| November 17, 2008 | ||
|---|---|---|
 |
View a828135
* Added additional method parameter to --script-security to preserve backward compatibility with system() call semantics used in OpenVPN 2.1_rc8 and earlier. To preserve backward compatibility use:james authored on 2008/11/17 13:28:07 |
|
| October 15, 2008 | ||
|---|---|---|
|
View 51f7b84
Added additional warning messages about --script-security 2 or higher being required to execute user-defined scripts or executables.james authored on 2008/10/15 17:20:21 |
|
| October 6, 2008 | ||
|---|---|---|
|
View 367ed08
Copyright notice changed to reflect change in name of Telethra to OpenVPN Technologies.james authored on 2008/10/06 16:33:45 |
|
| September 30, 2008 | ||
|---|---|---|
|
View bb564a5
Management interface can now listen on a unix domain socket, for example:james authored on 2008/09/30 15:11:38 |
|
| September 6, 2008 | ||
|---|---|---|
|
View b8fb090
2.1_rc8 and earlier did implicit shell expansion on script arguments since all scripts were called by system(). The security hardening changes made to 2.1_rc9 no longer use system(), but rather use the safer execve or CreateProcess system calls. The security hardening also introduced a backward incompatibility with 2.1_rc8 and earlier in that script parameters were no longer shell-expanded, so for example:james authored on 2008/09/06 18:42:17 |
|
| July 27, 2008 | ||
|---|---|---|
|
View 70899be
Added a warning message when passwords are cached in memory.james authored on 2008/07/27 09:43:49 |
|
|
View b4073a7
Perform additional input validation on options pulled by client from server. Fixes --iproute vulnerability.james authored on 2008/07/27 08:08:29 |
|
| July 26, 2008 | ||
|---|---|---|
|
View 5a2e9a2
Completely revamped the system for calling external programs and scripts:james authored on 2008/07/26 16:27:03 |
|
| July 19, 2008 | ||
|---|---|---|
|
View d1dcc3e
Added a warning when plugins are specified without an absolute pathname.james authored on 2008/07/19 08:49:50 |
|
| July 18, 2008 | ||
|---|---|---|
|
View ddad0a8
gen_path will no longer silently truncate the generated filename at 256 bytes.james authored on 2008/07/18 09:55:59 |
|
|
View 222f084
Modified create_temp_filename to create unpredictable filenames.james authored on 2008/07/18 09:32:40 |
|
|
View 093e7eb
Previously, OpenVPN might log a client's auth-user-pass password if the verbosity was set to a high debug level such as 7 or higher. Normally this would only be used by developers. Now, even at high debug levels, the password will not be output.james authored on 2008/07/18 08:31:16 |
|
|
View 73b7e69
gen_path now rejects filenames that match Windows device names such as CON, NUL, LPT1, etc.james authored on 2008/07/18 07:41:15 |
|
| July 15, 2008 | ||
|---|---|---|
|
View 1c0cc4a
Copyright change OpenVPN Solutions LLC -> Telethra, Inc.james authored on 2008/07/15 03:59:09 |
|
| June 12, 2008 | ||
|---|---|---|
|
View eca8691
Updated copyright notice to 2008.james authored on 2008/06/12 06:59:26 |
|