Re: [Openvpn-devel] OpenSSL 1.1 patch set - status?

Hi Emmanuel, On Mon, Mar 27, 2017 at 05:49:48PM +0200, Emmanuel Deloget wrote: > I'll post my new patches as soon as I get over every issues > that have been talked on the ML (is that even a valid > sentence?) I'm wondering where this got stuck - are you waiting for us to move forward (like,

Re: [Openvpn-devel] [PATCH] distro: Remove outdated RPM .spec file

On 18/05/17 22:37, Gert Doering wrote: > Hi, > > On Thu, May 18, 2017 at 09:20:15PM +0200, David Sommerseth wrote: >> Each RPM based distro have their own set of packaging guidelines. We >> don't adhere to any of them and we're bad at keeping this up-to-date. >> Rather let distros take care of

[Openvpn-devel] [PATCH] distro: Remove outdated RPM .spec file

Each RPM based distro have their own set of packaging guidelines. We don't adhere to any of them and we're bad at keeping this up-to-date. Rather let distros take care of this job. Signed-off-by: David Sommerseth --- distro/rpm/openvpn.spec.in| 248

[Openvpn-devel] [PATCH applied] Re: Fix gateway detection with OpenBSD routing domains

ACK, thanks. Sorry that it took so long, wanted to verify things and then it got lost. Since it's openbsd specific, I only did cursory checks ("the code looks sane and getrtable() is documented to do what you say"), but did not set up a system with non-0 routing tables. Your patch has been

[Openvpn-devel] [PATCH applied] Re: fix redirect-gateway behaviour when an IPv4 default route does not exist

ACK, thanks. For reference, this is the same patch as 14670a9d654b in master, just adapted to the different code style in 2.3. Tested on FreeBSD 11. Your patch has been applied to the release/2.3 branch. commit 0b339bf9588a8bca70b74926f03f8be05f06faa6 Author: Antonio Quartulli Date: Tue May

[Openvpn-devel] [PATCH applied] Re: Avoid a 1 byte overcopy in x509_get_subject (ssl_verify_openssl.c)

ACK (since it's the 2.3 patch from Guido, reformatted for 2.4/master) Slightly modified the commit message to refer to the 2.3 patch and to trac #890. Your patch has been applied to the master and release/2.4 branch. commit 3fbc9d2b1b1e75b227107057b92ce6b786b5bea1 (master) commit

[Openvpn-devel] [PATCH] dev-tools: Script generating the source releases in an automated fashion

As we've had an ugly blunder with the v2.3.15 release, this release tries to avoid making the same mistake once again. Plus it documents how we produce the source packages. Signed-off-by: David Sommerseth --- dev-tools/gen-release-tarballs.sh | 248

[Openvpn-devel] [PATCH applied] Re: Fix NCP behaviour on TLS reconnect.

Patch has been applied to the master and release/2.4 branch, with the soft/hard correction pointed out by Steffan. Thanks to everyone helping here. commit 5634cecf71ee9a92227bc9c8414c614d1b741abb (master) commit 13c05ca4e9da88ef30a778c16a97f0c0d767b448 (release/2.4) Author: Gert Doering Date:

Re: [Openvpn-devel] [PATCH] Fix NCP behaviour on TLS reconnect.

Hi, On 18-05-17 12:22, Gert Doering wrote: > If a client reconnects on a soft-restart from the same port (due to --bind > in use on the client), both sides will handle this as a "reconnect" and > not a "full new connect" internally, re-using existing crypto context. This is actually a "hard

[Openvpn-devel] [PATCH applied] Re: crypto: Enable SHA256 fingerprint checking in --verify-hash

Your patch has been applied to the master and release/2.4 branch. "Changes.rst" changes adjusted - this is no longer "new in 2.4.1" :-) commit 2193d7c08484d56ed07ba2e649abc2d08adcb245 (master) commit 5d5437710c282b1a60a892d1910160027a81db92 (release/2.4) Author: David Sommerseth Date: Thu May

[Openvpn-devel] [PATCH applied] Re: Make openvpn-plugin.h self-contained again.

ACK, thanks. Tested standalone compilation before/after. Your patch has been applied to the master and release/2.4 branch. commit cf9deedf425c945906d5cc482fb962796d21f123 (master) commit 37b3409681ee04b7cb7c246a7fd701a883e582e2 (release/2.4) Author: Matthias Andree Date: Mon May 15 23:48:45

[Openvpn-devel] [PATCH] Fix NCP behaviour on TLS reconnect.

If a client reconnects on a soft-restart from the same port (due to --bind in use on the client), both sides will handle this as a "reconnect" and not a "full new connect" internally, re-using existing crypto context. The client will still ask the server for pushed options, and the server code to

[Openvpn-devel] [PATCH applied] Re: Check for errors in the return value of GetModuleFileNameW()

ACK, thanks. This brings 2.3 in line with 2.4/master, which is good :-) Your patch has been applied to the release/2.3 branch. commit c18802e2e2c5b156d1b40dab255cea273131a96c Author: Selva Nair Date: Sun May 14 18:16:36 2017 -0400 Check for errors in the return value of

Re: [Openvpn-devel] security/openvpn23 tarball size mismatch

Am 16.05.2017 um 14:00 schrieb Renato Botelho: > On 16/05/17 08:54, Renato Botelho wrote: >> Hello Mathias, >> >> I was trying to get openvpn23 installed from quarterly branch and got >> the following error: >> >> root@buildbot1:/usr/local/poudriere/ports/pfSense_v2_3/security/openvpn23 >> # make