4684b68432
* Fixed potential local privilege escalation vulnerability in
Windows service.
* Added Python-based based alternative build system for Windows using
Visual Studio 2008 (in win directory).
* When aborting in a non-graceful way, try to execute do_close_tun in
init.c prior to daemon exit to ensure that the tun/tap interface is
closed and any added routes are deleted.
* Fixed an issue where AUTH_FAILED was not being properly delivered
to the client when a bad password is given for mid-session reauth,
causing the connection to fail without an error indication.
* Don't advance to the next connection profile on AUTH_FAILED errors.
* Fixed an issue in the Management Interface that could cause
a process hang with 100% CPU utilization in --management-client
mode if the management interface client disconnected at the
point where credentials are queried.
* Fixed an issue where if reneg-sec was set to 0 on the client,
so that the server-side value would take precedence,
the auth_deferred_expire_window function would incorrectly
return a window period of 0 seconds. In this case, the
correct window period should be the handshake window period.
* Modified ">PASSWORD:Verification Failed" management interface
notification to include a client reason string:
>PASSWORD:Verification Failed: 'AUTH_TYPE' ['REASON_STRING']
* Enable exponential backoff in reliability layer retransmits.
* Set socket buffers (SO_SNDBUF and SO_RCVBUF) immediately after
socket is created rather than waiting until after connect/listen.
* Management interface performance optimizations:
1. Added env-filter MI command to perform filtering on env vars
passed through as a part of --management-client-auth
2. man_write will now try to aggregate output into larger blocks
(up to 1024 bytes) for more efficient i/o
* Fixed minor issue in Windows TAP driver DEBUG builds
where non-null-terminated unicode strings were being
printed incorrectly.
* Fixed issue on Windows with MSVC compiler, where TCP_NODELAY support
was not being compiled in.
* Proxy improvements:
* Implemented http-proxy-override and http-proxy-fallback directives to make it
easier for OpenVPN client UIs to start a pre-existing client config file with
proxy options, or to adaptively fall back to a proxy connection if a direct
connection fails.
* Implemented a key/value auth channel from client to server.
* Fixed issue where bad creds provided by the management interface
for HTTP Proxy Basic Authentication would go into an infinite
retry-fail loop instead of requerying the management interface for
new creds.
13 lines
716 B
Text
13 lines
716 B
Text
$NetBSD: distinfo,v 1.21 2010/09/05 20:33:48 adam Exp $
|
|
|
|
SHA1 (openvpn-2.1.3.tar.gz) = 91058e78c58c2e66298c7132bea1ddba52baaa82
|
|
RMD160 (openvpn-2.1.3.tar.gz) = ec0f63d63442eb3a26448747a5b0956e27b09809
|
|
Size (openvpn-2.1.3.tar.gz) = 860672 bytes
|
|
SHA1 (patch-aa) = e27e5a6411c9fb6545a1ad630f165200546b7213
|
|
SHA1 (patch-ab) = d26cdc9166a8813860f31cb5b11bc5b3643b8aa5
|
|
SHA1 (patch-ac) = f59615702208cae2a094306bc5fa7fb96234e55a
|
|
SHA1 (patch-ad) = 69f5fff5105131dc05ab38a1a717e1b363f88c1c
|
|
SHA1 (patch-ae) = 362c881da994608baad7b10667100c39143244b6
|
|
SHA1 (patch-af) = dc5dbca74ebbda081e4eaf9a9d5e11b6de11269f
|
|
SHA1 (patch-ag) = fe8e59cf177c99c2fd001e7893df86af961e8e4e
|
|
SHA1 (patch-ah) = c530376eb68ab8f21c9b3c73149d2c24742aa4c9
|