![]() Windows Client: Community MSI installer for Windows client can be found at Community Downloads. Improve cmocka unit test building for Windows Log OpenSSL errors on failure to set certificate, for example if the algorithms used are in acceptable to OpenSSL (misleading message would be printed in cryptoapi / pkcs11 scenarios)Īdd CMake build system for MinGW and MSVC builds Print "peer temporary key details" in TLS handshake Warn user if INFO control message too long, do not forward to management client (safeguard against protocol-violating server implementations)ĭCO-WIN: get and log driver version (for easier debugging). ![]() ![]() dns: remove support for exclude-domains argument (this was a new 2.6 option, with no backend support implemented yet on any platform, and it turns out that no platform supported it at all - so remove option again) This was a somewhat obsolete feature anyway as it only worked with OpenSSL 1.x, which is end-of-support.Īdd warning if p2p NCP client connects to a p2mp server - this is a combination that used to work without cipher negotiation (pre 2.6 on both ends), but would fail in non-obvious ways with 2.6 to 2.6.Īdd warning to -show-groups that not all supported groups are listed (this is due the internal enumeration in OpenSSL being a bit weird, omitting X448 and X25519 curves). ![]() This had to be removed because the original author did not agree to relicensing the code with the new linking exception added. Remove OpenSSL Engine method for loading a key. (Github #400, #417).ĭCO: warn if DATA_V1 packets are sent by the other side - this a hard incompatibility between a 2.6.x client connecting to a 2.4.0-2.4.4 server, and the only fix is to use -disable-dco. On platforms where division by zero is fatal, this will cause an OpenVPN crash.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |