OpenVPN Change Log
Copyright (C) 2002-2022 OpenVPN Inc <sales@openvpn.net>
+2022.05.24 -- Version 2.5.7
+
+Antonio Quartulli (4):
+ networking: use OPENVPN_ETH_ALEN instead of ETH_ALEN
+ networking_iproute2: don't pass M_WARN to openvpn_execve_check()
+ t_net.sh: delete dummy iface using iproute command
+ auth-pam.c: add missing include limits.h
+
+Arne Schwabe (11):
+ Add insecure tls-cert-profile options
+ Refactor early initialisation and uninitialisation into methods
+ Allow loading of non default providers
+ Add ubuntu 22.04 to Github Actions
+ Add macos OpenSSL 3.0 and ASAN builds
+ Add --with-openssl-engine autoconf option (auto|yes|no)
+ Fix allowing/showing unsupported ciphers and digests
+ Remove dependency on BF-CBC existance from test_ncp
+ Add message when decoding PKCS12 file fails.
+ Translate OpenSSL 3.0 digest names to OpenSSL 1.1 digest names
+ Fix client-pending-auth error message to say ERROR instead of SUCCESS
+
+Gert Doering (1):
+ Preparing release 2.5.7
+
+Jan Mikkelsen (1):
+ cipher-negotiation.rst missing from doc/Makefile.am
+
+Lev Stipakov (5):
+ vcpkg-ports\pkcs11-helper: shorten patch filename
+ msvc: adjust build options to harden binaries
+ vcpkg-ports: remove openssl port
+ vcpkg: switch to manifest
+ Fix M_ERRNO behavior on Windows
+
+Marc Becker (1):
+ vcpkg-ports/pkcs11-helper: bump to release 1.29
+
+Simon Rozman (1):
+ tapctl: Resolve MSVC C4996 warnings
+
+
2022.03.16 -- Version 2.5.6
Antonio Quartulli (4):
OpenSSL 3.0 no longer supports the Blowfish (and other deprecated)
algorithm by default and the new option ``--providers`` allows loading
- the legacy provider to renable these algorithms.
+ the legacy provider to renable these algorithms. Most notably,
+ reading of many PKCS#12 files encrypted with the RC2 algorithm fails
+ unless ``--providers legacy default`` is configured.
The OpenSSL engine feature ``--engine`` is not enabled by default
anymore if OpenSSL 3.0 is detected.
+- print OpenSSL error stack if decoding PKCS12 file fails
+
+User-visible Changes
+--------------------
+- windows vcpkg building includes pkcs11-helper 1.29 now
+
+- add MSVC build options to harden windows binaries (HW-enforced
+ stack protection, SHA256 object hashes, SDL).
+
+Bugfixes
+--------
+- fix omission of cipher-negotiation.rst in tarballs
+
+- fix errno handling on Windows (Windows has different classes of
+ error codes, GetLastError() and C runtime errno, these should now
+ be handled correctly)
+
+- fix PATH_MAX build failure in auth-pam.c
+
+- fix t_net.sh self-test leaving around stale "ovpn-dummy0" interface
+
+- fix overlong path names, leading to missing pkcs11-helper patch
+ in tarball
+
Overview of changes in 2.5.6
============================
define([PRODUCT_TARNAME], [openvpn])
define([PRODUCT_VERSION_MAJOR], [2])
define([PRODUCT_VERSION_MINOR], [5])
-define([PRODUCT_VERSION_PATCH], [.6])
+define([PRODUCT_VERSION_PATCH], [.7])
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR])
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]])
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]])
define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net])
-define([PRODUCT_VERSION_RESOURCE], [2,5,6,0])
+define([PRODUCT_VERSION_RESOURCE], [2,5,7,0])
dnl define the TAP version
define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901])
define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])
projects / thirdparty / openvpn.git / commitdiff
