From: Gert Doering Date: Wed, 28 Dec 2022 10:44:57 +0000 (+0100) Subject: Preparing release 2.6_rc1 X-Git-Tag: v2.6_rc1^0 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=84e70c479e81eebe9933bec586c5fd144456294d;p=thirdparty%2Fopenvpn.git Preparing release 2.6_rc1 version.m4, ChangeLog, Changes.rst Signed-off-by: Gert Doering --- diff --git a/ChangeLog b/ChangeLog index 6c9a0922d..1840f784e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,47 @@ OpenVPN ChangeLog Copyright (C) 2002-2022 OpenVPN Inc +2022.12.29 -- Version 2.6_rc1 + +Arne Schwabe (17): + Ensure that argument to parse_line has always space for final sentinel + Improve documentation on user/password requirement and unicodize function + Eliminate or comment empty blocks and switch fallthrough + Remove unused gc_arena + Fix corner case that might lead to leaked file descriptor + Deprecate NTLMv1 proxy auth method. + Use include "buffer.h" instead of include + Ensure that dco keepalive and mssfix options are also set in pure p2p mode + Make management password check constant time + Rename TM_UNTRUSTED to TM_INITIAL, always start session in TM_INITIAL rather than TM_ACTIVE or TM_INITIAL + Move dco_installed back to link_socket from link_socket.info.actual + Do not set nl socket buffer size + Also drop incoming dco packet content when dropping the packet + Improve logging when seeing a message for an unkown peer + Ignore OVPN_DEL_PEER_REASON_USERSPACE to avoid race conditions + Replace custom min macro and use more C99 style in man_remote_entry_get + Replace realloc with new gc_realloc function + +David Sommerseth (1): + ssl_verify: Fix memleak if creating deferred auth control files fails + +Gert Doering (1): + bandaid fix for TCP multipoint server crash with Linux-DCO + +Lev Stipakov (2): + git-version.py: proper support for tags + msvc: upgrade to Visual Studio 2022 + +Selva Nair (7): + Reduce default restart pause to 1 second + Do not include auth-token in pulled option digest + Persist DCO client data channel traffic stats on restart + Add remote-count and remote-entry query via management + Permit unlimited connection entries and remotes + Use a template for 'unsupported management commands' error + Allow skipping multple remotes via management interface + + 2022.12.15 -- Version 2.6_beta2 Antonio Quartulli (1): diff --git a/Changes.rst b/Changes.rst index ab1b9c5f3..160c8b1bb 100644 --- a/Changes.rst +++ b/Changes.rst @@ -1,3 +1,48 @@ +Overview of changes in 2.6_rc1 +============================== + +New features +------------ +Support unlimited number of connection entries and remote entries + +New management commands to enumerate and list remote entries + Use ``remote-entry-count`` and ``remote-entry-get`` + commands from the management interface to get the number of + remote entries and the entries themselves. + + +Bugfixes / minor improvements +----------------------------- +Improve DCO-related logging in many places. + +DCO/Linux robustness fixes. + +DCO/Linux TCP crashbug (recvfrom(-1) endless loop) worked around - root + cause has not been found, but the condition is detected and the + offending client is removed, instead of crashing the server. + +Rename internal TLS state TM_UNTRUSTED to TM_INITIAL, always start new + peer handshake (new connect or renegotiation) in TM_INITIAL state. + +Upgrade Windows build environment to MSVC 2022 + +Make management password check constant time + +Repair keepalive and mss setting in DCO peer-to-peer mode. + +Persist DCO client data channel traffic stats on restart (Windows only). + +Do not include auth-token in pulled option digest. + +Reduce default restart pause (--connect-retry) to 1 second. + +Deprecate NTLMv1 proxy auth method. + +Fix possible buffer-overrun in command line and ccd/ argument parsing. + +Fix memleak if creating deferred auth control files fails + + Overview of changes in 2.6_beta2 ================================ @@ -46,13 +91,6 @@ instead: https://github.com/OpenVPN/openvpn/issues New features ------------ -Support unlimited number of connection entries and remote entries - -New management commands to enumerate and list remote entries - Use ``remote-entry-count`` and ``remote-entry-get`` - commands from the management interface to get the number of - remote entries and the entries themselves. - Keying Material Exporters (RFC 5705) based key generation As part of the cipher negotiation OpenVPN will automatically prefer the RFC5705 based key material generation to the current custom diff --git a/version.m4 b/version.m4 index abb02abfa..93eaee8f2 100644 --- a/version.m4 +++ b/version.m4 @@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN]) define([PRODUCT_TARNAME], [openvpn]) define([PRODUCT_VERSION_MAJOR], [2]) define([PRODUCT_VERSION_MINOR], [6]) -define([PRODUCT_VERSION_PATCH], [_beta2]) +define([PRODUCT_VERSION_PATCH], [_rc1]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]]) define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net]) -define([PRODUCT_VERSION_RESOURCE], [2,6,0,2]) +define([PRODUCT_VERSION_RESOURCE], [2,6,0,3]) dnl define the TAP version define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901]) define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])