Hi, upstream has released OpenVPN 2.3.1 yesterday.
This is relevant for OpenWRT, I think, because it's the first release ever to support PolarSSL 1.2.x, which in turn is the first branch of PolarSSL to support blowfish. In other words, if you want a small and lean OpenVPN client compiled with PolarSSL that can talk to an OpenVPN-with-OpenSSL server using the default "cipher blowfish", you want 2.3.1 + polar 1.2.6... In addition to that, there's a nasty bug in 2.3.0 that will impact OpenVPN connections over TCP if there is congestion ("user stuffing too much data into the tun/tap interface for the TCP session to carry") leading to session aborts, instead of proper handling of this (dropping excess packets). For OpenSSL and UDP-only users, the changes are not that drastic - a few bug fixes here and there, lots of documentation updates, etc. https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23 gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpgS9xDG_uSJ.pgp
Description: PGP signature
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel