| | 4 | |
| | 5 | == OpenVPN 2.3.7 == |
| | 6 | |
| | 7 | {{{ |
| | 8 | Alexander Pyhalov (1): |
| | 9 | Default gateway can't be determined on illumos/Solaris platforms |
| | 10 | |
| | 11 | Arne Schwabe (1): |
| | 12 | Warn that tls-auth with free form files is going to be removed from OpenVPN 2.4 |
| | 13 | |
| | 14 | David Sommerseth (6): |
| | 15 | autotools: Fix wrong ./configure help screen default values |
| | 16 | down-root plugin: Replaced system() calls with execve() |
| | 17 | down-root: Improve error messages |
| | 18 | plugin, down-root: Fix compiler warnings |
| | 19 | sockets: Remove the limitation of --tcp-nodelay to be server-only |
| | 20 | plugins, down-root: Code style clean-up |
| | 21 | |
| | 22 | David Woodhouse (2): |
| | 23 | pkcs11: Load p11-kit-proxy.so module by default |
| | 24 | Make 'provider' option to --show-pkcs11-ids optional where p11-kit is present |
| | 25 | |
| | 26 | Felix Janda (1): |
| | 27 | Use OPENVPN_ETH_P_* so that <netinet/if_ether.h> is unecessary |
| | 28 | |
| | 29 | Gert Doering (18): |
| | 30 | New approach to handle peer-id related changes to link-mtu (2.3 version) |
| | 31 | Fix incorrect use of get_ipv6_addr() for iroute options. |
| | 32 | Print helpful error message on --mktun/--rmtun if not available. |
| | 33 | explain effect of --topology subnet on --ifconfig |
| | 34 | Add note about file permissions and --crl-verify to manpage. |
| | 35 | repair --dev null breakage caused by db950be85d37 |
| | 36 | assume res_init() is always there. |
| | 37 | Correct note about DNS randomization in openvpn.8 |
| | 38 | Disallow usage of --server-poll-timeout in --secret key mode. |
| | 39 | slightly enhance documentation about --cipher |
| | 40 | Enforce "serial-tests" behaviour for tests/Makefile |
| | 41 | Revert "Enforce "serial-tests" behaviour for tests/Makefile" |
| | 42 | On signal reception, return EAI_SYSTEM from openvpn_getaddrinfo(). |
| | 43 | Use configure.ac hack to apply serial_test AM option only if supported. |
| | 44 | Use EAI_AGAIN instead of EAI_SYSTEM for openvpn_getaddrinfo(). |
| | 45 | Move res_init() call to inner openvpn_getaddrinfo() loop |
| | 46 | Fix FreeBSD ifconfig for topology subnet tunnels. |
| | 47 | Preparing for release v2.3.7 (ChangeLog, version.m4) |
| | 48 | |
| | 49 | Guy Yur (1): |
| | 50 | Fix --redirect-private in --dev tap mode. |
| | 51 | |
| | 52 | Jan Just Keijser (1): |
| | 53 | include ifconfig_ environment variables in --up-restart env set |
| | 54 | |
| | 55 | Jonathan K. Bullard (1): |
| | 56 | Fix null pointer dereference in options.c |
| | 57 | |
| | 58 | Lev Stipakov (1): |
| | 59 | Fix mssfix default value in connection_list context |
| | 60 | |
| | 61 | Matthias Andree (1): |
| | 62 | Manual page update for Re-enabled TLS version negotiation. |
| | 63 | |
| | 64 | Mike Gilbert (1): |
| | 65 | Include systemd units in the source tarball (make dist) |
| | 66 | |
| | 67 | Robert Fischer (1): |
| | 68 | Updated manpage for --rport and --lport |
| | 69 | |
| | 70 | Samuli Seppänen (2): |
| | 71 | Properly escape dashes on the man-page |
| | 72 | Improve documentation in --script-security section of the man-page |
| | 73 | |
| | 74 | Steffan Karger (14): |
| | 75 | Really fix '--cipher none' regression |
| | 76 | Update doxygen (a bit) |
| | 77 | Set tls-version-max to 1.1 if cryptoapicert is used |
| | 78 | Account for peer-id in frame size calculation |
| | 79 | Disable SSL compression |
| | 80 | Fix frame size calculation for non-CBC modes. |
| | 81 | Allow for CN/username of 64 characters (fixes off-by-one) |
| | 82 | Remove unneeded parameter 'first_time' from possibly_become_daemon() |
| | 83 | Re-enable TLS version negotiation by default |
| | 84 | Remove size limit for files inlined in config |
| | 85 | Improve --tls-cipher and --show-tls man page description |
| | 86 | Re-read auth-user-pass file on (re)connect if required |
| | 87 | Clarify --capath option in manpage |
| | 88 | Call daemon() before initializing crypto library |
| | 89 | }}} |
