Fix a possible security issue with OpenSSL config autoloading on Windows (CVE-2021-3606).
Include a number of small improvements and bug fixes.
remove upstreamed: 115-fix-mbedtls-without-renegotiation.patch
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Support for wolfSSL has been upstreamed to the master OpenVPN branch
in f6dca235ae560597a0763f0c98fcc9130b80ccf4 so we can use wolfSSL
directly in OpenVPN. So no more needed differnt SSL engine for OpenVPN
in systems based on wolfSSL library
Compiled && tested on ramips/mt7620, ramips/mt7621
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Fixes two related security vulnerabilities (CVE-2020-15078) which
under very specific circumstances allow tricking a server using delayed
authentication (plugin or management) into returning a PUSH_REPLY before
the AUTH_FAILED message, which can possibly be used to gather
information about a VPN setup. In combination with "--auth-gen-token" or
a user-specific token auth solution it can be possible to get access to
a VPN with an otherwise-invalid account.
OpenVPN 2.5.2 also includes other bug fixes and improvements.
Add CI build test script.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
