OpenVPN 2.3 released
Hooray! After more than a year of development, OpenVPN version 2.3 has been released.
List of changes since version 2.2:
- Full IPv6 support
- SSL is now modular, which allows using not only OpenSSL, but also other libraries
- Ability to use PolarSSL instead of OpenSSL
- New API for direct access to certificates, improved logging API and redesigned for easier future support
- Added the environment variable 'dev_type', which takes the values 'TUN' or 'TAP' and can be used by scripts or plugins
- Added option --management-external-key to download RSA via management interface
- Added option --management-up-down - notifications about the rise / fall of the tunnel in the management interface
- Added option --x509-track option for more complete access to the X.509 fields from scripts and plug-ins through the new API for plug-ins (v3)
- Added option --client-nat support - one-to-one NAT to prevent IP address conflicts between networks
- Added option --mark, which can mark the encrypted packets going through the tunnel, for easier setup of routing and filewall
- Added option --management-query-proxy - setting up a proxy through the management interface
- Added option --stale-routes-check, which periodically cleans the internal routing table
- Added option --x509-username-field, with which you can use X.509v3 fields other than the Common Name to identify a user
- Added option --memstats - write user stats to memory-mapped binary files
- The auth-token command has been added to the client-side management interface, which allows you not to store the login and password in the memory in case of authorization by login / password, and instead use a temporary token.
- A remote command has been added in the client-side management interface that can override the --remote option in the config file.
- Improved client-kill command in management interface
- Improved support for UTF-8 and added the option --compat-names to return the old behavior if scripts or plugins break from this.
- Improved PAM authentication
- In the connection block, you can now use more options than before.
- New build system, easier to cross-compile and build under Windows.
- A lot of code has become better commented.
- Many documentation updates
- A large number of bug fixes and code cleansing
- New OpenVPN-GUI
- ... and a bunch of other changes that you can read about here.
Perhaps this is the best solution for VPN today.
Download Page
')
Source: https://habr.com/ru/post/165567/
All Articles