[Openvpn-devel] [M] Change in openvpn[master]: Route: add support for user defined routing table

2024-02-16 Thread flichtenheld (Code Review) 
Attention is currently required from: its_Giaan, plaisthos.

flichtenheld has posted comments on this change. ( 
http://gerrit.openvpn.net/c/openvpn/+/524?usp=email )

Change subject: Route: add support for user defined routing table
..


Patch Set 1: Code-Review-1

(7 comments)

Patchset:

PS1:
Functionality might be fine, but could use some polish


File doc/man-sections/vpn-network-options.rst:

http://gerrit.openvpn.net/c/openvpn/+/524/comment/22a0a3ac_de6d8584 :
PS1, Line 407:  default taken from ``--route-table`` if set, otherwise 
:code:`0`.
Please change tab to spaces


http://gerrit.openvpn.net/c/openvpn/+/524/comment/f27813f8_b24586f4 :
PS1, Line 408:
Should document that table-id can't be pushed.


http://gerrit.openvpn.net/c/openvpn/+/524/comment/a3b9a424_093b4876 :
PS1, Line 464:
might be a good opportunity to make the description of --route-ipv6 more 
consistent with --route? Currently the descriptions are of a very different 
format and verbosity even though the options are very similar


File src/openvpn/options.h:

http://gerrit.openvpn.net/c/openvpn/+/524/comment/f5eb20b0_42a87049 :
PS1, Line 745: #define OPT_P_ROUTE_TABLE (1<<31)
it is not clear to my why you need a separate permission entry here? Should 
maybe add a comment about this.


File src/openvpn/options.c:

http://gerrit.openvpn.net/c/openvpn/+/524/comment/ca4f68fc_2a1a10c0 :
PS1, Line 205: "--route-table [table_id] : Specify a custom routing table 
for use with --route(-ipv6).\n"
table_id is not optional, so don't use brackets here


http://gerrit.openvpn.net/c/openvpn/+/524/comment/a60bb82d_c3d5db58 :
PS1, Line 6992: msg(M_WARN, "NOTE: --route-table specified, but not 
supported on this platform");
This warning would be confusing with a Linux build with --enable-iproute2. 
Maybe those should be two separate warnings?



--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/524?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I3e4ebef484d2a04a383a65ede5617ee98bf218a7
Gerrit-Change-Number: 524
Gerrit-PatchSet: 1
Gerrit-Owner: its_Giaan 
Gerrit-Reviewer: flichtenheld 
Gerrit-Reviewer: plaisthos 
Gerrit-CC: openvpn-devel 
Gerrit-Attention: plaisthos 
Gerrit-Attention: its_Giaan 
Gerrit-Comment-Date: Fri, 16 Feb 2024 16:35:10 +
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [XS] Change in openvpn[master]: Route: remove incorrect routes on exit

2024-02-16 Thread flichtenheld (Code Review) 
Attention is currently required from: its_Giaan, plaisthos.

flichtenheld has posted comments on this change. ( 
http://gerrit.openvpn.net/c/openvpn/+/528?usp=email )

Change subject: Route: remove incorrect routes on exit
..


Patch Set 1: Code-Review-2

(1 comment)

Patchset:

PS1:
Spurious change due to change of Change-Id. See #522 for original change.



--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/528?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ie147f81e5990b8292be090fd05c23b91f8e308d4
Gerrit-Change-Number: 528
Gerrit-PatchSet: 1
Gerrit-Owner: its_Giaan 
Gerrit-Reviewer: flichtenheld 
Gerrit-Reviewer: plaisthos 
Gerrit-CC: openvpn-devel 
Gerrit-Attention: plaisthos 
Gerrit-Attention: its_Giaan 
Gerrit-Comment-Date: Fri, 16 Feb 2024 16:06:56 +
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [M] Change in openvpn[master]: Http-proxy: Fix bug preventing proxy credentials caching.

2024-02-16 Thread flichtenheld (Code Review) 
Attention is currently required from: its_Giaan, plaisthos.

flichtenheld has posted comments on this change. ( 
http://gerrit.openvpn.net/c/openvpn/+/523?usp=email )

Change subject: Http-proxy: Fix bug preventing proxy credentials caching.
..


Patch Set 1: Code-Review-2

(5 comments)

Patchset:

PS1:
Definitely has issues


File src/openvpn/options.c:

http://gerrit.openvpn.net/c/openvpn/+/523/comment/a2ced5bd_47c89245 :
PS1, Line 1861: SHOW_BOOL(ce.http_proxy_options->nocache);
This belongs into show_connection_entry like the other o->ce options


File src/openvpn/proxy.c:

http://gerrit.openvpn.net/c/openvpn/+/523/comment/99f3b845_b241aa5b :
PS1, Line 275: if (!static_proxy_user_pass.defined || (is_first_time && 
!p->options.nocache) )
This condition feels wrong to me. As I understand the code this should never be 
true when p->options.nocache is true. Or do I understand the code wrong?


http://gerrit.openvpn.net/c/openvpn/+/523/comment/67ae3287_17906ea3 :
PS1, Line 278:   p->options.auth_file,
I think you messed up a rebase on top of 
a634cc5eccd55f1d14197da7376bb819bdf72cb6 here. Your code ignores auth_file_up 
again.


http://gerrit.openvpn.net/c/openvpn/+/523/comment/3303fbc3_b1eee104 :
PS1, Line 546: get_user_pass_http(p);
So previously this forced a reset of the credentials. This you removed. Are you 
sure this is correct? If yes, why?



--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/523?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ia3e06c0832c4ca0ab868c845279fb71c01a1a78a
Gerrit-Change-Number: 523
Gerrit-PatchSet: 1
Gerrit-Owner: its_Giaan 
Gerrit-Reviewer: flichtenheld 
Gerrit-Reviewer: plaisthos 
Gerrit-CC: openvpn-devel 
Gerrit-Attention: plaisthos 
Gerrit-Attention: its_Giaan 
Gerrit-Comment-Date: Fri, 16 Feb 2024 16:01:38 +
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [XS] Change in openvpn[master]: Route: remove incorrect routes on exit

2024-02-16 Thread its_Giaan (Code Review) 
Attention is currently required from: flichtenheld, plaisthos.

Hello plaisthos, flichtenheld,

I'd like you to do a code review.
Please visit

http://gerrit.openvpn.net/c/openvpn/+/528?usp=email

to review the following change.


Change subject: Route: remove incorrect routes on exit
..

Route: remove incorrect routes on exit

Implemented a safeguard to verify the returned value
from add_route3() when the default gateway is not a local
remote host.

Prior to this implementation, RT_DID_LOCAL flag was
erroneously set even in case of add_route3() failure.
This problem typically occurs when there's no default
route and the --redirect-gateway def1 option is specified,
and in case of reconnection makes it impossible for the client
to reobtain the route to the server.
This fix ensures OpenVPN accurately deletes the appropriate
route on exit by properly handling add_route3() return value.

Fixes: Trac #1457
Change-Id: Ie147f81e5990b8292be090fd05c23b91f8e308d4
Signed-off-by: Gianmarco De Gregori 
---
M src/openvpn/route.c
1 file changed, 4 insertions(+), 1 deletion(-)



  git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/28/528/1

diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 6c027d9..6ab4392 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -1055,7 +1055,10 @@
 ret = add_route3(rl->spec.remote_host, IPV4_NETMASK_HOST,
  rl->rgi.gateway.addr, tt, flags | 
ROUTE_REF_GW,
  >rgi, es, ctx);
-rl->iflags |= RL_DID_LOCAL;
+if (ret)
+{
+rl->iflags |= RL_DID_LOCAL;
+}
 }
 else
 {

--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/528?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ie147f81e5990b8292be090fd05c23b91f8e308d4
Gerrit-Change-Number: 528
Gerrit-PatchSet: 1
Gerrit-Owner: its_Giaan 
Gerrit-Reviewer: flichtenheld 
Gerrit-Reviewer: plaisthos 
Gerrit-CC: openvpn-devel 
Gerrit-Attention: plaisthos 
Gerrit-Attention: flichtenheld 
Gerrit-MessageType: newchange
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [XS] Change in openvpn[master]: Route: remove uncorrect routes on exit.

2024-02-16 Thread flichtenheld (Code Review) 
Attention is currently required from: its_Giaan, plaisthos.

flichtenheld has posted comments on this change. ( 
http://gerrit.openvpn.net/c/openvpn/+/522?usp=email )

Change subject: Route: remove uncorrect routes on exit.
..


Patch Set 1: Code-Review+2

(1 comment)

Commit Message:

http://gerrit.openvpn.net/c/openvpn/+/522/comment/1ee852a4_4c084f6c :
PS1, Line 7: Route: remove uncorrect routes on exit.
"incorrect"
remove full stop at end of summary line



--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/522?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I8a67b82eb4afdc8d82c5a879c18457b41e77cbe7
Gerrit-Change-Number: 522
Gerrit-PatchSet: 1
Gerrit-Owner: its_Giaan 
Gerrit-Reviewer: flichtenheld 
Gerrit-Reviewer: plaisthos 
Gerrit-CC: openvpn-devel 
Gerrit-Attention: plaisthos 
Gerrit-Attention: its_Giaan 
Gerrit-Comment-Date: Fri, 16 Feb 2024 15:32:14 +
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] IRC community meeting summary (Feb 14th)

2024-02-16 Thread Frank Lichtenheld 
On Wed, Feb 14, 2024 at 05:18:21PM +, tincantech wrote:
> On Wednesday, 14 February 2024 at 15:22, Frank Lichtenheld 
>  wrote:
> 
> > Meeting summary for 14 February 2024:
> 
> 
> 
> > * New: Easy-rsa in Windows installers
> > easy-rsa has included pre-built Windows binaries for a long time. But with
> > Windows 11 they do not seem to work correctly anymore in some cases.
> 
> Just to clarify:
> Easy-RSA works perfectly as-is on W10 & W11 but requires Windows Admin access.
> Without Windows Admin Access, Easy-RSA on W11 does not work with the now 10 
> year
> old MKSH:sh.exe

Either way, I think everyone agrees that the current situation of
shipping a ten-year old executable that causes some problems on
the latest version of Windows isn't ideal.

> This is annoying but it isn't a complete deal-breaker.

Understood.

The question about removing easy-rsa isn't so much about whether it is
unusable in the current release. But we do not want to leave it in the
current state.

So, if we need to invest time and effort now anyway to update this to
a modern standard (e.g. in terms of supply chain security), we want to
use the opportunity to ask ourselves whether bundling easy-rsa with
openvpn actually provides a value for the openvpn project and its
users. It definitely has a cost. Most openvpn developers do not see a
corresponding value in it (or they did not mention it so far). When
using openvpn as a client, easy-rsa is not useful. If setting up a
p2p connection, peer fingerprint can be used which requires openssl
but not easy-rsa.

So are there people that actually use openvpn as a server on Windows
and do not have their own separate PKI and so use the bundled
easy-rsa? That is something we would like to learn more about.

Note that none of this negates the usefulness of easy-rsa. This
is specifically about the usefulness of easy-rsa bundled in the
openvpn Windows installer.

Regards,
-- 
  Frank Lichtenheld


___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [S] Change in openvpn[master]: Minor fix to process_ip_header

2024-02-16 Thread Antonio Quartulli 

Hi,

On 15/02/2024 17:17, Gert Doering wrote:

Hi,

On Thu, Feb 15, 2024 at 03:59:02PM +, its_Giaan (Code Review) wrote:

  if (buf->len > 0)
  {
-/*
- * The --passtos and --mssfix options require
- * us to examine the IPv4 header.
- */
-
-if (flags & (PIP_MSSFIX
-#if PASSTOS_CAPABILITY
- | PIPV4_PASSTOS
-#endif
- | PIPV4_CLIENT_NAT
- ))
+if (flags & PIP_OPT_MASK)


NAK, as this is not the same thing.  PIP_OPT_MASK will also match on
the IPv6 flags, which are not something we need to test for here (= if
only an IPv6 flag is active, why should we enter this branch?).


We need to enter for either v4 or v6 flags, no?

The check on whether the packet is v4 or v6 happens *inside* this if 
block. Am I wrong?


Cheers,


--
Antonio Quartulli


___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH v1] check_compression_settings_valid: Do not test for LZ4 in LZO check

2024-02-16 Thread Frank Lichtenheld 
Probably introduced by copy & paste since there is no
COMP_ALGV2_LZO.

Github: #500
Change-Id: Id6b038c1c0095b2f22033e9dc7090e2507a373ab
Signed-off-by: Frank Lichtenheld 
Acked-by: Arne Schwabe 
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master and release/2.6.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/526
This mail reflects revision 1 of this Change.
Acked-by according to Gerrit (reflected above):
Arne Schwabe 


diff --git a/src/openvpn/comp.c b/src/openvpn/comp.c
index 6e30369..311f3e9 100644
--- a/src/openvpn/comp.c
+++ b/src/openvpn/comp.c
@@ -195,7 +195,7 @@
 }
 #endif
 #ifndef ENABLE_LZO
-if (info->alg == COMP_ALG_LZO || info->alg == COMP_ALG_LZ4)
+if (info->alg == COMP_ALG_LZO)
 {
 msg(msglevel, "OpenVPN is compiled without LZO support. Requested "
 "compression cannot be enabled.");


___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [XS] Change in openvpn[master]: check_compression_settings_valid: Do not test for LZ4 in LZO check

2024-02-16 Thread plaisthos (Code Review) 
Attention is currently required from: flichtenheld.

plaisthos has posted comments on this change. ( 
http://gerrit.openvpn.net/c/openvpn/+/526?usp=email )

Change subject: check_compression_settings_valid: Do not test for LZ4 in LZO 
check
..


Patch Set 1: Code-Review+2


--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/526?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Id6b038c1c0095b2f22033e9dc7090e2507a373ab
Gerrit-Change-Number: 526
Gerrit-PatchSet: 1
Gerrit-Owner: flichtenheld 
Gerrit-Reviewer: plaisthos 
Gerrit-CC: openvpn-devel 
Gerrit-Attention: flichtenheld 
Gerrit-Comment-Date: Fri, 16 Feb 2024 12:22:12 +
Gerrit-HasComments: No
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [S] Change in openvpn[master]: documentation: make section levels consistent

2024-02-16 Thread flichtenheld (Code Review) 
Attention is currently required from: plaisthos.

Hello plaisthos,

I'd like you to do a code review.
Please visit

http://gerrit.openvpn.net/c/openvpn/+/527?usp=email

to review the following change.


Change subject: documentation: make section levels consistent
..

documentation: make section levels consistent

Previously the sections "Encryption Options" and
"Data channel cipher negotiation" were on the same
level as "OPTIONS", which makes no sense. Instead
move them and their subsections one level down.

Use ` since that was already in use in section
"Virtual Routing and Forwarding".

Change-Id: Ib5a7f9a978bda5ad58830e43580232660401f66d
Signed-off-by: Frank Lichtenheld 
---
M doc/man-sections/cipher-negotiation.rst
M doc/man-sections/encryption-options.rst
M doc/man-sections/pkcs11-options.rst
M doc/man-sections/renegotiation.rst
M doc/man-sections/tls-options.rst
5 files changed, 14 insertions(+), 14 deletions(-)



  git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/27/527/1

diff --git a/doc/man-sections/cipher-negotiation.rst 
b/doc/man-sections/cipher-negotiation.rst
index 888ffa6..2a95119 100644
--- a/doc/man-sections/cipher-negotiation.rst
+++ b/doc/man-sections/cipher-negotiation.rst
@@ -1,12 +1,12 @@
 Data channel cipher negotiation
-===
+---

 OpenVPN 2.4 and higher have the capability to negotiate the data cipher that
 is used to encrypt data packets. This section describes the mechanism in more 
detail and the
 different backwards compatibility mechanism with older server and clients.

 OpenVPN 2.5 and later behaviour
-
+```
 When both client and server are at least running OpenVPN 2.5, that the order of
 the ciphers of the server's ``--data-ciphers`` is used to pick the the data 
cipher.
 That means that the first cipher in that list that is also in the client's
@@ -25,7 +25,7 @@
 ``--cipher`` option to this list.

 OpenVPN 2.4 clients

+```
 The negotiation support in OpenVPN 2.4 was the first iteration of the 
implementation
 and still had some quirks. Its main goal was "upgrade to AES-256-GCM when 
possible".
 An OpenVPN 2.4 client that is built against a crypto library that supports AES 
in GCM
@@ -40,7 +40,7 @@
 options to avoid this behaviour.

 OpenVPN 3 clients
--
+`
 Clients based on the OpenVPN 3.x library (https://github.com/openvpn/openvpn3/)
 do not have a configurable ``--ncp-ciphers`` or ``--data-ciphers`` option. 
Newer
 versions by default disable legacy AES-CBC, BF-CBC, and DES-CBC ciphers.
@@ -52,7 +52,7 @@


 OpenVPN 2.3 and older clients (and clients with ``--ncp-disable``)
---
+``
 When a client without cipher negotiation support connects to a server the
 cipher specified with the ``--cipher`` option in the client configuration
 must be included in the ``--data-ciphers`` option of the server to allow
@@ -65,7 +65,7 @@
 cipher used by the client is necessary.

 OpenVPN 2.4 server
---
+``
 When a client indicates support for `AES-128-GCM` and `AES-256-GCM`
 (with ``IV_NCP=2``) an OpenVPN 2.4 server will send the first
 cipher of the ``--ncp-ciphers`` to the OpenVPN client regardless of what
@@ -76,7 +76,7 @@
 those ciphers are present.

 OpenVPN 2.3 and older servers (and servers with ``--ncp-disable``)
---
+``
 The cipher used by the server must be included in ``--data-ciphers`` to
 allow the client connecting to a server without cipher negotiation
 support.
@@ -89,7 +89,7 @@
 cipher used by the server is necessary.

 Blowfish in CBC mode (BF-CBC) deprecation
---
+`
 The ``--cipher`` option defaulted to `BF-CBC` in OpenVPN 2.4 and older
 version. The default was never changed to ensure backwards compatibility.
 In OpenVPN 2.5 this behaviour has now been changed so that if the ``--cipher``
diff --git a/doc/man-sections/encryption-options.rst 
b/doc/man-sections/encryption-options.rst
index 3b26782..49385d6 100644
--- a/doc/man-sections/encryption-options.rst
+++ b/doc/man-sections/encryption-options.rst
@@ -1,8 +1,8 @@
 Encryption Options
-==
+--

 SSL Library information

+```

 --show-ciphers
   (Standalone) Show all cipher algorithms to use with the ``--cipher``
@@ -32,7 +32,7 @@
   ``--ecdh-curve`` and ``tls-groups`` options.

 Generating key material

+```

 --genkey args
   (Standalone) Generate a key to be used of the

[Openvpn-devel] [XS] Change in openvpn[master]: check_compression_settings_valid: Do not test for LZ4 in LZO check

2024-02-16 Thread flichtenheld (Code Review) 
Attention is currently required from: plaisthos.

Hello plaisthos,

I'd like you to do a code review.
Please visit

http://gerrit.openvpn.net/c/openvpn/+/526?usp=email

to review the following change.


Change subject: check_compression_settings_valid: Do not test for LZ4 in LZO 
check
..

check_compression_settings_valid: Do not test for LZ4 in LZO check

Probably introduced by copy & paste since there is no
COMP_ALGV2_LZO.

Github: #500
Change-Id: Id6b038c1c0095b2f22033e9dc7090e2507a373ab
Signed-off-by: Frank Lichtenheld 
---
M src/openvpn/comp.c
1 file changed, 1 insertion(+), 1 deletion(-)



  git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/26/526/1

diff --git a/src/openvpn/comp.c b/src/openvpn/comp.c
index 6e30369..311f3e9 100644
--- a/src/openvpn/comp.c
+++ b/src/openvpn/comp.c
@@ -195,7 +195,7 @@
 }
 #endif
 #ifndef ENABLE_LZO
-if (info->alg == COMP_ALG_LZO || info->alg == COMP_ALG_LZ4)
+if (info->alg == COMP_ALG_LZO)
 {
 msg(msglevel, "OpenVPN is compiled without LZO support. Requested "
 "compression cannot be enabled.");

--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/526?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Id6b038c1c0095b2f22033e9dc7090e2507a373ab
Gerrit-Change-Number: 526
Gerrit-PatchSet: 1
Gerrit-Owner: flichtenheld 
Gerrit-Reviewer: plaisthos 
Gerrit-CC: openvpn-devel 
Gerrit-Attention: plaisthos 
Gerrit-MessageType: newchange
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel