From: Gert Doering Date: Thu, 15 Dec 2022 13:22:32 +0000 (+0100) Subject: Preparing release 2.6_beta2 X-Git-Tag: v2.6_beta2^0 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=566c0791caddc52e45c18b19cd650f79fe312e37;p=thirdparty%2Fopenvpn.git Preparing release 2.6_beta2 version.m4, ChangeLog, Changes.rst Signed-off-by: Gert Doering --- diff --git a/ChangeLog b/ChangeLog index 64ec4bff1..6c9a0922d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,45 @@ OpenVPN ChangeLog Copyright (C) 2002-2022 OpenVPN Inc +2022.12.15 -- Version 2.6_beta2 + +Antonio Quartulli (1): + disable DCO if --secret is specified + +Arne Schwabe (7): + Fix connection cookie not including address and fix endianness in test + Fix unit test of test_pkt on little endian Linux + Disable DCO when TLS mode is not used + Ignore connection attempts while server is shutting down + Improve debug logging of DCO swap key message and Linux dco_new_peer + Trigger a USR1 if dco_update_keys fails + Set DCO_NOT_INSTALLED also for keys not in the get_key_scan range + +Frank Lichtenheld (1): + ChangeLog: Fix encoding + +Kristof Provost (4): + Read DCO traffic stats from the kernel + dco: Update counters when a client disconnects + Read the peer deletion reason from the kernel + dco: cleanup FreeBSD dco_do_read() + +Lev Stipakov (3): + Rename dco_get_peer_stats to dco_get_peer_stats_multi + management: add timer to output BYTECOUNT + Introduce dco_get_peer_stats API and Windows implementation + +Marc Becker (4): + unify code path for adding PKCS#11 providers + use new pkcs11-helper interface to add providers + special handling for PKCS11 providers on win32 + vcpkg-ports/pkcs11-helper: support loader flags + +Max Fillinger (2): + Correct tls-crypt-v2 metadata length in man page + Fix message for too long tls-crypt-v2 metadata + + 2022.12.01 -- Version 2.6_beta1 Adrian (1): diff --git a/Changes.rst b/Changes.rst index fe91ece2e..2fb2777d7 100644 --- a/Changes.rst +++ b/Changes.rst @@ -1,3 +1,39 @@ +Overview of changes in 2.6_beta2 +================================ + +New features +------------ +Transport statistics (bytes in/out) for DCO environments + With DCO, OpenVPN userland will not see data packets and can not + count them, thus, no statistics. This feature implements server-side + statistics for FreeBSD+DCO and client-side statistics for Windows+DCO, + Linux and FreeBSD client will follow. + +pkcs11-helper updates + improve shared library loading on Windows, so "copy .dll to application + directory" recipes should no longer be necessary for pkcs#11 providers + +Bugfixes / minor improvements +----------------------------- +- add proper documentation for tls-crypt-v2 metadata limits, and better + error messages when these are exceeded + +- trigger SIGUSR1 if dco_update_keys() fails - this is, when OpenVPN + userland and kernel side key handling gets out of sync, restart instance + to recover. + +- improve logging for DCO key update handling + +- ignore incoming client connects while server is being shutdown + (Github: OpenVPN/openvpn#189) + +- disable DCO for p2p modes with no crypto or --secret pre-shared key + (= everything that is not TLS) + +- fix endianness issues for TLS cookie handling and unit test + + + Overview of changes in 2.6 ========================== diff --git a/version.m4 b/version.m4 index 0422525a0..abb02abfa 100644 --- a/version.m4 +++ b/version.m4 @@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN]) define([PRODUCT_TARNAME], [openvpn]) define([PRODUCT_VERSION_MAJOR], [2]) define([PRODUCT_VERSION_MINOR], [6]) -define([PRODUCT_VERSION_PATCH], [_beta1]) +define([PRODUCT_VERSION_PATCH], [_beta2]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]]) define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net]) -define([PRODUCT_VERSION_RESOURCE], [2,6,0,1]) +define([PRODUCT_VERSION_RESOURCE], [2,6,0,2]) dnl define the TAP version define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901]) define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])