upstream/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2026-02-18 18:19:42 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
openvpn/doc
History
Max Fillinger 880bd69254 Mbed TLS 3: Remove prediction resistance option 
The option --use-prediction-resistance causes the random number
generator to be reseeded for every call. This is excessive.

This commit removes that option.

Github: closes OpenVPN/openvpn#964

Change-Id: I6298795f140c2c62252638f9e0cd6df19cb3d7ed
Signed-off-by: Max Fillinger <maximilian.fillinger@sentyron.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1530
Message-Id: <20260216151033.16585-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35658.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-02-16 16:20:55 +01:00
..
doxygen Remove NTLM support 2026-02-16 16:14:13 +01:00
man-sections Mbed TLS 3: Remove prediction resistance option 2026-02-16 16:20:55 +01:00
tests Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file 2025-08-20 23:11:33 +02:00
android.txt doc: HTTPS upgrades and URL fixes throughout the tree 2025-10-13 17:39:46 +02:00
CMakeLists.txt CMake: Support doc builds on Windows machines that do not have .py file association 2023-07-06 13:52:24 +02:00
gui-notes.txt Document common uses of 'echo' directive, re-enable logging for 'echo'. 2021-01-20 20:18:07 +01:00
interactive-service-notes.rst Add Interactive Service developer documentation 2018-06-09 20:14:26 +02:00
keying-material-exporter.txt doc: HTTPS upgrades and URL fixes throughout the tree 2025-10-13 17:39:46 +02:00
Makefile.am Update Copyright statements to 2026 2026-01-08 10:59:57 +01:00
management-notes.txt PUSH_UPDATE message sender: enabling the server to send PUSH_UPDATE control messages 2025-09-03 20:55:52 +02:00
openvpn-examples.5.rst Add detailed man page section to setup a OpenVPN setup with peer-fingerprint 2021-08-01 19:47:44 +02:00
openvpn.8.rst Documentation: Various syntax fixes and text improvements 2025-12-08 14:55:53 +01:00
README.man doc/man: convert openvpn.8 to split-up .rst files 2020-07-17 11:23:18 +02:00
README.plugins build: integrate plugins build into core build 2012-06-26 11:29:02 +02:00
t_server_null.rst Add lwip support to t_server_null 2025-03-08 09:49:51 +01:00
tls-crypt-v2.txt Add option to check tls-crypt-v2 key timestamps 2025-11-19 16:28:00 +01:00

README.plugins 

OpenVPN Plugins
---------------

Starting with OpenVPN 2.0-beta17, compiled plugin modules are
supported on any *nix OS which includes libdl or on Windows.
One or more modules may be loaded into OpenVPN using
the --plugin directive, and each plugin module is capable of
intercepting any of the script callbacks which OpenVPN supports:

(1) up
(2) down
(3) route-up
(4) ipchange
(5) tls-verify
(6) auth-user-pass-verify
(7) client-connect
(8) client-disconnect
(9) learn-address

See the openvpn-plugin.h file in the top-level directory of the
OpenVPN source distribution for more detailed information
on the plugin interface.

Included Plugins
----------------

auth-pam -- Authenticate using PAM and a split privilege
            execution model which functions even if
            root privileges or the execution environment
            have been altered with --user/--group/--chroot.
            Tested on Linux only.

down-root -- Enable the running of down scripts with root privileges
             even if --user/--group/--chroot have been used
             to drop root privileges or change the execution
             environment.  Not applicable on Windows.

examples -- A simple example that demonstrates a portable
            plugin, i.e. one which can be built for *nix
            or Windows from the same source.

Building Plugins
----------------

cd to the top-level directory of a plugin, and use the
"make" command to build it.  The examples plugin is
built using a build script, not a makefile.