OpenVPN 3 Linux v13 (beta)
The highlights of this release includes:
* Feature: IPv6 and TCP protocol support in OpenVPN Data Channel Off-load (DCO)
The DCO feature is currently a tech-preview feature. It is not
targeted for production usage in its current shape. As this is
still under heavy development, we currently only support the latest
Fedora releases (Fedora 32 and newer) and Ubuntu 20.04. This
currently requires Linux kernel 5.4 and newer.
This release includes an updated ovpn-dco implementation which adds both
TCP and IPv6 protocols to be used for the transport between client and server.
If you are testing the DCO feature, also be sure you use the updated
kmod-ovpn-dco package, or build the ovpn-dco module based on git
commit 8f04ed862539f0.
* Bugfix: Misleading argument count when options are missing arguments
If an option requring a certain minimum amount of arguments was missing one
or more arguments, for example using just --keepalive 30, the error would be:
ERR_PROFILE_OPTION: option_error: option 'keepalive' must have at least 3 arguments
This is incorrect. The correct number should be "2 arguments". This has
been fixed in the OpenVPN 3 Core library which generated this error string.
* Bugfix: Multi-factor authentication broke with v12_beta
With the v12_beta release, web based authentication was added. This also
added signalling support for the CR_TEXT authentication method which was not
intended to be added. This resulted in many multi-factor authentication
configurations to fail, in particular those connecting to OpenVPN Access
Server. This has been corrected and openvpn3-linux does no longer signal
CR_TEXT authentication method support.
David Sommerseth (1):
client: Don't signal support for crtext authentication
Lev Stipakov (5):
ovpn-dco: support for various transport protocols
core: Update to Core library with ovpn-dco transport improvements
ovpn-dco: Update to latest git master
ovpn-dco: truncate nonce_tail length
ovpn-dco: remove cbc-hmac support