Looks like I missed that and a few others! I fixed some more spelling
errors across other things. Follow up patch/commit below. If I just need
to re-make the original patch let me know.
From: Jonathan Tooker
Date: Tue, 22 Jan 2019 23:10:33 -0600
Subject: [PATCH] Another set of spelling fixes
Hi,
> diff --git a/src/openvpn/console.h b/src/openvpn/console.h
> index 0ffd6683..62beacae 100644
> --- a/src/openvpn/console.h
> +++ b/src/openvpn/console.h
> @@ -33,9 +33,9 @@
> */
> struct _query_user {
> char *prompt; /**< Prompt to present to the user */
> -size_t
Fork @ github: https://github.com/JDTX/openvpn
(76ab12606155f51aaaf376a46f4a52a459af105c)
From: Jonathan Tooker
Date: Tue, 22 Jan 2019 18:27:39 -0600
Subject: [PATCH] Fix various spelling mistakes
Fix spelling mistakes in code/headers/manpages/etc.
---
distro/rpm/openvpn.init.d.rhel
Acked-by: Gert Doering
Explanation makes sense, code looks good (just moving, except for the
error messages which change to print "*pem_name" instead of static
"tls-crypt-v2" always).
Your patch has been applied to the master branch.
commit 784ad902438a6c70f1b9e4f545ac2bbb4230a048
Author: Arne
Acked-by: Gert Doering
Looks reasonable. Plus, correct error message :-)
Your patch has been applied to the master branch.
commit 91bc1212b4b79ac9e2cbf6d345db5df716c42a5b
Author: Simon Rozman
Date: Wed Dec 19 21:26:11 2018 +0100
Detect missing TAP driver and bail out gracefully
Am 30.12.18 um 12:29 schrieb Antonio Quartulli:
> From: Robin Tarsiger
>
> Add a new config option to allow the user to specify a transport plugin
> implementing the new API. This plugin can be used to manipulate traffic
> in any way, as designed by the plugin developer.
>
> The fondamental
Am 30.12.18 um 12:28 schrieb Antonio Quartulli:
> From: Robin Tarsiger
>
> This new transport protocol is used to tell the core code that traffic
> should not be directly processed, but should rather be rerouted to a
> transport plugin. It is basically an abstraction as it does not say tell
>
>
> +/*
> + * FUNCTION: openvpn_plugin_get_vtab_v1
> + *
It would be nice if we also use the docutils style to document the new
functions in this file rather than is this different documentation style.
> + * This is only used for TRANSPORT plugins presently. It is called to
> + * retrieve a
Your patch has been applied to the master branch.
(I had a look at the patch as well, and second the ACK :) )
commit dcfc51457789d8a62ff8bd266dd3a3bf0a0c9763
Author: Steffan Karger
Date: Sat Jan 19 11:34:00 2019 +0100
Fix tls-auth/crypt in connection blocks with --persist-key
Your patch has been applied to the master branch.
commit eb1fed3f3bb817332183672dd1ca665ece83d6a8
Author: Lev Stipakov
Date: Tue Jan 22 15:41:03 2019 +0200
crypto_openssl.c: fix heap-buffer-overflow found by AddressSanitizer
Signed-off-by: Lev Stipakov
Acked-by: Arne Schwabe
Acked-by: Gert Doering
"Because it makes sense and moves toward making OpenVPN on Windows more
robust (pull-filter route-method) and secure (script-security)". Code
change is simple enough :-)
Your patch has been applied to the master and release/2.4 branch
(security enhancement).
commit
From: Selva Nair
This allows the Windows GUI to use these options on the command
line without triggering user authorization errors.
Useful for
(i) ignoring certain pushed options such as "route-method" which
could otherwise bypass the interactive service
(ii) enforcing a safer script-security
Your patch has been applied to the master branch.
commit a3fd78d48616ab21908b116d5ce785986893e02d
Author: Lev Stipakov
Date: Tue Jan 22 15:34:20 2019 +0200
test_tls_crypt.c: fix global-buffer-overflow found by AddressSanitizer
Signed-off-by: Lev Stipakov
Acked-by: Arne Schwabe
Am 19.12.18 um 06:01 schrieb Antonio Quartulli:
> From a high level description of this patchset, please refer to
> "[PATCH 0/4] add netlink support for Linux" sent to the mailing list on
> Apr, 20th 2018.
>
This patch set seem to be missing the commit
implement platform generic networking API
Am 19.01.19 um 11:34 schrieb Steffan Karger:
> If --persist-key was used, we would always try to pre-load the 'global'
> tls-auth/crypt file. That would result in using the wrong key (leading
> to a failed connection) or en error is there was to 'global' key:
>
> Sat Jan 19 11:09:01 2019 Cannot
Am 19.01.19 um 11:30 schrieb Steffan Karger:
> If --persist-key was used, we would always try to pre-load the 'global'
> tls-auth/crypt file. That would result in using the wrong key (leading
> to a failed connection) or en error is there was to 'global' key:
>
> Sat Jan 19 11:09:01 2019 Cannot
From: Arne Schwabe
This allows an external authentication method
(e.g. management interface) to track the connection and distinguish a
reconnection from multiple connections.
Addtionally this now also checks to workaround a problem with
OpenVPN 3 core that sometimes uses a username hint from
The previous auth-token implementation had a serious problem, especially when
paired with an unpatched OpenVPN client that keeps trying the auth-token
(commit e61b401a).
The auth-token-gen implementation forgot the auth-token on reconnect, this
lead to reconnect with auth-token never working.
From: Arne Schwabe
This is useful for features that can use either a persistent
or an ephemeral key.
---
src/openvpn/crypto.c| 23 ---
src/openvpn/crypto.h| 4 +++-
src/openvpn/tls_crypt.c | 5 +++--
3 files changed, 26 insertions(+), 6 deletions(-)
diff --git
From: Arne Schwabe
This allows OpenVPN 3 core to fall back to the original authentication
method.
This commit changes man_def_auth_set_client_reason to
auth_set_client_reason since it now used in more contexts.
Also remove a FIXME about client_reason not being freed, as it is freed
in
From: Arne Schwabe
The function is fairly generic and to avoid duplicating the same
functionality move the function to crypto.c and change fixed string to
be the same as the pem_name parameter.
---
src/openvpn/crypto.c| 39 ++
src/openvpn/crypto.h| 12
From: Arne Schwabe
Patch V2: adapt unit tests to other V2 patches
---
tests/unit_tests/openvpn/Makefile.am | 18 +-
tests/unit_tests/openvpn/test_auth_token.c | 375 +
2 files changed, 392 insertions(+), 1 deletion(-)
create mode 100644
Am 22.01.19 um 14:34 schrieb Lev Stipakov:
> From: Lev Stipakov
>
> When writing data to buffer we incorrectly specify source length
> - sizeof for pointer returns 8, but actual buffer length is 1.
>
> Fix by replacing empty global string to local string literal and
> specifying the correct
Am 22.01.19 um 14:41 schrieb Lev Stipakov:
> From: Lev Stipakov
>
> OpenSSL's version of crypto_pem_encode() uses PEM_write_bio()
> function to write PEM-encoded data to BIO object. That method doesn't
> add NUL termanator, unlike its mbedTLS counterpart mbedtls_pem_write_buffer().
>
> The code
From: Lev Stipakov
OpenSSL's version of crypto_pem_encode() uses PEM_write_bio()
function to write PEM-encoded data to BIO object. That method doesn't
add NUL termanator, unlike its mbedTLS counterpart mbedtls_pem_write_buffer().
The code which uses PEM data treats it as a string, so missing
From: Lev Stipakov
When writing data to buffer we incorrectly specify source length
- sizeof for pointer returns 8, but actual buffer length is 1.
Fix by replacing empty global string to local string literal and
specifying the correct length.
Signed-off-by: Lev Stipakov
---
v2: use
Am 22.01.19 um 12:02 schrieb Lev Stipakov:
> From: Lev Stipakov
>
> When writing data to buffer we incorrectly specify source length
> - sizeof for pointer returns 8, but actual buffer length is 1.
>
> Fix by replacing empty global string to local string literal and
> specifying the correct
Am 22.01.19 um 12:02 schrieb Lev Stipakov:
> From: Lev Stipakov
>
> OpenSSL's version of crypto_pem_encode() uses PEM_write_bio()
> function to write PEM-encoded data to BIO object. That method doesn't
> add NUL termanator, unlike its mbedTLS counterpart mbedtls_pem_write_buffer().
>
> The code
From: Lev Stipakov
When writing data to buffer we incorrectly specify source length
- sizeof for pointer returns 8, but actual buffer length is 1.
Fix by replacing empty global string to local string literal and
specifying the correct length.
Signed-off-by: Lev Stipakov
---
From: Lev Stipakov
OpenSSL's version of crypto_pem_encode() uses PEM_write_bio()
function to write PEM-encoded data to BIO object. That method doesn't
add NUL termanator, unlike its mbedTLS counterpart mbedtls_pem_write_buffer().
The code which uses PEM data treats it as a string, so missing
30 matches
Mail list logo
