this silences this warning with GCC-4.3.8 at least. That said, I'm not
sure this is the best approach; it may hide other missing braces warnings
we should see.
--
kind regards,
David Sommerseth
OpenVPN Inc
From 1166081219e8623e32aeea93ddabd2937df36ef8 Mon Sep 17 00:00:00 2001
From: David Sommer
Without this patch, clang-5.0.1
spits out lots of warnings related to -Wno-stringop-truncation.
Acked-By: David Sommerseth
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-
hen with an unknown -W* argument (without the no- prefix)
$ gcc -o test test.c -Wall -Wnon-existing-flag
gcc: error: unrecognized command line option ‘-Wnon-existing-flag’
I think you said it pretty well in your mail:
> Darn compilers and darn -Werror
So your change does improve Clang ... I
meeting next Thursday (Nov
21 @ 20:00 CET, #openvpn-meeting on FreeNode [1]). I strongly recommend you
to attend this meeting to follow up your request.
[1] You need to have your nick registered to join
<https://freenode.net/kb/answer/registration&
On 12/11/2019 19:39, David Sommerseth wrote:
> On 09/11/2019 16:00, Gert Doering wrote:
>> Hi,
>>
>> On Sat, Nov 09, 2019 at 03:49:51PM +0100, Gert Doering wrote:
>>> wintun: add --windows-driver config option
>>>
>>> Signed-off-b
tes in our repo for similar situations or
clarifications.
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
this check not be moved to the postprocess checks? This will now
> only trigger is comp was first set, and allow-compression later in the
> config, not the other way around.
What about pushed options? It's too long time since I looked at the
n Return wether p has n (or at least n) parameters
> + */
> static bool
> man_need(struct management *man, const char **p, const int n, unsigned int
> flags)
There's something missing here ... like a description of the function.
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
buf_printf(, "%s\n", e->string);
>
These new lines breaks the coding style of spaces around '==' and after comma
in the strncmp() arguments, but so does the existing code. This needs to be
fixed, but lets handle that outside of this patch set.
Acked-By: David
extend these new functions with doxygen
comments on what these functions work. What information they parse, what they
expect of data, from where the data comes and how they respond/produce results.
Other than that, it looks good.
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
ef ENABLE_MANAGEMENT
This looks good, but the indenting of the #ifdef above is wrong; it should be
at the beginning of the line.
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
the patches from Lev updates the man page, but it should
when the merge finally happens.
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
*-*-openbsd*)
> AC_DEFINE([TARGET_OPENBSD], [1], [Are we running on OpenBSD?])
>
I have not tested this (don't have access to Solaris environments), but looks
like a reasonable solution.
Acked-By: David Sommerseth
--
kind regards,
David Sommerseth
OpenVPN Inc
signatu
t;) if up.remote is
NULL. And I suggest using the same format as found in other parts of the
OpenVPN logging ... "USERNAME/IP-ADDRESS". If IP address is not available,
use just "USERNAME".
If you have any questions or comments, feel free to reach out. And also feel
free to join the #openvpn-devel IRC channel on FreeNode; there are several of
us community and corporate developers there so it is a chance to get quicker
replies there (most of us are in the EU time zones).
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
commit ef2c7b2fa4fd9fae934e608e37dc8d98edbace5f
[3] Message-ID:
<https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17957.html>
--
kind regards,
David Sommerseth
OpenVPN Inc
----
David Sommerseth (1):
Documented all the argv
Added doxygen comments for all the functions in argv.c.
There are some slight refactoring, renaming a few variables to make
their use case more obvious and ensure lines do not break our 80-chars
per line coding style limit.
Signed-off-by: David Sommerseth
---
src/openvpn/argv.c | 251
so that it can
be used to actually reset the argv without re-allocation.
Signed-off-by: Heiko Hund
Signed-off-by: David Sommerseth
---
src/openvpn/argv.c | 81 ++--
src/openvpn/argv.h | 2 +-
src/openvpn/console_systemd.c| 2
t actually is
the ASCII "group separator" control character, which fits its
purpose).
This commit has been updated by David Sommerseth based on Arne
Schwabe and his own feedback on the mailing list.
Signed-off-by: Heiko Hund
Signed-off-by: David Sommerseth
---
v2 - Improved comments, to make
be in specific situations.
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
ll; even on 2.4.x
clients connecting to a server with this patch.
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourc
-off-by: David Sommerseth
---
src/openvpn/push.c | 2 ++
src/openvpn/ssl_common.h | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index dc1a536a..49b9d1be 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -39,7 +39,9
When building with --disable-management, the compiler complains with
implicit declaration of function ‘ssl_clean_auth_token’. This is due to
the ssl_clean_auth_token() function being declared inside an #ifdef
ENABLE_MANAGEMENT fence where it should not be.
Signed-off-by: David Sommerseth
A couple of places the documentation was not clear enough or not even
correct. Just improve this to avoid confusion later on.
Signed-off-by: David Sommerseth
---
src/openvpn/auth_token.h | 2 --
src/openvpn/ssl_common.h | 2 +-
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/src
./configure with --disable-server. Otherwise the existing patches works
fine.
The second patch, --disable-management fix, just fixes a long outstanding
compiler warning.
And the final patch with comment updates are just clarifications and
minor improvements.
David Sommerseth (3):
auth-token: Fix
anged, 270 insertions(+), 41 deletions(-)
This patch works ... but there are some comments which got ignored from the
previous patch review. I will send a patch for this, as this is mostly
documentation errors, not code errors.
So, I'll approve this now; these patches needs to be com
t this (and
the rest of the patches) passes compiling on our buildbot rig - including
--disable-server.
Acked-By: David Sommerseth
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
+++
> 2 files changed, 411 insertions(+), 1 deletion(-)
> create mode 100644 tests/unit_tests/openvpn/test_auth_token.c
Acked-By: David Sommerseth
This looks good now, and passes on my system.
--
kind regards,
David Sommerseth
OpenVPN Inc
_
| 6 ++
> src/openvpn/ssl_common.h | 10 +-
> src/openvpn/ssl_verify.c | 8
> src/openvpn/ssl_verify.h | 15 ++-
> 5 files changed, 24 insertions(+), 18 deletions(-)
Acked-By: David Sommerseth
This is identical to the previous version, just reference
ED ] 1 test(s), listed below:
[ FAILED ] auth_token_test_empty_user
1 FAILED TEST(S)
--
Seems like the verify_auth_token() call doesn't add
AUTH_TOKEN_VALID_EMPTYUSER flag. I didn't dive deep enough to try to
understand why.
--
kin
on.h | 10 +-
> src/openvpn/ssl_verify.c | 8
> src/openvpn/ssl_verify.h | 15 ++-
> 5 files changed, 24 insertions(+), 18 deletions(-)
>
Acked-By: David Sommerseth
This looks reasonable and the code does what it says. On my quick testing, I
managed to trigg
g out TUN_PASS_BUFFER with _WIN32 makes more sense.
Acked-By: David Sommerseth
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
asically was the first public commit after the 1.6.0
release. In my very quick look, not even once has the return value been used
since that time.
So this change makes sense. No need to have a return value which has not been
interesting since November 2004.
Acked-By: David S
getting a trust that you're going to be available also after WolfSSL
support is added is kind of the key point; to help maintaining both the
WolfSSL implementation but also helping out on a regular basis, especially on
the crypto side.
--
kind regards,
David Sommerseth
OpenVPN Inc
_
r_pass *up)
> /* setenv client real IP address */
> setenv_untrusted(session);
>
> +/* add auth-token environment */
> +add_session_token_env(session, multi, up);
> #ifdef PLUGIN_DEF_AUTH
>
--
This warning is not present when compiling with gcc-7.3.1, gcc-8.3.1,
clang-3.4.2 nor clang-5.0.1. So I'm blaming buggy/confused older GCC
compilers for this one.
Since I've tested and reviewed the rest in earlier rounds and the change from
previous version i sju
00",
> as long as it's "more than 1".
>
> Found and debugged by "mjo" in Trac.
>
> Trac: #1208
>
> Signed-off-by: Gert Doering
Acked-By: David Sommerseth
I agree with Antonio, and we should make it somewhat easier to modify. I'm
not sure if th
if using
./configure --with-crypto-library=mbedtls ... This should also be improved.
Other than that, the code looks reasonable at first glance (I have not compile
tested it yet)
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
a look at the journal integration
rsyslog provides - which can also include the additional meta-data:
<https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/s1-interaction_of_rsyslog_and_journal>
--
kind regards,
David Sommerseth
On 13/08/2019 23:46, Steffan Karger wrote:
> Hi,
>
> On 13-08-19 23:31, Antonio Quartulli wrote:
>> On 13/08/2019 23:26, David Sommerseth wrote:
>>> wouldn't it be better to
>>> do 'if (rgi6->iface[0])' instead? Since the buffer should be NULL
>>>
t size always "readable" - wouldn't it be better to
do 'if (rgi6->iface[0])' instead? Since the buffer should be NULL terminated
and has to be NULL terminted for strlen() to function anyhow. But the
compiled code would be a bit more efficient (even though, this isn't
necessarily a pe
on.h | 10 +-
> src/openvpn/ssl_verify.c | 8
> src/openvpn/ssl_verify.h | 15 ++-
> 5 files changed, 24 insertions(+), 18 deletions(-)
>
There's a typo in the subject line (Sent -> Send), otherwise this is fine and
works as expected.
Acked-by: Davi
n':
.../OpenVPN/openvpn/tests/unit_tests/openvpn/../../../src/openvpn/auth_token.c:299:
undefined reference to `openvpn_base64_decode'
-
In addition comes the warnings I've already reported in a prior patch.
--
kin
^~~
auth_token.c:234:36: note: format string is defined here
"current timestamp (%lld). Broken/unsynchronised clock?",
~~~^
%ld
----
Other than these issues, th
> src/openvpn/options.h | 11 +++-
> tests/t_lpback.sh | 8 +--
> 10 files changed, 151 insertions(+), 97 deletions(-)
>
Acked-by: David Sommerseth
Looks good now, 'make check' passes and behaviour is more consi
x_overhead(void);
[]> +/**
> + * Generate ephermal key material into the key structure or if
^
This comment don't need those two last words, but that can be fixed during
commit time.
Acked-By: David S
cation which is really outweighing the
> benefit of a local build today - so, use the system-wide installation
> if available (querying pgk-config). Do not build unit-tests otherwise.
>
> v2: (inspired by patch from David Sommerseth)
> introduce "configure --disable-unit-test&q
| 6 +-
> tests/unit_tests/openvpn/Makefile.am | 2 ++
> tests/unit_tests/openvpn/test_networking.c | 16
> 3 files changed, 3 insertions(+), 21 deletions(-)
Only glared at the code changes, and it makes sense after some clarifications
on IRC.
Acked-by: Davi
goto cleanup;
> @@ -708,7 +717,7 @@ tls_crypt_v2_write_client_key_file(const char *filename,
> struct buffer test_wrapped_client_key;
> msg(D_GENKEY, "Testing client-side key loading...");
> tls_crypt_v2_init_client_key(_client_key, _wrapped_client_key,
> -
key));
> +return true;
> + }
> +else
> +{
> +return read_pem_key_file(key, pem_name, key_file, key_inline);
> +}
> +}
> +
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
notnull(options->shared_secret_file,
> -"shared secret output file (--secret)");
> +if (options->shared_secret_file && options->genkey_filename)
> +{
> +msg(M_USAGE, "You must provide a filename to either --genkey or
> --secret, not both");
> +}
By removing support for --genkey with --secret, this check need to moved
outside this if() scope and check whether --secret and --genkey are both
present.
Otherwise, this patch looks reasonable.
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
enge, just need to fully grasp the
C++ template complaint and find a fix which also doesn't break 64 bit.
Btw ... (and I'm NOT pointing fingers) .. but these kind of questions are
usually better suited for openvpn-devel mailing list (on Cc).
--
kind regards,
David Sommerseth
Op
openvpn2 and openvpn3 also
provides --help screens, and openvpn3 also provides that for each
"command" you give to it, like openvpn3 session-manage --help.
If you have any questions, issues, comments, suggestions, etc ... please get
in touch!
--
kind regards,
David Sommerseth
O
openvpn3-linux-6_beta.tar.xz.asc
git references -
git tag: v6_beta
git commit: e6c66892ba0868206d558ad8b81351140c1195b4
Changes from v5 to v6 ------
David Sommerseth (12):
build: Add sitnl debug m
e should
definitely have some wiki pages under https://community.openvpn.net/ related
to how to prepare a good setup for performance testing.
--
kind regards,
David Sommerseth
OpenVPN Inc
> ср, 15 мая 2019 г. в 18:49, Lev Stipakov <mailto:lstipa...@gmail.com>>:
>
>
in vendor/ from an unpacked
tarball.
With this fix the cmocka unit tests can also run from tarballs, with
manually extracting/fetching the cmocka source code in vendor/cmocka.
This patch is a backport of git master commit 19a22ac5a8673e8715.
Signed-off-by: David Sommerseth
Cc: Steffan Karger
in particular when graphical mail clients
- including webmails.
The alternative is to either submit the patch as an attachment, or use the
more preferred 'git send-email' approach where it will connect to your SMTP
server of your preference and send the patch properly formatted.
--
kind regar
in vendor/ from an unpacked
tarball.
With this fix the cmocka unit tests can also run from tarballs, with
manually extracting/fetching the cmocka source code in vendor/cmocka.
Signed-off-by: David Sommerseth
8<8<8<8<8<8<8<8<8<--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Acked-By: David Sommerseth
This didn't break anything on my systems, and changes makes sense.
I spotted another fix also sneaked in, replacing the incorrect
OPTIONAL_PKCS11_{LIBS,CFLAGS} with the correct
OPTIONAL_PKCS11_HELPER_{LIBS,CFLAGS
ly
wonder about the value here. You can always argue that it's just a text file
laying there if not being used, but we also want to avoid "dead files" in our
repository.
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description:
in release/2.4. The contents is the same as git master,
as it is still valid for v2.4.
Signed-off-by: David Sommerseth
---
v2 - Fixing incorrect OpenSSL version dependency
---
INSTALL | 104 +++-
1 file changed, 65 insertions(+), 39 deletions
alternatives were scarce :(
Is this a Windows only issue? Or is it present on other platforms as well?
If it's Windows only, I think we can get around it by patching it and ensuring
upstream is aware of this. But if it is more platforms, patching
pkcs11-helper gets nasty quickly.
--
kind regards,
--
git tag: v5_beta
git commit: 16dd2acdf3343e6180e005a229dbd4bd40c9f644
Changes from v4 to v5 --
Arne Schwabe (2):
Rename bash completion script
build: Allow configure.ac also to work with submodules
all - expecting the server to push
a sane cipher - the current behaviour will to NOT warn about a weak cipher.
Is that correctly understood?
In general, I don't mind annoying/scaring users that they use an insecure
cipher - no matter if it is through direct or indirect (pushed) configuration
opti
The INSTALL file contained several minor errors, typos and was generally
not up-to-date in regards to what ./configure provides today. In
addition, several URL references have moved around to new homes.
Signed-off-by: David Sommerseth
---
This is just a backport of git master 6099ab67122429c0
The INSTALL file contained several minor errors, typos and was generally
not up-to-date in regards to what ./configure provides today. In
addition, several URL references have moved around to new homes.
Signed-off-by: David Sommerseth
---
INSTALL | 104
es
commit 57ec6cec85b92e6af35a7871d105d84a753d6549 (master)
commit f6a447cb42c097a2b35f55d3ca3e1a4be46738c6 (release/2.4)
Author: David Sommerseth
Date: Wed Feb 20 14:19:06 2019 +0100
cleanup: Remove RPM openvpn.spec build approach
Signed-off-by: David Sommerseth
Acked-by: Gert Doering
_SESSION_HANDLE_INVALID), it seems the locking
being disabled with using pkcs11h_setForkMode(FALSE) still breaks something
along the way.
On the positive side, the "hang" we experience without this patch is gone.
But I can't claim this being a proper fix as it is currently :-/
--
kind re
looks much better. It would get an ACK from me without much fuzz.
Thanks!
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https:
8e3f7aa7aecae6
Changes from v3 to v4 --
Arne Schwabe (2):
build: Allow GIT_CHECKOUT also to work with submodules and out of dir git
repos
contrib: Add Jenkins build file
David Sommerseth (49):
exceptions: Clean up, simplify and unify
p
information of the OpenVPN packages they provide. Linux
distributions is most likely much better at keeping the packaging
up-to-shape much better than we.
Signed-off-by: David Sommerseth
---
.gitignore | 1 -
INSTALL| 47 +++---
configure.ac
-
If execve() fails, the exit code is 127. That would normally be caught by the
waitpid() later on and this exit code would be returned by openvpn_execve().
This should be improved in a separate patch though, but is not of high
urgency. I
ret_file)
> +{
> +msg(M_USAGE, "--auth-gen-token-secret-genkey requires a server
> key "
> +"to be set via --auth-gen-token-secret to create a shared
> secret");
> +}
> +auth_token_write_server_key_f
msg(M_INFO, "--auth-token-gen: auth-token from client expired");
Feature-ACK! Code change looks sane, but need to test this more carefully -
where it would be good to have the changes from previous comments implemented.
But, we should fix the incorrect msg() above. It should say
ts in authentication success.
In this case, why can't the auth backend do everything?
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
On 08/02/2019 15:50, Arne Schwabe wrote:
> Am 08.02.19 um 13:30 schrieb David Sommerseth:
>> On 22/01/2019 16:03, Arne Schwabe wrote:
>>> From: Arne Schwabe
>>>
>>> This is useful for features that can use either a persistent
>>> or an ephemeral key.
ey need to fix
their configs".
But I also got lots of complaints from Fedora users when we changed
_incorrect_ configurations to fail in similar ways. It's just amazing how few
users who really *read* their log files. So with this in mind, I think this
behavioural change should go in 2.5 only.
INLINE_FILE_TAG))
> +if (key_file && strcmp(key_file, INLINE_FILE_TAG))
Is this fixing a bug? I'd recommend putting such fixes in a separate commit.
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
820538bec38c790c7ffa7a86f045e33ffb300819e912d4df4d01db2ff3fab
openvpn3-linux-2_beta.tar.xz
b0a1659998bdfb8a5f7bf904be6abe5ec7ac21fcd16872298b9c2f8aaccd2453
openvpn3-linux-2_beta.tar.xz.asc
-
---- Changes from v2
On 04/01/2019 18:32, Bernhard Schmidt wrote:
> Am 04.01.19 um 17:25 schrieb David Sommerseth:
>
> Hi everyone,
>
>> Okay, I was a bit unclear. The approach used with openvpn.service and
>> openvpn@.service are broken by (Debian) design. Quite many users have
>&g
On 02/01/2019 07:35, Samuli Seppänen wrote:
> Hi,
>
> Il 31/12/18 01:08, David Sommerseth ha scritto:
[...snip...]
>> And IIRC, we managed to get the new unit files into the Debian openvpn 2.4
>> package. And I just hope that they are updated with whatever we provi
ng. The reason
you'll find the b0rken unit files in the upstream Debian packages is to not
break old existing installs. Which is nice, just that it behaves broken
regardless.
So if anyone is in doubt ... UPGRADE to the openvpn-{server,client}@.service
unit files ASAP.
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
than the one we ship here.
[0] <https://src.fedoraproject.org/rpms/openvpn/tree/epel7>
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.
ributors to "run your changes
through uncrustify before sending patches" will definitely help.
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Op
g and closing.
Your patch has been applied to the master branch
commit f57431cdc88f22fa4d7962946f0d3187fe058539
Author: Gert Doering
Date: Fri Nov 30 14:56:41 2018 +0100
uncrustify openvpn/ sources
Signed-off-by: Gert Doering
Acked-by: David Sommerseth
Message-Id: <20181130
/ sources
Signed-off-by: Gert Doering
Acked-by: David Sommerseth
Message-Id: <20181130135641.11533-2-g...@greenie.muc.de>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17971.html
Signed-off-by: David Sommerseth
- --
kind regards,
Uncrustify sample-plugin sources according to code style
Signed-off-by: Gert Doering
Acked-by: David Sommerseth
Message-Id: <20181130135641.11533-1-g...@greenie.muc.de>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17969.html
Sign
_restart_ dbus-daemon on a running system, it
might make your system misbehave afterwards)
--
kind regards,
David Sommerseth
OpenVPN Inc
--- a/openvpn3-core/openvpn/mbedtls/ssl/sslctx.hpp.orig 2018-12-07 23:35:14.288411887 +0100
+++ b/openvpn3-core/openvpn/mbedtls/ssl/sslctx.hpp 2018-1
pendently without really breaking
anything.
With all that said: Thank you for valuable feedback regardless. And your
feedback on changing the "change of MTU" on Windows prior to Vista was gold!
For the rest of your points, I believe Lev has followed well up on those.
--
k
e, local, 0, remote , true);
Of course, the 'true' could be a variable, but I don't see the real benefit of
making net_addr_v4_add() implemented wit different modes. Especially when the
"broadcast" and "peer" passing would most likely go via a shared variable.
And it wouldn't make it cleared if peer and remote was separate arguments
either; as only one of them can be present at the same time.
So from code clarity, I like the distinction via the function names instead.
It is more straight to the point for me.
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
-by: Antonio Quartulli
Message-Id: <1540208715-14044-3-git-send-email-steffan.kar...@fox-it.com>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17791.html
Signed-off-by: David Sommerseth
- --
kind regards,
David Sommerseth
-BEGIN PGP SIG
-by: Steffan Karger
Acked-by: Antonio Quartulli
Message-Id: <1540208715-14044-4-git-send-email-steffan.kar...@fox-it.com>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17790.html
Signed-off-by: David Sommerseth
- --
kind regards,
David Somm
Quartulli
Signed-off-by: Steffan Karger
Acked-by: Antonio Quartulli
Message-Id: <1540208715-14044-6-git-send-email-steffan.kar...@fox-it.com>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17789.html
Signed-off-by: David Sommerseth
- -
ge.net/msg17788.html
Signed-off-by: David Sommerseth
- --
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBCgAGBQJb00cGAAoJEIbPlEyWcf3yqDcQAIYM7yxuxEGe75SoMJtsDlRH
WuL2iz37ocScWBRNVZBoHJgQZ7B5BOiajDwadbuzkgPuLFQmrKc7MHm2t3
Karger
Acked-by: Antonio Quartulli
Message-Id: <1540208715-14044-5-git-send-email-steffan.kar...@fox-it.com>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17787.html
Signed-off-by: David Sommerseth
- --
kind regards,
David Sommerseth
-BEG
message explaining early TLS client hello failure
Signed-off-by: Arne Schwabe
Acked-by: Steffan Karger
Message-Id: <20180926120159.19874-1-a...@rfc2549.org>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17491.html
Signed-off-by: David Somm
Acked-by: Antonio Quartulli
Message-Id: <1540208715-14044-2-git-send-email-steffan.kar...@fox-it.com>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17792.html
Signed-off-by: David Sommerseth
- --
kind regards,
David Sommerseth
-BEGIN PGP SIG
_callback();
> }
Is there any reasonable reason we keep this simple wrapper function? The
users of it is very limited and I struggle to see the value of it. Can't we
just wipe this out out? This has been unchanged since the initial BETA21 SVN
branch dating back to 2005. I struggle to s
g OpenBSD
4.9 support.
I suggest the comment below the #ifdef _WIN32 to be something like:
/*
* openvpn_swprintf() is currently only used by Windows code paths
* and when enabled for all platforms it will currently break
* OpenBSD 4.9 which lacks vswprintf(3) support in its libc.
*/
--
kind regards,
Da
not leak any
information to third-parties. There might be others too, but this is one I've
been playing with some other places earlier.
[1] <https://matomo.org/>
--
kind regards,
David Sommerseth
OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
On 19/10/18 17:56, David Sommerseth wrote:
> From: Heiko Hund
>
> With the private gc_arena we do not have to allocate the strings
> found during parsing again, since we know the arena they are
> allocated in is valid as long as the argv vector is.
>
> Signed-off-by: Hei
301 - 400 of 2018 matches
Mail list logo