11views
OpenVPN, a widely used user-space VPN daemon that enables secure, encrypted tunnels over IP networks, has released version 2.7.1 as the first maintenance update in the 2.7 series. One of the key highlights is an enhancement to the --auth-user-pass directive.
This update allows OpenVPN to request only a username while sending a placeholder password. This is particularly beneficial for environments that rely on external authentication systems, where the username alone is sufficient to initiate a server-side challenge-response process.
Performance has also been improved by revising how internal hash maps are allocated. Instead of the previous fixed size of 256, the default is now dynamically set to four times the value of --max-clients. This adjustment prevents slowdowns in high-client environments by aligning memory usage more closely with actual demand.
Several user-visible changes have been introduced as well. When OpenVPN is built with AWS-LC, the --tls-cert-profile option now generates a runtime warning due to lack of support. On systems using systemd, unit files have transitioned from LimitNPROC to TasksMax, with an increased limit. Additionally, port-share logging behavior has been updated, with incoming connections now logged at verbosity level 3 instead of being treated as errors.
On the bug fix front, the --lport directive has been corrected to function properly within <connection> blocks after previous regressions. Issues with private key passphrases of 64 characters or more have been resolved, along with crashes affecting TCP connections using TAP interfaces without proper IP configuration.
The release also includes important platform-specific fixes. Data Channel Offload now functions correctly on FreeBSD systems without IPv4 kernel support, as well as on Linux systems running on big-endian architectures such as MIPS and PowerPC. Additional improvements for FreeBSD 15 include better handling of asynchronous push operations without requiring libinotify.
Other changes improve management interface responses, test runs during cross-compilation, and support for newer toolchains. To see all of them in detail, refer to the changelog.
add a comment
Palo Alto Networks VM-Series Next-Generation Firewall
The Palo Alto Networks VM-Series Next-Generation Firewall is a virtualized firewall that delivers advanced security features traditionally found in hardware...
Check Point R81.20 T634 for VMware
If you're running Check Point environments in production, staying updated with the latest Jumbo Hotfix is critical for security, performance,...
GNOME 49.5 Improves Stability With Fixes in Shell, Nautilus, and Mutter
GNOME 49.5, the fifth maintenance release in the older GNOME 49 branch, is now available, bringing updates to key components...
Fastfetch 2.61 System Information Tool Drops Windows 7 and 8 Support
Fastfetch, a well-known tool among Linux users for displaying a clean and stylish system summary in the terminal, has released...
