The OpenVPN community project team is proud to release OpenVPN 2.5-rc1. Source code and Windows installers can be downloaded from our download page:
<https://openvpn.net/community-downloads/> Debian and Ubuntu packages are available in the official apt repositories: <https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos> On Red Hat derivatives we recommend using the Fedora Copr repository: <https://copr.fedorainfracloud.org/coprs/dsommers/openvpn-beta/> This release includes a number of fixes to OpenVPN. On the Windows side there are several changes: - The MSI installer now bundles EasyRSA 3, a modern take on OpenVPN CA management - OpenVPN GUI can now be run as admin without breaking Wintun with the "Always use interactive service by default" checkbox. - Windows performance is increased by enabling compile-time optimizations for OpenVPN and OpenSSL. OpenVPN 2.5 is a new major release with many new features: Client-specific tls-crypt keys (--tls-crypt-v2) Added support for using the ChaCha20-Poly1305 cipher in the OpenVPN data channel Improved Data channel cipher negotiation Removal of BF-CBC support in default configuration Asynchronous (deferred) authentication support for auth-pam plugin Deferred client-connect Faster connection setup Netlink support Wintun support IPv6-only operation Improved Windows 10 detection Linux VRF support TLS 1.3 support Support setting DHCP search domain Handle setting of tun/tap interface MTU on Windows HMAC based auth-token support VLAN support Support building of .msi installers for Windows Allow unicode search string in --cryptoapicert option (Windows) Support IPv4 configs with /31 netmasks now New option --block-ipv6 to reject all IPv6 packets (ICMPv6) More details on these new features as well as a list of deprecated features and user-visible changes are available in Changes.rst: <https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst> For generic help use these support channels: Official documentation: <http://openvpn.net/index.php/open-source/documentation/howto.html> Wiki: <https://community.openvpn.net/> Forums: <https://forums.openvpn.net/> User mailing list: <http://sourceforge.net/mail/?group_id=48978> User IRC channel: #openvpn at irc.freenode.net Please report bugs and ask development questions here: Community bug tracker: <https://community.openvpn.net/> Developer mailing list: <http://sourceforge.net/mail/?group_id=48978> Developer IRC channel: #openvpn-devel at irc.freenode.net (requires Freenode registration) -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock
David Sommerseth (4):
man: Add missing --server-ipv6
man: Improve --remote entry
sample-plugins: Partially autotoolize the sample-plugins build
build: Fix make distclean/distcheck
Gert Doering (11):
Fix handling of 'route remote_host' for IPv6 transport case.
Replace 'echo -n' with 'printf' in tests/t_lpback.sh
Fix description of --client-disconnect calling convention in manpage.
Handle NULL returns from calloc() in sample plugins.
Fix --show-gateway for IPv6 on NetBSD/i386.
socks.c: fix alen for DOMAIN type addresses, bump up buffer sizes
Fix netbits setting (in TAP mode) for IPv6 on Windows.
If IPv6 pool specification sets pool start to ::0 address, increment.
Add demo plugin that excercises "CLIENT_CONNECT" and "CLIENT_CONNECT_V2"
paths
Fix combination of --dev tap and --topology subnet across multiple
platforms.
Preparing release 2.5_rc1
Lev Stipakov (1):
msvc: better support for 32bit architecture
Selva Nair (2):
Add a remark on dropping privileges when --mlock is used
Allow --dhcp-option in config file when windows-driver is wintun
Vladislav Grishenko (1):
Fix fatal error at switching remotes (#629)
pEpkey.asc
Description: application/pgp-keys
_______________________________________________ Openvpn-announce mailing list Openvpn-announce@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-announce
