Overview Repositories Revisions Requests Users Attributes Meta

Revisions of openvpn

buildservice-autocommit accepted request 427634 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 108) 
baserev update by copy to link target
Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 425721 from Andreas Stieger's avatar Andreas Stieger (AndreasStieger) (revision 107) 
- Add an example for a FIPS 140-2 approved cipher configuration to
  the sample configuration files. Fixes bsc#988522
  adding openvpn-fips140-AES-cipher-in-config-template.patch
- remove gpg-offline signature verification, now a source service
buildservice-autocommit accepted request 400152 from Ismail Dönmez's avatar Ismail Dönmez (namtrac) (revision 106) 
baserev update by copy to link target
Ismail Dönmez's avatar Ismail Dönmez (namtrac) accepted request 394676 from Ismail Dönmez's avatar Ismail Dönmez (namtrac) (revision 105) 
- Update to version 2.3.11
  * Fixed port-share bug with DoS potential
  * Fix buffer overflow by user supplied data
  * Fix undefined signed shift overflow
  * Ensure input read using systemd-ask-password is null terminated
  * Support reading the challenge-response from console
  * hardening: add safe FD_SET() wrapper openvpn_fd_set()
  * Restrict default TLS cipher list
- Add BuildRequires on xz for SLE11
buildservice-autocommit accepted request 352204 from Martin Caj's avatar Martin Caj (mcaj) (revision 104) 
baserev update by copy to link target
Martin Caj's avatar Martin Caj (mcaj) accepted request 351949 from Ismail Dönmez's avatar Ismail Dönmez (namtrac) (revision 103) 
- Update to version 2.3.10
  * Warn user if their certificate has expired
  * Fix regression in setups without a client certificate

- Update to version 2.3.9
  * Show extra-certs in current parameters.
  * Do not set the buffer size by default but rely on the operation system default.
  * Remove --enable-password-save option
  * Detect config lines that are too long and give a warning/error
  * Log serial number of revoked certificate
  * Avoid partial authentication state when using --disabled in CCD configs
  * Replace unaligned 16bit access to TCP MSS value with bytewise access
  * Fix possible heap overflow on read accessing getaddrinfo() result.
  * Fix isatty() check for good. (obsoletes revert-daemonize.patch)
  * Client-side part for server restart notification
  * Fix privilege drop if first connection attempt fails
  * Support for username-only auth file.
  * Increase control channel packet size for faster handshakes
  * hardening: add insurance to exit on a failed ASSERT()
  * Fix memory leak in auth-pam plugin
  * Fix (potential) memory leak in init_route_list()
  * Fix unintialized variable in plugin_vlog()
  * Add macro to ensure we exit on fatal errors
  * Fix memory leak in add_option() by simplifying get_ipv6_addr
  * openssl: properly check return value of RAND_bytes()
  * Fix rand_bytes return value checking
  * Fix "White space before end tags can break the config parser"
buildservice-autocommit accepted request 348337 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 102) 
baserev update by copy to link target
Marius Tomaschewski's avatar Marius Tomaschewski (mtomaschewski) committed (revision 101) 
- Adjust /var/run to _rundir macro value in openvpn@.service too.
buildservice-autocommit accepted request 324534 from Marius Tomaschewski's avatar Marius Tomaschewski (mtomaschewski) (revision 100) 
baserev update by copy to link target
Marius Tomaschewski's avatar Marius Tomaschewski (mtomaschewski) committed (revision 99) 
- Moved openvpn-plugin.h into a devel package, removed .gitignore
Marius Tomaschewski's avatar Marius Tomaschewski (mtomaschewski) committed (revision 98) 
- Removed obsolete --with-lzo-headers option, readded LFS_CFLAGS.
buildservice-autocommit accepted request 322617 from Lars Müller's avatar Lars Müller (lmuelle) (revision 97) 
baserev update by copy to link target
buildservice-autocommit accepted request 321625 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 95) 
baserev update by copy to link target
Marcus Rueckert's avatar Marcus Rueckert (darix) accepted request 320680 from Ismail Dönmez's avatar Ismail Dönmez (namtrac) (revision 94) 
- Update to version 2.3.8
  * Report missing endtags of inline files as warnings
  * Fix commit e473b7c if an inline file happens to have a
    line break exactly at buffer limit
  * Produce a meaningful error message if --daemon gets in the way of
    asking for passwords.
  * Document --daemon changes and consequences (--askpass, --auth-nocache)
  * Del ipv6 addr on close of linux tun interface
  * Fix --askpass not allowing for password input via stdin
  * Write pid file immediately after daemonizing
  * Fix regression: query password before becoming daemon
  * Fix using management interface to get passwords
  * Fix overflow check in openvpn_decrypt()
buildservice-autocommit accepted request 313672 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 93) 
baserev update by copy to link target
Marcus Rueckert's avatar Marcus Rueckert (darix) accepted request 313671 from Ismail Dönmez's avatar Ismail Dönmez (namtrac) (revision 92) 
- Update to version 2.3.7
  * down-root plugin: Replaced system() calls with execve()
  * sockets: Remove the limitation of --tcp-nodelay to be server-only
  * pkcs11: Load p11-kit-proxy.so module by default
  * New approach to handle peer-id related changes to link-mtu
  * Fix incorrect use of get_ipv6_addr() for iroute options
  * Print helpful error message on --mktun/--rmtun if not available
  * Explain effect of --topology subnet on --ifconfig
  * Add note about file permissions and --crl-verify to manpage
  * Repair --dev null breakage caused by db950be85d37
  * Correct note about DNS randomization in openvpn.8
  * Disallow usage of --server-poll-timeout in --secret key mode
  * Slightly enhance documentation about --cipher
  * On signal reception, return EAI_SYSTEM from openvpn_getaddrinfo()
  * Use EAI_AGAIN instead of EAI_SYSTEM for openvpn_getaddrinfo()
  * Fix --redirect-private in --dev tap mode
  * Updated manpage for --rport and --lport
  * Properly escape dashes on the man-page
  * Improve documentation in --script-security section of the man-page
  * Really fix '--cipher none' regression
  * Set tls-version-max to 1.1 if cryptoapicert is used
  * Account for peer-id in frame size calculation
  * Disable SSL compression
  * Fix frame size calculation for non-CBC modes.
  * Allow for CN/username of 64 characters (fixes off-by-one)
  * Re-enable TLS version negotiation by default
  * Remove size limit for files inlined in config
  * Improve --tls-cipher and --show-tls man page description
  * Re-read auth-user-pass file on (re)connect if required
  * Clarify --capath option in manpage
buildservice-autocommit accepted request 290007 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 91) 
baserev update by copy to link target
Marius Tomaschewski's avatar Marius Tomaschewski (mtomaschewski) committed (revision 90) 
adjust plugin dir plageholders in man page
Displaying revisions 101 - 120 of 209
openSUSE Build Service is sponsored by
Places