openvpn: Update to version 2.5.8

  - Update from version 2.5.7 to 2.5.8
- Update of rootfile not required
- Changelog
    Version 2.5.8
      tls-crypt-v2: bail out if the client key is too small
      Remove useless empty line from CR_RESPONSE message
      Allow running a default configuration with TLS libraries without BF-CBC
      Change command help to match man page and implementation
      Fix OpenVPN querying user/password if auth-token with user expires
      t_client: Allow to force FAIL on prerequisite fails
      t_client.sh: do not require fping6
      Preparing release 2.5.8
      msvc: add branch name and commit hash to version output
      Update the replay-window backtrack log message
      Do not skip ERROR:/SUCCESS: response from management interface
      Fix auth-token usage with management-def-auth
      Allow a few levels of recursion in virtual_output_callback()
      Ensure --auth-nocache is handled during renegotiation
      Purge auth-token as well while purging passwords
      Do not copy auth_token username to itself

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 lfs/openvpn | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
  

Reviewed-by: Peter Müller <peter.mueller@ipfire.org>

> - Update from version 2.5.7 to 2.5.8
> - Update of rootfile not required
> - Changelog
>     Version 2.5.8
>       tls-crypt-v2: bail out if the client key is too small
>       Remove useless empty line from CR_RESPONSE message
>       Allow running a default configuration with TLS libraries without BF-CBC
>       Change command help to match man page and implementation
>       Fix OpenVPN querying user/password if auth-token with user expires
>       t_client: Allow to force FAIL on prerequisite fails
>       t_client.sh: do not require fping6
>       Preparing release 2.5.8
>       msvc: add branch name and commit hash to version output
>       Update the replay-window backtrack log message
>       Do not skip ERROR:/SUCCESS: response from management interface
>       Fix auth-token usage with management-def-auth
>       Allow a few levels of recursion in virtual_output_callback()
>       Ensure --auth-nocache is handled during renegotiation
>       Purge auth-token as well while purging passwords
>       Do not copy auth_token username to itself
> 
> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
> ---
>  lfs/openvpn | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/lfs/openvpn b/lfs/openvpn
> index 0483ac311..db2246206 100644
> --- a/lfs/openvpn
> +++ b/lfs/openvpn
> @@ -24,7 +24,7 @@
>  
>  include Config
>  
> -VER        = 2.5.7
> +VER        = 2.5.8
>  
>  THISAPP    = openvpn-$(VER)
>  DL_FILE    = $(THISAPP).tar.gz
> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>  
>  $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>  
> -$(DL_FILE)_BLAKE2 = f5db74445d080f191b09a4ff5512712973fa6c3a6662479e11d2398e5e01c45eba5d50faa3301c715066dd0eb2f7d8702ceefc68d9edb1af264ec699710f8e5c
> +$(DL_FILE)_BLAKE2 = d029f6facd94a82aa28765cab340130dd4e5a4ffc2e0ccf3bf4888aee52d337126c21fdd7304dbaad5fe67d0a1f8d44e5a3c44801dcfa935aef200675ac5167f
>  
>  install : $(TARGET)
>
  

> On 21 Nov 2022, at 08:27, Peter Müller <peter.mueller@ipfire.org> wrote:
> 
> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
> 
>> - Update from version 2.5.7 to 2.5.8
>> - Update of rootfile not required
>> - Changelog
>>    Version 2.5.8
>>      tls-crypt-v2: bail out if the client key is too small
>>      Remove useless empty line from CR_RESPONSE message
>>      Allow running a default configuration with TLS libraries without BF-CBC

I am not sure how to read this. We would need to have BlowFish available for those people, who are still using it.

Can we test this before merging this patch, please?

>>      Change command help to match man page and implementation
>>      Fix OpenVPN querying user/password if auth-token with user expires
>>      t_client: Allow to force FAIL on prerequisite fails
>>      t_client.sh: do not require fping6
>>      Preparing release 2.5.8
>>      msvc: add branch name and commit hash to version output
>>      Update the replay-window backtrack log message
>>      Do not skip ERROR:/SUCCESS: response from management interface
>>      Fix auth-token usage with management-def-auth
>>      Allow a few levels of recursion in virtual_output_callback()
>>      Ensure --auth-nocache is handled during renegotiation
>>      Purge auth-token as well while purging passwords
>>      Do not copy auth_token username to itself
>> 
>> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
>> ---
>> lfs/openvpn | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>> 
>> diff --git a/lfs/openvpn b/lfs/openvpn
>> index 0483ac311..db2246206 100644
>> --- a/lfs/openvpn
>> +++ b/lfs/openvpn
>> @@ -24,7 +24,7 @@
>> 
>> include Config
>> 
>> -VER        = 2.5.7
>> +VER        = 2.5.8
>> 
>> THISAPP    = openvpn-$(VER)
>> DL_FILE    = $(THISAPP).tar.gz
>> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>> 
>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>> 
>> -$(DL_FILE)_BLAKE2 = f5db74445d080f191b09a4ff5512712973fa6c3a6662479e11d2398e5e01c45eba5d50faa3301c715066dd0eb2f7d8702ceefc68d9edb1af264ec699710f8e5c
>> +$(DL_FILE)_BLAKE2 = d029f6facd94a82aa28765cab340130dd4e5a4ffc2e0ccf3bf4888aee52d337126c21fdd7304dbaad5fe67d0a1f8d44e5a3c44801dcfa935aef200675ac5167f
>> 
>> install : $(TARGET)
>>