Preparing release 2.5.1

version.m4, ChangeLog, Changes.rst Signed-off-by: Gert Doering <[email protected]>
Knudn · Feb 24, 2021 · f186691 · f186691
1 parent 2c8ef6f
commit f186691
Show file tree

Hide file tree

Showing 3 changed files with 117 additions and 4 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,6 +1,49 @@
 OpenVPN Change Log
 Copyright (C) 2002-2020 OpenVPN Inc <[email protected]>
 
+2021.02.24 -- Version 2.5.1
+
+Arne Schwabe (5):
+      Fix auth-token not being updated if auth-nocache is set
+      Remove auth_user_pass.wait_for_push variable
+      Fix port-share option with TLS-Crypt v2
+      Zero initialise msghdr prior to calling sendmesg
+      Fix tls-auth mismatch OCC message when tls-cryptv2 is used.
+
+David Sommerseth (1):
+      build: Fix missing install of man page in certain environments
+
+Domagoj Pensa (3):
+      Fix too early argv freeing when registering DNS
+      Remove 1 second delay before running netsh
+      Skip DHCP renew with Wintun adapter
+
+Gert Doering (6):
+      Change travis build scripts to use https when fetching prerequisites.
+      Fix line number reporting on config file errors after <inline> segments
+      Clarify --block-ipv6 intent and direction.
+      Document common uses of 'echo' directive, re-enable logging for 'echo'.
+      Make OPENVPN_PLUGIN_ENABLE_PF failures FATAL
+      clean up / rewrite sample-plugins/defer/simple.c
+
+Greg Cox (5):
+      Fix naming error in sample-plugins/defer/simple.c
+      Documentation fixes around openvpn_plugin_func_v3 in openvpn-plugin.h.in
+      Update openvpn_plugin_func_v2 to _v3 in sample-plugins/defer/simple.c
+      More explicit versioning compatibility in sample-plugins/defer/simple.c
+      Explain structver usage in sample defer plugin.
+
+Richard Bonhomme (1):
+      Man page sections corrections
+
+Selva Nair (1):
+      Quote the domain name argument passed to the wmic command
+
+Steffan Karger (2):
+      tls-crypt-v2: fix server memory leak
+      tls-crypt-v2: also preload tls-crypt-v2 keys (if --persist-key)
+
+
 2020.10.27 -- Version 2.5.0
       (no changes relative to v2.5_rc3)
 

diff --git a/Changes.rst b/Changes.rst
@@ -1,5 +1,75 @@
-Overview of changes in 2.5
-==========================
+Overview of changes in 2.5.1
+============================
+
+New features
+------------
+- "echo msg" support, to enable the server to pushed messages that are
+  then displayed by the client-side GUI.  See doc/gui-notes.txt and
+  doc/management-notes.txt.
+
+  Supported by the Windows GUI shipped in 2.5.1, not yet supported by
+  Tunnelblick and the Android GUI.
+
+User-visible Changes
+--------------------
+- make OPENVPN_PLUGIN_ENABLE_PF plugin failures FATAL - if a plugin offers
+  to set the "openvpn packet filter", and returns a failure when requested
+  to, OpenVPN 2.5.0 would crash trying to clean up not-yet-initialized
+  structure members.  Since PF is going away in 2.6.0, this is just turning
+  the crash into a well-defined program abort, and no further effort has
+  been spent in rewriting the PF plugin error handling (see trac #1377).
+
+Documentation
+-------------
+- rework sample-plugins/defer/simple.c - this is an extensive rewrite
+  of the plugin to bring code quality to acceptable standards and add
+  documentation on the various plugin API aspects.  Since it's just
+  example code, filed under "Documentation", not under "Bugfix".
+
+- various man page improvements.
+
+- clarify ``--block-ipv6`` intent and direction
+
+Bugfixes
+--------
+- fix installation of openvpn.8 manpage on systems without docutils.
+
+- Windows: fix DNS search list setup for domains with "-" chars.
+
+- Fix tls-auth mismatch OCC message when tls-cryptv2 is used.
+
+- Windows: Skip DHCP renew with Wintun adapter (Wintun does not support
+  DHCP, so this was just causing an - harmless - error and needless delay).
+
+- Windows: Remove 1 second delay before running netsh - speeds up
+  interface init for wintun setups not using the interactive service.
+
+- Windows: Fix too early argv freeing when registering DNS - this would
+  cause a client side crash on Windows if ``register-dns`` is used,
+  and the interactive service is not used.
+
+- Android: Zero initialise msghdr prior to calling sendmesg.
+
+- Fix line number reporting on config file errors after <inline> segments
+  (see Trac #1325).
+
+- Fix port-share option with TLS-Crypt v2.
+
+- tls-crypt-v2: also preload tls-crypt-v2 keys (if --persist-key), otherwise
+  dropping privs on the server would fail.
+
+- tls-crypt-v2: fix server memory leak (about 600 bytes per connecting
+  client with tls-crypt-v2)
+
+- rework handling of server-pushed ``--auth-token`` in combination with
+  ``--auth-nocache`` on reconnection / TLS renegotiation events.  This
+  used to "forget" to update new incoming token after a reconnection event
+  (leading to failure to reauth some time later) and now works in all
+  tested cases.
+
+
+Overview of changes in 2.5.0
+============================
 
 New features
 ------------

diff --git a/version.m4 b/version.m4
@@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN])
 define([PRODUCT_TARNAME], [openvpn])
 define([PRODUCT_VERSION_MAJOR], [2])
 define([PRODUCT_VERSION_MINOR], [5])
-define([PRODUCT_VERSION_PATCH], [.0])
+define([PRODUCT_VERSION_PATCH], [.1])
 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR])
 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]])
 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]])
 define([PRODUCT_BUGREPORT], [[email protected]])
-define([PRODUCT_VERSION_RESOURCE], [2,5,0,8])
+define([PRODUCT_VERSION_RESOURCE], [2,5,1,0])
 dnl define the TAP version
 define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901])
 define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])