It includes major changes compared to latest 2.2.x ("oldstable") release:
- Full IPv6 support
- SSL layer modularised, enabling easier implementation for other SSL libraries
- PolarSSL support as a drop-in replacement for OpenSSL
- New plug-in API providing direct certificate access, improved logging API and easier to extend in the future
- Added 'dev_type' environment variable to scripts and plug-ins - which is set to 'TUN' or 'TAP'
- New feature: --management-external-key - to provide access to the encryption keys via the management interface
- New feature: --x509-track option, more fine grained access to X.509 fields in scripts and plug-ins
- New feature: --client-nat support
- New feature: --mark which can mark encrypted packets from the tunnel, suitable for more advanced routing and firewalling
- New feature: --management-query-proxy - manage proxy settings via the management interface (supercedes --http-proxy-fallback)
- New feature: --stale-routes-check, which cleans up the internal routing table
- New feature: --x509-username-field, where other X.509v3 fields can be used for the authentication instead of Common Name
- Improved client-kill management interface command
- Improved UTF-8 support - and added --compat-names to provide backwards compatibility with older scripts/plug-ins
- Improved auth-pam with COMMONNAME support, passing the certificate's common name in the PAM conversation
- More options can now be used inside <connection> blocks
- Completely new build system, enabling easier cross-compilation and Windows builds
- Much of the code has been better documented
- Many documentation updates
- Plenty of bug fixes and other code clean-ups
Read more: OpenVPN v2.3
QR: