[Openvpn-devel] unsubscribe

-- - _RICK BROCKMAN_ _28 LANCASTER ST._ _CHERRY VALLEY, NY 13320_ _607 434-4746_

[Openvpn-devel] [PATCH] Disable certificate notBefore/notAfter sanity check on OpenSSL < 1.0.2

The SSL_CTX_get0_certificate() function I used in 091edd8e is available in OpenSSL 1.0.2+ only. Older versions seem to not have a useful alternative. The remaining option would then be to create a cache for our parsed certificate, but that would mean adding more struct members and code for the

Re: [Openvpn-devel] [PATCH] Improve stdin prompting section, fixing CR prompting.

On Thu, Dec 10, 2015 at 8:57 AM, Wayne Davison wrote: > src/openvpn/misc.c | 119 > + > 1 file changed, 57 insertions(+), 62 deletions(-) > Any questions I can answer about this patch? This is such a straight-forward bug

Re: [Openvpn-devel] Topics for today's (Monday, 14th Dec 2015) community meeting

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Here's the summary of today's IRC meeting. - - --- COMMUNITY MEETING Place: #openvpn-devel on irc.freenode.net List-Post: openvpn-devel@lists.sourceforge.net Date: Monday 14th Dec 2015 Time: 20:00 CET (19:00 UTC) Planned meeting topics for

Re: [Openvpn-devel] [PATCH] Make MSVC happy about route.c

ACK. I don't have VC2010, but at least on 2013 it compiles nicely.

[Openvpn-devel] [PATCH applied] Re: Make block-outside-dns option platform agnostic

ACK, thanks a lot (and thanks to valdikss and lev for this a thorough testing) Your patch has been applied to the release/2.3 branch. commit 367067f3cb29785338686426667df30c86663ed1 (release/2.3) Author: Fish List-Post: openvpn-devel@lists.sourceforge.net Date: Mon Dec 14 12:41:35 2015 -0800

[Openvpn-devel] [PATCH] Make MSVC happy about route.c

Move the definition of out to the beginning of functions to comply with old-style C compilers. Tested on MSVC 2010. --- src/openvpn/route.c | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index cf5a067..c4459f9 100644 ---

[Openvpn-devel] [PATCH applied] Re: Warn user if their certificate has expired

ACK! WANT! (Tested with an expired certificate and it works, and looking at OpenSSL x509_vfy.c and PolarSSL x509_8h, I'm reasonable confident that it will also for for not-yet-valid certificates and that we call this all correctly) Your patch has been applied to the master branch (release/2.3

[Openvpn-devel] [PATCH] Warn user if their certificate has expired

Previously, client certificate expiry warnings would only visible in the server log, and server certificate expiry warnings in the client log. Both after a (failed) connection attempt. This patch adds a warning to log when a users own certificate has expired (or is not yet valid) to ease problem

[Openvpn-devel] [PATCH v3] Make "block-outside-dns" option platform agnostic

Make the "block-outside-dns" option agnostic of Windows versions by dynamically loading WFP-related functions. Cross-compiled on Linux and tested on Windows XP/10. --- src/openvpn/Makefile.am | 4 +- src/openvpn/init.c | 4 +- src/openvpn/options.c | 17 ++- src/openvpn/win32.c |

Re: [Openvpn-devel] Topics for today's (Monday, 14th Dec 2015) community meeting

Hi, Oh yes, I added those to the topic list. They appeared on the agenda on 21st September, so getting those reviewed would be good. Samuli Hi, Hoping you will have time to consider Gava's client-nat localhost and ftp patches. Sent from my iPhone On Dec 14, 2015, at 7:23 AM, Samuli

Re: [Openvpn-devel] Topics for today's (Monday, 14th Dec 2015) community meeting

Hi, Hoping you will have time to consider Gava's client-nat localhost and ftp patches. Sent from my iPhone > On Dec 14, 2015, at 7:23 AM, Samuli Seppänen wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Hi, > > We're going to have an IRC meeting today

[Openvpn-devel] [PATCH applied] Re: Pass adapter index to up/down scripts

ACK. I have not actually compile-tested this (buildbot will :-) ) but it looks reasonable and since we've decided to use idx for netsh.exe, it should be available to scripts too. Your patch has been applied to the master and release/2.3 branch. I've taken the liberty of actually documenting

[Openvpn-devel] [PATCH v2] Make "block-outside-dns" option platform agnostic

Make the "block-outside-dns" option agnostic of Windows versions by dynamically loading WFP-related functions. Cross-compiled on Linux and tested on Windows XP/10. --- src/openvpn/Makefile.am | 4 +- src/openvpn/init.c | 4 - src/openvpn/options.c | 17 ++- src/openvpn/win32.c |

Re: [Openvpn-devel] [PATCH] Make "block-outside-dns" option platform agnostic

I see, let me add that file to Makefile.am. My modified build system does not create the dist tarball :-( Best, Fish From: Selva Nair [mailto:selva.n...@gmail.com] Sent: Monday, December 14, 2015 9:01 AM To: Fish Cc: openvpn-devel@lists.sourceforge.net Subject: Re:

Re: [Openvpn-devel] [PATCH] Make "block-outside-dns" option platform agnostic

Hi, On Sun, Dec 13, 2015 at 8:25 PM, Fish wrote: > Make the "block-outside-dns" option agnostic of Windows versions by > dynamically > loading WFP-related functions. Cross-compiled on Linux and tested on > Windows > XP/10. > --- > src/openvpn/Makefile.am | 2 +- >

[Openvpn-devel] Topics for today's (Monday, 14th Dec 2015) community meeting

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, We're going to have an IRC meeting today starting at 20:00 CET (19:00 UTC) on #openvpn-meeting irc.freenode.net. Note that the meeting channel has changed and that you do _not_ have to be logged in to Freenode to join the channel. Current

Re: [Openvpn-devel] [PATCH] Make "block-outside-dns" option platform agnostic

Hi, On Sun, Dec 13, 2015 at 05:06:27PM -0800, Fish wrote: Make the "block-outside-dns" option agnostic of Windows versions by dynamically loading WFP-related functions. Cross-compiled on Linux and tested on Windows XP/10. --- src/openvpn/Makefile.am | 2 +- src/openvpn/init.c | 4

Re: [Openvpn-devel] [PATCH] Make "block-outside-dns" option platform agnostic

Hi, On Sun, Dec 13, 2015 at 05:06:27PM -0800, Fish wrote: > Make the "block-outside-dns" option agnostic of Windows versions by > dynamically > loading WFP-related functions. Cross-compiled on Linux and tested on Windows > XP/10. > --- > src/openvpn/Makefile.am | 2 +- > src/openvpn/init.c

Re: [Openvpn-devel] [PATCH] Make ValdikSS's DNS leak fix platform agnostic

Hi, On Sun, Dec 13, 2015 at 04:20:03PM -0800, Fish Wang wrote: > Will do. However, I???m by no means a license expert. Based on Licensing > Terms page on MinGW???s website ([1], win32api), I believe the code I > stripped out of MinGW should be fine as long as a copy of the notice and its >

[Openvpn-devel] [PATCH] Make "block-outside-dns" option platform agnostic

Make the "block-outside-dns" option agnostic of Windows versions by dynamically loading WFP-related functions. Cross-compiled on Linux and tested on Windows XP/10. --- src/openvpn/Makefile.am | 2 +- src/openvpn/init.c | 4 - src/openvpn/options.c | 17 ++- src/openvpn/win32.c |

Re: [Openvpn-devel] [PATCH] Make ValdikSS's DNS leak fix platform agnostic

You are absolutely right, the code I grabbed is indeed from mingw-w64, not MinGW. Let me send out another patch with mingw-w64’s disclaimer soon. I’ll see what core people says about this patch. Thanks! Best, Fish From: Selva Nair [mailto:selva.n...@gmail.com] Sent: Sunday,

Re: [Openvpn-devel] [PATCH] Make ValdikSS's DNS leak fix platform agnostic

Hi, On Sun, Dec 13, 2015 at 7:20 PM, Fish Wang wrote: > Will do. However, I’m by no means a license expert. Based on Licensing > Terms page on MinGW’s website ([1], win32api), I believe the code I > stripped out of MinGW should be fine as long as a copy of the notice and >

[Openvpn-devel] [PATCH] Make "block-outside-dns" option platform agnostic

Make the "block-outside-dns" option agnostic of Windows versions by dynamically loading WFP-related functions. Cross-compiled on Linux and tested on Windows XP/10. --- src/openvpn/Makefile.am | 2 +- src/openvpn/init.c | 4 - src/openvpn/options.c | 17 ++- src/openvpn/win32.c |

Re: [Openvpn-devel] [PATCH] Make ValdikSS's DNS leak fix platform agnostic

Hi all, A minor suggestion: All those prototypes taken from mingw (32 or -w64?) may be better placed in new header file to be included only from win32.c -- -- preferably with a license matching the source (PD or ZPL?). Makes win32.c less cluttered as well. Will do. However, I’m by no