OpenVPN is een robuuste en gemakkelijk in te stellen opensource-vpn-daemon waarmee verschillende private networks aan elkaar geknoopt kunnen worden door middel van een encrypted tunnel via internet. Voor de beveiliging wordt gebruikgemaakt van de OpenSSL-library, waarmee alle encryptie, authenticatie en certificatie kunnen worden afgehandeld. De ontwikkelaars hebben versie 2.5.5 uitgebracht en de belangrijkste veranderingen daarin zijn hieronder voor je op een rijtje gezet.
User-visible ChangesNew features
- SWEET32/64bit cipher deprecation change was postponed to 2.7
- Windows: use network address for emulated DHCP server as default this enables use of a /30 subnet, which is needed when connecting to OpenVPN Cloud.
- require EC support in windows builds (this means it's no longer possible to build a Windows OpenVPN binary with an OpenSSL lib without EC support)
Bugfixes
- Windows build: use CFG and Spectre mitigations on MSVC builds
- bring back OpenSSL config loading to Windows builds. OpenSSL config is loaded from %installdir%SSLopenssl.cfg (typically: c:program filesopenvpnSSLopenssl.cfg) if it exists.
- This is important for some hardware tokens which need special OpenSSL config for correct operation. Trac #1296
Documentation
- Windows build: enable EKM
- Windows build: improve various vcpkg related build issues
- Windows build: fix regression related to non-writeable status files (Trac #1430)
- Windows build: fix regression that broke OpenSSL EC support
- Windows build: fix "product version" display (2.5..4 -> 2.5.4)
- Windows build: fix regression preventing use of PKCS12 files
- improve "make check" to notice if "openvpn --show-cipher" crashes
- improve argv unit tests
- ensure unit tests work with mbedTLS builds without BF-CBC ciphers
- include "--push-remove" in the output of "openvpn --help"
- fix error in iptables syntax in example firewall.sh script
- fix "resolvconf -p" invocation in example "up" script
- fix "common_name" environment for script calls when "--username-as-common-name" is in effect (Trac #1434)
- move "push-peer-info" documentation from "server options" to "client" (where it belongs)
- correct "foreign_option_{n}" typo in manpage
- update IRC information in CONTRIBUTING.rst (libera.chat)
- README.down-root: fix plugin module name

:strip_icc():strip_exif()/u/16677/crop5db01361a1e1e_cropped.jpeg?f=community)
/u/94596/crop643fb12fd4e6d.png?f=community)
:strip_exif()/u/47900/baph.gif?f=community)
:strip_icc():strip_exif()/u/12330/dnangel_70.jpg?f=community)
:strip_icc():strip_exif()/u/92809/crop577f58c1b8795.jpeg?f=community)
:strip_icc():strip_exif()/u/439769/crop5a510243ea2e3_cropped.jpeg?f=community)
:strip_exif()/u/34750/Trooper.gif?f=community)
:strip_icc():strip_exif()/u/164007/crop57c1b40e5f54f.jpeg?f=community)
/u/163826/170-2.png?f=community)
:strip_icc():strip_exif()/u/630253/4b8001781ceab258b7bf40f76426913e.jpeg?f=community)