Update to 2.3.6:

2014.11.28 -- Version 2.3.6
David Sommerseth (1):
      systemd: Reworked the systemd unit file to handle server and client configs better

Gert Doering (1):
      Add client-only support for peer-id.

Samuli Sepp辰nen (1):
      Fix to --shaper documentation on the man-page

Steffan Karger (4):
      Fix assertion error when using --cipher none
      Add --tls-version-max
      Modernize sample keys and sample configs
      Drop too-short control channel packets instead of asserting out.

2014.10.24 -- Version 2.3.5
Andris Kalnozols (2):
      Fix some typos in the man page.
      Do not upcase x509-username-field for mixed-case arguments.

Arne Schwabe (1):
      Fix server routes not working in topology subnet with --server [v3]

David Sommerseth (4):
      Improve error reporting on file access to --client-config-dir and --ccd-exclusive
      Don't let openvpn_popen() keep zombies around
      Add systemd unit file for OpenVPN
      systemd: Use systemd functions to consider systemd availability

Gert Doering (3):
      Drop incoming fe80:: packets silently now.
      Fix t_lpback.sh platform-dependent failures
      Call init script helpers with explicit path (./)

Heiko Hund (1):
      refine assertion to allow other modes than CBC

Hubert Kario (2):
      ocsp_check - signature verification and cert staus results are separate
      ocsp_check - double check if ocsp didn't report any errors in execution

James Bekkema (1):
      Fix socket-flag/TCP_NODELAY on Mac OS X

James Yonan (6):
      Fixed several instances of declarations after statements.
      In socket.c, fixed issue where uninitialized value (err) is being passed to to gai_strerror.
      Explicitly cast the third parameter of setsockopt to const void * to avoid warning.
      MSVC 2008 doesn't support dimensioning an array with a const var nor using %z as a printf format specifier.
      Define PATH_SEPARATOR for MSVC builds.
      Fixed some compile issues with show_library_versions()

Jann Horn (1):
      Remove quadratic complexity from openvpn_base64_decode()

Mike Gilbert (1):
      Add configure check for the path to systemd-ask-password

Philipp Hagemeister (2):
      Add topology in sample server configuration file
      Implement on-link route adding for iproute2

Samuel Thibault (1):
      Ensure that client-connect files are always deleted

Steffan Karger (13):
      Remove function without effect (cipher_ok() always returned true).
      Remove unneeded wrapper functions in crypto_openssl.c
      Fix bug that incorrectly refuses oid representation eku's in polar builds
      Update README.polarssl
      Rename ALLOW_NON_CBC_CIPHERS to ENABLE_OFB_CFB_MODE, and add to configure.
      Add proper check for crypto modes (CBC or OFB/CFB)
      Improve --show-ciphers to show if a cipher can be used in static key mode
      Extend t_lpback tests to test all ciphers reported by --show-ciphers
      Don't exit daemon if opening or parsing the CRL fails.
      Fix typo in cipher_kt_mode_{cbc, ofb_cfb}() doxygen.
      Fix regression with password protected private keys (polarssl)
      ssl_polarssl.c: fix includes and make casts explicit
      Remove unused variables from ssl_verify_openssl.c extract_x509_extension()

TDivine (1):
      Fix "code=995" bug with windows NDIS6 tap driver.


(wiz)

@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.54 2014/09/08 16:57:01 wiedi Exp $
+# $NetBSD: Makefile,v 1.55 2014/12/03 10:09:01 wiz Exp $
 
 DISTNAME=	${OPENVPN_DISTNAME}
-PKGREVISION=	1
 CATEGORIES=	net
 MASTER_SITES=	${OPENVPN_MASTER_SITES}
 EXTRACT_SUFX=	.tar.xz

@@ -1,10 +1,10 @@
-# $NetBSD: Makefile.common,v 1.3 2014/07/20 17:43:29 adam Exp $
+# $NetBSD: Makefile.common,v 1.4 2014/12/03 10:09:01 wiz Exp $
 
 # used by net/openvpn/Makefile
 # used by net/openvpn-acct-wtmpx/Makefile
 # used by net/openvpn-nagios/Makefile
 
-OPENVPN_DISTNAME=	openvpn-2.3.4
+OPENVPN_DISTNAME=	openvpn-2.3.6
 OPENVPN_DISTFILE=	${OPENVPN_DISTNAME}.tar.xz
 OPENVPN_MASTER_SITES=	http://swupdate.openvpn.net/community/releases/
 SITES.${OPENVPN_DISTFILE}=	${OPENVPN_MASTER_SITES}

@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.17 2014/03/11 14:05:10 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.18 2014/12/03 10:09:01 wiz Exp $
 include/openvpn-plugin.h
 ${PLIST.pam}lib/openvpn/plugins/openvpn-plugin-auth-pam.la
 lib/openvpn/plugins/openvpn-plugin-down-root.la
@@ -31,12 +31,17 @@
 share/examples/openvpn/keys/README
 share/examples/openvpn/keys/ca.crt
 share/examples/openvpn/keys/ca.key
+share/examples/openvpn/keys/client-ec.crt
+share/examples/openvpn/keys/client-ec.key
+share/examples/openvpn/keys/client-pass.key
 share/examples/openvpn/keys/client.crt
 share/examples/openvpn/keys/client.key
-share/examples/openvpn/keys/dh1024.pem
-share/examples/openvpn/keys/pass.crt
-share/examples/openvpn/keys/pass.key
-share/examples/openvpn/keys/pkcs12.p12
+share/examples/openvpn/keys/client.p12
+share/examples/openvpn/keys/dh2048.pem
+share/examples/openvpn/keys/gen-sample-keys.sh
+share/examples/openvpn/keys/openssl.cnf
+share/examples/openvpn/keys/server-ec.crt
+share/examples/openvpn/keys/server-ec.key
 share/examples/openvpn/keys/server.crt
 share/examples/openvpn/keys/server.key
 share/examples/openvpn/scripts/auth-pam.pl

@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.30 2014/07/20 17:43:29 adam Exp $
+$NetBSD: distinfo,v 1.31 2014/12/03 10:09:01 wiz Exp $
 
-SHA1 (openvpn-2.3.4.tar.xz) = 20adb275760b0cfe99eb9cb34228d74bccb48ad8
-RMD160 (openvpn-2.3.4.tar.xz) = 849a00f399283778facc64e4198d3ee201ea3573
-Size (openvpn-2.3.4.tar.xz) = 791676 bytes
+SHA1 (openvpn-2.3.6.tar.xz) = f360b4b858f70378f18853c334b0cd2f9219adbb
+RMD160 (openvpn-2.3.6.tar.xz) = 8b34467bc4759380e10688c4839a67afa6a58abf
+Size (openvpn-2.3.6.tar.xz) = 809348 bytes
 SHA1 (patch-ac) = d1918a08f8b3dd150b44737a236da58be7fa1f8c
 SHA1 (patch-ad) = 1406764c57687665df34a489474255ab0c3c8179
 SHA1 (patch-ae) = e6e3e5977d1d9c09c0638d84e599c1c4956e27c8