Hi, upstream has released OpenVPN 2.3.1 yesterday.
This is relevant for OpenWRT, I think, because it's the first release
ever to support PolarSSL 1.2.x, which in turn is the first branch of
PolarSSL to support blowfish.
In other words, if you want a small and lean OpenVPN client compiled
with PolarSSL that can talk to an OpenVPN-with-OpenSSL server using
the default "cipher blowfish", you want 2.3.1 + polar 1.2.6...
In addition to that, there's a nasty bug in 2.3.0 that will impact
OpenVPN connections over TCP if there is congestion ("user stuffing too
much data into the tun/tap interface for the TCP session to carry")
leading to session aborts, instead of proper handling of this (dropping
excess packets).
For OpenSSL and UDP-only users, the changes are not that drastic - a few
bug fixes here and there, lots of documentation updates, etc.
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
pgpgS9xDG_uSJ.pgp
Description: PGP signature
_______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
