mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 03:52:28 +02:00
Interim release.
Version 2.1_rc13b git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3494 e7ae566f-a301-0410-adde-c780ea21d3b5
This commit is contained in:
parent
bd0a5857fb
commit
29885c58f4
86
ChangeLog
86
ChangeLog
@ -3,6 +3,92 @@ Copyright (C) 2002-2008 OpenVPN Technologies, Inc. <sales@openvpn.net>
|
||||
|
||||
$Id$
|
||||
|
||||
2008.11.xx -- Version 2.1_rc13b
|
||||
|
||||
* Added AC_GNU_SOURCE to configure.ac to enable struct ucred,
|
||||
with the goal of fixing a build issue on Fedora 9 that was
|
||||
introduced in 2.1_rc13.
|
||||
|
||||
* Added additional warning messages about --script-security 2
|
||||
or higher being required to execute user-defined scripts or
|
||||
executables.
|
||||
|
||||
* Windows build system changes:
|
||||
|
||||
Modified Windows domake-win build system to write all openvpn.nsi
|
||||
input files to gen, so that gen can be disconnected from
|
||||
the rest of the source tree and makensis openvpn.nsi will
|
||||
still function correctly.
|
||||
|
||||
Added additional SAMPCONF_(CA|CRT|KEY) macros to settings.in
|
||||
(commented out by default).
|
||||
|
||||
Added optional files SAMPCONF_CONF2 (second sample configuration
|
||||
file) and SAMPCONF_DH (Diffie-Helman parameters) to Windows
|
||||
build system, and may be defined in settings.in.
|
||||
|
||||
* Extended Management Interface "bytecount" command
|
||||
to work when OpenVPN is running as a server.
|
||||
Documented Management Interface "bytecount" command in
|
||||
management/management-notes.txt.
|
||||
|
||||
* Fixed informational message in ssl.c to properly indicate
|
||||
deferred authentication.
|
||||
|
||||
* Added server-side --auth-user-pass-optional directive, to allow
|
||||
connections by clients that do not specify a username/password, when a
|
||||
user-defined authentication script/module is in place (via
|
||||
--auth-user-pass-verify, --management-client-auth, or a plugin module).
|
||||
|
||||
* Changes to easy-rsa/2.0/pkitool and related openssl.cnf:
|
||||
|
||||
Calling scripts can set the KEY_NAME environmental variable to set
|
||||
the "name" X509 subject field in generated certificates.
|
||||
|
||||
Modified pkitool to allow flexibility in separating the Common Name
|
||||
convention from the cert/key filename convention.
|
||||
|
||||
For example:
|
||||
|
||||
KEY_CN="James's Laptop" KEY_NAME="james" ./pkitool james
|
||||
|
||||
will create a client certificate/key pair of james.crt/james.key
|
||||
having a Common Name of "James's Laptop" and a Name of "james".
|
||||
|
||||
* Added --no-name-remapping option to allow Common Name, X509 Subject,
|
||||
and username strings to include any printable character including
|
||||
space, but excluding control characters such as tab, newline, and
|
||||
carriage-return (this is important for compatibility with external
|
||||
authentication systems).
|
||||
|
||||
As a related change, added --status-version 3 format (and "status 3"
|
||||
in the management interface) which uses the version 2 format except
|
||||
that tabs are used as delimiters instead of commas so that there
|
||||
is no ambiguity when parsing a Common Name that contains a comma.
|
||||
|
||||
Also, save X509 Subject fields to environment, using the naming
|
||||
convention:
|
||||
|
||||
X509_{cert_depth}_{name}={value}
|
||||
|
||||
This is to avoid ambiguities when parsing out the X509 subject string
|
||||
since "/" characters could potentially be used in the common name.
|
||||
|
||||
* Fixed some ifconfig-pool issues that precluded it from being combined
|
||||
with --server directive.
|
||||
|
||||
Now, for example, we can configure thusly:
|
||||
|
||||
server 10.8.0.0 255.255.255.0 nopool
|
||||
ifconfig-pool 10.8.0.2 10.8.0.99 255.255.255.0
|
||||
|
||||
to have ifconfig-pool manage only a subset
|
||||
of the VPN subnet.
|
||||
|
||||
* Added config file option "setenv FORWARD_COMPATIBLE 1" to relax
|
||||
config file syntax checking to allow directives for future OpenVPN
|
||||
versions to be ignored.
|
||||
|
||||
2008.10.07 -- Version 2.1_rc13
|
||||
|
||||
* Bundled OpenSSL 0.9.8i with Windows installer.
|
||||
|
@ -1,5 +1,5 @@
|
||||
dnl define the OpenVPN version
|
||||
define(PRODUCT_VERSION,[2.1_rc13a])
|
||||
define(PRODUCT_VERSION,[2.1_rc13b])
|
||||
dnl define the TAP version
|
||||
define(PRODUCT_TAP_ID,[tap0901])
|
||||
define(PRODUCT_TAP_WIN32_MIN_MAJOR,[9])
|
||||
|
Loading…
Reference in New Issue
Block a user