2006.09.12 -- Version 2.0.8
* Windows installer updated with OpenSSL 0.9.7k DLLs to fix
RSA Signature Forgery (CVE-2006-4339).
* No changes to OpenVPN source code between 2.0.7 and 2.0.8.
2006.09.12 -- Version 2.1-beta15
* Windows installer updated with OpenSSL 0.9.7k DLLs to fix
RSA Signature Forgery (CVE-2006-4339).
* Fixed bug introduced with the --port-share directive
(back in 2.1-beta9 which causes TLS soft resets
(1 per hour by default) in TCP server mode to force
a blockage of tunnel packets and later time-out and
restart the connection.
* pkcs11 changes:
1. Modified ssl.c to not FATAL and return to init.c
so auth-retry will work.
2. Modifed pkcs11-helper.c to fix some problem with
multiple providers.
3. Updated makefile.w32-vc to include lladdr.*, updated
linkage libraries.
4. Modified lladdr.c to be compiled under visual C.
5. Added retry counter to PKCS#11 PIN hook.
6. Modified PKCS#11 PIN retry loop to return correct error
code when PIN is incorrect.
7. Fix handling (ignoring) zero sized attributes.
8. Fix gcc-2 issues.
9. Fix openssl 0.9.6 (first version) issues.
10. easy-rsa Makefile (install) is now available so that
distribs will be able to install it safely.
* Added two new management states:
OPENVPN_STATE_RESOLVE -- DNS lookup
OPENVPN_STATE_TCP_CONNECT -- Connecting to TCP server
* Echo management state change to log.
* Minor syshead.h change for NetBSD to allow
TCP_NODELAY flag to work.
* Modified --port-share code to remove the assumption that
CMSG_SPACE always evaluates to a constant, to enable
compilation on NetBSD and possibly other BSDs as well.
* Eliminated gcc 3.3.3 warnings on NetBSD
when ./configure --enable-strict is used.
* Added optional minimum-number-of-bytes parameter
to --inactive directive.
James
