OpenVPN, a package for creating virtual private networks, has released version 2.6.9, bringing several notable updates. The most significant change is the translation of the project code from the use of a clean license GPLv2 to a licensed license, expanding the GPLv2 text permitting connecting with the code under the Apache 2.0 license, which was previously impossible due to incompatibility between the two licenses.
The exception now allows the connection of OpenVPN code with library code distributed under the Apache 2.0 license, enabling the distribution of a combined derivative product without compliance with the GPLv2 requirement on the distribution of connected libraries under the same license. However, all other conditions, such as the provision of the initial texts of the derivative product, must still be maintained.
This change was primarily made to enable binding with the OpenSSL library, which is supplied under the Apache 2.0 license. Any OpenVPN code that couldn’t be transferred to the new licensing conditions, such as due to the inability to contact the authors, has been removed or rewritten.
In addition to the licensing changes, the new version includes the following functional updates:
- Added assembly support with the library MBEDTLS 3.X.
- Implemented the option “-phorce-TLS-Key-Material-Export,” allowing compatibility only with customers that support the export of TLS keys necessary for generating session keys.
- Rewritten the implementation of the functionality “–tls-export-Cert”.
- Improved TLS 1.0 PRF (Pseudo-Random Function) failures.
- Updated examples of keys, as the duration of the old keys expires in October.