The OpenVPN community project team is proud to release OpenVPN 2.7_rc4.
This is the fourth release candidate for the feature release 2.7.0.
Important bug fixes since 2.7_rc3:
* Windows interactive service: do not configure adapter DNS if
there are no search-domains but there are resolve-domains (which
get resolved via NRPT rules) - GH: OpenVPN/openvpn#473
* improve documentation and error messages for a number of deprecated
options
* improve documentation for not-really-deprecated-yet ``--ns-cert-type``
* Windows IPv4 configuration with netsh.exe: ensure addresses are added
with "store=active" (ensure proper cleanup) - GH: OpenVPN/openvpn#915
* Windows: set UTF8 code page in openvpn.exe manifest, to make cert/key
loading work again for files with non-ASCII characters in their file
name (GH: OpenVPN/openvpn#920)
* tun.c: unify read_tun()/write_tun() functions for all BSD platforms
* more type conversion related cleanups
* add NULL check before freeaddrinfo() call, which might lead to a
crash on OpenBSD (GH: OpenVPN/openvpn#930)
* add NULL check to mbedtls handling of external and inline certificates
* add check for auth none / cipher none on FreeBSD DCO
* add CAP_SYS_NICE to positive list in Linux systemd unit files
(GH: OpenVPN/openvpn#834)
* drop mbedtls 2.x support (which is end of life, and work on mbedtls 4
is much simplified by not having to take care of 2.x compat as well)
* PUSH_UPDATE: bugfix for the client side where split/continued messages
(due to large number of "route" statements) would not correctly handle
the full set of routes. Add unit test. (GH: OpenVPN/openvpn#925)
* new unit test module for mbuf handling
* deprecate --fast-io option (it got partially broken by the multisocket
implementation, and the benefits of the existing implementation did
not outweigh the extra code complexity to make it work again)
* change the ssl_ctx in struct tls_options to be a pointer - this is
a shared data structure between various contexts, but previously it
was shallow-copied, leading to needless CRL reloading - and when
working on implementing the new OpenSSL CRL API, to segfaults
(the existing code works, as these new APIs are not used yet).
More details can be found in the Changes document:
<https://github.com/OpenVPN/openvpn/blob/master/Changes.rst>
Source code and Windows installers can be downloaded from our download page:
<https://openvpn.net/community-downloads/>
Packages for Debian, Ubuntu, Fedora, RHEL, and openSUSE are available in the
various
official Community repositories:
<https://community.openvpn.net/Pages/OpenVPN%20software%20repos>
Kind regards,
Yuriy Darnobyt
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
