Re: [Openvpn-devel] [PATCH applied] Re: Repair topology subnet on FreeBSD 11

Am 11.11.2016 um 23:10 schrieb Gert Doering: > I might be tempted to do a quick 2.3.14 release in between - there's two > important platform fixes in that branch now (FreeBSD and OpenBSD topology > subnet :-) ) and Lev's recursive routing patch. Add to that the windows > block-outside-dns patch

Re: [Openvpn-devel] [PATCH applied] Re: Repair topology subnet on FreeBSD 11

Hi, On Fri, Nov 11, 2016 at 07:25:57PM +0100, Matthias Andree wrote: > > Repair topology subnet on FreeBSD 11 [..] > > This is now part of FreeBSD's openvpn 2.3.13_1 (on the port's head) and > masked by an option that I enable by default and that I've dubbed > FIXSUBNET.

Re: [Openvpn-devel] [PATCH applied] Re: Repair topology subnet on FreeBSD 11

Am 09.11.2016 um 21:14 schrieb Gert Doering: > Thanks for testing & review :-) > > Patch has been applied to the master and release/2.3 branch. > > commit a433b3813d8c38b491d2baa7b433973f2d6cd7c6 (master) > commit 446ef5bda4cdc75d4cb955e274846faff0181fd3 (release/2.3) > Author: Gert Doering >

[Openvpn-devel] [PATCH] console: Fix compiler warning

Building with -O2, the compiler warned about query_user_SINGLE() being declared and not used in console.c. This function, defined in console.h, should have been declared as 'static inline'. This also removes that warning. Signed-off-by: David Sommerseth ---

[Openvpn-devel] [PATCH] tun: Fix compiler warnings

Fixes two compiler warnings idetified by using CFLAGS=-O2 1) ifconfig_ipv6_remote is only used on Solaris, move the declaration and assignment of this variable into the TARGET_SOLARIS block. 2) Linux have it's own open_tun() function and does not depend on open_tun_generic() at all. So

Re: [Openvpn-devel] [PATCH] systemd: Improve the systemd unit files

Il 11/11/2016 14:35, David Sommerseth ha scritto: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 11/11/16 13:28, Samuli Seppänen wrote: >> This comes a bit late, sorry. >> >> Il 20/10/2016 23:42, David Sommerseth ha scritto: >>> There are several changes which allows systemd to take care

Re: [Openvpn-devel] [PATCH] systemd: Improve the systemd unit files

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/11/16 13:28, Samuli Seppänen wrote: > This comes a bit late, sorry. > > Il 20/10/2016 23:42, David Sommerseth ha scritto: >> There are several changes which allows systemd to take care of >> several aspects of hardening the execution of

Re: [Openvpn-devel] [PATCH] systemd: Improve the systemd unit files

On 11/11/16 13:09, debbie10t wrote: > Hi, > > following are the server and client systemd unit files > which work best for me. > > > Tested on: > Archlinux - OpenVPN 2.3.13 x86_64-unknown-linux-gnu - systemd 231 > CentOS 7 - OpenVPN 2.3.12 x86_64-redhat-linux-gnu - systemd 219 >

Re: [Openvpn-devel] [PATCH] systemd: Improve the systemd unit files

This comes a bit late, sorry. Il 20/10/2016 23:42, David Sommerseth ha scritto: > There are several changes which allows systemd to take care of several > aspects of hardening the execution of OpenVPN. > > - Let systemd take care of the process tracking directly, instead > of doing that via PID

Re: [Openvpn-devel] [PATCH] Don't deference type-punned pointers

On 11/11/16 13:14, David Sommerseth wrote: > On 28/09/16 13:08, Steffan Karger wrote: >> Fixes compiler warnings (undefined behavior) by making the copy >> explicit to comply to strict aliasing rules. With newer GCC the >> old code could actually lead to undefined behaviour. >> >> See e.g.

Re: [Openvpn-devel] [PATCH] Don't deference type-punned pointers

On 28/09/16 13:08, Steffan Karger wrote: > Fixes compiler warnings (undefined behavior) by making the copy explicit > to comply to strict aliasing rules. With newer GCC the old code could > actually lead to undefined behaviour. > > See e.g. http://blog.regehr.org/archives/959. > >

Re: [Openvpn-devel] [PATCH] systemd: Improve the systemd unit files

Hi, following are the server and client systemd unit files which work best for me. Tested on: Archlinux - OpenVPN 2.3.13 x86_64-unknown-linux-gnu - systemd 231 CentOS 7 - OpenVPN 2.3.12 x86_64-redhat-linux-gnu - systemd 219 Debian 8 - OpenVPN 2.3.13 x86_64-pc-linux-gnu -

Re: [Openvpn-devel] [PATCH applied] Repair topology subnet on OpenBSD

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ACK. Checked these changes against the FreeBSD 11 fixes. The changes puts the OpenBSD section well aligned with FreeBSD in do_ifconfig(), and it all makes sense from a code-review perspective. When also knowing the FreeBSD fix have been tested and

Re: [Openvpn-devel] [PATCHv2 4/4] Allow passing extra arguments to fping/fping6 in t_client.rc

On 11/11/16 09:53, Samuli Seppänen wrote: > Il 11/11/2016 09:58, Gert Doering ha scritto: >> Hi, >> >> On Fri, Nov 11, 2016 at 12:25:49AM +, debbie10t wrote: >>> On 08/11/16 13:50, sam...@openvpn.net wrote: From: Samuli Seppänen >>> +$cmd -b $bytes -C 20 -p

Re: [Openvpn-devel] [PATCHv2 4/4] Allow passing extra arguments to fping/fping6 in t_client.rc

Il 11/11/2016 09:58, Gert Doering ha scritto: > Hi, > > On Fri, Nov 11, 2016 at 12:25:49AM +, debbie10t wrote: >> On 08/11/16 13:50, sam...@openvpn.net wrote: >>> From: Samuli Seppänen >> >>> + $cmd -b $bytes -C 20 -p 250 -q $FPING_EXTRA_ARGS $targetlist >>>

Re: [Openvpn-devel] [PATCHv2 4/4] Allow passing extra arguments to fping/fping6 in t_client.rc

Hi, On Fri, Nov 11, 2016 at 12:25:49AM +, debbie10t wrote: > On 08/11/16 13:50, sam...@openvpn.net wrote: > > From: Samuli Seppänen > > > + $cmd -b $bytes -C 20 -p 250 -q $FPING_EXTRA_ARGS $targetlist > > >>$LOGDIR/$SUF:fping.out 2>&1 > > This allows