Attention is currently required from: cron2, flichtenheld, plaisthos. d12fk has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/489?usp=email )
Change subject: Windows: enforce 'block-local' with WFP filters ...................................................................... Patch Set 3: (5 comments) File doc/man-sections/vpn-network-options.rst: http://gerrit.openvpn.net/c/openvpn/+/489/comment/b1bfa846_8997b555 : PS1, Line 357: Push this flag to defend against the TunnelCrack attacks. > Most terminals handle links sensibly these days. Also we publish this as HTML > documentation. […] Done File src/openvpn/init.c: http://gerrit.openvpn.net/c/openvpn/+/489/comment/2586766b_9e2183fd : PS1, Line 1971: /* Fortify 'redirect-gateway block-local' with firewall rules? */ > Okay there's not much to gain with respect to breaking out run_up_down, as > that one requires too muc […] Done File src/openvpn/route.c: http://gerrit.openvpn.net/c/openvpn/+/489/comment/2b4628b0_c3b07ee0 : PS1, Line 78: static bool add_route(struct route_ipv4 *r, const struct tuntap *tt, unsigned int flags, > Right, failed to spot this. The build results speak for themselves. […] Done File src/openvpn/wfp_block.c: http://gerrit.openvpn.net/c/openvpn/+/489/comment/ed619643_4cbcafe1 : PS1, Line 197: FWPM_FILTER_CONDITION0 Condition[2]; > because the filters are zeroed right below, and than copied into [0] and/or > [1] below as needed, so […] Done File src/openvpn/win32.c: http://gerrit.openvpn.net/c/openvpn/+/489/comment/a0fa7528_684d91ad : PS1, Line 1225: if (ret == false) > Right, but you could just replace the "got out" with "return false" anyway. Yes, but no. The function has a single point of return, let's keep it that way. There's not enough to gain by changing this. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/489?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ic9bf797bfc7e2d471998a84cb0f071db3e4832ba Gerrit-Change-Number: 489 Gerrit-PatchSet: 3 Gerrit-Owner: d12fk <[email protected]> Gerrit-Reviewer: flichtenheld <[email protected]> Gerrit-Reviewer: plaisthos <[email protected]> Gerrit-CC: cron2 <[email protected]> Gerrit-CC: openvpn-devel <[email protected]> Gerrit-Attention: plaisthos <[email protected]> Gerrit-Attention: cron2 <[email protected]> Gerrit-Attention: flichtenheld <[email protected]> Gerrit-Comment-Date: Tue, 09 Jan 2024 14:53:24 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: cron2 <[email protected]> Comment-In-Reply-To: flichtenheld <[email protected]> Comment-In-Reply-To: d12fk <[email protected]> Gerrit-MessageType: comment
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
