OpenVPN Connect for iOS change log
Changes between 1.2.8 and 1.2.9:
- show MD5 warning pop-up only once per VPN session
- fix glitch upon key re-negotiation when using tls-crypt
- fix interoperability issue with private keys created using OpenSSL 1.1 default settings (aka add support for private keys encrypted using PKCS#5v2.0 with PRF newer than SHA1)
Changes between 1.2.7 and 1.2.8:
- fixed spurious crash on reconnection after sleep
- restored access to CertificatePayloads (p12 bundles) uploaded via Provisioning Profiles (.mobileconfig files)
- show warning pop-up when connecting to server using insecure MD5 algorithm to sign certificates (MD5 support will be dropped end of Apr 2018)
- report unique app specific UUID to server within peer info (variable IV_HWADDR)
- added support for ECDSA ciphersuites (for EC certificates)
- fixed VPN status after closing and re-opening App with tunnel activated (VPN IPs, last event, etc.)
- fixed profiles loading from iCloud with Files app (due to an iOS bug, only 1 file can be loaded at once)
- improved .ovpn12 file import
Changes between 1.2.6 and 1.2.7:
- fixed WiFi detection while connected via LTE
- fixed tunnel reconfiguration after reconnection with seamless tunnel ON
- added message about new .ovpn12 extension in cert list (when empty)
- fixed issue with DNS upon reconnection in split tunnel setups
- fixed tunnel disconnection when closing App from background app list
- fixed spurious connection crash when connecting using TCP
- fixed several connection instabilities
- fixed routing towards VPN IPs other than the VPN server
- fixed usage of PROXY_AUTO_CONFIG_URL and PROXY_BYPASS setting
- fixed DNS settings when server directive comes as last one
Changes between 1.2.5 and 1.2.6
- fixed reconnection with external certificate or password when device is still locked
- fixed blank-screen issue on iPods
- fixed reconnection after sleep or connectivity loss
- fixed seamless tunnel handling
- fixed tls-auth setup. missing key-direction in new profiles is again interpreted as "bidirectional" mode
- fixed DNS server assignment on split tunnel configurations
- fixed IPv6 DNS server assignment on split tunnel configurations
- fixed search domain assignment on split tunnel configurations
- fixed profile renaming
- fixed PROXY settings assignment
- fixed permanent disconnection due to TRANSPORT_ERROR when uplink is unavailable
Changes between 1.1.1 and 1.2.5
- converted VPN backend to new Apple Network Extensions framework
- implemented private keychain for storing certificates and passwords. PKCS#12 bundles imported via Safari or Mail must now end with '.ovpn12'
- implemented support for "tls-crypt" config option. If the OpenVPN server you are connecting to has enabled this option, it will provider a safer method to exchange certificates during the initial TLS handshake
- improved log verbosity
- added preference switch to disable MD5 in TLS
- updated mbedTLS to 2.6.0 (MD5 support will be dropped on Apr, 31st 2018)
- updated ovpn3 backend