git.99rst.org Git - openwrt-packages.git/commit

author	Magnus Kroken <redacted>
	Tue, 1 Dec 2020 09:57:07 +0000 (10:57 +0100)
committer	Rosen Penev <redacted>
	Tue, 1 Dec 2020 21:03:51 +0000 (13:03 -0800)
commit	2e55fc8b2d42682cd1c26e9827b7b6f47fb51398
tree	f449ec8c75f00d3a014aa820ebf57c45a3a18029	tree \| snapshot
parent	4434915571b5c3dbc7d000215e48d8d0d60e41bc	commit \| diff

openvpn: update to 2.5.0

New features:
* Per client tls-crypt keys
* ChaCha20-Poly1305 can be used to encrypt the data channel
* Routes are added/removed via Netlink instead of ifconfig/route
  (unless iproute2 support is enabled).
* VLAN support when using a TAP device

Significant changes:
* Server support can no longer be disabled.
* Crypto support can no longer be disabled, remove nossl variant.
* Blowfish (BF-CBC) is no longer implicitly the default cipher.
  OpenVPN peers prior to 2.4, or peers with data cipher negotiation
  disabled, will not be able to connect to a 2.5 peer unless
  option data_fallback_ciphers is set on the 2.5 peer and it contains a
  cipher supported by the client.

Signed-off-by: Magnus Kroken <redacted>

net/openvpn/Config-mbedtls.in		diff \| blob \| history
net/openvpn/Config-nossl.in	[deleted file]	blob \| history
net/openvpn/Config-openssl.in		diff \| blob \| history
net/openvpn/Makefile		diff \| blob \| history
net/openvpn/files/openvpn.config		diff \| blob \| history
net/openvpn/files/openvpn.options		diff \| blob \| history
net/openvpn/patches/001-reproducible-remove_DATE.patch		diff \| blob \| history
net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch		diff \| blob \| history
net/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch	[deleted file]	blob \| history
net/openvpn/patches/111-openssl-add-missing-include-statements.patch	[deleted file]	blob \| history
net/openvpn/patches/210-build_always_use_internal_lz4.patch		diff \| blob \| history
net/openvpn/patches/220-disable_des.patch		diff \| blob \| history