OpenVPN 2.3.1 发布

On 2013年04月7日, in soft, by netoearth

OpenVPN 2.3.1发布。2013-03-29 上一个版本是2013-01-08的2.3.0 。

OpenVPN 是一个基于 OpenSSL 库的应用层 VPN 实现。和传统 VPN 相比,它的优点是简单易用。

OpenVPN允许参与建立VPN的单点使用共享金钥,电子证书,或者用户名/密码来进行身份验证。它大量使用了OpenSSL加密库中的SSLv3/TLSv1 协议函式库。目前OpenVPN能在Solaris、Linux、OpenBSD、FreeBSD、NetBSD、Mac OS X与Windows 2000/XP/Vista上运行,并包含了许多安全性的功能。它并不是一个基于Web的VPN软件,也不与IPsec及其他VPN软件包兼容。


完全改进:This release adds supports for PolarSSL 1.2. It also adds a fix to prevent potential side-channel attacks by switching to a constant-time memcmp when comparing HMACs in the openvpn_decrypt function. In addition, it contains several bugfixes and documentation updates, as well as some minor enhancements.

OpenVPN 2.3.1

Arne Schwabe (4):
      Remove dead code path and putenv functionality
      Remove unused function xor
      Move static prototype definition from header into c file
      Remove unused function no_tap_ifconfig

Christian Hesse (1):
      fix build with automake 1.13(.1)

Christian Niessner (1):
      Fix corner case in NTLM authentication (trac #172)

Gert Doering (6):
      Update README.IPv6 to match what is in 2.3.0
      Repair "tcp server queue overflow" brokenness, more <stdbool.h> fallout.
      Permit pool size of /64.../112 for ifconfig-ipv6-pool
      Add MIN() compatibility macro
      Fix directly connected routes for "topology subnet" on Solaris.
      Preparing for v2.3.1 (ChangeLog, version.m4)

Heiko Hund (5):
      close more file descriptors on exec
      Ignore UTF-8 byte order mark
      reintroduce --no-name-remapping option
      make --tls-remote compatible with pre 2.3 configs
      add new option for X.509 name verification

Jan Just Keijser (1):
      man page patch for missing options

Josh Cepek (2):
      Fix parameter listing in non-debug builds at verb 4
      (updated) [PATCH] Warn when using verb levels >=7 without debug

Matthias Andree (1):
      Enable TCP_NODELAY configuration on FreeBSD.

Samuli Seppänen (4):
      Removed ChangeLog.IPv6
      Added cross-compilation information INSTALL-win32.txt
      Updated README
      Cleaned up and updated INSTALL

Steffan Karger (7):
      PolarSSL-1.2 support
      Improve PolarSSL key_state_read_{cipher, plain}text messages
      Improve verify_callback messages
      Config compatibility patch. Added translate_cipher_name.
      Switch to IANA names for TLS ciphers.
      Fixed autoconf script to properly detect missing pkcs11 with polarssl.
      Use constant time memcmp when comparing HMACs in openvpn_decrypt.


Tagged with:  

Comments are closed.