headers
James Yonan | 8 May 07:06

1.4.0 Released

Download:

http://sourceforge.net/projects/openvpn/

Release Notes:

This release adds options for persistence of replay protection information
across sessions, pass through of IPv4 TOS bits from the TUN/TAP device to the
UDP link, some advanced MTU control options, moderate revamping of the build
system to improve portability, and misc bug fixes and web site additions.

Also new is a major restructuring of MTU and fragmentation handling. Much of
this code is experimental and must be explicitly enabled by defining
FRAGMENT_ENABLE and rebuilding.

Change Log:

* Added --replay-persist feature to allow replay
  protection across sessions.
* Fixed bug where --ifconfig could not be used
  with --tun-mtu.
* Added --tun-mtu-extra parameter to deal with
  the situation where a read on a TUN/TAP device
  returns more data than the device's MTU size.
* Fixed bug where some IPv6 support code for
  Linux was not being properly ifdefed out for
  Linux 2.2, causing compile errors.
* Added OPENVPN_EXIT_STATUS_x codes to
  openvpn.h to control which status value
  openvpn returns to its caller (such as
(Continue reading)

Permalink | Reply | 0 comments |
headers
James Yonan | 12 May 06:47

Patch for --verb 0 bug in OpenVPN 1.4.0

A bug has been discovered and confirmed that can peg CPU utilization to 100%
if all of the following are true:

(1) You are running OpenVPN 1.4.0,
(2) you are running on Linux 2.4 or higher,
(3) you are using the --verb 0 option to suppress all output, and
(4) a non-fatal socket error occurs (such as a temporary network outage).

There is a simple workaround available in this patch against 1.4.0:

http://openvpn.sourceforge.net/patch/esec-disable.patch

Patch Usage (from openvpn-1.4.0 directory after fresh tarball extract):

patch < esec-disable.patch && ./configure && make

Alternatively, you can get the fix in the current development tarball:

http://openvpn.sourceforge.net/beta/openvpn-1.4.0.2.tar.gz

Or the simplest solution is to just use --verb 1 (the default) until 1.4.1 is
released.  If --verb 1 is too verbose for you, check out --mute which can be
used to lessen the incidence of repetitive messages.  --mute is unaffected by
this bug.

James

-------------------------------------------------------
Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara
The only event dedicated to issues related to Linux enterprise solutions
(Continue reading)

Permalink | Reply | 0 comments |
headers
James Yonan | 16 May 09:57

OpenVPN 1.4.1 Released


This release fixes two bugs in 1.4.0, including a build issue on OpenBSD, and
a bug under Linux 2.4 that can cause 100% CPU utilization if the --verb 0
option is used to suppress all output.

In addition, if a Linux 2.4 TUN/TAP open attempt fails, the code will now fall
back to the 2.2 TUN/TAP interface and try again.

http://sourceforge.net/projects/openvpn/

James

-------------------------------------------------------
Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara
The only event dedicated to issues related to Linux enterprise solutions
www.enterpriselinuxforum.com
Permalink | Reply | 0 comments |

Gmane