Prepared release OpenVPN 2.6.7, a package for creating virtual private networks that allows you to organize an encrypted connection between two client machines or provide a centralized VPN server for the simultaneous operation of several clients. The new version is notable for its relicensing. Project code transferred from using a pure GPLv2 license to combined licensein which the GPLv2 text is expanded exceptallowing linking to code under the Apache 2.0 license, which is not normally possible without relicensing the code due to incompatibility between the GPLv2 and Apache 2.0 licenses.
The exception allows you to link OpenVPN code with code from libraries distributed under the Apache 2.0 license and distribute the combined derivative work without complying with the GPLv2 requirement to distribute linked libraries under the same license, but still subject to all other terms, such as providing source code for the derivative work. The primary focus of the change is to enable linking with the OpenSSL library, which is licensed under the Apache 2.0 license. All OpenVPN code that could not be translated to the new licensing terms, for example due to the inability to contact the authors, has been removed or completely rewritten.
Advertisement
Among the functional changes:
- Added support for building with the mbedTLS 3.x library.
- The “–force-tls-key-material-export” option has been implemented, allowing work only with clients that support the export of TLS key parameters required for generating session keys.
- The implementation of the “–tls-export-cert” functionality has been rewritten.
- Improved handling of TLS 1.0 PRF (Pseudo-Random Function) failures.
- Updated sample keys as older keys expire in October.
Thanks for reading: