[Openvpn-devel] [PATCH applied] Re: Extend push-remove to also handle 'ifconfig'.
Your patch has been applied to the master branch. commit 6ae2f19d891e8cedccffdb1760b9774b9feff140 Author: Gert Doering Date: Sun Jul 1 21:59:38 2018 +0200 Extend push-remove to also handle 'ifconfig'. Signed-off-by: Gert Doering Acked-by: Antonio Quartulli Message-Id: <20180701195938.2541-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17169.html Signed-off-by: Gert Doering -- kind regards, Gert Doering -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH] Make up/down script errors not FATAL
Hi. On Mon, Jul 2, 2018 at 9:24 PM, wrote: > > From: Selva Nair > > Instead log only a warning. > > This helps user interfaces enforce a safer script-security setting > without causing a FATAL error. Can you expand on that? What "safer script secuity settings' do you have in mind? Tunnelblick (and I think all Linux) use script-security 2 to allow for up/down scripts that implement DNS and other settings. My initial reaction is that I'd rather a problem in the up/down scripts generates a fatal error, so if there's a problem in the Tunnelblick scripts somebody will report it. In my experience, almost nobody pays attention to warnings, and mostly, those who do are worried about warning that don't matter. Best regards, Jon Bullard -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] Make up/down script errors not FATAL
From: Selva Nair Instead log only a warning. This helps user interfaces enforce a safer script-security setting without causing a FATAL error. Signed-off-by: Selva Nair --- Note: All other scripts are called with flag = 0 and will only trigger a warning message if openvpn_execve fails. src/openvpn/init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index b748357..6673734 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -174,7 +174,7 @@ run_up_down(const char *command, argv_printf_cat(, "%s %d %d %s %s %s", arg, tun_mtu, link_mtu, ifconfig_local, ifconfig_remote, context); argv_msg(M_INFO, ); -openvpn_run_script(, es, S_FATAL, "--up/--down"); +openvpn_run_script(, es, 0, "--up/--down"); argv_reset(); } -- 2.1.4 -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel