openwrt-mirror/packages
1
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2025-12-22 01:44:32 +04:00
Code Issues Packages Projects Releases Wiki Activity

openvpn: update to 2.5.0

Browse Source 
New features:
* Per client tls-crypt keys
* ChaCha20-Poly1305 can be used to encrypt the data channel
* Routes are added/removed via Netlink instead of ifconfig/route
  (unless iproute2 support is enabled).
* VLAN support when using a TAP device

Significant changes:
* Server support can no longer be disabled.
* Crypto support can no longer be disabled, remove nossl variant.
* Blowfish (BF-CBC) is no longer implicitly the default cipher.
  OpenVPN peers prior to 2.4, or peers with data cipher negotiation
  disabled, will not be able to connect to a 2.5 peer unless
  option data_fallback_ciphers is set on the 2.5 peer and it contains a
  cipher supported by the client.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This commit is contained in:
Magnus Kroken
2020-12-01 10:57:07 +01:00
committed by Rosen Penev
parent 4434915571
commit 2e55fc8b2d
12 changed files with 69 additions and 238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
View File

@@ -1,6 +1,6 @@
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -1415,7 +1415,7 @@ const char *
@@ -1520,7 +1520,7 @@ const char *
get_ssl_library_version(void)
{
static char mbedtls_version[30];