Hi,
On Tue, Jan 2, 2018 at 5:28 PM, Steffan Karger wrote:
> As reported in trac #922, the wakeup computation in
> event_timeout_trigger() could overflow. Since time_t and int are signed
> types, that is officially undefined behvaiour.
>
> On systems with a 64-bit signed
Hi,
Steffan asked me to pull this into 2.4, which makes sense - it's
somewhere between "code cleanup" and "bugfix", basically avoiding an
ASSERT() when we could more gracefully handle a failure on an incoming
client (... in a somewhat unlikely chain of events, but still, ASSERT()
on the server
Compile-tested on OpenBSD 6.0 (no EC/LibreSSL hickup, good :-) ) and
mingw / ubuntu 16.04. All well.
Your patch has been applied to the master branch.
(Is there a strong case for including it in 2.4?)
commit a6f38bafbbbd291d57ecb3610c2844e7f7e01412
Author: Selva Nair
Date: Sun Feb 25
Acked-by: Gert Doering
(Tested on FreeBSD 9, where .TQ is not available out of the box)
Your patch has been applied to the master and release/2.4 branch.
commit 5ed5ac5cf869c0284ffeedda358da23e201357cc (master)
commit c5a63d5a6ea78bee069cc503e0a396decfbbaf0e (release/2.4)
Acked-by: Gert Doering
as discussed on IRC this morning.
Your patch has been applied to the master and release/2.4 branch.
commit ec100d7e4ce7aaeb731c22b0d86826bf295df6cd (master)
commit e5ee5121cbbeca6dcbee38dea5b40779e3f6da83 (release/2.4)
Author: David Sommerseth
Date:
Hi,
On Wed, Feb 28, 2018 at 8:34 AM, Arne Schwabe wrote:
> Am 28.02.18 um 14:19 schrieb David Sommerseth:
>> It is not recommended to use --management on a TCP port without also
>> adding a password authentication, as this can easily be abused by other
>> users or processes
In tls_ctx_use_external_private_key, the return codes were inverted
compared to what is documented in ssl_backend.h (and what can
reasonably be expected). Internally the return code is never checked,
so this did not directly result in any change of behavior.
---
src/openvpn/ssl_mbedtls.c | 6
Am 28.02.18 um 14:19 schrieb David Sommerseth:
> It is not recommended to use --management on a TCP port without also
> adding a password authentication, as this can easily be abused by other
> users or processes being able to connect to the managmement interface.
>
> Thus issue a warning that
This introduces the .TQ groff macro. Even though this can be found
in newer groff versions, not all platforms we support carries this one.
This macro makes it possible to have mulitple lines of options as
headers before describing all of these options in the same segment.
Signed-off-by: David
It is not recommended to use --management on a TCP port without also
adding a password authentication, as this can easily be abused by other
users or processes being able to connect to the managmement interface.
Thus issue a warning that this configuration is strongly discouraged.
Signed-off-by:
10 matches
Mail list logo