev).
2215 * Use pkcs11-helper as external library, can be downloaded from
2216 https://www.opensc-project.org/pkcs11-helper (Alon Bar-Lev).
2218 * Fixed interim memory growth issue in TCP connect loop where
2219 "TCP: connect to %s failed, will try again in %d seconds: %s"
2222 * Fixed bug in epoll driver in event.c, where the lack of a
2223 handler for EPOLLHUP could cause 99% CPU usage.
2225 * Defined ALLOW_NON_CBC_CIPHERS for people who don't
2226 want to use a CBC cipher for OpenVPN's data channel.
2228 * Added PLUGIN_LIBDIR preprocessor string to prepend a default
2229 plugin directory to the dlopen search list when the user
2230 specifies the basename of the plugin only (Marius Tomaschewski).
2232 * Rewrote extract_x509_field and modified COMMON_NAME_CHAR_CLASS
2233 to allow forward slash characters ("/") in the X509 common name
2236 * Allow OpenVPN to run completely unprivileged under Linux
2237 by allowing openvpn --mktun to be used with --user and --group
2238 to set the UID/GID of the tun device node. Also added --iproute
2239 option to allow an alternative command to be executed in place
2240 of the default iproute2 command (Alon Bar-Lev).
2242 * Fixed --disable-iproute2 in ./configure to actually disable
2243 iproute2 usage (Alon Bar-Lev).
2245 * Added --management-forget-disconnect option -- forget
2246 passwords when management session disconnects (Alon Bar-Lev).
2248 2007.04.25 -- Version 2.1_rc4
2250 * Worked out remaining issues with TAP driver signing
2251 on Vista x64. OpenVPN will now run on Vista x64
2252 with driver signing enforcement enabled.
2254 * Fixed 64-bit portability bug in time_string function
2257 2007.04.22 -- Version 2.1_rc3
2259 * Additional fixes to TAP driver for Windows x64. Driver
2260 now runs successfully on Vista x64 if driver signing
2261 enforcement is disabled.
2263 * The Windows Installer and TAP driver are now signed by
2264 OpenVPN Solutions LLC (in addition to the usual GnuPG
2267 * Added OpenVPN GUI (Mathias Sundman version) as install
2268 option in Windows installer.
2270 * Clean up configure on FreeBSD for recent autotool versions
2271 that require that all .h files have to be compiled.
2272 Also, FreeBSD install does not support GNU long options
2273 which the Makefile in easy-rsa/2.0 uses (not checked the
2274 others as we don't install those on Gentoo) (Roy Marples).
2276 * Added additional scripts to easy-rsa/Windows for working
2277 with password-protected keys; also add -extensions server
2278 option when generating server cert via
2279 build-key-server-pass.bat (Daniel Zauft).
2281 2007.02.27 -- Version 2.1_rc2
2283 * auth-pam change: link with -lpam rather
2284 than dlopen (Roy Marples).
2286 * Prevent SIGUSR1 or SIGHUP from causing program
2287 exit from initial management hold.
2289 * SO_REUSEADDR should not be set on Windows TCP sockets
2290 because it will cause bind to succeed on port conflicts.
2292 * Added time_ascii, time_duration, and time_unix
2293 environmental variables for plugins and callback
2296 * Fixed issue where OpenVPN does not apply the --txqueuelen option
2297 to persistent interfaces made with --mktun (Roy Marples).
2299 * Attempt at rational signal handling when in the
2300 management hold state. During management hold, ignore
2301 SIGUSR1/SIGHUP signals thrown with the "signal" command.
2302 Also, "signal" command will now apply remapping as
2303 specified with the --remap-usr1 option.
2304 When a signal entered using the "signal" command from a management
2305 hold is ignored, output: >HOLD:Waiting for hold release
2307 * Fixed issue where struct env_set methods that
2308 change the value of an existing name=value pair
2309 would delay the freeing of the memory held by
2310 the previous name=value pair until the underlying
2311 client instance object is closed.
2312 This could cause a server that handles long-term
2313 client connections, resulting in many periodic calls
2314 to verify_callback, to needlessly grow the env_set
2315 memory allocation until the underlying client instance
2318 * Renamed TAP-Win32 driver from tap0801.sys to tap0901.sys
2319 to reflect the fact that Vista has blacklisted the tap0801.sys
2320 file name due to previous compatibility issues which have now
2321 been resolved. TAP-Win32 major/minor version number is now 9/1.
2323 * Windows installer will delete a previously installed
2324 tap0801.sys TAP driver before installing tap0901.sys.
2326 * Added code to Windows installer to fail gracefully on 64 bit
2327 installs until 64-bit TAP driver issues can be resolved.
2329 * Added code to Windows installer to fail gracefully on
2330 versions of Windows which are not explicitly supported.
2332 * The Windows version will now use a default route-delay
2333 of 5 seconds to deal with an apparent routing table race
2336 * Worked around an incompatibility in the Windows Vista
2337 version of CreateIpForwardEntry as described in
2338 http://www.nynaeve.net/?p=59
2339 This issue would cause route additions using the
2340 IP Helper API to fail on Vista.
2342 * On Windows, revert to "ip-win32 dynamic" as the default.
2344 2006.10.31 -- Version 2.1_rc1
2346 * Support recovery (return to hold) from signal at
2347 management password prompt.
2349 * Added workaround for OpenSC PKCS#11 bug#108
2352 2006.10.01 -- Version 2.1-beta16
2354 * Windows installer updated with OpenSSL 0.9.7l DLLs to fix
2355 published vulnerabilities.
2357 * Fixed TAP-Win32 bug that caused BSOD on Windows Vista
2360 * Autodetect 32/64 bit Windows in installer and install
2361 appropriate TAP driver (Mathias Sundman, Hypherion).
2363 * Fixed bug in loopback self-test introduced
2364 in 2.1-beta15 where self test as invoked by
2365 "make check" would not properly exit after
2366 2 minutes (Paul Howarth).
2368 2006.09.12 -- Version 2.1-beta15
2370 * Windows installer updated with OpenSSL 0.9.7k DLLs to fix
2371 RSA Signature Forgery (CVE-2006-4339).
2373 * Fixed bug introduced with the --port-share directive
2374 (back in 2.1-beta9 which causes TLS soft resets
2375 (1 per hour by default) in TCP server mode to force
2376 a blockage of tunnel packets and later time-out and
2377 restart the connection.
2379 * easy-rsa update (Alon Bar-Lev)
2380 Makefile (install) is now available so that
2381 distribs will be able to install it safely.
2383 * PKCS#11 changes: (Alon Bar-Lev)
2384 - Modified ssl.c to not FATAL and return to init.c
2385 so auth-retry will work.
2386 - Modifed pkcs11-helper.c to fix some problem with
2388 - Added retry counter to PKCS#11 PIN hook.
2389 - Modified PKCS#11 PIN retry loop to return correct error
2390 code when PIN is incorrect.
2391 - Fix handling (ignoring) zero sized attributes.
2393 - Fix openssl 0.9.6 (first version) issues.
2395 * Minor fixes of lladdr (Alon Bar-Lev)
2396 Updated makefile.w32-vc to include lladdr.*, updated
2398 Modified lladdr.c to be compiled under visual C.
2400 * Added two new management states:
2401 OPENVPN_STATE_RESOLVE -- DNS lookup
2402 OPENVPN_STATE_TCP_CONNECT -- Connecting to TCP server
2404 * Echo management state change to log.
2406 * Minor syshead.h change for NetBSD to allow
2407 TCP_NODELAY flag to work.
2409 * Modified --port-share code to remove the assumption that
2410 CMSG_SPACE always evaluates to a constant, to enable
2411 compilation on NetBSD and possibly other BSDs as well.
2413 * Eliminated gcc 3.3.3 warnings on NetBSD
2414 when ./configure --enable-strict is used.
2416 * Added optional minimum-number-of-bytes parameter
2417 to --inactive directive.
2419 2006.04.13 -- Version 2.1-beta14
2421 * Fixed Windows server bug in time backtrack handling code which
2422 could cause TLS negotiation failures on legitimate clients.
2424 * Rewrote gettimeofday function for Windows to be
2425 simpler and more efficient.
2427 * Merged PKCS#11 extensions to easy-rsa/2.0 (Alon Bar-Lev).
2429 * Added --route-metric option to set a default route metric
2430 for --route (Roy Marples).
2432 * Added --lladdr option to specify the link layer (MAC) address
2433 for the tap interface on non-Windows platforms (Roy Marples).
2435 2006.04.12 -- Version 2.1-beta13
2437 * Code added in 2.1-beta7 and 2.0.6-rc1 to extend byte counters
2438 to 64 bits caused a bug in the Windows version which has now
2439 been fixed. The bug could cause intermittent crashes.
2441 2006.04.05 -- Version 2.1-beta12
2443 * Security Vulnerability -- An OpenVPN client connecting to a
2444 malicious or compromised server could potentially receive
2445 "setenv" configuration directives from the server which could
2446 cause arbitrary code execution on the client via a LD_PRELOAD
2447 attack. A successful attack appears to require that (a) the
2448 client has agreed to allow the server to push configuration
2449 directives to it by including "pull" or the macro "client" in
2450 its configuration file, (b) the client configuration file uses
2451 a scripting directive such as "up" or "down", (c) the client
2452 succesfully authenticates the server, (d) the server is
2453 malicious or has been compromised and is under the control of
2454 the attacker, and (e) the attacker has at least some level of
2455 pre-existing control over files on the client (this might be
2456 accomplished by having the server respond to a client web request
2457 with a specially crafted file). Credit: Hendrik Weimer.
2460 The fix is to disallow "setenv" to be pushed to clients from
2461 the server, and to add a new directive "setenv-safe" which is
2462 pushable from the server, but which appends "OPENVPN_" to the
2463 name of each remotely set environmental variable.
2465 * "topology subnet" fix for FreeBSD (Benoit Bourdin).
2467 * PKCS11 fixes (Alon Bar-Lev). For full description:
2468 svn log -r990 http://svn.openvpn.net/projects/openvpn/branches/BETA21
2470 * When deleting routes under Linux, use the route metric
2471 as a differentiator to ensure that the route teardown
2472 process only deletes the identical route which was originally
2473 added via the "route" directive (Roy Marples).
2475 * Fix the t_cltsrv.sh file in FreeBSD 4 jails
2476 (Matthias Andree, Dirk Meyer, Vasil Dimov).
2478 * Extended tun device configure code to support ethernet
2479 bridging on NetBSD (Emmanuel Kasper).
2481 2006.02.19 -- Version 2.1-beta11
2483 * Fixed --port-share bug that caused premature closing
2484 of proxied sessions.
2486 2006.02.17 -- Version 2.1-beta10
2488 * Fixed --port-share breakage introduced in 2.1-beta9.
2490 2006.02.16 -- Version 2.1-beta9
2492 * Added --port-share option for allowing OpenVPN and HTTPS
2493 server to share the same port number.
2494 * Added --management-client option to connect as a client
2495 to management GUI app rather than be connected to as a
2497 * Added "bytecount" command to management interface.
2498 * --remote-cert-tls fixes (Alon Bar-Lev).
2500 2006.01.03 -- Version 2.1-beta8
2502 * --remap-usr1 will now also remap signals thrown during
2504 * Added --connect-timeout option to control the timeout
2505 on TCP client connection attempts (doesn't work on all
2506 OSes). This patch also makes OpenVPN signalable during
2507 TCP connection attempts.
2508 * Fixed bug in acinclude.m4 where capability of compiler
2509 to handle zero-length arrays in structs is tested
2511 * Fixed typo in manage.c where inline function declaration
2512 was declared without the "static" keyword (David Stipp).
2513 * Patch to support --topology subnet on Mac OS X (Mathias Sundman).
2514 * Added --auto-proxy directive to auto-detect HTTP or SOCKS
2515 proxy settings (currently Windows only).
2516 * Removed redundant base64 code.
2517 * Better sanity checking of --server and --server-bridge
2518 IP pool ranges, so as not to hit the assertion at
2520 * Fixed bug where --daemon and --management-query-passwords
2521 used together would cause OpenVPN to block prior to
2523 * Fixed client/server race condition which could occur
2524 when --auth-retry interact is set and the initially
2525 provided auth-user-pass credentials are incorrect,
2526 forcing a username/password re-query.
2527 * Fixed bug where if --daemon and --management-hold are
2528 used together, --user or --group options would be ignored.
2529 * --ip-win32 adaptive is now the default.
2530 * --ip-win32 netsh (or --ip-win32 adaptive when in netsh
2531 mode) can now set DNS/WINS addresses on the TAP-Win32
2533 * Added new option --route-method adaptive (Win32)
2534 which tries IP helper API first, then falls back to
2536 * Made --route-method adaptive the default.
2538 2005.11.12 -- Version 2.1-beta7
2540 * Allow blank passwords to be passed via the management
2542 * Fixed bug where "make check" inside a FreeBSD "jail"
2543 would never complete (Matthias Andree).
2544 * Fixed bug where --server directive in --dev tap mode
2545 claimed that it would support subnets of /30 or less
2546 but actually would only accept /29 or less.
2547 * Extend byte counters to 64 bits (M. van Cuijk).
2548 * Fixed bug in Linux get_default_gateway function
2549 introduced in 2.0.4, which would cause redirect-gateway
2550 on Linux clients to fail.
2551 * Moved easy-rsa 2.0 scripts to easy-rsa/2.0 to
2552 be compatible with 2.0.x distribution.
2553 * Documented --route-nopull.
2554 * Documented --ip-win32 adaptive.
2555 * Windows build now linked with LZO2.
2556 * Allow ca, cert, key, and dh files to be specified
2557 inline via XML-like syntax without needing to
2558 reference an explicit file.
2563 * Allow plugin and push directives to have multi-line
2564 parameter lists such as:
2570 * Added connect-retry-max option (Alon Bar-Lev).
2571 * Fixed problems where signals thrown during initialization
2572 were not returning to a management-hold state.
2573 * Added a backtrack-hardened system time algorithm.
2574 * Added --remote-cert-ku, --remote-cert-eku, and
2575 --remote-cert-tls options for verifying certificate
2576 attributes (Alon Bar-Lev).
2577 * For Windows, reverted --ip-win32 default back to "dynamic".
2578 To use new adaptive mode, set explicitly.
2580 2005.11.01 -- Version 2.1-beta6
2582 * Security fix (merged from 2.0.4) -- Affects non-Windows
2583 OpenVPN clients of version 2.0 or higher which connect to
2584 a malicious or compromised server. A format string
2585 vulnerability in the foreign_option function in options.c
2586 could potentially allow a malicious or compromised server
2587 to execute arbitrary code on the client. Only
2588 non-Windows clients are affected. The vulnerability
2589 only exists if (a) the client's TLS negotiation with
2590 the server succeeds, (b) the server is malicious or
2591 has been compromised such that it is configured to
2592 push a maliciously crafted options string to the client,
2593 and (c) the client indicates its willingness to accept
2594 pushed options from the server by having "pull" or
2595 "client" in its configuration file (Credit: Vade79).
2597 * Security fix -- (merged from 2.0.4) Potential DoS
2598 vulnerability on the server in TCP mode. If the TCP
2599 server accept() call returns an error status, the resulting
2600 exception handler may attempt to indirect through a NULL
2601 pointer, causing a segfault. Affects all OpenVPN 2.0 versions.
2603 * Fix attempt of assertion at multi.c:1586 (note that
2604 this precise line number will vary across different
2605 versions of OpenVPN).
2606 * Windows reliability changes:
2607 (a) Added code to make sure that the local PATH environmental
2608 variable points to the Windows system32 directory.
2609 (b) Added new --ip-win32 adaptive mode which tries 'dynamic'
2610 and then fails over to 'netsh' if the DHCP negotiation fails.
2611 (c) Made --ip-win32 adaptive the default.
2612 * More PKCS#11 additions/changes (Alon Bar-Lev).
2613 * Added ".PHONY: plugin" to Makefile.am to work around
2615 * Fixed double fork issue that occurs when --management-hold
2617 * Moved TUN/TAP read/write log messages from --verb 8 to 6.
2618 * Warn when multiple clients having the same common name or
2619 username usurp each other when --duplicate-cn is not used.
2620 * Modified Windows and Linux versions of get_default_gateway
2621 to return the route with the smallest metric
2622 if multiple 0.0.0.0/0.0.0.0 entries are present.
2623 * Added ">NEED-OK" alert and "needok" command to management
2624 interface to provide a general interface for sending
2625 alerts to the end-user. Used by the PKCS#11 code
2626 to send Token Insertion Requests to the user.
2627 * Added actual remote address used to the ">STATE" alert
2628 in the management interface (Rolf Fokkens).
2630 2005.10.17 -- Version 2.1-beta4
2632 * Fixed bug introduced in 2.1-beta3 where management
2633 socket bind would fail.
2634 * --capath fix in ssl.c (Zhuang Yuyao).
2635 * Added ".PHONY: plugin" to Makefile.am, reverted
2636 location of "plugin" directory (thanks to
2637 Matthias Andree for figuring this out).
2639 2005.10.16 -- Version 2.1-beta3
2641 * Added PKCS#11 support (Alon Bar-Lev).
2642 * Enable the use of --ca together with --pkcs12. If --ca is
2643 used at the same time as --pkcs12, the CA certificate is loaded
2644 from the file specified by --ca regardless if the pkcs12 file
2645 contains a CA cert or not (Mathias Sundman).
2646 * Merged --capath patch (Thomas Noel).
2647 * Merged --multihome patch.
2648 * Added --bind option for TCP client connections (Ewan Bhamrah
2650 * Moved "plugin" directory to "plugins" to deal with strange
2651 automake problem that ended up being also fixable with
2652 ".PHONY: plugin" in Makefile.am.
2654 2005.10.13 -- Version 2.1-beta2
2656 * Made --sndbuf and --rcvbuf pushable.
2658 2005.10.01 -- Version 2.1-beta1
2660 * Made LZO setting pushable.
2661 * Renamed sample-keys/tmp-ca.crt to ca.crt.
2662 * Fixed bug where remove_iroutes_from_push_route_list
2663 was missing routes if those routes had
2664 an implied netmask (by omission) of 255.255.255.255.
2665 * Merged with 2.0.3-rc1
2666 * easy-rsa/2.0 moved to easy-rsa
2667 * old easy-rsa moved to easy-rsa/1.0
2669 2005.09.23 -- Version 2.0.2-TO4
2671 * Added feature to TAP-Win32 adapter to allow it to be
2672 opened from non-administrator mode. This feature
2673 is enabled by default, and can be enabled/disabled
2674 in the adapter advanced properties dialog.
2675 * Added --allow-nonadmin standalone option for Windows to
2676 set TAP adapter to allow non-admin access. This
2677 is a user-mode version of the code, and duplicates
2678 the same feature as the above entry.
2679 * Added fix that attempts to solve corner case of tunnel not
2680 forwarding packets when system clock is reset to an earlier time.
2681 * Added --redirect-gateway bypass-dns option. (Developers:
2682 To add bypass-dhcp or bypass-dns support to other OSes,
2683 add a get_bypass_addresses function to route.c for
2685 * Added OPENVPN_PLUGIN_CLIENT_CONNECT_V2 plugin callback, which
2686 allows a client-connect plugin to return configuration text
2687 in memory, rather than via a file.
2688 * Fixed a bug where --mode server --proto tcp-server --cipher none
2689 operation could cause tunnel packet truncation.
2690 * openvpn --version will show [LZO1] or [LZO2], depending on
2691 version that was linked.
2693 2005.09.07 -- Version 2.0.2-TO1
2695 * Added --topology directive. See man page.
2696 * Added --redirect-gateway bypass-dhcp option to add a route
2697 allowing DHCP packets to bypass the tunnel, when the
2698 DHCP server is non-local. Currently only implemented
2700 * Modified OpenVPN Service on Windows to declare the DHCP
2701 client service as a dependency.
2702 * Extended the plugin interface to allow plugins to declare
2703 per-client constructor and destructor functions, to make
2704 it simpler for plugins to maintain per-client state.
2706 2005.09.25 -- Version 2.0.3-rc1
2708 * openvpn_plugin_abort_v1 function wasn't being properly
2709 registered on Windows.
2710 * Fixed a bug where --mode server --proto tcp-server --cipher none
2711 operation could cause tunnel packet truncation.
2713 2005.08.25 -- Version 2.0.2
2715 * No change from 2.0.2-rc1.
2717 2005.08.24 -- Version 2.0.2-rc1
2719 * Fixed regression bug in Win32 installer, introduced in 2.0.1,
2720 which incorrectly set OpenVPN service to autostart.
2721 * Don't package source code zip file in Windows installer
2722 in order to reduce the size of the installer. The source
2723 zip file can always be downloaded separately if needed.
2724 * Fixed bug in route.c in FreeBSD, Darwin, OpenBSD and NetBSD
2725 version of get_default_gateway. Allocated socket for route
2726 manipulation is never freed so number of mbufs continuously
2727 grow and exhaust system resources after a while (Jaroslav Klaus).
2728 * Fixed bug where "--proto tcp-server --mode p2p --management
2729 host port" would cause the management port to not respond until
2730 the OpenVPN peer connects.
2731 * Modified pkitool script to be /bin/sh compatible (Johnny Lam).
2733 2005.08.16 -- Version 2.0.1
2735 * Security Fix -- DoS attack against server when run with "verb 0" and
2736 without "tls-auth". If a client connection to the server fails
2737 certificate verification, the OpenSSL error queue is not properly
2738 flushed, which can result in another unrelated client instance on the
2739 server seeing the error and responding to it, resulting in disconnection
2740 of the unrelated client (CAN-2005-2531).
2741 * Security Fix -- DoS attack against server by authenticated client.
2742 This bug presents a potential DoS attack vector against the server
2743 which can only be initiated by a connected and authenticated client.
2744 If the client sends a packet which fails to decrypt on the server,
2745 the OpenSSL error queue is not properly flushed, which can result in
2746 another unrelated client instance on the server seeing the error and
2747 responding to it, resulting in disconnection of the unrelated client
2748 (CAN-2005-2532). Credit: Mike Ireton.
2749 * Security Fix -- DoS attack against server by authenticated client.
2750 A malicious client in "dev tap" ethernet bridging mode could
2751 theoretically flood the server with packets appearing to come from
2752 hundreds of thousands of different MAC addresses, causing the OpenVPN
2753 process to deplete system virtual memory as it expands its internal
2754 routing table. A --max-routes-per-client directive has been added
2755 (default=256) to limit the maximum number of routes in OpenVPN's
2756 internal routing table which can be associated with a given client
2758 * Security Fix -- DoS attack against server by authenticated client.
2759 If two or more client machines try to connect to the server at the
2760 same time via TCP, using the same client certificate, and when
2761 --duplicate-cn is not enabled on the server, a race condition can
2762 crash the server with "Assertion failed at mtcp.c:411"
2764 * Fixed server bug where under certain circumstances, the client instance
2765 object deletion function would try to delete iroutes which had never been
2766 added in the first place, triggering "Assertion failed at mroute.c:349".
2767 * Added --auth-retry option to prevent auth errors from being fatal
2768 on the client side, and to permit username/password requeries in case
2769 of error. Also controllable via new "auth-retry" management interface
2770 command. See man page for more info.
2771 * Added easy-rsa 2.0 scripts to the tarball in easy-rsa/2.0
2772 * Fixed bug in openvpn.spec where rpmbuild --define 'without_pam 1'
2773 would fail to build.
2774 * Implement "make check" to perform loopback tests (Matthias Andree).
2776 2005.07.21 -- Version 2.0.1-rc7
2778 * Support LZO 2.01 which renamed its library to lzo2 (Matthias Andree).
2779 * Include linux/types.h before checking for linux/errqueue.h (Matthias
2782 2005.07.15 -- Version 2.0.1-rc6
2784 * Commented out "user nobody" and "group nobody" in sample
2785 client/server config files.
2786 * Allow '@' character to be used in --client-config-dir
2789 2005.07.04 -- Version 2.0.1-rc5
2791 * Windows version will log a for-further-info URL when
2792 initialization sequence is completed with errors.
2793 * Added DLOPEN_PAM parameter to plugin/auth-pam/Makefile
2794 to control whether auth-pam plugin links to PAM via
2795 dlopen or -lpam. By default, DLOPEN_PAM=1 so pre-existing
2796 behavior should be preserved. DLOPEN_PAM=0 is the preferred
2797 setting to link via -lpam, but DLOPEN_PAM=1 works around
2798 a bug in SuSE 9.1 (and possibly other distros as well)
2799 where the PAM modules are not linked with -lpam. See
2800 thread on openvpn-devel for more discussion about this
2801 patch (Simon Perreault).
2803 2005.06.15 -- Version 2.0.1-rc4
2805 * Support LZO 2.00, including changes to configure script to
2806 autodetect LZO version.
2808 2005.06.12 -- Version 2.0.1-rc3
2810 * Fixed a bug which caused standard file handles to not be closed
2811 after daemonization when --plugin and --daemon are used together,
2812 and if the plugin initialization function forks (as does auth-pam
2813 and down-root) (Simon Perreault).
2814 * Added client-side up/down scripts in contrib/pull-resolv-conf
2815 for accepting server-pushed "dhcp-option DOMAIN" and "dhcp-option DNS"
2816 on Linux/Unix systems (Jesse Adelman).
2817 * Fixed bug where if client-connect scripts/plugins were cascaded,
2818 and one (but not all) of them returned an error status, there might
2819 be cases where for an individual script/plugin, client-connect was
2820 called but not client-disconnect. The goal of this fix is to
2821 ensure that if client-connect is called on a given client instance,
2822 then client-disconnect will definitely be called. A potential
2823 complication of this fix is that when client-connect functions are
2824 cascaded, it's possible that the client-disconnect function would
2825 be called in cases where the related client-connect function returned
2826 an error status. This fix should not alter OpenVPN behavior when
2827 scripts/plugins are not cascaded.
2828 * Changed the hard-to-reproduce "Assertion failed at fragment.c:312"
2829 fatal error to a warning: "FRAG: outgoing buffer is not empty".
2830 Need more info on how to reproduce this one.
2831 * When --duplicate-cn is used, the --ifconfig-pool allocation
2832 algorithm will now allocate the first available IP address.
2833 * When --daemon and --management-hold are used together,
2834 OpenVPN will daemonize before it enters the management hold state.
2836 2005.05.16 -- Version 2.0.1-rc2
2838 * Modified vendor test in openvpn.spec file to match against
2839 "Mandrakesoft" in addition to "MandrakeSoft".
2840 * Using --iroute in a --client-config-dir file while in --dev tap
2841 mode is not currently supported and will produce a warning
2842 message. Fixed bug where in certain cases, in addition to
2843 generating a warning message, this combination of options
2844 would also produce a fatal assertion in mroute.c.
2845 * Pass --auth-user-pass username to server-side plugin without
2846 performing any string remapping (plugins, unlike scripts,
2847 don't get any security benefit from string remapping).
2848 This is intended to fix an issue with openvpn-auth-pam/pam_winbind
2849 where backslash characters in a username ('\') were being remapped
2850 to underscore ('_').
2851 * Updated OpenSSL DLLs in Windows build to 0.9.7g.
2852 * Documented --explicit-exit-notify in man page.
2853 * --explicit-exit-notify seconds parameter defaults to 1 if
2856 2005.04.30 -- Version 2.0.1-rc1
2858 * Fixed bug where certain kinds of fatal errors after
2859 initialization (such as port in use) would leave plugin
2860 processes (such as openvpn-auth-pam) still running.
2861 * Added optional openvpn_plugin_abort_v1 plugin function for
2862 closing initialized plugin objects in the event of a fatal
2863 error by main OpenVPN process.
2864 * When the --remote list is > 1, and --resolv-retry is not
2865 specified (meaning that it defaults to "infinite"), apply the
2866 infinite timeout to the --remote list as a whole, but try each
2867 list item only once before moving on to the next item.
2868 * Added new --syslog directive which redirects output
2869 to syslog without requiring the use of the --daemon or --inetd
2871 * Added openvpn.spec option to allow RPM to be built with support
2872 for passwords read from a file:
2873 rpmbuild -tb [openvpn.x.tar.gz] --define 'with_password_save 1'
2875 2005.04.17 -- Version 2.0
2877 * Fixed minor options string typo in options.c.
2879 2005.04.10 -- Version 2.0-rc21
2881 * Change license description from "GPL Version 2 or (at your
2882 option) any later version" to just "GPL Version 2".
2884 2005.04.04 -- Version 2.0-rc20
2886 * Dag Wieers has put together an OpenVPN/LZO binary RPM set with
2887 excellent distro/version coverage for RH/EL/Fedora, though
2888 using his own SPEC. I modified openvpn.spec to follow some of
2889 the same conventions such as putting sample scripts and doc
2890 files in %doc rather than /usr/share/openvpn.
2891 * Minor change to init scripts to run the user-defined script
2892 /etc/openvpn/openvpn-startup (if it exists) before any OpenVPN
2893 configs are started, and to run /etc/openvpn/openvpn-shutdown
2894 after all OpenVPN configs have been stopped. The
2895 openvpn-startup script can be used for stuff like
2896 insmod tun.o, setting up firewall rules, or starting
2899 2005.03.29 -- Version 2.0-rc19
2901 * Omit additions of routes where the network and
2902 gateway are equal and the netmask is 255.255.255.255.
2903 This can come up if you are using both
2904 server/ifconfig-pool and client-config-dir with
2905 ifconfig-push static addresses for some subset of clients
2906 which directly reference the server IP address as the
2909 2005.03.28 -- Version 2.0-rc18
2911 * Packaged Windows installer with OpenSSL 0.9.7f.
2912 * Built Windows installer with NSIS 2.06.
2914 2005.03.12 -- Version 2.0-rc17
2916 * "MANAGEMENT: CMD" log file output will now only occur
2917 at --verb 7 or greater.
2918 * Added an optional name/value configuration list to
2919 the openvpn-auth-pam plugin module argument list. See
2920 plugin/auth-pam/README for documentation. This is necessary
2921 in order for openvpn-auth-pam to work with queries generated
2922 by arbitrary PAM modules.
2923 * In both auth-pam and down-root plugins, in the forked process,
2924 a read error on the parent process socket is no longer fatal.
2925 * MandrakeSoft liblzo1 RPM only Provides for a 'liblzo1'.
2926 A conditional test of the vendor has been added to
2927 Require the appropriately named 'lzo' (liblzo1 / lzo).
2928 (Tom Walsh - http://openhardware.net)
2931 2005.02.20 -- Version 2.0-rc16
2933 * Fixed bug introduced in rc13 where Windows service wrapper
2934 would be installed with a startup type of Automatic.
2935 This fix restores the previous behavior of installing
2936 with a startup type of Manual.
2938 2005.02.19 -- Version 2.0-rc15
2940 * Added warning when --keepalive is not used in a server
2942 * Don't include OpenSSL md4.h file if we are not building
2943 NTLM proxy support (Waldemar Brodkorb).
2944 * Added easy-rsa/build-key-pkcs12 and
2945 easy-rsa/Windows/build-key-pkcs12.bat scripts
2948 2005.02.16 -- Version 2.0-rc14
2950 * Fixed small memory leak that occurs when --crl-verify
2952 * Upgraded Windows installer and .nsi script to NSIS 2.05
2954 * Changed #include backslash usage in cryptoapi.c to use
2955 forward slashes instead (Gisle Vanem).
2956 * Created easy-rsa/revoke-full to handle revocations in
2957 a single step: (a) revoke crt, (b) regenerate CRL, and
2958 (c) verify that revocation succeeded.
2959 * Renamed easy-rsa/Windows/revoke-key to revoke-full so
2960 that both *nix and Windows scripts are equivalent.
2962 2005.02.11 -- Version 2.0-rc13
2964 * Improve human-readability of local/remote options
2965 diff, when inconsistencies are present.
2966 * For Windows easy-rsa, distribute vars.bat.sample and
2967 openssl.cnf.sample, then copy them to their normal
2968 filenames (without the .sample) when init-config.bat
2969 is run. This is to prevent OpenVPN upgrades from
2970 wiping out vars.bat and openssl.cnf edits.
2971 * Modified service wrapper (Windows) to use a
2972 case-insensitive search when scanning for .ovpn files
2973 in \Program Files\OpenVPN\config. Prior versions
2974 required an all-lower-case .ovpn file extension.
2975 * Miscellaneous service wrapper code cleanup.
2976 * If --user/--group is used on Windows, treat it
2977 as a no-op with a warning (this makes it easier to
2978 distribute the same client config file to Windows
2980 * Warn if --ifconfig-pool-persist is used with
2983 2005.02.05 -- Version 2.0-rc12
2985 * Removed some debugging code inadvertently included
2986 in rc11 which would print the --auth-user-pass
2987 username/password provided by clients in the server
2989 * Client code for cycling through --remote list will
2990 retry the last address which successfully authenticated
2991 before moving on through the list.
2992 * Windows installer will now install sample configuration
2993 files in \Program Files\OpenVPN\sample-configs as well
2994 as generate a start menu shortcut to this directory.
2995 * Minor type change in buffer.[ch] to work around char-type
2996 ambiguity bug. Caused management interface lock-ups on
2997 ARM when building with armv4b-hardhat-linux-gcc 2.95.3.
2999 2005.02.03 -- Version 2.0-rc11
3001 * Windows installer will now install easy-rsa directory
3002 in \Program Files\OpenVPN
3003 * Allow syslog facility to be controlled at compile time,
3004 e.g. -DLOG_OPENVPN=LOG_LOCAL6 (P Kern).
3005 * Changed certain shell scripts in distribution to use
3006 #!/bin/sh rather than #!/bin/bash for better portability.
3007 * If --ifconfig-pool-persist seconds parameter is 0, treat
3008 persist file as an allocation of fixed IP addresses
3009 (previous versions took IP-to-common-name associations
3010 from this list as hints, not mandatory static allocations).
3011 * Fixed bug on *nix where if --auth-user-pass and --log
3012 were used together, the username prompt would be sent to
3013 the log file rather than /dev/tty.
3014 * Spurious text in openvpn.8 detected by doclifter
3016 * Call closelog later on daemon kill so that process
3017 exit message is written to syslog.
3019 2005.01.27 -- Version 2.0-rc10
3021 * When ./configure is run with plugins enabled (the default),
3022 check whether or not dlopen exists in libc before testing
3023 for libdl. This is to fix an issue on FreeBSD and possibly
3024 other OSes which bundle libdl functions in libc.
3025 * On Windows, filter initial WSAEINVAL warning which occurs
3026 on the initial read attempt of an unbound socket.
3027 * The easy-rsa scripts build-key, build-key-pass, and
3028 build-key-server will now chmod the .key file
3029 to 0600. This is in addition to the fact the generated
3030 keys directory has always been similarly protected
3033 2005.01.23 -- Version 2.0-rc9
3035 * Fixed error "ROUTE: route addition failed using
3036 CreateIpForwardEntry ..." on Windows when --redirect-gateway
3037 is used over a RRAS internet link.
3038 * When using --route-method exe on Windows, include the
3039 gateway parameter on route delete commands (Mathias Sundman).
3040 * Try not to do a hard reset (i.e. SIGHUP) when two
3041 SIGUSR1 signals are received in close succession.
3042 * If the push list tries to grow beyond its buffer capacity,
3043 the resulting error will be non-fatal.
3044 * To increase the push list capacity (must be done on both
3045 client and server), increase TLS_CHANNEL_BUF_SIZE in
3046 common.h (default=1024).
3048 2005.01.15 -- Version 2.0-rc8
3050 * Fixed bug introduced in rc7 where options error
3051 "--auth-user-pass requires --pull" might occur even
3052 if --pull was correctly specified.
3053 * Changed management interface code to bind once
3054 to TCP socket, rather than rebinding after every
3056 * Added "disable" directive for client-config-dir
3058 * Windows binary install is now distributed with
3060 * Query the management interface for --http-proxy
3061 username/password if authfile is set to "stdin".
3062 * Added current OpenVPN version number to "Unrecognized
3063 option or missing parameter" error message.
3064 * Added "-extensions server" to "openssl req" command
3065 in easy-rsa/build-key-server (Nir Yeffet).
3067 2005.01.10 -- Version 2.0-rc7
3069 * Fixed bug in management interface which could cause
3070 100% CPU utilization in --proto tcp-server mode
3071 on all *nix OSes except for Linux 2.6.
3072 * --ifconfig-push now accepts DNS names as well as
3074 * Added sanity check errors when --pull or
3075 --auth-user-pass is used in an incorrect mode.
3076 * Updated man page entries for --client-connect and
3078 * Added "String Types and Remapping" section to man
3079 page to consisely document the way which OpenVPN
3080 may convert certain types of characters in strings
3082 * Modified bridging description in HOWTO to emphasize
3083 the fact that bridging allows Windows file and print
3084 sharing without a WINS server (Charles Duffy).
3086 2004.12.20 -- Version 2.0-rc6
3088 * Improved checking for epoll support in ./configure
3089 to fix false positive on RH9 (Jan Just Keijser).
3090 * Made the "MULTI TCP: I/O wait required blocking in
3091 multi_tcp_action, action=7" error nonfatal and replaced
3092 with "MULTI: Outgoing TUN queue full, dropped packet".
3093 So far the issue only seems to occur on Linux 2.2
3094 in --mode server --proto tcp mode. It occurs when
3095 the TUN/TAP driver locks up and refuses to accept
3096 new packet writes for a second or more.
3097 * Fixed bug where if a --client-config-dir file tried
3098 to include another file using "config", and if that
3099 include failed, OpenVPN would abort with a fatal
3100 error. Now such inclusion failures will be logged
3101 but are no longer fatal.
3102 * Global changes to the way that packet buffer alignment
3103 is handled. Previously we didn't care about alignment
3104 and took care, when handling 16 and 32 bit words
3105 in buffers, to always use alignment-safe transfers.
3106 This approach appears to be inadequate on some
3107 architectures such as alpha. The new approach is
3108 to initialize packet buffers in a way that anticipates
3109 how component structures will be allocated within
3110 them, to maintain correct alignment.
3111 * Added --dhcp-option DISABLE-NBT to disable NetBIOS
3112 over TCP (Jan Just Keijser).
3113 * Added --http-proxy-option directive for controlling
3114 miscellaneous HTTP proxy options.
3115 * Management state will no longer transition to "WAIT"
3116 during TLS renegotiations.
3118 2004.12.16 -- Version 2.0-rc5
3120 * The --client-config-dir option will now try to open
3121 a default file called "DEFAULT" if no file matching
3122 the common name of the incoming client was found.
3123 * The --client-connect script/plugin can now veto client
3124 authentication by returning a failure code.
3125 * The --learn-address script/plugin can now prevent a
3126 client-instance/address association from being learned
3127 by returning a failure code.
3128 * Changed RPM group in .spec file to Applications/Internet.
3130 2004.12.14 -- Version 2.0-rc4
3132 * SuSE only -- Fixed interaction between openvpn.spec and
3133 suse/openvpn.init where the .spec file was writing the
3134 OpenVPN binary to a different location than where the
3135 .init script was referencing it (Stefan Engel).
3136 * Solaris only -- Split Solaris ifconfig command into two
3137 parts (Jan Just Keijser).
3138 * Some cleanup in add_option().
3139 * Better error checking on input dotted quad IP addresses.
3140 * Verify that --push argument is quoted, if there is
3142 * More miscellaneous option sanity checks.
3144 2004.12.13 -- Version 2.0-rc3
3146 * On Windows, when --log or --log-append is used,
3147 save the original stderr for username and password
3149 * Fixed a bug introduced in the late 2.0 betas where
3150 if a "verb" parameter >= 16 was used, it would be
3151 ignored and the actual verb level would remain at 1.
3152 * Fixed a bug mostly seen on OS X where --management-hold
3153 or --management-query-passwords would cause the management
3154 interface to be unresponsive to incoming client connections.
3155 * Trigger an options error if one of the management-modifying
3156 options is used without "management" itself.
3158 2004.12.12 -- Version 2.0-rc2
3160 * Amplified warnings in documentation about possible
3161 man-in-the-middle attack when clients do not properly
3162 verify server certificate. Changes to easy-rsa README,
3163 FAQ, HOWTO, man page, and sample client config file.
3164 * Added a warning message if --tls-client or --client
3165 is used without also specifying one of either
3166 --ns-cert-type, --tls-remote, or --tls-verify.
3167 * status_open() fixes for MSVC builds (Blaine Fleming).
3168 * Fix attempt of "ntlm.c:55: error: `des_cblock' undeclared"
3169 compiler error which has been reported on some platforms.
3170 * The openvpn.spec file for rpmbuild has several
3171 new build-time options. See comments in the file.
3172 * Plugins are now built and packaged in the RPM and
3173 will be saved in /usr/share/openvpn/plugin/lib.
3174 * Added --management-hold directive to start OpenVPN
3175 in a hibernating state until released by the
3176 management interface. Also added "hold" command
3177 to the management interface.
3179 2004.12.07 -- Version 2.0-rc1
3181 * openvpn.spec workaround for SuSE confusion regarding
3182 /etc/init.d vs. /etc/rc.d/init.d (Stefan Engel).
3184 2004.12.05 -- Version 2.0-beta20
3186 * The ability to read --askpass and --auth-user-pass
3187 passwords from a file has been disabled by default.
3188 To re-enable, use ./configure --enable-password-save.
3189 * Added additional pre-connected states to management
3190 interface. See management/management-notes.txt
3192 * State history is now recorded by the management
3193 interface, and the "state" command now works like
3194 the log or echo commands.
3195 * State history and real-time state change notifications
3196 are now prepended with an integer unix timestamp.
3197 * Added --http-proxy-timeout option, previously
3198 the timeout was hardcoded to 5 seconds.
3200 2004.12.02 -- Version 2.0-beta19
3202 * Fixed bug in management interface line termination
3203 where output lines incorrectly contained a \00 char
3204 after the customary \0d \0a.
3205 * Fixed bug introduced in beta18 where Windows version
3206 would segfault on options errors.
3207 * Fixed bug in management interface where an empty
3208 quoted string ("") entered as a parameter would cause
3210 * Fixed bug where --resolv-retry was not working
3211 properly with multiple --remote hosts.
3212 * Added additional ./configure options to reduce
3213 executable size for embedded applications.
3214 See ./configure --help.
3216 2004.11.28 -- Version 2.0-beta18
3218 * Added management interface. See new --management-*
3219 options or the full management interface documentation
3220 in management/management-notes.txt in the tarball.
3221 Management interface inclusion can be disabled by
3222 ./configure --disable-management.
3223 * Added two new plugin modules: auth-pam and down-root.
3224 Auth-pam supports pam-based authentication using a
3225 split privilege execution model, while down-root enables
3226 a down script to be executed with root privileges, even
3227 when --user/--group is used to drop root privileges.
3228 See the plugin directory in the tarball for READMEs,
3229 source code, and Makefiles.
3230 * Plugin developers should note that some changes were
3231 made to the plugin interface since beta17. See
3232 openvpn-plugin.h for details.
3233 Plugin interface inclusion can be disabled with
3234 ./configure --disable-plugins
3235 * Added easy-rsa/build-key-server script which will
3236 build a certificate with with nsCertType=server.
3237 * Added --ns-cert-type option for verification
3238 of nsCertType field in peer certificate.
3239 * If --fragment n is specified and --mssfix is specified
3240 without a parameter, default --mssfix to n. This restores
3241 the 1.6 behavior when using --mssfix without a parameter.
3242 * Fixed SSL context initialization bug introduced in beta14
3243 where this error might occur on restarts: "Cannot load
3244 certificate chain ... PEM_read_bio:no start line".
3246 2004.11.11 -- Version 2.0-beta17
3248 * Changed default port number to 1194 per IANA official
3249 port number assignment.
3250 * Added --plugin directive which allows compiled
3251 modules to intercept script callbacks. See
3252 plugin folder in tarball for more info.
3253 * Fixed bug introduced in beta12 where --key-method 1
3254 authentications which should have succeeded would fail.
3255 * Ignore SIGUSR1 during DNS resolution.
3256 * Added SuSE support to openvpn.spec (Umberto Nicoletti).
3257 * Fixed --cryptoapicert SUBJ: parsing bug (Peter 'Luna'
3260 2004.11.07 -- Version 2.0-beta16
3262 * Modified sample-scripts/auth-pam.pl to get username
3263 and password from OpenVPN via a file rather than
3264 via environmental variables.
3265 * Added bytes_sent and bytes_received environmental
3266 variables to be set prior to client-disconnect script.
3267 * Changed client virtual IP derivation precedence:
3268 (1) use --ifconfig-push directive from --client-connect
3269 script, (2) use --ifconfig-push directive from
3270 --client-config-dir, and (3) use --ifconfig-pool
3272 * If a --client-config-dir file specifies --ifconfig-push,
3273 it will be visible to the --client-connect-script in
3274 the ifconfig_pool_remote_ip environmental variable.
3275 * For tun-style tunnels, the ifconfig_pool_local_ip
3276 environmental variable will be set, while for
3277 tap-style tunnels, the ifconfig_pool_netmask variable
3279 * Added intelligence to autoconf script to test
3280 compiler for the accepted form of zero-length arrays.
3281 * Fixed a bug introduced in beta12 where --ip-win32
3282 netsh would fail if --dev-node was not explicitly
3284 * --ip-win32 netsh will now work on hidden adapters.
3285 * Fix attempt of "Assertion failed at crypto.c:149".
3286 This assertion has also been reported on 1.x with a
3287 slightly different line number. The fix is twofold:
3288 (1) In previous releases, --mtu-test may trigger this
3289 assertion -- this bug has been fixed. (2) If something
3290 else causes the assertion to be thrown, don't panic,
3291 just output a nonfatal warning to the log and drop
3292 the packet which generated the error.
3293 * Support TAP interfaces on Mac OS X (Waldemar Brodkorb).
3294 * Added --echo directive.
3295 * Added --auth-nocache directive.
3297 2004.10.28 -- Version 2.0-beta15
3299 * Changed environmental variable character classes
3300 so that names must consist of alphanumeric or
3301 underbar chars and values must consist of printable
3302 characters. Illegal chars will be deleted.
3303 Versions prior to 2.0-beta12 were more restrictive
3304 and would map spaces to '.'.
3305 * On Windows, when the TAP adapter fails to
3306 initialize with the correct IP address, output
3307 "Initialization Sequence Completed with Errors"
3308 to the console or log file.
3309 * Added a warning when user/group/chroot is used
3310 without persist-tun and persist-key.
3311 * Added cryptoapi.[ch] to tarball and source zip.
3312 * --tls-remote option now works with common name
3313 prefixes as well as with the full X509 subject
3314 string. This is a useful alternative to using
3315 a CRL on the client.
3316 * common names associated with a static
3317 --ifconfig-push setting will no longer leave
3318 any state in the --ifconfig-pool-persist file.
3319 * Hard TLS errors (TLS handshake failed) will now
3320 trigger either a SIGUSR1 signal by default
3321 or SIGTERM (if --tls-exit is specified). In TCP
3322 mode, all TLS errors are considered to be hard.
3323 In server mode, the signal will be local to the
3325 * Added method parameter to --auth-user-pass-verify
3326 directive to select whether username/password
3327 is passed to script via environment or a temporary
3329 * Added --status-version option to control format
3330 of --status file. The --mode server
3331 --status-version 2 format now includes a line
3332 type token, the virtual IP address is shown
3333 in the client list (even in --dev tap mode),
3334 and the integer time_t value is shown anywhere
3335 an ascii-formatted time/date is also shown.
3336 * Added --remap-usr1 directive which can be used
3337 to control whether internally or externally
3338 generated SIGUSR1 signals are remapped to
3339 SIGHUP (restart without persisting state) or
3341 * When running as a Windows service (using
3342 --service option), check the exit event before
3343 and after reading one line of input from
3344 stdin, when reading username/password info.
3345 * For developers: Extended the --gremlin function
3346 to better stress-test the new 2.0 features,
3347 added Valgrind support on Linux and Dmalloc
3350 2004.10.19 -- Version 2.0-beta14
3352 * Fixed a bug introduced in Beta12 that would occur
3353 if you use a --client-connect script without also
3355 * Fixed a bug introduced in Beta12 where a learn-address
3356 script might segfault on the delete method.
3357 * Added Crypto API support in Windows version via
3358 the --cryptoapicert option (Peter 'Luna' Runestig).
3360 2004.10.18 -- Version 2.0-beta13
3362 * Fixed an issue introduced in Beta12 where the private
3363 key password would not be prompted for unless --askpass
3364 was explicitly specified in the config.
3366 2004.10.17 -- Version 2.0-beta12
3368 * Added support for username/password-based authentication.
3369 Clients can now authentication themselves with the server
3370 using either a certificate, a username/password, or both.
3371 New directives: --auth-user-pass, --auth-user-pass-verify,
3372 --client-cert-not-required, and --username-as-common-name.
3373 * Added NTLM proxy patch (William Preston).
3374 * Added --ifconfig-pool-linear server flag to allocate
3375 individual tun addresses for clients rather than /30
3376 subnets (won't work with Windows clients).
3377 * Modified --http-proxy code to cache username/password
3379 * Modified --http-proxy code to read username/password
3380 from the console when the auth file is given as "stdin".
3381 * Modified --askpass to take an optional filename argument.
3382 * --persist-tun and --persist-key now work in client mode
3383 and can be pushed to clients as well.
3384 * Added --ifconfig-pool-persist directive, to maintain
3385 ifconfig-pool info in a file which is persistent across
3386 daemon instantiations.
3387 * --user and --group privilege downgrades as well as
3388 --chroot now also work in client mode (the
3389 dowgrade/chroot will be delayed until the initialization
3390 sequence is completed).
3391 * Added --show-engines standalone directive to show
3392 available OpenSSL crypto accelerator engine support.
3393 * --engine directive now accepts an optional engine-ID
3394 parameter to control which engine is used.
3395 * "Connection reset, restarting" log message now shows
3396 which client is being reset.
3397 * Added --dhcp-pre-release directive in Windows version.
3398 * Second parm to --ip-win32 can be "default", e.g.
3399 --ip-win32 dynamic default 60.
3400 * Fixed documentation bug regarding environmental
3401 variable settings for --ifconfig-pool IP addresses.
3402 The correct environmental variable names are:
3403 ifconfig_pool_local_ip and ifconfig_pool_remote_ip.
3404 * ifconfig_pool_local_ip and ifconfig_pool_remote_ip
3405 environmental variables are now passed to the
3406 client-disconnect script.
3407 * In server mode, environmental variables are now scoped
3408 according to the client they are associated with,
3409 to solve the problem of "crosstalk" between different
3410 client's environmental variable sets.
3411 * Added --down-pre flag to cause --down script to be
3412 called before TUN/TAP close (rather than after).
3413 * Added --tls-exit flag which will cause OpenVPN
3414 to exit on any TLS errors.
3415 * Don't push a route to a client if it exactly
3416 matches an iroute (this lets you push routes to
3417 all clients, and OpenVPN will automatically remove
3418 the route from the route push list only for that client
3419 which the route actually belongs to).
3420 * Made '--resolv-retry infinite' the default.
3421 --resolv-retry can be disabled by using a parameter of 0.
3422 * For clients which plan to pull config info from server,
3423 set an initial default ping-restart of 60 seconds.
3424 * Optimized mute code to lessen the load on the processor
3425 when messages are being muted at a higher frequency.
3426 * Made route log messages non-mutable.
3427 * Silence the Linux "No buffer space available" message.
3428 * Added miscellaneous additional option sanity checks.
3429 * Added Windows version of easy-rsa scripts in
3430 easy-rsa/Windows directory (Andrew J. Richardson).
3431 * Added NetBSD route patch (Ed Ravin).
3432 * Added OpenBSD patch for TAP + --redirect-gateway
3433 (Waldemar Brodkorb).
3434 * Directives which prompt for a username and/or password
3435 will now work with --daemon (OpenVPN will prompt
3437 * Warn if CRL is from a different issuer than the
3438 issuer of the peer certificate (Bernhard Weisshuhn).
3439 * Changed init script chkconfig parameters to start
3440 OpenVPN daemon(s) before NFS.
3441 * Bug fix attempt of "too many I/O wait events" which occurs
3442 on OSes which prefer select() over poll() such as Mac OS X.
3443 * Added --ccd-exclusive flag. This flag will require, as a
3444 condition of authentication, that a connecting client has
3445 a --client-config-dir file.
3446 * TAP-Win32 open code will attempt to open a free adapter
3447 if --dev-node is not specified (Mathias Sundman).
3448 * Resequenced --nice and --chroot ordering so that --nice
3450 * Added --suppress-timestamps flag (Charles Duffy).
3451 * Source code changes to allow compilation by MSVC
3452 (Peter 'Luna' Runestig).
3453 * Added experimental --fast-io flag which optimizes
3454 TUN/TAP/UDP writes on non-Windows systems.
3456 2004.08.18 -- Version 2.0-beta11
3458 * Added --server, --server-bridge, --client, and
3459 --keepalive helper directives. See client.conf
3460 and server.conf in sample-config-files for sample
3461 configurations which use the new directives.
3462 * On Windows, added --route-method to control
3463 whether IP Helper API or route.exe is used
3464 to add/delete routes.
3465 * On Windows, added a second parameter to
3466 --route-delay to control the maximum time period
3467 to wait for the TAP-Win32 adapter to come up
3468 before adding routes.
3469 * Fixed bug in Windows version where configurations
3470 which omit --ifconfig might fail to recognize when
3471 the TAP adapter is up.
3472 * Proxy connection failures will now retry according
3473 to the --connect-retry parameter.
3474 * Fixed --dev null handling on Windows so that TLS
3475 loopback test described in INSTALL file works
3476 correctly on Windows.
3477 * Added "Initialization Sequence Completed" message
3478 after all initialization steps have been completed
3479 and the VPN can be considered "up".
3480 * Better sanity-checking on --ifconfig-pool parameters.
3481 * Added --tcp-queue-limit option to control
3482 TUN/TAP -> TCP socket overflow.
3483 * --ifconfig-nowarn flag will now silence general
3484 warnings about possible --ifconfig address
3485 conflicts, including the warning about --ifconfig
3486 and --remote addresses being in same /24 subnet.
3487 * Fixed case where server mode did not correctly
3488 identify certain types of ethernet multicast packets
3490 * Added --explicit-exit-notify option (experimental).
3492 2004.08.02 -- Version 2.0-beta10
3494 * Fixed possible reference after free of option strings
3495 after a restart, bug was introduced in beta8.
3496 * Fixed segfault at route.c:919 in the beta9
3497 Windows version that was being caused by indirection
3498 through a NULL pointer.
3499 * Mistakenly built debug version of TAP-Win32 driver
3500 for beta9. Beta10 has correct release build.
3502 2004.07.30 -- Version 2.0-beta9
3504 * Fixed --route issue on Windows that was introduced with
3505 the new beta8 route implementation based on the
3508 2004.07.27 -- Version 2.0-beta8
3510 * Added TCP support in server mode.
3511 * Added PKCS #12 support (Mathias Sundman).
3512 * Added patch to make revoke-crt and make-crl work
3513 seamlessly within the easy-rsa environment (Jan Kiszka).
3514 * Modified --mode server ethernet bridge code to forward
3515 special IEEE 802.1d MAC Groups, i.e. 01:80:C2:XX:XX:XX.
3516 * Added --dhcp-renew and --dhcp-release flags to Windows
3517 version. Normally DHCP renewal and release on the TAP
3518 adapter occurs automatically under Windows, however
3519 if you set the TAP-Win32 adapter Media Status property
3520 to "Always Connected", you may need these flags.
3521 * Added --show-net standalone flag to Windows version to
3522 show OpenVPN's view of the system adapter and routing
3524 * Added --show-net-up flag to Windows version to output
3525 the system routing table and network adapter list to
3526 the log file after the TAP-Win32 adapter has been brought
3527 up and any routes have been added.
3528 * Modified Windows version to add routes using the IP Helper
3529 API rather than by calling route.exe.
3530 * Fixed bug where --route-up script was not being called
3531 if no --route options were specified.
3532 * Added --mute-replay-warnings to suppress packet replay
3533 warnings. This is a common false alarm on WiFi nets.
3534 * Added "def1" flag to --redirect-gateway option to override
3535 the default gateway by using 0.0.0.0/1 and 128.0.0.0/1
3536 rather than 0.0.0.0/0. This has the benefit of overriding
3537 but not wiping out the original default gateway.
3538 (Thanks to Jim Carter for pointing out this idea).
3539 * You can now run OpenVPN with a single config file argument.
3540 For example, you can now say "openvpn config.conf"
3541 rather than "openvpn --config config.conf".
3542 * On Windows, made --route and --route-delay more adaptive
3543 with respect to waiting for interfaces referenced by the
3544 route destination to come up. Routes added by --route
3545 should now be added as soon as the interface comes up,
3546 rather than after an obligatory 10 second delay. The
3547 way this works internally is that --route-delay now
3548 defaults to 0 on Windows. Previous versions would
3549 wait for --route-delay seconds then add the routes.
3550 This version will wait --route-delay seconds and then
3551 test the routing table at one second intervals for the
3552 next 30 seconds and will not add the routes until they
3553 can be added without errors.
3554 * On Windows, don't setsockopt SO_SNDBUF or SO_RCVBUF by
3555 default on TCP/UDP socket in light of reports that this
3556 action can have undesirable global side effects on the
3557 MTU settings of other adapters. These parameters can
3558 still be set, but you need to explicitly specify
3559 --sndbuf and/or --rcvbuf.
3560 * Added --max-clients option to limit the maximum number
3561 of simultaneously connected clients in server mode.
3562 * Added error message to illuminate shell escape gotcha when
3563 single backslashes are used in Windows path names.
3564 * Added optional netmask parm to --ifconfig-pool.
3565 * Fixed bug where http-proxy connect retry attempts were
3566 incorrectly going to the remote OpenVPN server,
3567 not to the HTTP proxy server.
3569 2004.06.29 -- Version 2.0-beta7
3571 * Fixed bug in link_socket_verify_incoming_addr() which
3572 under certain circumstances could have caused --float
3573 behavior even if --float was not specified.
3574 * --tls-auth option now works with --mode server.
3575 All clients and the server should use the same
3576 --tls-auth key when operating in client/server mode.
3577 * Added --engine option to make use of OpenSSL-supported
3578 crypto acceleration hardware.
3579 * Fixed some high verbosity print format size issues
3580 in event.c for 64 bit platforms (Janne Johansson).
3581 * Made failure to open --log or --log-append file
3584 2004.06.23 -- Version 2.0-beta6
3586 * Fixed Windows installer to intelligently put
3587 up a reboot dialog only if tapinstall tells
3588 us that it's really necessary.
3589 * Fixed "Assertion failed at fragment.c:309"
3590 bug when --mode server and --fragment are used
3592 * Ignore HUP, USR1, and USR2 signals during
3593 initialization. Prior versions would abort.
3594 * Fixed bug on OS X: "Assertion failed at event.c:406".
3595 * Added --service option to Windows version, for use
3596 when OpenVPN is being programmatically instantiated
3597 by another process (see man page for info).
3598 * --log and --log-append options now work on Windows.
3599 * Update OpenBSD INSTALL notes (Janne Johansson).
3600 * Enable multicast on tun interface when running on
3601 OpenBSD (Pavlin Radoslavov).
3602 * Fixed recent --test-crypto breakage, where options
3603 such as --cipher were not being parsed correctly.
3604 * Modified options compatibility string by removing
3605 ifconfig substring if it is empty. Incremented
3606 options compatibility string version number to 4.
3607 * Fixed typo in --tls-timeout option parsing
3610 2004.06.13 -- Version 2.0-beta5
3612 * Fixed rare --mode server crash that could occur
3613 if data was being routed to a client at
3614 high bandwidth at the precise moment that the
3615 client instance object on the server was being
3617 * Fixed issue on machines which have epoll.h and
3618 the epoll_create glibc call defined, but which
3619 don't actually implement epoll in the kernel.
3620 OpenVPN will now gracefully fall back to the
3621 poll API in this case.
3622 * Fixed Windows bug which would cause the following
3623 error in a --mode server --dev tap configuration:
3624 "resource limit WSA_MAXIMUM_WAIT_EVENTS has been
3626 * Added CRL (certificate revocation list) management
3627 scripts to easy-rsa directory (Jon Bendtsen).
3628 * Do a better job of getting the ifconfig component
3629 of the options consistency check to work correctly
3630 when --up-delay is used.
3631 * De-inlined some functions which were too complex
3632 to be inlined anyway with gcc.
3633 * If a --dhcp-option option is pushed to a non-windows
3634 client, the option will be saved in the client's
3635 environment before the --up script is called, under
3636 the name "foreign_option_{n}".
3637 * Added --learn-address script (see man page) which
3638 allows for firewall access through the VPN to be
3639 controlled based on the client common name.
3640 * In mode --server mode, when a client connects to
3641 the server, the server will disconnect any
3642 still-active clients which use the same common
3643 name. Use --duplicate-cn flag to revert to
3644 previous behavior of allowing multiple clients
3645 to concurrently connect with the same common name.
3647 2004.06.08 -- Version 2.0-beta4
3649 * Fixed issue with beta3 where Win32 service wrapper
3650 was keying off of old TAP HWID as a dependency. To
3651 ensure that the new service wrapper is correctly
3652 installed, the Windows install script will uninstall
3653 the old wrapper before installing the new one,
3654 causing a reset of service properties.
3655 * Fixed permissions issue on --status output file,
3656 with default access permissions of owner read/write
3657 only (default permissions can be changed of course with
3660 2004.06.05 -- Version 2.0-beta3
3662 * More changes to TAP-Win32 driver's INF file which
3663 affects the placement of the driver in the Windows
3664 device namespace. This is done to work around an
3665 apparent bug in Windows when short HWIDs are used,
3666 and will also ease the upgrade from 1.x to 2.0 by
3667 reducing the chances that a reboot will be needed
3668 on upgrade. Like beta2, this upgrade will
3669 delete existing TAP-Win32 interfaces, and reinstall
3670 a single new interface with default properties.
3671 * Major rewrite of I/O event wait layer in the style
3672 of libevent. This is a precursor to TCP support
3674 * New feature: --status. Outputs a SIGUSR2-like
3675 status summary to a given file, updated once
3676 per n seconds. The status file is comma delimited
3677 for easy machine parsing.
3678 * --ifconfig-pool now remembers common names and
3679 will try to assign a consistent IP to a given
3680 common name. Still to do: persist --ifconfig-pool
3681 memory across restarts by saving state in file.
3682 * Fixed bug in event timer queue which could cause
3683 recurring timer events such as --ping to not
3684 correctly schedule again after firing. This in
3685 turn would cause spurrious ping restarts and possible
3686 connection outages. Thanks to Denis Vlasenko for
3688 * Possible fix to reported bug where --daemon argument
3689 was not printing to syslog correctly after restart.
3690 * Fixed bug where pulling --route or --dhcp-option
3691 directives from a server would problematically
3692 interact with --persist-tun on the client.
3693 * Updated contrib/multilevel-init.patch (Farkas Levente).
3694 * Added RPM build option to .spec and .spec.in files
3695 to optionally disable LZO inclusion (Ian Pilcher).
3696 * The latest MingW runtime and headers define
3697 'ssize_t', so a patch is needed (Gisle Vanem).
3699 2004.05.14 -- Version 2.0-beta2
3701 * Fixed signal handling bug in --mode server, where
3702 SIGHUP and SIGUSR1 were treated as SIGTERM.
3703 * Changed the TAP-Win32 HWID from "TAP" to "TAPDEV".
3704 Apparently the larger string may work around
3705 a problem where the TAP adapter is sometimes missing
3706 from the network connections panel, especially under
3707 XP SP2. Also note that installing this upgrade will
3708 uninstall any pre-existing TAP-Win32 adapters, and then
3709 install a single new adapter, meaning that old adapter
3710 properties will be lost. Thanks to Md5Chap for solving
3712 * For --mode server --dev tap, the options --ifconfig and
3713 --ifconfig-pool are now optional. This allows address
3714 assignment via DHCP or use of a TAP VPN without
3715 IP support, as has always been possible with 1.x.
3716 * Fixed bug where --ifconfig may not work correctly on
3718 * Added 'local' flag to --redirect-gateway for use on
3719 networks where both OpenVPN daemons are connected
3720 to a shared subnet, such as wireless.
3722 2004.05.09 -- Version 2.0-beta1
3724 * Unchanged from test29 except for version number
3727 2004.05.08 -- Version 2.0-test29
3729 * Modified --dev-node on Windows to accept a TAP-Win32
3730 GUID name. In addition, --show-adapters will now
3731 display the high-level name and GUID of each adapter.
3732 This is an attempt to work around an issue in Windows
3733 where sometimes the TAP-Win32 adapter installs correctly
3734 but has no icon in the network connections control
3735 panel. In such cases, being able to specify
3736 --dev-node {TAP-GUID} can work around the missing icon.
3738 2004.05.07 -- Version 2.0-test28
3740 * Fixed bug which could cause segfault on program
3741 shutdown if --route and --persist-tun are used
3744 2004.05.06 -- Version 2.0-test27
3746 * Fixed bug in close_instance() which might cause
3747 memory to be accessed after it had already been freed.
3748 * Fixed bug in verify_callback() that might have
3749 caused uninitialized data to be referenced.
3750 * --iroute now allows full CIDR subnet routing.
3751 * In "--mode server --dev tun" usage, source addresses
3752 on VPN packets coming from a particular client must
3753 be associated with that client in the OpenVPN internal
3756 2004.04.28 -- Version 2.0-test26
3758 * Optimized broadcast path in multi-client mode.
3759 * Added socket buffer size options --rcvbuf & --sndbuf.
3760 * Configure Linux tun/tap driver to use a more sensible
3761 txqueuelen default. Also allow explicit setting
3762 via --txqueuelen option (Harald Roelle).
3763 * The --remote option now allows the port number
3764 to be specified as the second parameter. If
3765 unspecified, the port number defaults to the
3767 * Multiple --remote options on the client can now be
3768 specified for load balancing and failover. The
3769 --remote-random flag can be used to initially randomize
3770 the --remote list for basic load balancing.
3771 * If a remote DNS name resolves to multiple DNS addresses,
3772 one will be chosen by random as a kind of basic
3773 load-balancing feature if --remote-random is used.
3774 * Added --connect-freq option to control maximum
3775 new connection frequency in multi-client mode.
3776 * In multi-client mode, all syslog messages associated
3777 with a specific client now include a client-ID prefix.
3778 * For Windows, use a gettimeofday() function based
3779 on QueryPerformanceCounter (Derek Burdick).
3780 * Fixed bug in interaction between --key-method 2
3781 and DES ciphers, where dynamic keys would be generated
3782 with bad parity and then be rejected.
3784 2004.04.17 -- Version 2.0-test24
3786 * Reworked multi-client broadcast handling.
3788 2004.04.13 -- Version 2.0-test23
3790 * Fixed bug in --dev tun --client-to-client routing.
3791 * Fixed a potential deadlock in --pull.
3792 * Fixed a problem with select() usage which could
3793 cause a repeating sequence of "select : Invalid
3796 2004.04.11 -- Version 2.0-test22
3798 * Fixed bug where --mode server + --daemon was
3799 prematurely closing syslog connection.
3800 * Added support for --redirect-gateway on Mac OS X
3802 * Minor changes to TAP-Win32 driver based on feedback
3803 from the NDISTest tool.
3805 2004.04.11 -- Version 2.0-test21
3807 * Optimizations in multi-client server event loop.
3809 2004.04.10 -- Version 2.0-test20
3811 * --mode server capability now works with either tun
3812 or tap interfaces. When used with tap interfaces,
3813 OpenVPN will internally bridge all client tap
3814 interfaces with the server tap interface.
3815 * Connecting clients can now have a client-specific
3816 configuration on the server, based on the client
3817 common name embedded in the client certificate.
3818 See --client-config-dir and --client-connect.
3819 These options can be used to configure client-specific
3821 * Added an option --client-to-client that enables
3822 internal client-to-client routing or bridging.
3823 Otherwise, clients will only "see" the server,
3824 not other connected clients.
3825 * Fixed bug in route scheduling which would have caused
3826 --mode server to not work on Windows in test18
3827 and test19 with the sample config file.
3828 * Man page is up to date with all new options.
3829 * OpenVPN 2.0 release notes on web site updated
3830 with tap-style tunnel examples.
3832 2004.04.02 -- Version 2.0-test19
3834 * Fixed bug where routes pushed from server were
3835 not working correctly on Windows clients.
3836 * Added Mac OS X route patch (Jeremy Apple).
3838 2004.03.30 -- Version 2.0-test18
3840 * Minor fixes + Windows self-install modified
3841 to use OpenSSL 0.9.7d.
3843 2004.03.29 -- Version 2.0-test17
3845 * Fixed some bugs related to instance timeout and deletion.
3846 * Extended --push/--pull option to support additional
3849 2004.03.28 -- Version 2.0-test16
3851 * Successful test of --mode udp-server, --push,
3852 --pull, and --ifconfig-pool with server on
3853 Linux 2.4 and clients on Linux and Windows.
3855 2004.03.25 -- Version 2.0-test15
3857 * Implemented hash-table lookup of client instances
3858 based either on remote UDP address/port or remote
3860 * Implemented a randomized binary tree based
3861 scheduler for scalably scheduling a large number
3862 of client instance events. Uses the treap
3863 data structure and node rotation algorithm
3864 to keep the tree balanced.
3865 * Initial implementation of ifconfig-pool.
3866 * Made --key-method 2 the default.
3868 2004.03.20 -- Version 2.0-test14
3870 * Implemented --push and --pull.
3872 2004.03.20 -- Version 2.0-test13
3874 * Reduced struct tls_multi and --single-session
3876 * Modified --single-session flag to be used
3877 in multi-client UDP server client instances.
3879 2004.03.19 -- Version 2.0-test12
3881 * Added the key multi-client UDP server options,
3882 --mode, --push, --pull, and --ifconfig-pool.
3883 * Revamped GC (garbage collection) code to not rely
3885 * Modifications to thread.[ch] to allow a more
3886 flexible thread model.
3888 2004.03.16 -- Version 2.0-test11
3890 * Moved all timer code to interval.h, added new file
3892 * Fixed missing include.
3894 2004.03.16 -- Version 2.0-test10
3896 * More TAP-Win32 fixes.
3897 * Initial debugging and testing of multi.[ch].
3899 2004.03.14 -- Version 2.0-test9
3901 * Branch merge with 1.6-rc3
3902 * More point-to-multipoint work in multi.[ch].
3903 * Major TAP-Win32 driver restructuring to use
3904 NdisMRegisterDevice instead of
3905 IoCreateDevice/IoCreateSymbolicLink.
3906 * Changed TAP-Win32 symbolic links to use \DosDevices\Global\
3908 * In the majority of cases, TAP-Win32 should now be
3909 able to install and uninstall on Win2K without requiring
3911 * TAP-Win32 MAC address can now be explicitly set in the
3912 adapter advanced properties page.
3914 2004.03.04 -- Version 2.0-test8
3916 * Branch merge with 1.6-rc2.
3918 2004.03.03 -- Version 2.0-test7
3920 * Branch merge with 1.6-rc1.2.
3922 2004.03.02 -- Version 2.0-test6
3924 * Branch merge with 1.6-rc1.
3926 2004.03.02 -- Version 2.0-test5
3928 * Move Socks5 UDP header append/remove to socks.c, and is
3929 called from forward.c.
3930 * Moved verify statics from ssl.c into struct tls_session.
3931 * Wrote multi.[ch] to handle top level of point-to-multipoint
3933 * Wrote some code to allow a struct link_socket in a child context
3934 to be slaved to the parent context.
3935 * Broke up packet read and process functions in forward.c
3936 (from socket or tuntap) into separate functions for read
3937 and process, so that point-to-point and point-to-multipoint can
3938 share the same code.
3939 * Expand TLS control channel to allow the passing of configuration
3941 * Wrote mroute.[ch] to handle internal packet routing for
3942 point-to-multipoint mode.
3944 2004.02.22 -- Version 2.0-test3
3946 * Initial work on UDP multi-client server.
3947 * Branch merge of 1.6-beta7
3949 2004.02.14 -- Version 2.0-test2
3951 * Refactorization of openvpn.c into openvpn.[ch]
3952 init.[ch] forward.[ch] forward-inline.h
3953 occ.[ch] occ-inline.h ping.[ch] ping-inline.h
3954 sig.[ch]. Created a master per-tunnel
3955 struct context in openvpn.h.
3956 * Branch merge of 1.6-beta6.2
3958 2003.11.06 -- Version 2.0-test1
3960 * Initial testbed for 2.0.
3962 2004.05.09 -- Version 1.6.0
3964 * Unchanged from 1.6-rc4 except for version number
3967 2004.04.01 -- Version 1.6-rc4
3969 * Made minor customizations to devcon and
3970 renamed as tapinstall.exe for Windows version.
3971 * Fixed "storage size of `iv' isn't known" build
3973 * OpenSSL 0.9.7d bundled with Windows self-install.
3975 2004.03.13 -- Version 1.6-rc3
3977 * Minor Windows fixes for --ip-win32 dynamic, relating to
3978 the way the TAP-Win32 driver responds to a DHCP request
3979 from the Windows DHCP client.
3980 * The net_gateway environmental variable wasn't being
3981 set correctly for called scripts (Paul Zuber).
3982 * Added code to determine the default gateway on FreeBSD,
3983 allowing the --redirect-gateway option to work
3984 (Juan Rodriguez Hervella).
3986 2004.03.04 -- Version 1.6-rc2
3988 * Fixed bug in Windows version where the NetBIOS node-type
3989 DHCP option might have been passed even if it was not
3991 * Fixed bug in Windows version introduced in 1.6-rc1, where
3992 DHCP timeout would be set to 0 seconds if --ifconfig option
3993 was used and --ip-win32 option was not explicitly specified.
3994 * Added some new --dhcp-option types for Windows version.
3996 2004.03.02 -- Version 1.6-rc1
3998 * For Windows, make "--ip-win32 dynamic" the default.
3999 * For Windows, make "--route-delay 10" the default
4000 unless --ip-win32 dynamic is not used or --route-delay
4001 is explicitly specified.
4002 * L_TLS mutex could have been left in a locked state
4003 for certain kinds of TLS errors.
4005 2004.02.22 -- Version 1.6-beta7
4007 * Allow scheduling priority increase (--nice) together
4008 with UID/GID downgrade (--user/--group).
4009 * Code that causes SIGUSR1 restart on TLS errors in TCP
4010 mode was not activated in pthread builds.
4011 * Save the certificate serial number in an environmental
4012 variable called tls_serial_{n} prior to calling the
4013 --tls-verify script. n is the current cert chain level.
4014 * Added NetBSD IPv6 tunnel capability (also requires
4015 a kernel patch) (Horst Laschinsky).
4016 * Fixed bug in checking the return value of the nice()
4017 function (Ian Pilcher).
4018 * Bug fix in new FreeBSD IPv6 over TUN code which was
4019 originally added in 1.6-beta5 (Nathanael Rensen).
4020 * More Socks5 fixes -- extended the struct frame
4021 infrastructure to accomodate proxy-based encapsulation
4023 * Added --dhcp-option to Windows version for setting
4024 adapter properties such as WINS & DNS servers.
4025 * Use a default route-delay of 5 seconds when
4026 --ip-win32 dynamic is specified (only applicable when
4027 --route-delay is not explicitly specified).
4028 * Added "log_append" registry variable to control
4029 whether the OpenVPN service wrapper on Windows
4030 opens log files in append (log_append="1") or
4031 truncate (log_append="0") mode. The default
4034 2004.02.05 -- Version 1.6-beta6
4036 * UDP over Socks5 fix to accomodate Socks5 encapsulation
4037 overhead (Christof Meerwald).
4038 * Minor --ip-win32 dynamic tweaks (use long lease time,
4039 invalidate existing lease with DHCPNAK).
4041 2004.02.01 -- Version 1.6-beta5
4043 * Added Socks5 proxy support (Christof Meerwald).
4044 * IPv6 tun support for FreeBSD (Thomas Glanzmann).
4045 * Special TAP-Win32 debug mode for Windows self-install that was
4046 enabled in beta4 is now turned off.
4047 * Added some new Solaris notes to INSTALL (Koen Maris).
4048 * More work on --ip-win32 dynamic.
4050 2004.01.27 -- Version 1.6-beta4
4052 * For this beta, the Windows self-install is a debug version
4053 and will run slower -- use only for testing.
4054 * Reverted the --ip-win32 default back to 'ipapi'
4056 * Added the offset parameter to '--ip-win32 dynamic' which
4057 can be used to control the address of the masqueraded
4058 DHCP server which replies to Windows DHCP requests.
4059 * Added a wait/nowait option to --inetd (nowait can only
4060 be used with TCP sockets, TLS authentication, and over
4061 a bridged configuration -- see FAQ for more info)
4062 (Stefan `Sec` Zehl).
4063 * Added a build-time capability where TAP-Win32 driver
4064 debug messages can be output by OpenVPN at --verb 6
4067 2004.01.20 -- Version 1.6-beta2
4069 * Added ./configure --enable-iproute2 flag which
4070 uses iproute2 instead of route + ifconfig --
4071 this is necessary for the LEAF Linux distro
4073 * Added renewal-time and rebind-time to set of
4074 DHCP options returned by the TAP-Win32 driver when
4075 "--ip-win32 dynamic" is used.
4077 2004.01.14 -- Version 1.6-beta1
4079 * Fixed --proxy bug that sometimes caused plaintext
4080 control info generated by the proxy prior to http
4081 CONNECT method establishment to be incorrectly
4082 parsed as OpenVPN data.
4083 * For Windows version, implemented the
4084 "--ip-win32 dynamic" method and made it the default.
4085 This method sets the TAP-Win32 adapter IP address
4086 and netmask by replying to the kernel's DHCP queries.
4087 See the man page for more detailed info.
4088 * Added --connect-retry parameter which controls
4089 the time interval (in seconds) between connect()
4090 retries when --proto tcp-client is used. Previously,
4091 this value was hardcoded to 5 seconds, and still
4093 * --resolv-retry can now be used with a parameter
4094 of "infinite" to retry indefinitely.
4095 * Added SSL_CTX_use_certificate_chain_file() to ssl.c
4096 for support of multi-level certificate chains
4098 * Fixed --tls-auth incompatibility with 1.4.x and earlier
4099 versions of OpenVPN when the passphrase file is an
4100 OpenVPN static key file (as generated by --genkey).
4101 * Added shell-escape support in config files using
4102 the backslash character ("\") so that (for example)
4103 double quotes can be passed to the shell.
4104 * Added "contrib" subdirectory on tarball, source zip,
4105 and CVS containing user-submitted contributions.
4106 * Added an optional patch to the Redhat init script to
4107 allow the configuration file directory to be a
4108 multi-level directory hierarchy (Farkas Levente).
4109 See contrib/multilevel-init.patch
4110 * Added some scripts and documentation on using
4111 Linux "fwmark" iptables rules to enable
4112 fine-grained routing control over the VPN
4113 (Sean Reifschneider, <jafo@tummy.com>).
4114 See contrib/openvpn-fwmarkroute-1.00
4116 2003.11.20 -- Version 1.5.0
4118 * Minor documentation changes.
4120 2003.11.04 -- Version 1.5-beta14
4122 * Fixed build problem with ./configure --disable-ssl
4123 that was reported on Debian woody.
4124 * Fixed bug where --redirect-gateway could not be used
4125 together with --resolv-retry.
4127 2003.11.03 -- Version 1.5-beta13
4129 * Added CRL (certificate revocation list) capability using
4130 --crl-verify option (Stefano Bracalenti).
4131 * Added --replay-window option for variable replay-protection
4133 * Fixed --fragment bug which might have caused certain large
4134 packets to be sent unfragmented.
4135 * Modified --secret and --tls-auth to permit different cipher and
4136 HMAC keys to be used for each data flow direction. Also
4137 increased static key file size generated by --genkey from
4138 1024 to 2048 bits, where 512 bits each are reserved for
4139 send-HMAC, encrypt, receive-HMAC, and decrypt. Key file forward
4140 and backward compatibility is maintained. See --secret option
4141 documentation on the man page for more info.
4142 * Added --tls-remote option (Teemu Kiviniemi).
4143 * Fixed --tls-cipher documention regarding correct delimiter
4144 usage (Teemu Kiviniemi).
4145 * Added --key-method option for selecting alternative data
4146 channel key negotiation methods. Method 1 is the default.
4147 Method 2 has been added (see man page for more info).
4148 * Added French translation of HOWTO to web site
4149 (Guillaume Lehmann).
4150 * Fixed problem caused by late resolver library load on
4151 certain platforms when --resolv-retry and --chroot are
4152 used together (Teemu Kiviniemi).
4153 * In TCP mode, all decryption or TLS errors will abort the current
4154 connection (this is not done in UDP mode because UDP is
4156 * Fixed a TCP client reconnect bug that only occurs on the
4157 BSDs, where connect() fails with an invalid argument. This
4158 bug was partially (but not completely) fixed in beta7.
4159 * Added "route_net_gateway" environmental variable which contains
4160 the pre-existing default gateway address from the routing table
4161 (there's no standard API for getting the default gateway, so
4162 right now this feature only works on Windows or Linux).
4163 * Renamed the "route_default_gateway" enviromental variable to
4164 "route_vpn_gateway" -- this is the remote VPN endpoint.
4165 * The special keywords vpn_gateway, net_gateway, and remote_host
4166 can now be used for the network or gateway components of the
4167 --route option. See the man page for more info.
4168 * Added the --redirect-gateway option to configure the VPN
4169 as the default gateway (implemented on Linux and Windows only).
4170 * Added the --http-proxy option with basic authentication
4171 support for use in TCP client mode. Successfully tested
4172 using Squid as the HTTP proxy, with and without authentication.
4174 2003.10.12 -- Version 1.5-beta12
4176 * Fixed Linux-only bug in --mktun and --rmtun which was
4177 introduced around beta8 or so, which would cause
4178 an error such as "I don't recognize device tun0 as a
4179 tun or tap device1".
4180 * Added --ifconfig-nowarn option to disable options
4181 consistency warnings about --ifconfig parameters.
4182 * Don't allow any kind of sequence number backtracking or
4183 message reordering when in TCP mode.
4184 * Changed beta naming convention to use '_' (underscore)
4185 rather than '-' (dash) to pacify rpmbuild.
4187 2003.10.08 -- Version 1.5-beta11
4189 * Modified code in the Windows version which sets the IP address
4190 and netmask of the TAP-Win32 adapter using the IP Helper API.
4191 Most of the changes involve better error recovery when
4192 the IP Helper API returns an error status. See the
4193 manual page entry on --ip-win32 for more info.
4195 2003.10.08 -- Version 1.5-beta10
4197 * Added getpass() function for Windows version so that --askpass
4198 option works correctly (Stefano Bracalenti).
4199 * Added reboot advisory to end of Win32 install script.
4200 * Changed crypto code to use pseudo-random IVs rather than
4201 carrying forward the IV state from the previous packet.
4202 This is in response to item 2 in the following document:
4203 http://www.openssl.org/~bodo/tls-cbc.txt which points
4204 out weaknesses in TLS's use of the same IV carryforward
4205 approach. This change does not break protocol compatibility
4206 with previous versions of OpenVPN.
4207 * Made a change to the crypto replay protection code to also
4208 protect against certain kinds of packet reordering attacks.
4209 This change does not break protocol compatibility with
4210 previous versions of OpenVPN.
4211 * Added --ip-win32 option to provide several choices for
4212 setting the IP address on the TAP-Win32 adapter.
4213 * #ifdefed out non-CBC crypto modes by default.
4214 * Added --up-delay option to delay TUN/TAP open and --up script
4215 execution until after connection establishment. This option
4216 replaces the earlier windows-only option --tap-delay.
4218 2003.10.01 -- Version 1.5-beta9
4220 * Fixed --route-noexec bug where option was not parsed correctly.
4221 * Complain if --dev tun is specified without --ifconfig on Windows.
4222 * Fixed bug where TCP connections on windows would sometimes cause
4223 an assertion failure.
4224 * Added a new flag to TAP-Win32 advanced properties that allows one
4225 to set the adapter to be always "connected" even when an OpenVPN
4226 process doesn't have it open. The default behavior is to report
4227 a media status of connected only when an OpenVPN process has the
4229 * Rebuilt the Windows self-install distribution with OpenSSL 0.9.7c
4230 DLLs in response to an OpenSSL security advisory.
4232 2003.09.30 -- Version 1.5-beta8
4234 * Extended the --ifconfig option to work on tap devices as well
4236 * Implemented the --ifconfig option for Windows, by calling the
4238 * By default, do an "arp -d *" on Windows after TAP-Win32 open to
4239 refresh the MAC cache. This behaviour can be disabled with
4241 * On Windows, allow the --dev-node parameter (which specifies
4242 the name of the TAP-Win32 adapter) to be omitted in cases where
4243 there is a single TAP-Win32 adapter on the system which can be
4244 assumed to be the default.
4245 * Modified the diagnostic --verb 5 debugging level to print 'R'
4246 for TCP/UDP read, 'W' for TCP/UDP write, 'r' for TUN/TAP read,
4247 and 'w' for TUN/TAP write.
4248 * Conditionalize OpenBSD read_tun and write_tun based on tun or tap
4250 * Added IPv6 tun support to OpenBSD (Thomas Glanzmann).
4251 * Make the --enable-mtu-dynamic ./configure option enabled by
4253 * Deprecated the --mtu-dynamic run-time option, in favor of
4255 * DNS names can now be used as --ifconfig parameters.
4256 * Significant work on TAP-Win32 driver to bring up to SMP standards.
4257 * On Windows, fixed dangling IRP problem if TAP-Win32 driver is
4258 unloaded or disabled, while a user-space process has it open.
4259 * On Windows, if --tun-mtu is not specified, it will be read from
4260 the TAP-Win32 driver via ioctl.
4261 * On Windows, added TAP-Win32 driver status info to "F2" keyboard
4262 signal (only when run from a console window).
4263 * Added --mssfix option to control TCP MSS size (YANO Hirokuni).
4264 * Renamed --mtu-dynamic option to --fragment to more accurately
4265 reflect its function. Fragment accepts a single parameter which
4266 is the upper limit on acceptable UDP packet size.
4267 * Changed default --tun-mtu-extra parameter to 32 from 64.
4268 * Eliminated reference to malloc.o in configure.ac.
4269 * Added tun device emulation to the TAP-Win32 driver.
4270 * Added --route and related options.
4271 * Added init script for SuSE Linux (Frank Plohmann).
4272 * Extended option consistency check between peers to function
4273 in all crypto modes, including static-key and cleartext modes.
4274 Previously only TLS mode was supported. Disable with
4276 * Overall, increased the amount of configuration option sanity
4277 checking, especially of networking parameters.
4278 * Added --mtu-test option for empirical MTU measurement.
4279 * Added Windows-only option --tap-delay to not set the TAP-Win32
4280 adapter media state to 'connected' until TCP/UDP connection
4281 establishment with peer.
4282 * Slightly modified --route/--route-delay semantics so that when
4283 --route is given without --route-delay, routes are added
4284 immediately after tun/tap device open. When --route-delay is
4285 specified, routes will be added n seconds after connection
4286 initiation, where n is the --route-delay parameter (which
4288 * Made TCP framing error into a non-fatal error that triggers a
4291 2003.08.28 -- Version 1.5-beta7
4293 * Fixed bug that caused OpenVPN not to respond to exit/restart
4294 signals when --resolv-retry is used and a local or remote DNS
4295 name cannot be resolved.
4296 * Exported a series of environmental variables with useful
4297 info for scripts. See man page for more info. Based
4298 on a suggestion by Anthony Ciaravalo.
4299 * Moved TCP/UDP socket bind to a point in the initialization
4300 before the --up script gets called. This is desirable
4301 because (a) a socket bind failure will happen before
4302 daemonization, allowing an error status code to be returned
4303 to the shell and (b) the possibility is eliminated of a
4304 socket bind failure causing the --up script to be run
4305 but not the --down script. This change has a side effect
4306 that --resolv-retry will no longer work with --local.
4307 * Fixed bug where if an OpenVPN TCP server went down and back
4308 up again, Solaris or FreeBSD clients would fail to reconnect
4310 * Fixed bug that prevented OpenVPN from being run by
4311 inetd/xinetd in TCP mode.
4312 * Added --log and --log-append options for logging messages to
4314 * On Windows, check that the current user is a member of the
4315 Administrator group before attempting install or uninstall.
4317 2003.08.16 -- Version 1.5-beta6
4319 * Fixed TAP-Win32 driver to properly increment the Rx/Tx count.
4321 2003.08.14 -- Version 1.5-beta5
4323 * Added user-configurability of the TAP-Win32 adapter MTU
4324 through the adapter advanced properties page.
4325 * Added Windows Service support.
4326 * On Windows, added file association and right-clickability
4327 for .ovpn files (OpenVPN config files).
4329 2003.08.05 -- Version 1.5-beta4
4331 * Extra refinements and error checking added to Windows
4332 NSIS install script.
4334 2003.08.05 -- Version 1.5-beta3
4336 * Added md5.h include to crypto.c to fix build problem on
4338 * Created a Win32 installer using NSIS.
4339 * Removed DelService command from TAP-Win32 INF file. It appears
4340 to be not necessary and it interfered with the ability to
4341 uninstall and reinstall the driver without needing to reboot.
4342 * On Windows version, added "addtap" and "deltapall" batch
4343 files to add and delete TAP-Win32 adapter instances.
4345 2003.07.31 -- Version 1.5-beta2
4347 * Renamed INSTALL.w32 to INSTALL-win32.txt and reformatted
4348 in Windows ASCII so it's easier to click and view.
4349 * Added postscript and PDF versions of the HOWTO to the web
4351 * Merged Michael Clarke's stability patch into TAP-Win32
4352 driver which appears to fix the suspend/resume driver bug
4353 and significantly improve driver stability.
4354 * Added Christof Meerwald's Media Status patch to the
4355 TAP-Win32 driver which shows the TAP adapter to be
4356 disconnected when OpenVPN is not running.
4357 * Moved socket connect and TCP server listen code to a later
4358 point in openvpn() function so that the TCP server listen
4359 state is entered after daemonization.
4360 * Added keyboard shortcuts to simulate signals in the Windows
4361 version, see the window title bar for descriptions.
4363 2003.07.24 -- Version 1.5-beta1
4365 * Added TCP support via the new --proto option.
4366 * Renamed udp-centric options such as --udp-mtu to
4367 --link-mtu (old option names preserved for compatibility).
4368 * Ported to Windows 2000 + XP using mingw and a TAP driver
4369 derived from the Cipe-Win32 project by Damion K. Wilson.
4370 * Added --show-adapters flag for windows version.
4371 * Reworked the SSL/TLS packet acknowledge code to better
4372 handle certain corner cases.
4373 * Turned off the default enabling of IP forwarding in the
4374 sample-scripts/openvpn.init script for Redhat.
4375 Forwarding can be enabled by users in their --up scripts
4377 * Added --up-restart option based on suggestion from Sean
4379 * If --dev tap or --dev-type tap is specified, --tun-mtu
4380 defaults to 1500 and --tun-mtu-extra defaults to 64.
4381 * Enabled --verb 5 debugging mode that prints 'R' and 'W'
4382 for each packet read or write on the TCP/UDP socket.
4384 2003.08.04 -- Version 1.4.3
4386 * Added md5.h include to crypto.c
4387 to fix build problem on OpenBSD.
4389 2003.07.15 -- Version 1.4.2
4391 * Removed adaptive bandwidth from
4392 --mtu-dynamic -- its absence appears
4393 to work better than its existence (1.4.1.2).
4394 * Minor changes to --shaper to fix long
4395 retransmit timeouts at low bandwidth
4397 * Added LOG_RW flag to openvpn.h for
4398 debugging (1.4.1.2).
4399 * Silenced spurious configure warnings (1.4.1.2).
4400 * Backed out --dev-name patch, modified --dev
4401 to offer equivalent functionality (1.4.1.4).
4402 * Added an optional parameter to --daemon and
4403 --inetd to support the passing of a custom
4404 program name to the system logger (1.4.1.5).
4405 * Add compiled-in options to the program title
4407 * Coded the beginnings of a WIN32 port (1.4.1.5).
4408 * Succeeded in porting to Win32 Mingw environment
4409 and running loopback tests (1.4.1.6). Still
4410 need a kernel driver for full Win32
4412 * Fixed a bug in error.h where
4413 HAVE_CPP_VARARG_MACRO_GCC was misspelled.
4414 This would have caused a significant slowdown
4415 of OpenVPN when built by compilers that
4416 lack ISO C99 vararg macros (1.4.1.6).
4417 * Created an init script for Gentoo Linux
4418 in ./gentoo directory (1.4.1.6).
4420 2003.05.15 -- Version 1.4.1
4422 * Modified the Linux 2.4 TUN/TAP open code to
4423 fall back to the 2.2 TUN/TAP interface if the
4424 open or ioctl fails.
4425 * Fixed bug when --verb is set to 0 and non-fatal
4426 socket errors occur, causing 100% CPU utilization.
4427 Occurs on platorms where
4428 EXTENDED_SOCKET_ERROR_CAPABILITY is defined,
4430 * Fixed typo in tun.c that was preventing
4432 * Added --enable-mtu-dynamic configure option
4433 to enable --mtu-dynamic experimental option.
4435 2003.05.07 -- Version 1.4.0
4437 * Added --replay-persist feature to allow replay
4438 protection across sessions.
4439 * Fixed bug where --ifconfig could not be used
4441 * Added --tun-mtu-extra parameter to deal with
4442 the situation where a read on a TUN/TAP device
4443 returns more data than the device's MTU size.
4444 * Fixed bug where some IPv6 support code for
4445 Linux was not being properly ifdefed out for
4446 Linux 2.2, causing compile errors.
4447 * Added OPENVPN_EXIT_STATUS_x codes to
4448 openvpn.h to control which status value
4449 openvpn returns to its caller (such as
4450 a shell or inetd/xinetd) for various conditions.
4451 * Added OPENVPN_DEBUG_COMMAND_LINE flag to
4452 openvpn.h to allow debugging in situations
4453 where stdout, stderr, and syslog cannot be used
4454 for message output, such as when OpenVPN is
4455 instantiated by inetd/xinetd.
4456 * Removed owner-execute permission from file
4457 created by static key generator (Herbert Xu
4458 and Alberto Gonzalez Iniesta).
4459 * Added --passtos option to allow IPv4 TOS bits
4460 to be passed from TUN/TAP input packets to
4461 the outgoing UDP socket (Craig Knox).
4462 * Added code to prevent open socket file descriptors
4463 from being accessible to called scripts.
4464 * Added --dev-name option (Christian Lademann).
4465 * Added --mtu-disc option for manual control
4467 * Show OS MTU value on UDP socket write failures
4469 * Numerous build system and portability
4470 fixes (Matthias Andree).
4471 * Added better sensing of compiler support for
4472 variable argument macros, including (a) gcc
4473 style, (b) ISO C 1999 style, and (c) no support.
4474 * Removed generated files from CVS. Note INSTALL
4475 file for new CVS build commands.
4476 * Changed certain internal symbol names
4477 for C standards compliance.
4478 * Added TUN/TAP open code to cycle dynamically
4479 through unit numbers until it finds a free
4480 unit (based on code from Thomas Gielfeldt
4482 * Added dynamic MTU and fragmenting infrastructure
4483 (Experimental). Rebuild with FRAGMENT_ENABLE
4485 * Minor changes to SSL/TLS negotiation, use
4486 exponential backoff on retransmits, and use
4487 a smaller MTU size (note that no protocol
4488 changes have been made which would break
4489 compatibility with 1.3.x).
4490 * Added --enable-strict-options flag
4491 to ./configure. This option will cause
4492 a more strict check for options compatibility
4493 between peers when SSL/TLS negotiation is used,
4494 but should only be used when both OpenVPN peers
4495 are of the same version.
4496 * Reorganization of debugging levels.
4497 * Added a workaround in configure.ac for
4498 default SSL header location on Linux
4499 to fix RH9 build problem.
4500 * Fixed potential deadlock when pthread support
4501 is used on OSes that allocate a small socketpair()
4503 * Fixed openvpn.init to be sh compliant
4505 * Changed --daemon to wait until all
4506 initialization is finished before becoming a
4507 daemon, for the benefit of initialization
4508 scripts that want a useful return status from
4509 the openvpn command.
4510 * Made openvpn.init script more robust, including
4511 positive indication of initialization errors
4512 in the openvpn daemon and better sanity checks.
4513 * Changed --chroot to wait until initialization
4514 is finished before calling chroot(), and allow
4515 the use of --user and --group with --chroot.
4516 * When syslog logging is enabled (--daemon or
4517 --inetd), set stdin/stdout/stderr to point
4519 * For inetd instantiations, dup socket descriptor
4521 * Fixed bug in verify-cn script, where test would
4522 incorrectly fail if CN=x was the last component
4523 of the X509 composite string (Anonymous).
4524 * Added Markus F.X.J. Oberhumer's special
4525 license exception to COPYING.
4527 2002.10.23 -- Version 1.3.2
4529 * Added SSL_CTX_set_client_CA_list call
4530 to follow the canonical form for TLS initialization
4531 recommended by the OpenSSL docs. This change allows
4532 better support for intermediate CAs and has no impact
4534 * Added build-inter script to easy-rsa package, to
4535 facilitate the generation of intermediate CAs.
4536 * Ported to NetBSD (Dimitri Goldin).
4537 * Fixed minor bug in easy-rsa/sign-req. It refers to
4538 openssl.cnf file, instead of $KEY_CONFIG, like all
4539 other scripts (Ernesto Baschny).
4540 * Added --days 3650 to the root CA generation command
4541 in the HOWTO to override the woefully small 30 day
4542 default (Dominik 'Aeneas' Schnitzer).
4543 * Fixed bug where --ping-restart would sometimes
4544 not re-resolve remote DNS hostname.
4545 * Added --tun-ipv6 option and related infrastructure
4546 support for IPv6 over tun.
4547 * Added IPv6 over tun support for Linux (Aaron Sethman).
4548 * Added FreeBSD 4.1.1+ TUN/TAP driver notes to
4549 INSTALL (Matthias Andree).
4550 * Added inetd/xinetd support (--inetd) including
4551 documentation in the HOWTO.
4552 * Added "Important Note on the use of commercial certificate
4553 authorities (CAs) with OpenVPN" to HOWTO based on
4554 issues raised on the openvpn-users list.
4556 2002.07.10 -- Version 1.3.1
4558 * Fixed bug in openvpn.spec and openvpn.init
4559 which caused RPM upgrade to fail.
4561 2002.07.10 -- Version 1.3.0
4563 * Added --dev-node option to allow explicit selection of
4564 tun/tap device node.
4565 * Removed mlockall call from child thread, as it doesn't
4566 appear to be necessary (child thread inherits mlockall
4568 * Added --ping-timer-rem which causes timer for --ping-exit
4569 and --ping-restart not to run unless we have a remote IP
4571 * Added condrestart to openvpn.init and openvpn.spec
4573 * Added --ifconfig case for FreeBSD (Matthias Andree).
4574 * Call openlog with facility=LOG_DAEMON (Matthias Andree).
4575 * Changed LOG_INFO messages to LOG_NOTICE.
4576 * Added warning when key files are group/others accessible.
4577 * Added --single-session flag for TLS mode.
4578 * Fixed bug where --writepid would segfault if used with
4579 an invalid filename.
4580 * Fixed bug where --ipchange status message was formatted
4582 * Print more concise error message when system() call
4584 * Added --disable-occ option.
4585 * Added --local, --remote, and --ifconfig options sanity
4587 * Changed default UDP MTU to 1300 and TUN/TAP MTU to
4589 * Successfully tested with OpenSSL 0.9.7 Beta 2.
4590 * Broke out debug level definitions to errlevel.h
4591 * Minor documentation and web site changes.
4592 * All changes maintain protocol compatibility
4593 with OpenVPN versions since 1.1.0, however default
4594 MTU changes will require setting the MTU explicitly
4595 by command line option, if you want 1.3.0 to
4596 communicate with previous versions.
4598 2002.06.12 -- Version 1.2.1
4600 * Added --ping-restart option to restart
4601 connection on ping timeout using SIGUSR1
4602 logic (Matthias Andree).
4603 * Added --persist-tun, --persist-key,
4604 --persist-local-ip, and --persist-remote-ip
4605 options for finer-grained control over SIGUSR1
4606 and --ping-restart restarts. To
4607 replicate previous SIGUSR1 functionality,
4608 use --persist-remote-ip.
4609 * Changed residual IV fetching code to take
4610 IV from tail of ciphertext.
4611 * Added check to make sure that CFB or OFB
4612 cipher modes are only used with SSL/TLS
4613 authentication mode, and added a caveat
4615 * Changed signal handling during initialization
4616 (including re-initialization during restarts)
4617 to exit on SIGTERM or SIGINT and ignore other
4618 signals which would ordinarily be caught.
4619 * Added --resolv-retry option to allow
4620 retries on hostname resolution.
4621 * Expanded the --float option to also
4622 allow dynamic changes in source port number
4623 on incoming datagrams.
4624 * Added --mute option to limit repetitive
4625 logging of similar message types.
4626 * Added --group option to downgrade GID
4627 after initialization.
4628 * Try to set ifconfig path automatically
4630 * Added --ifconfig code for Mac OS X
4631 (Christoph Pfisterer).
4632 * Moved "Peer Connection Initiated" message
4634 * Successfully tested with
4635 OpenSSL 0.9.7 Beta 1 and AES cipher.
4636 * Added RPM notes to INSTALL.
4637 * Added ACX_PTHREAD (from the autoconf
4638 macro archive) to configure.ac
4639 to figure out the right pthread
4640 options for a given platform.
4641 * Broke out macro definitions from
4642 configure.ac to acinclude.m4.
4643 * Minor changes to docs and HOWTO.
4644 * All changes maintain protocol compatibility
4645 with OpenVPN versions since 1.1.0.
4647 2002.05.22 -- Version 1.2.0
4649 * Added configuration file support via
4650 the --config option.
4651 * Added pthread support to improve latency.
4652 With pthread support, OpenVPN
4653 will offload CPU-intensive tasks such as RSA
4654 key number crunching to a background thread
4655 to improve tunnel packet forwarding
4656 latency. pthread support can be enabled
4657 with the --enable-pthread configure option.
4658 Pthread support is currently available
4659 only for Linux and Solaris.
4660 * Added --dev-type option so that tun/tap
4661 device names don't need to begin with
4663 * Added --writepid option to write main
4664 process ID to a file.
4665 * Numerous portability fixes to ease
4666 porting to other OSes including changing
4667 all network types to uint8_t and uint32_t,
4668 and not assuming that time_t is 32 bits.
4669 * Backported to OpenSSL 0.9.5.
4670 * Ported to Solaris.
4671 * Finished OpenBSD port except for
4673 * Added initialization script:
4674 sample-scripts/openvpn.init
4676 * Ported to Mac OS X (Christoph Pfisterer).
4677 * Improved resilience to DoS attacks when
4678 TLS mode is used without --remote or
4679 --tls-auth, or when --float is used
4680 with --remote. Note however that the best
4681 defense against DoS attacks in TLS mode
4682 is to use --tls-auth.
4683 * Eliminated automake/autoconf dependency
4685 * Ported configure.in to configure.ac
4687 * SIGHUP signal now causes OpenVPN to restart
4688 and re-read command line and or config file,
4689 in conformance with canonical daemon behaviour.
4690 * SIGUSR1 now does what SIGHUP did in
4691 version 1.1.1 and earlier -- close and reopen
4692 the UDP socket for use when DHCP changes
4693 host's IP address and preserve most recently
4694 authenticated peer address without rereading
4696 * SIGUSR2 added -- outputs current statistics,
4697 including compression statistics.
4698 * All changes maintain protocol compatibility
4699 with 1.1.1 and 1.1.0.
4701 2002.04.22 -- Version 1.1.1
4703 * Added --ifconfig option to automatically configure
4705 * Added inactivity disconnect (--inactive
4706 and --ping-exit options).
4707 * Added --ping option to keep stateful firewalls
4709 * Added sanity check to command line parser to
4710 err if any TLS options are used in non-TLS mode.
4711 * Fixed build problem with compiler environments that
4712 define printf as a macro.
4713 * Fixed build problem on linux systems that have
4714 an integrated TUN/TAP driver but lack the persistent
4715 tunnel feature (TUNSETPERSIST). Some linux kernels
4716 >= 2.4.0 and < 2.4.7 fall into this category.
4717 * Changed all calls to EVP_CipherInit to use explicit
4718 encrypt/decrypt mode in order to fix problem with
4719 IDEA-CBC and AES-256-CBC ciphers.
4720 * Minor changes to control channel transmit limiter
4721 algorithm to fix problem where TLS control channel
4722 might not renegotiate within the default 60 second window.
4723 * Simplified man page examples by taking advantage
4724 of the new --ifconfig option.
4725 * Minor changes to configure.in to check more
4726 rigourously for OpenSSL 0.9.6 or greater.
4727 * Put back openvpn.spec, eliminated
4729 * Modified openvpn.spec to reflect new automake-based
4730 build environment (Bishop Clark).
4731 * Other documentation changes.
4732 * Added --test-crypto option for debugging.
4733 * Added "missing" and "mkinstalldirs" automake
4737 2002.04.09 -- Version 1.1.0
4739 * Strengthened replay protection and IV handling,
4740 extending it fully to both static key and
4741 TLS dynamic key exchange modes.
4742 * Added --mlock option to disable paging and ensure that key
4743 material and tunnel data is never paged to disk.
4744 * Added optional traffic shaping feature to cap the maximum
4745 data rate of the tunnel.
4746 * Converted to automake (The Platypus Brothers 2002-04-01).
4747 * Ported to OpenBSD by Janne Johansson.
4748 * Added --tun-af-inet option to work around an incompatibility
4749 between Linux and BSD tun drivers.
4750 * Sequence number-based replay protection using the
4751 IPSec sliding window model is now the default,
4752 disable with --no-replay.
4753 * Explicit IV is now the default, disable with --no-iv.
4754 * Disabled all cipher modes except CBC, CFB, and OFB.
4755 * In CBC mode, use explicit IV and carry forward residuals,
4757 * In CFB/OFB mode, IV is timestamp, sequence number.
4758 * Eliminated --packet-id, --timestamp, and max-delta parameter to
4759 the --tls-auth option as they are now supplanted by improved
4760 replay code which is enabled by default.
4761 * Eliminated --rand-iv as it is now obsolete with improved
4763 * Eliminated --reneg-err option as it increases vulnerability
4765 * Added weak key check for DES ciphers.
4766 * --tls-freq option is no longer specified on the command line,
4767 instead it now inherits its parameter from the
4768 --tls-timeout option.
4769 * Fixed bug that would try to free memory on exit that was
4770 never malloced if --comp-lzo was not specified.
4771 * Errata fixed in the man page examples: "test-ca" should be
4773 * Updated manual page.
4774 * Preliminary work in porting to OpenSSL 0.9.7.
4775 * Changed license to allowing linking with OpenSSL.
4777 2002.03.29 -- Version 1.0.3
4779 * Fixed a problem in configure with library ordering on the
4782 2002.03.28 -- Version 1.0.2
4784 * Improved the efficiency of the inner event loop.
4785 * Fixed a minor bug with timeout handling.
4786 * Improved the build system to build on RH 6.2 through 7.2.
4787 * Added an openvpn.spec file for RPM builders (Bishop Clark).
4789 2002.03.23 -- Version 1.0
4791 * Added TLS-based authentication and key exchange.
4792 * Added gremlin mode to stress test.
4795 2001.12.26 -- Version 0.91
4797 * Added any choice of cipher or HMAC digest.
4799 2001.5.13 -- Version 0.90
4802 * IP tunnel over UDP, with blowfish cipher and SHA1 HMAC signature.