diff options
| -rw-r--r-- | ChangeLog | 43 | ||||
| -rw-r--r-- | Changes.rst | 74 | ||||
| -rw-r--r-- | version.m4 | 4 |
3 files changed, 117 insertions, 4 deletions
@@ -1,6 +1,49 @@ OpenVPN Change Log Copyright (C) 2002-2020 OpenVPN Inc <sales@openvpn.net> +2021.02.24 -- Version 2.5.1 + +Arne Schwabe (5): + Fix auth-token not being updated if auth-nocache is set + Remove auth_user_pass.wait_for_push variable + Fix port-share option with TLS-Crypt v2 + Zero initialise msghdr prior to calling sendmesg + Fix tls-auth mismatch OCC message when tls-cryptv2 is used. + +David Sommerseth (1): + build: Fix missing install of man page in certain environments + +Domagoj Pensa (3): + Fix too early argv freeing when registering DNS + Remove 1 second delay before running netsh + Skip DHCP renew with Wintun adapter + +Gert Doering (6): + Change travis build scripts to use https when fetching prerequisites. + Fix line number reporting on config file errors after <inline> segments + Clarify --block-ipv6 intent and direction. + Document common uses of 'echo' directive, re-enable logging for 'echo'. + Make OPENVPN_PLUGIN_ENABLE_PF failures FATAL + clean up / rewrite sample-plugins/defer/simple.c + +Greg Cox (5): + Fix naming error in sample-plugins/defer/simple.c + Documentation fixes around openvpn_plugin_func_v3 in openvpn-plugin.h.in + Update openvpn_plugin_func_v2 to _v3 in sample-plugins/defer/simple.c + More explicit versioning compatibility in sample-plugins/defer/simple.c + Explain structver usage in sample defer plugin. + +Richard Bonhomme (1): + Man page sections corrections + +Selva Nair (1): + Quote the domain name argument passed to the wmic command + +Steffan Karger (2): + tls-crypt-v2: fix server memory leak + tls-crypt-v2: also preload tls-crypt-v2 keys (if --persist-key) + + 2020.10.27 -- Version 2.5.0 (no changes relative to v2.5_rc3) diff --git a/Changes.rst b/Changes.rst index f67e1d7..6128275 100644 --- a/Changes.rst +++ b/Changes.rst @@ -1,5 +1,75 @@ -Overview of changes in 2.5 -========================== +Overview of changes in 2.5.1 +============================ + +New features +------------ +- "echo msg" support, to enable the server to pushed messages that are + then displayed by the client-side GUI. See doc/gui-notes.txt and + doc/management-notes.txt. + + Supported by the Windows GUI shipped in 2.5.1, not yet supported by + Tunnelblick and the Android GUI. + +User-visible Changes +-------------------- +- make OPENVPN_PLUGIN_ENABLE_PF plugin failures FATAL - if a plugin offers + to set the "openvpn packet filter", and returns a failure when requested + to, OpenVPN 2.5.0 would crash trying to clean up not-yet-initialized + structure members. Since PF is going away in 2.6.0, this is just turning + the crash into a well-defined program abort, and no further effort has + been spent in rewriting the PF plugin error handling (see trac #1377). + +Documentation +------------- +- rework sample-plugins/defer/simple.c - this is an extensive rewrite + of the plugin to bring code quality to acceptable standards and add + documentation on the various plugin API aspects. Since it's just + example code, filed under "Documentation", not under "Bugfix". + +- various man page improvements. + +- clarify ``--block-ipv6`` intent and direction + +Bugfixes +-------- +- fix installation of openvpn.8 manpage on systems without docutils. + +- Windows: fix DNS search list setup for domains with "-" chars. + +- Fix tls-auth mismatch OCC message when tls-cryptv2 is used. + +- Windows: Skip DHCP renew with Wintun adapter (Wintun does not support + DHCP, so this was just causing an - harmless - error and needless delay). + +- Windows: Remove 1 second delay before running netsh - speeds up + interface init for wintun setups not using the interactive service. + +- Windows: Fix too early argv freeing when registering DNS - this would + cause a client side crash on Windows if ``register-dns`` is used, + and the interactive service is not used. + +- Android: Zero initialise msghdr prior to calling sendmesg. + +- Fix line number reporting on config file errors after <inline> segments + (see Trac #1325). + +- Fix port-share option with TLS-Crypt v2. + +- tls-crypt-v2: also preload tls-crypt-v2 keys (if --persist-key), otherwise + dropping privs on the server would fail. + +- tls-crypt-v2: fix server memory leak (about 600 bytes per connecting + client with tls-crypt-v2) + +- rework handling of server-pushed ``--auth-token`` in combination with + ``--auth-nocache`` on reconnection / TLS renegotiation events. This + used to "forget" to update new incoming token after a reconnection event + (leading to failure to reauth some time later) and now works in all + tested cases. + + +Overview of changes in 2.5.0 +============================ New features ------------ @@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN]) define([PRODUCT_TARNAME], [openvpn]) define([PRODUCT_VERSION_MAJOR], [2]) define([PRODUCT_VERSION_MINOR], [5]) -define([PRODUCT_VERSION_PATCH], [.0]) +define([PRODUCT_VERSION_PATCH], [.1]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]]) define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net]) -define([PRODUCT_VERSION_RESOURCE], [2,5,0,8]) +define([PRODUCT_VERSION_RESOURCE], [2,5,1,0]) dnl define the TAP version define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901]) define([PRODUCT_TAP_WIN_MIN_MAJOR], [9]) |