An OpenVPN 1.1.1 release candidate is ready -- please test and report any problems to the list.
OpenVPN 1.1.1 is mostly a bugfix release, but also adds some new options for keeping stateful firewalls alive and specifying an inactivity disconnect for dynamic VPN sessions. The new --ifconfig option calls ifconfig automatically, eliminating the need for an --up script. Also added a loopback test mode (--test-crypto) to allow testing of OpenVPN's crypto component independently of its network component. 1.1.1 is protocol compatible with 1.1.0. Download release candidate: http://openvpn.sourceforge.net/beta/openvpn-1.1.0.9.tar.gz Change Log: * Added --ifconfig option to automatically configure TUN device. * Added inactivity disconnect (--inactive and --ping-exit options). * Added --ping option to keep stateful firewalls from timing out. * Added sanity check to command line parser to err if any TLS options are used in non-TLS mode. * Fixed build problem with compiler environments that define printf as a macro. * Fixed build problem on linux systems that have an integrated TUN/TAP driver but lack the persistent tunnel feature (TUNSETPERSIST). Some linux kernels >= 2.4.0 and < 2.4.7 fall into this category. * Changed all calls to EVP_CipherInit to use explicit encrypt/decrypt mode in order to fix problem with IDEA-CBC and AES-256-CBC ciphers. * Minor changes to control channel transmit limiter algorithm to fix problem where TLS control channel might not renegotiate within the default 60 second window. * Simplified man page examples by taking advantage of the new --ifconfig option. * Minor changes to configure.in to check more rigorously for OpenSSL 0.9.6 or greater. * Put back openvpn.spec, eliminated openvpn.spec.in. * Modified openvpn.spec to reflect new automake-based build environment (Bishop Clark). * Other documentation changes. * Added --test-crypto option for debugging. * Added "missing" and "mkinstalldirs" automake support files. James
