OpenVPN 2.6.13 Update.
The release of a package for creating virtual private networks OpenVPN 2.6.13 has been published, which allows you to organize an encrypted connection between two client machines or provide a centralized VPN server for the simultaneous operation of several clients.
Among the changes we can note:
- Added blocking of requests from clients whose login and password exceed the USERPASSLEN value. It is clarified that the change is not related to eliminating vulnerabilities, but may lead to incorrect parsing of incoming IV parameters and the output of incorrect error messages.
- When setting the “push-peer-info” setting on platforms other than Windows, the client sends information about the operating system release (produced by the uname() function) in the IVPLATVER parameter, which allows servers to track information about the OS versions used by clients.
- On Linux systems, the systemd-ask-password process can be started with the “—timeout=0” option to disable the default 90-second timeout.
- Fixed memory leaks occurring in FreeBSD.
- When launched with the “—auth-nocache” option, the authentication parameters for the proxy are deleted from memory after they have been used.
- The Windows client uses the CryptProtectMemory() function to securely store cached passwords and tokens in memory. A new API has been enabled to obtain the dco-win driver version.