de343c006a
* Rebuilt OpenVPN Windows installer with OpenSSL 0.9.8l to address CVE-2009-3555. Note that OpenVPN has never relied on the session renegotiation capabilities that are built into the SSL/TLS protocol, therefore the fix in OpenSSL 0.9.8l (disable SSL/TLS renegotiation completely) will not adversely affect OpenVPN mid-session SSL/TLS renegotation or any other OpenVPN capabilities. * Added additional session renegotiation hardening. OpenVPN has always required that mid-session renegotiations build up a new SSL/TLS session from scratch. While the client certificate common name is already locked against changes in mid-session TLS renegotiations, we now extend this locking to the auth-user-pass username as well as all certificate content in the full client certificate chain. |
||
|---|---|---|
| .. | ||
| files | ||
| patches | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| MESSAGE | ||
| options.mk | ||
| PLIST | ||