Re: [Openvpn-devel] [PATCH] cppcheck finding: add "ASSERT( maxoutput > 0 || separator != NULL )" to prevent possible null pointer derefence

> > Hello, > > this defect was found by cppcheck, however cppcheck still complains. > so, we did not make it happy yet. > > I think, the best would be split this function into 2 separate functions > (with either null argument) or leave it like that. Unrelated to an actual fix, IMHO we should

Re: [Openvpn-devel] Time to change the default cipher?

Hi > On Mon, Aug 29, 2016 at 08:45:52PM +0200, Jan Just Keijser wrote: >> uhoh: https://sweet32.info/ >> >> shall we change the default cipher in the master tree to AES-256 (if not >> done so already) ? > > […] > OTOH, what we could do is: indeed *change+ the default, and add a big fat >

Re: [Openvpn-devel] [PATCH (master)] Drop gnu89/c89 support, switch to c99

Hi all, hopefully this message is not completely garbled by Apple Mail ... > > > […] > > Just some more benchmarks. I just compiled successfully with -std=c99 > on an old Scientific Linux 6.5 (RHEL 6.5 clone) I found. Another > important detail, RHEL5 will reach the "End of Production"

Re: [Openvpn-devel] [PATCH (master)] Drop gnu89/c89 support, switch to c99

Hi all, hopefully this message is not completely garbled by Apple Mail ... > > > […] > > Just some more benchmarks. I just compiled successfully with -std=c99 > on an old Scientific Linux 6.5 (RHEL 6.5 clone) I found. Another > important detail, RHEL5 will reach the "End of Production"

Re: [Openvpn-devel] [PATCH] Another fix related to unit test framework

> >> IMO, the unit testing patches shouldn't have been merged into the release >> branch > > I have discussed this with David (after the fact, meh) and we couldn't > really come to an conclusion on this - but since you and Jens now both > argue that way (and especially Jens as the original

Re: [Openvpn-devel] travis-ci (smoke testing)

Hi > > Hello, > > I was impressed by unit testing efforts, so I suggest to implement something > like that > > https://travis-ci.org/chipitsine/openvpn/builds/135318558 > > > ( https://github.com/OpenVPN/openvpn/pull/52 >

Re: [Openvpn-devel] [PATCH] Another fix related to unit test framework

… > IMO, the unit testing patches shouldn't have been merged into the release > branch I agree. This patch was in retrospective clearly not ready for a release branch. A lot of people spend time to hot fix a broken build. My root cause analysis boils down to: Developers cannot detect

Re: [Openvpn-devel] [PATCH 1/2] Refactor t_client.sh

... > > The buildmaster part is not documented anywhere. I have shared the master > config once when someone requested it - there is nothing inherently private > in there, once the passwords are removed. Setting up buildmaster + > buildslaves could definitely be automated, but it would be a

Re: [Openvpn-devel] [PATCH 1/2] Refactor t_client.sh

Hi, > I'd prefer to keep the actual buildslave infrastructure private, with access > granted to only a select few. We already get email notifications to a public > list for each build failure. Is there some kind of instruction to “reproduce” the build infrastructure? Some kind of document or

Re: [Openvpn-devel] [PATCH 1/2] Refactor t_client.sh

Gert, Samuli […] > > My buildbots test on "all the BSDs" (Free, Net, Open, and they have a > /bin/sh which is "It only supports features designated by POSIX plus a few > Berkeley extensions") and OpenSolaris 11 (ksh93). Samuli's buildbot > test on various Linux variants, so "dash" should

Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM

Hi Gert, openssl is a joy to work with :-/ [snip] > Ceterum censeo: I acknowledge that something is funny here, but I do not > think it's OpenVPN's fault (otherwise it should show up for me), so not > much we can do about it. A broken ssl library and openvpn - What could possibly go wrong?

Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM

Hi Gert, > Hi, > > On Sat, May 21, 2016 at 07:05:01PM +0200, Jens Neuhalfen wrote: >> ./t_lpback.sh fails with AES-GCM mode on Solaris 11. CRYPTO_gcm128_setiv >> from libcrypto seems to jump into NULL pointer country. > > Oh, interesting. My OpenSSL on th

[Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM

Hi, ./t_lpback.sh fails with AES-GCM mode on Solaris 11. CRYPTO_gcm128_setiv from libcrypto seems to jump into NULL pointer country. This is currently no issue for me, but in case anyone cares I put the coredump on https://www.neuhalfen.name/__downloads__/openvpn/core_solaris11_aes-gcm_crash

Re: [Openvpn-devel] [PATCH 1/2] Refactor t_client.sh

Hi Gert, [snip] > Generally speaking, I'm in favour of reworking t_client.sh and making > the output more readable, etc. - it was a quick hack, and more polishing > would be welcome. > > I'm not exactly sure about the shell constructs you use, specifically > arrays and varaible declarations -

Re: [Openvpn-devel] Test documentation: What does t_cltsrv.sh do?

Gert, please be so kind and review this README intended to go in openvpn/tests OpenVPN tests = OpenVPN utilizes three types of tests * Unit testing with cmocka * Loopback integration testing * VM/Server based integration testing ## Unit testing Unit testing is described in

Re: [Openvpn-devel] [PATCH] Prevent integration test timeout bc. of sudo

Hi Gert, […] > > Git isn't liking the way you send your patches - I'll apply it manually > (because it makes sense), but please take a look at "git send-email", > which will ensure that patches and mail headers, blank encoding, and > everything is perfect? > > If I try to feed your mail into

[Openvpn-devel] [PATCH] Prevent integration test timeout bc. of sudo

From 885471cf0c9918a8a7edbae2b8985e2321aff739 Mon Sep 17 00:00:00 2001 From: Jens Neuhalfen <j...@neuhalfen.name> List-Post: openvpn-devel@lists.sourceforge.net Date: Sun, 8 May 2016 18:17:48 +0200 Subject: [PATCH] Prevent integration test timeout bc. of sudo Integration tests run by t_cli

Re: [Openvpn-devel] automatically close PR

Hi Ilya, > > > Hello, > > it is not very ethical to allow people to open PR in order to say later "hey, > you know, we do not accept PR” Thanks for bringing that up! > > I suggest to enable https://nopullrequests.appspot.com/ > on

Re: [Openvpn-devel] SPAM on trac

AND some (all?) pages have attachments that are very likely malicious! > On 29 Apr 2016, at 16:13, Jens Neuhalfen <openvpn-de...@neuhalfen.name> wrote: > > My bad - the 3 year old change was the creation of the index age. I fact the > SPAM stems from lots of subpages created

[Openvpn-devel] [PATCH] ignore the local config file t_client.rc in git

From e343a78173ad2b3d31384ece1e7fe245215a5c72 Mon Sep 17 00:00:00 2001 From: Jens Neuhalfen <j...@neuhalfen.name> List-Post: openvpn-devel@lists.sourceforge.net Date: Fri, 29 Apr 2016 13:16:36 +0200 Subject: [PATCH] ignore the local config file t_client.rc in git t_client.rc is a config fil

Re: [Openvpn-devel] [PATCH 1/2] add test servers to use with t_client.sh

Hi everyone, I reworked the scripts, and put them in a PR for comments: https://github.com/OpenVPN/openvpn/pull/45 <https://github.com/OpenVPN/openvpn/pull/45> cheers Jens > On 23 Apr 2016, at 17:48, Jens Neuhalfen <openvpn-de...@neuhalfen.name> wrote: > > Hi, > &g

Re: [Openvpn-devel] Request for comment: Adding unit tests to openvpn

/OpenVPN/openvpn/pull/44 <https://github.com/OpenVPN/openvpn/pull/44> As always: I’ll send the patches to the list, after I got some comments (or per request). Cheers Jens > On 27 Apr 2016, at 20:55, Jens Neuhalfen <openvpn-de...@neuhalfen.name> wrote: > > Hi, >

Re: [Openvpn-devel] [PATCH] auth-pam:Fix buffer overflow by user supplied data

Hi Gert, […] *sigh*. Thanks for finding out && providing the patch! Learning: Try on multiple machines (It “compiles on my machine [Mac]” apparently is not enough) My test vm (precise) fails with the same error. Jens > While this looks totally reasonable, it does not compile... both in >