Re: [Openvpn-devel] [PATCH] Enable TCP_NODELAY configuration on FreeBSD.

Am 12.01.2013 21:13, schrieb Gert Doering: > Hi, > > On Sat, Jan 12, 2013 at 01:41:17PM +0100, Matthias Andree wrote: >> The missing #include causes a defined(TCP_NODELAY) to >> fail. I have added the patch to the FreeBSD ports OpenVPN 2.2.2 and >> 2.3.0, and confirm

Re: [Openvpn-devel] fix build with automake 1.13(.1)

Am 08.01.2013 09:39, schrieb Christian Hesse: > AM_CONFIG_HEADER has been deprecated for some time, finally it is removed on > automake 1.13. The attached patch replaces it with AC_CONFIG_HEADERS and > fixes build process with latest automake. Please apply. ACK. signature.asc Description:

Re: [Openvpn-devel] OpenVPN 2.3.0 released

Am 08.01.2013 15:14, schrieb Samuli Seppänen: > The OpenVPN community project team is proud to release OpenVPN > 2.3.0. It can be downloaded from here: > > > > This release includes two bug fixes. A full list of changes is available >

[Openvpn-devel] [PATCH] Enable TCP_NODELAY configuration on FreeBSD.

Listening for incoming TCP connection on [undef] Sat Jan 12 13:39:18 2013 Socket flags: TCP_NODELAY=1 succeeded Obtained from: https://community.openvpn.net/openvpn/ticket/158 Credits to: M. Nottebrock Signed-off-by: Matthias Andree <matthias.and...@gmx.de> --- src/openvpn/syshead.h | 4

Re: [Openvpn-devel] configure patch for MacOS 10.7

Am 07.02.2012 11:24, schrieb Gert Doering: > Hi, > > I'm forwarding this "as-is", as I do not have enough understanding of > autoconf to say whether this is necessary, or "the right fix" - but > anyway, I've been told that this is needed to make our configure > behave on MacOS 10.7. Looks

[Openvpn-devel] [PATCH] Skip rather than fail test in addressless FreeBSD jails.

Signed-off-by: Matthias Andree <matthias.and...@gmx.de> --- t_cltsrv.sh |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/t_cltsrv.sh b/t_cltsrv.sh index 808d719..5bcbfc7 100755 --- a/t_cltsrv.sh +++ b/t_cltsrv.sh @@ -33,7 +33,7 @@ case `uname -s` in

Re: [Openvpn-devel] [PATCH] Further improvements to plugin support:

Am 07.07.2011 10:19, schrieb Adriaan de Jong: > - Renamed struct entries to explicitly show them as disabled > - Added a warning if USE_SSL is enabled, but neither ssl_verify_openssl.h or > ssl_verify_polarssl.h is included > - If neither of those files is included, disable ssl support for a

Re: [Openvpn-devel] [PATCH] Fixes for the plugin system:

Am 07.07.2011 09:27, schrieb Adriaan de Jong: > - Removed the dependency on an SSL library for USE_SSL when creating non-SSL > plugins > - Fixed example plugin code to include USE_SSL when needed > > Signed-off-by: Adriaan de Jong > diff --git a/openvpn-plugin.h

Re: [Openvpn-devel] [PATCH] Fixes to easy-rsa/2.0

Am 01.07.2011 10:26, schrieb David Sommerseth: > Agreed, and we decided yesterday in the developers meeting to remove 0.9.6 > support. However we found it better to remove that support first in > OpenVPN 2.3, as we will then go through the source code and remove all > 0.9.6 related stuff in the

Re: [Openvpn-devel] [PATCH] Fixes to easy-rsa/2.0

Am 30.06.2011 09:59, schrieb sam...@openvpn.net: > From: Samuli Seppänen > > As support for OpenSSL 1.0.0 requires a modified openssl.cnf file, it was > decided to rename openssl.cnf to openssl-1.0.0.cnf for clarity and better > support of different OpenSSL versions. The old

Re: [Openvpn-devel] [PATCH] fix 2.2.0 build failure when management interface disabled

and that is obviously only needed if management > is enabled. > > So: ACK from me. > > Samuli: we need buildbot variants with/without management, it seems... Cutting down complexity (i. e. cutting out branches in the decision and/or option trees) is going to help more than just trying to cure the symptoms. -- Matthias Andree

Re: [Openvpn-devel] [PATCH 1/1] Fix warning: format not a string literal and no format arguments

Good catch, patch approved. -- Matthias Andree

Re: [Openvpn-devel] configure not finding lzo (Solaris, NetBSD)

th-lzo-lib=..." - but I still wonder if > life shouldn't be easier for the 95%-case on a given distribution. The 95% case on a given distribution is that the distributor packages OpenVPN and the user doesn't care beyond that point. > "If other packages can get this automatically, why do we need switches > for OpenVPN"? Document that and be done. It helps the user much more than convenience hacks. -- Matthias Andree

Re: [Openvpn-devel] configure not finding lzo (Solaris, NetBSD)

; fixed? Same story on FreeBSD. Should be fixed, but those fixes likely belong into autoconf proper, rather than each and every package that uses autoconf. Such workarounds don't belong into OpenVPN. Until that time, passing CPPFLAGS and LDFLAGS on the ./configure command line like ./configure CPPFLAGS=-I/usr/local/include LDFLAGS=-L/usr/local/lib would do the trick. -- Matthias Andree

Re: [Openvpn-devel] OpenVPN documentation (man page) review

t; little bit more as well. And needs to be system-specific in that very instant because the tools are. > Another thing, just as a side note, easy-rsa could really use a man page > as well. True enough, but better placed in a separate thread on the lists, and I suppose you'll collect volunteers much more easily for this much smaller project :) -- Matthias Andree

Re: [Openvpn-devel] OpenVPN documentation (man page) review

ually reduces confusion this way. Basically what you want is more (a) a concise HOWTO (more or less in place on the website), and (b) an exhaustive reference, no? -- Matthias Andree

Re: [Openvpn-devel] further mysnprintf discussion (was: Summary of the IRC meeting (6th Jan 2011))

ts #include "..."-d by buffer.c and by service-win32/openvpnserv.c, then at least you don't have the headaches to remember to change two places when fixing a bug. HTH & best regards -- Matthias Andree

Re: [Openvpn-devel] bugfix2.1: automake support for plugin build

gt; LDFLAGS are hard-coded (which is very bad program practice by the way) > in a propriety Makefile as is the case with the OpenVPN plugins. Which means that it's still somehow in your build. -- Matthias Andree

Re: [Openvpn-devel] bugfix2.1: automake support for plugin build

Am 06.01.2011 21:42, schrieb Mr Dash Four: > >> I suppose you need to modify the .spec file to make sure you're running >> autoreconf twice up front (or libtoolize, aclocal, autoconf, automake, >> possibly autoheader). >> >> Note you'll want to remove the .la files from the destdir, and list the

[Openvpn-devel] bugfix2.1: automake support for plugin build

Greetings, following up the "[OpenVPN 2.1.4 BUG]: hard-coded values in Makefiles for down-root and auth-pam plugins prevent cross compilation" bug, I am providing patches for review and test in cross-compilation environments. I have tested these on native compiles with Ubuntu Linux 10.10 32-bit,

[Openvpn-devel] [PATCH 2/2] Hook auth-pam and down-root to the build.

y link the plugin +dnl statically, but I suppose that takes changes to plugin.? code, +dnl too. -- Matthias Andree, 2011-01-06 if test "${WIN32}" = "yes"; then AC_ARG_VAR([MAN2HTML], [man2html utility]) @@ -379,7 +385,9 @@ if test "${WIN32}" != "yes&q

[Openvpn-devel] beta2.2: automake support for plugin build

Greetings, this is the beta2.2 patch pair for hooking the auth-pam and down-root plugins to the build. The bugfix2.1 patch pair has been sent earlier. Looking for review, ACK and NAK. Best regards Matthias

[Openvpn-devel] [PATCH 1/2] Cleanup: move AC_GNU_SOURCE to quench autotools warnings.

--- configure.ac |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/configure.ac b/configure.ac index e30f990..e1ca65e 100644 --- a/configure.ac +++ b/configure.ac @@ -32,6 +32,7 @@ AC_CONFIG_SRCDIR(syshead.h) dnl Guess host type. AC_CANONICAL_HOST +AC_GNU_SOURCE

[Openvpn-devel] [PATCH 1/2] Cleanup: move AC_GNU_SOURCE to quench autotools warnings.

--- configure.ac |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/configure.ac b/configure.ac index 4777108..529abd3 100644 --- a/configure.ac +++ b/configure.ac @@ -32,6 +32,7 @@ AC_CONFIG_SRCDIR(syshead.h) dnl Guess host type. AC_CANONICAL_HOST +AC_GNU_SOURCE

[Openvpn-devel] [PATCH 2/2] Hook auth-pam and down-root to the build.

o plugin.? code, +dnl too. -- Matthias Andree, 2011-01-06 if test "${WIN32}" = "yes"; then AC_ARG_VAR([MAN2HTML], [man2html utility]) @@ -373,7 +379,9 @@ if test "${WIN32}" != "yes"; then netinet/tcp.h arpa/inet.h dnl

Re: [Openvpn-devel] [PATCH] Changed snprintf to _snprintf in service-win32/openvpnserv.c

Am 05.01.2011 14:21, schrieb Samuli Seppänen: > This fixes a generic Windows/VC++ issue: > > > > Does this change affect the automake/gcc-based Windows builds? NAK. Do not mess with the

Re: [Openvpn-devel] [OpenVPN 2.1.4 BUG]: hard-coded values in Makefiles for down-root and auth-pam plugins prevent cross compilation

Am 30.12.2010 22:04, schrieb Mr Dash Four: > >> I think it would be good to integrate this with automake if the whole >> setup is >> to be integrated and these plugins are supposed to be built more or >> less officially. >> > Yep, that's what I meant. Better still, autogen can be utilised to

Re: [Openvpn-devel] [OpenVPN 2.1.4 BUG]: hard-coded values in Makefiles for down-root and auth-pam plugins prevent cross compilation

Am 26.12.2010 18:32, schrieb Mr Dash Four: > Due to the fact that I have spent the last two and a half hours trying > to find a place where to submit a bug report via the Trac system > (https://community.openvpn.net/openvpn) - and failing, miserably so - I > am submitting it here! > > In this

Re: [Openvpn-devel] [Patch] OpenVPN PolarSSL Support Preview [7/8]

> > Having the branch in git allows iterating over the commits with great > ease. OTOH, Adriaan has the patches in Mercurial Queues for now, so let's not waste time discussing this over and over again. :) -- Matthias Andree

Re: [Openvpn-devel] [Patch] OpenVPN PolarSSL PKCS #11 Support Preview [8/8]

I'm holding off > until I get the go ahead on the stability of the tree though :). Hi Adriaan, I seem to recall that Mercurial also has some kind of email command or extension, however, I don't know if plays together with MQ. HTH -- Matthias Andree

Re: [Openvpn-devel] [Patch] OpenVPN PolarSSL PKCS #11 Support Preview [8/8]

ree to ask details if you can't get to terms with the Git tutorials or my comments. Best regards -- Matthias Andree

Re: [Openvpn-devel] [PATCH] Remove excess semicolon (invalid C99).

Am 04.12.2010 14:02, schrieb Matthias Andree: > Signed-off-by: Matthias Andree <matthias.and...@gmx.de> > --- > misc.h |2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) This applies to the beta2.2 branch and affects this code section: 138 139 static

[Openvpn-devel] [PATCH] Remove excess semicolon (invalid C99).

Signed-off-by: Matthias Andree <matthias.and...@gmx.de> --- misc.h |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/misc.h b/misc.h index 3f22ca0..f449601 100644 --- a/misc.h +++ b/misc.h @@ -143,7 +143,7 @@ openvpn_run_script (const struct argv *a, const struct e

Re: [Openvpn-devel] Error C2010 in openvpnserv.c during VS2008 build

ed on IRC with David Sommerseth and yourself on 2010-12-04 around 11:08 UTC that we deem it unnecessary to keep GCC < 3.0 compatibility for this new Windows-only code. Best -- Matthias Andree >From 0374c641d4086dfea91bd64c22bb5280bbddf346 Mon Sep 17 00:00:00 2001 From: Matthias Andree <matt

Re: [Openvpn-devel] Error C2010 in openvpnserv.c during VS2008 build

Am 04.12.2010 03:55, schrieb Matthias Andree: > Am 03.12.2010 16:22, schrieb Samuli Seppänen: >> Hi, >> >> I've managed to extend the Python build system so that it now tries to >> build the Windows service wrapper, "openvpnserv.exe", after building >>

Re: [Openvpn-devel] Documentation and alternative SSL backend patches

most distro switch from openssl to nss. is there any reason you switch > to polarssl in stead of nss? > What do you base the "most distro" assessment on? Are you aware of any website discussing the advantages of the "big" SSL providers (OpenSSL, Mozilla NSS, GnuTLS, PolarSSL, CyaSSL, ...)? -- Matthias Andree

Re: [Openvpn-devel] use extv3 extensions such as subjectAltName as common_name

Am 30.11.2010 16:50, schrieb Matthias Andree: > Make sure that the extraction reports failure (aka "return false;") and the > caller deals with that in case there are embedded NULs, IOW strlen() != > ia5.size. That ia5.size should be read as "ia5->length". Sorry

Re: [Openvpn-devel] use extv3 extensions such as subjectAltName as common_name

ilure (aka "return false;") and the caller deals with that in case there are embedded NULs, IOW strlen() != ia5.size. For safer example code, see, for instance, the strlen vs. length comparison at <http://gitorious.org/fetchmail/fetchmail/blobs/846ffbb938c7ecf6819a5c3b844adf306bf87f02/socket.c#line682> -- Matthias Andree

Re: [Openvpn-devel] [PATCH] More t_client.sh updates - exit with SKIP when we want to skip

ting this out. My pleasure. -- Matthias Andree

Re: [Openvpn-devel] [PATCH] Test framework improvment - Do not FAIL if t_client.rc is missing

> -. ./t_client.rc > -elif [ -r "${srcdir}"/t_client.rc ] ; then > -. "${srcdir}"/t_client.rc > -else > -echo "cannot find 't_client.rc' in current directory or" >&2 > -echo "source dir ('${srcdir}'). FAIL." >&2 > -exit 1 > -fi > - > if [ -z "$CA_CERT" ] ; then > echo "CA_CERT not defined in 't_client.rc'. SKIP test." >&2 > exit 0 -- Matthias Andree

Re: [Openvpn-devel] PATCH: remove bashisms from easy-rsa

On Sun, 06 Jun 2010, Davide Brini wrote: > Some systems don't install bash or a POSIX sh in /bin, so it may also be > necessary to create symlinks on those systems. I think it's the easiest > tradeoff, and should be done anyway, because on such systems many other > #!/bin/sh or #!/bin/bash

Re: [Openvpn-devel] PATCH v2: remove bashisms from easy-rsa

Am 05.06.2010, 22:23 Uhr, schrieb David Sommerseth: On 05/06/10 00:49, Matthias Andree wrote: Note that some parts of the scripts may be Solaris /bin/sh unfriendly, for instance, Solaris's sh doesn't support test -e or [ -e. My patch does not address this. This makes me very reluctant from

[Openvpn-devel] PATCH: remove bashisms from easy-rsa

test -e or [ -e. My patch does not address this. Please apply. Best regards Matthias Andree Index: 2.0/build-ca === --- 2.0/build-ca (Revision 5689) +++ 2.0/build-ca (Arbeitskopie) @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh

Re: [Openvpn-devel] [PATCH] On TARGET_LINUX define _GNU_SOURCE if not defined

a tarball generated with "make dist" (what the release manager uploads and the end user usually downloads from sourceforge or other distribution sites), no autoconf/automake/libtool are required. -- Matthias Andree

Re: [Openvpn-devel] [Feedback needed] Fix cross compile support

ce the required edits can be scripted, that could happen on the feature branches before attempting a merge. No big deal. Anyways, I have a bit of auto* expertise, feel free to Cc:/ping me on auto* related proposals to openvpn. I've only cursorily been following the increased list traffic lately until the changed-procedure threads would have settled a bit, and the thread didn't catch my eye right away. Best regards -- Matthias Andree

[Openvpn-devel] PATCH 2.1-RC*: critical fix for FreeBSD 8 in topology subnet mode.

Hi Jim, there has been a recent change in FreeBSD 8 BETA that will break OpenVPN 2.1's "topology subnet" mode by (rightfully!) rejecting the ifconfig command we're currently using (which incorrectly sets the local and remote P2P IPv4 addresses to be the same, the FreeBSD 8 kernel will reject

Re: [Openvpn-devel] recent change to ifconfig breaks OpenVPN?

modes. I hope to try this on FreeBSD 6.X tomorrow, as that's also a supported release. -- Matthias Andree

Re: [Openvpn-devel] recent change to ifconfig breaks OpenVPN?

t;remote_netmask; + r.netmask = tt->remote_netmask; + r.gateway = tt->local; + add_route (, tt, 0, es); +} + #elif defined (WIN32) { /* -- Matthias Andree

Re: [Openvpn-devel] OpenVPN 2.1_rc19 released

James Yonan schrieb: > 2009.07.16 -- Version 2.1_rc19 ... > * In configure.ac, use datadir instead of datarootdir for compatibility >with

Re: [Openvpn-devel] [PATCH] Fix non-C89 comments

at an early Mercurial 0.X version (current is 1.1.X), or a Git version before 1.5 (current is beyond 1.6.1), you might want to know that lots of things have improved, particularly usability and documentation. Git has evolved into a real version control system that's usable. -- Matthias Andree

Re: [Openvpn-devel] [PATCH] Fix non-C89 comments

t might support such models or merge queues much better than Subversion does. -- Matthias Andree

[Openvpn-devel] [PATCH] Fix non-C89 comments

Hi, openvpn uses non-C89 //-style comments in two places. Patch to convert these to /* ... */ style comments attached. Best -- Matthias Andree Index: proto.h === --- proto.h (Revision 3896) +++ proto.h (Arbeitskopie) @@ -66,15

Re: [Openvpn-devel] OpenVPN 2.1_rc15 GCC 2.96 incompatibility

out of security support for more than half a decade now, and if OpenVPN 2.1 breaks on such systems, that's perhaps some more incentive for their users to upgrade. See: * <http://gcc.gnu.org/gcc-2.96.html> * <http://www.redhat.com/security/updates/eol/> -- Matthias Andree

Re: [Openvpn-devel] [patch] enhance compatibility with HTTP/1.1 proxies

/* HTTP/1.0 or HTTP/0.9 */ } break; default: /* unsupported, complain and terminate */ } } You may want to accept only 1.0 and 1.1 rather than 1.0 and 1.n for n >= 1 - but there should only ever be A SINGLE PLACE to enforce that. Else you'll have a hell of work once you start implementing HTTP/1.2 later on... -- Matthias Andree

Re: [Openvpn-devel] OpenVPN 2.1_rc13 released

ty > feature, which is not present in 2.0.x. It sucks to deploy beta/RC software, > though. That assumes your requirements scheme is universal for each and every OpenVPN user. I dispute that. -- Matthias Andree

Re: [Openvpn-devel] OpenVPN 2.1_rc13 released

On Mon, 27 Oct 2008, Felix Kronlage wrote: > On Fri, Oct 24, 2008 at 08:36:56AM +0200, Matthias Andree wrote: > > > This particular change looks a lot like "feature missing for > > deployment/integration/...". > > but why add features in a 'release candidate

Re: [Openvpn-devel] OpenVPN 2.1_rc13 released

e of not just adding new stuff to RC's but instead > introducing bugs in the RCs instead of just closing them... This particular change looks a lot like "feature missing for deployment/integration/...". -- Matthias Andree

Re: [Openvpn-devel] rc9 and external commands

d in the --up section of the manpage - no longer works; it was probably formerly done by the implicit /bin/sh -c that is now gone with the switch to exec*(). (I didn't check, and didn't check the two Debian BTS reports either.) So either the code needs argument splitting or you need a two-line shell wrapper similar to: #! /bin/sh -e exec /tmp/foo up "$@" Not my call to make. -- Matthias Andree

Re: [Openvpn-devel] OpenVPN 2.1_rc9 released -- note security fix

using nroff or man properly. Sorry for this part of the noise. -- Matthias Andree

Re: [Openvpn-devel] OpenVPN 2.1_rc9 released -- note security fix

d adumbrates the described security issue you fixed). 3 - one part of the self-test suite ("make check") needs to be adjusted to cater for the tightened script security. Patch attached (against SVN) - it also adds retrying if the addresses are in use. Note there are two "sv

Re: [Openvpn-devel] OpenVPN 2.1_rc7 released

On Tue, 29 Jan 2008, James Yonan wrote: > Download: > > http://openvpn.net/download.html > > Change Log: > > 2008.01.29 -- Version 2.1_rc7 rc7 is now available for FreeBSD as the security/openvpn-devel port. -- Matthias Andree

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.1-rc5 released

On Thu, 24 Jan 2008, James Yonan wrote: > 2.1-rc5 has a minor pkcs11 option processing bug. I've built 2.1-rc6 with > the fix. > > Download: > > http://openvpn.net/beta/ I've submitted port updates to -rc6 for FreeBSD, to appear once a committer finds the time to go forward.

Re: [Openvpn-devel] On the way from tun0 to eth1, packets disappearing.

rtian source 192.168.178.1 from 192.168.0.1, on dev eth1 There are sysctls to enable source route filtering - check net.ipv4.conf.*.log_martians if logging is enabled at all. The sample message was captured when OpenVPN hadn't noticed some link change. Restarting OpenVPN cured them in my case. -- Matthias Andree

Re: [Openvpn-devel] MULTICAST: cannot join a group across the OpenVPN connection. Why?

st either, perhaps that's why nobody cares. -- Matthias Andree

Re: [Openvpn-devel] Re: [Openvpn-users] Re: Simultaneous Access to Console Management

ssage (if one is sent), "connection reset by peer" and that's it. It's not too polite, but if it's a "one administration client only" model, probably the most portable, and at least the client might have a clue about what is going on. -- Matthias Andree

[Openvpn-devel] [PATCH] self-test updates, fix unterminated loop in BSD jails

" if aborted), I suggest the attached updates to the t_* scripts, against SVN trunk (version 2.0.5). Tested on FreeBSD 5.4 i586, SUSE Linux 9.3 i686, Solaris 8 sun4u sparc. Please apply to 2.0 and 2.1. -- Matthias Andree Index: t_lpback.sh ===

Re: [Openvpn-devel] OpenVPN 2.0.4 Released -- Note security fixes

cial download mirrors for OpenVPN? The FreeBSD ports system suggests to add some. -- Matthias Andree

Re: [Openvpn-devel] OpenVPN 2.0.4 Released -- Note security fixes

On Tue, 01 Nov 2005, James Yonan wrote: > On Tue, 1 Nov 2005, Matthias Andree wrote: > > > ... however I found that the easy-rsa/2.0/ directory disappeared, > > it was present in 2.0.2 and gone in 2.0.4. What's the story about > > easy-rsa/* and easy-rsa/2.0/* in t

Re: [Openvpn-devel] OpenVPN 2.0.4 Released -- Note security fixes

ase 2.0.4? Thanks, -- Matthias Andree

Re: [Openvpn-devel] The use of lzo if OpenSSL has zlib

compression, not compatible with zlib. -- Matthias Andree

Re: [Openvpn-devel] portable pkitool shell script

(Solaris 8 SPARC): SHELL=/usr/xpg4/bin/sh $SHELL -c 'if ! false ; then echo true ; fi' $SHELL -c 'export A=test ; echo $A' Both tests pass, and both fail with SHELL=/bin/sh. We can lift auto* magic to get this working on Solaris from bogofilter if desired for #! lines. -- Matthias Andree

Re: [Openvpn-devel] Unix-Compatibility

rdware and the OS with developer documentation and SDK. Solaris appears to be supported, it's a long time since I've tried it though. FreeBSD 5 and SuSE Linux 9.X are fine. -- Matthias Andree

Re: [Openvpn-devel] Why must PAM library be dlopened?

reeBSD and Solaris, if it doesn't work on Linux, Linux must improve in this compatibility regard. If I need an RPM for several versions of the same distribution, I usually compile on the oldest available and it usually works. Notable exception being kernel modules perhaps. -- Matthias Andree

Re: [Openvpn-devel] Why must PAM library be dlopened?

s. ...which constitutes an incentive to update to the non-broken PAM installation. If you compile something for glibc 2.3, chances are it doesn't work with glibc 2.2 either. -- Matthias Andree

Re: [Openvpn-devel] Why must PAM library be dlopened?

o.1 (0xb7f6b000) libc.so.6 => /lib/tls/libc.so.6 (0xb7e52000) /lib/ld-linux.so.2 (0x8000) -- Matthias Andree

Re: [Openvpn-devel] Why must PAM library be dlopened?

al part. You have even provided an example where libfoo.so > is in the -devel rpm, just as I said. Sorry. I totally misread the problem that was discussed, and your assertions. -- Matthias Andree

Re: [Openvpn-devel] Why must PAM library be dlopened?

ding to your patch, but leave the default for now > as is. This could be run and determined automatically by the autoconf/automake couple, automake supports conditional compilation (i. e. depending on autoconf findings, link another module into a program, or something like that). -- Matthias Andree

Re: [Openvpn-devel] Why must PAM library be dlopened?

ibfoo.so.4.2) man/man3/foo.3.gz include/foo.h -- Matthias Andree

Re: [Openvpn-devel] OpenVPN 2.0 released

d models for a long time - so we're not losing this feature in the FreeBSD port). Thank you for your great work on OpenVPN 2.0. -- Matthias Andree

Re: [Openvpn-devel] RPM build of 2.0-rc16 fails on MandrakeSoft

Server, too) for instance ships 0.9.6. -- Matthias Andree

Re: [Openvpn-devel] RPM build of 2.0-rc16 fails on MandrakeSoft

ich everyone else is using. Are names/provides/whatever standardized in any way? (LSB perhaps)? -- Matthias Andree

Re: [Openvpn-devel] RPM build of 2.0-rc16 fails on MandrakeSoft

e done with distro-specific differences whether it is liblzo, lzo, lzo1, liblzo1, my_grandma_ate_all_her_chickens or whatever. -- Matthias Andree

Re: [Openvpn-devel] [PATCH]: small tweaks to beta16

pplicable. -- Matthias Andree

Re: [Openvpn-devel] OpenVPN Licensing Issues

s, and I'd have to be paid some larger sum to ever do that again. -- Matthias Andree Encrypted mail welcome: my GnuPG key ID is 0x052E7D95 (PGP/MIME preferred)

Re: [Openvpn-devel] CVS repository for version 2 - but where?

eckout). HTH, -- Matthias Andree Encrypted mail welcome: my GnuPG key ID is 0x052E7D95 (PGP/MIME preferred)

Re: [Openvpn-devel] compiling statically - how?

probably be ./configure CC="gcc -static" - it's untested and may require the installation of static libraries on some systems. -- Matthias Andree Encrypted mail welcome: my GnuPG key ID is 0x052E7D95 (PGP/MIME preferred)

Re: [Openvpn-devel] CVS out-of-date

login > cvs -z3 -d:pserver:anonym...@cvs.sourceforge.net:/cvsroot/openvpn co openvpn You need to tell CVS to check out the branch, i. e. use cvs -z3 -d:pserver:anonym...@cvs.sourceforge.net:/cvsroot/openvpn checkout -rBETA20 openvpn -- Matthias Andree Encrypted mail welcome: my GnuPG key ID is 0x052E7D95

Re: [Openvpn-devel] OpenVPN 2.0 -- Project Update and Release Notes

me to work full-time on the project during the > last month. In how far does the new OpenVPN 2.0 server require client upgrades? Which client versions (providing the clients use TLS) are still compatible? -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95

[Openvpn-devel] Files missing from BETA20 CVS

Hi, the files list.c, mroute.c and multi.c appear to be missing from the BETA20 branch in CVS: ma@merlin:~/cvs-3rdparty/openvpn> LANG=C make -ks 2>&1 | grep ^make make[1]: *** No rule to make target `list.c', needed by `list.o'. make[1]: *** No rule to make target `mroute.c', needed by

Re: [Openvpn-devel] OpenVPN multi instancing

know what to check out? Or a mailing list I should subscribe to? May I suggest to post the pointer to the document or add one to openvpn.sourceforge.net? Thanks. (It's incredible how much room for improvement OpenVPN still has, while having been stable and production-ready for so long already.) -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95

Re: [Openvpn-devel] OpenVPN multi instancing

gure as a side project, going to fill your thesis or homework or whatever other paper or PDF you're going to turn in. :-) -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95

Re: [Openvpn-devel] OpenVPN 1.6-beta6 on Windows XP - observations

gt; Anzahl", the all-numeric printout with addresses where BSD has interface names isn't helpful, and DNS configuration adds to the confusion. With Samba and "net view \\bigserver", WINS also gets into play and I see packets coming from the wrong and the right source IP... It's not Op

[Openvpn-devel] OpenVPN 1.6-beta6 on Windows XP - observations

e configuration and its quirks. Thanks in advance and have a nice week-end, -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95

[Openvpn-devel] Idea for --ifconfig & co.

Hi, would it be feasible to have openvpn create interfaces (--ifconfig or something) in "down" state until a remote peer connects - unless the tunnel is marked persistent? I know I can do this with scripts, but it might be the natural choice to reflect the tunnel status in interface

Re: [Openvpn-devel] Re: [Openvpn-users] Problem while compiling openvpn

was a rather unpleasant experience). -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95

Re: [Openvpn-devel] CVS

c. I was wondering why the trunk hadn't changed :-) -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95

Re: [Openvpn-devel] Re: [Openvpn-users] Windows tun driver

e don't need Windoze broadcast traffic gated, and "my" Windows boxes hardly generate non-IP traffic. IPX or NetBEUI drivers aren't installed on the Windows machines I maintain. ARP isn't needed. Granted, if you need IGMP, you'll want tap, but I'd guess that the SMB browsing can deal with most

Re: [Openvpn-devel] New feature: --ifconfig for tap devices

hink it can be done. Tried loading a "tap" or "if_tap" module or something? FreeBSD compiles tap as a module that isn't loaded by default, you need to manually kldload it on FreeBSD. -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95

Re: [Openvpn-devel] New feature: --ifconfig for tap devices

tap results in: 4: Can't set multiplexor id: No such device or address (errno=6) Did I miss anything? -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95

Re: [Openvpn-devel] Need 1.5 beta testers for *BSD, Linux 2.2, OS X

hink the client would always want to compress data to avoid redundancy-based or "known-plaintext" attacks on the encrypted connection, but anyways.) -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95

<    1   2   3   >