[Openvpn-devel] BUG: Windows netsh interface ipv6 delete address

Hi, I get an error on latest release 2.3.3 (and previous ones), on windows 8.1. NETSH: C:\WINDOWS\system32\netsh.exe interface ipv6 delete address OPENVPN 2a02:::::1000 ERROR: netsh command failed: returned error code 1 MANAGEMENT: Client disconnected NETSH: command failed Exiting du

Re: [Openvpn-devel] Heartbleed

Hello, Am 8.4.2014 19:02, schrieb Samuli Seppänen: An updated installer (I004) with OpenSSL 1.0.1g is now out: I smoketested the installers on Windows 7 64-bit and WinXP 32-bit. just wanted to give Feedback... I am running the

Re: [Openvpn-devel] Heartbleed

On 9-4-2014 10:49, Илья Шипицин wrote: > I did not say "nobind protects from everything", but I did mean that > clients with "nobind" are more protected in case of non patched > openssl library shipped with (old) openvpn windows installer. > > > if server is patched (what is rather easy thing compa

[Openvpn-devel] OpenVPN 2.3.3 released

The OpenVPN community project team is proud to release OpenVPN 2.3.3. It can be downloaded from here: This release contains a number of bug fixes, small enhancements and changes aimed at improving long-term compatibility with newer OpenVPN

Re: [Openvpn-devel] Heartbleed

Am 09.04.2014 10:45, schrieb Gert Doering: This is not trivial to set up, and might not be worth for every client out there - but if you're truly concerned about your data, upgrade the client, revoke the old key+certificate, reissue new keys. How does revokation Lists work with openvpn?

[Openvpn-devel] Regarding pkcs11 support in our Debian/Ubuntu packages

Hi all, It OpenVPN 2.3.3 requires libpkcs11-helper 1.11 or newer. What this means is that unless I patch the OpenVPN sources I won't be able to provide Debian/Ubuntu packages with pkcs11 support except for Ubuntu 14.04 which has 1.11 in default repos. So, is anyone using pkcs11 with the Debian pa

Re: [Openvpn-devel] Heartbleed

I did not say "nobind protects from everything", but I did mean that clients with "nobind" are more protected in case of non patched openssl library shipped with (old) openvpn windows installer. if server is patched (what is rather easy thing comparing to hundreds windows users), nobody can steal

Re: [Openvpn-devel] Heartbleed

Hi, On Wed, Apr 09, 2014 at 02:32:42PM +0600, ??? wrote: > I used to think that client without "nobind" option binds to 1194/udp > (we encountered that issue with multiple openvpn connection on the > same machine), so, "nobind" tells openvpn instance not to bind to > udp/1194, and so, onl

Re: [Openvpn-devel] Heartbleed

Am 09.04.14 10:32, schrieb Илья Шипицин: > I used to think that client without "nobind" option binds to 1194/udp > (we encountered that issue with multiple openvpn connection on the > same machine), so, "nobind" tells openvpn instance not to bind to > udp/1194, and so, only openvpn server can explo

Re: [Openvpn-devel] Heartbleed

I used to think that client without "nobind" option binds to 1194/udp (we encountered that issue with multiple openvpn connection on the same machine), so, "nobind" tells openvpn instance not to bind to udp/1194, and so, only openvpn server can exploit heartbleed vulnerability, but not any attacker

Re: [Openvpn-devel] Heartbleed

Am 09.04.14 10:25, schrieb Илья Шипицин: > am I right that "nobind" option gives some protection to windows > openvpn client ? > No. Nobind gives no protection. Arne signature.asc Description: OpenPGP digital signature

Re: [Openvpn-devel] Heartbleed

am I right that "nobind" option gives some protection to windows openvpn client ? 2014-04-08 23:02 GMT+06:00 Samuli Seppänen : > Hi, Am 08.04.2014 15:42, schrieb Steffan Karger: >> Perhaps a dumb question, but if the server instance is linked >> against an older version of o