Hi All,
This patch relies on Arne's "Add send_control_channel_string_dowork
variant" patch.
This patch modifies auth so that on a renegotiation the client is
informed of a SESSION re-auth failure during a renegotiation if either
their auth-token has expired, or they enter a wrong password in the
Hi All,
This patch allows for a client reason to be returned from an auth plugin
and sent to the connecting client on an auth fail. This change is
backwards compatible with existing plugins and hasn't caused issues with
existing plugins like the included pam plugin in our testing. The main
Hi,
On Wed, Apr 10, 2019 at 6:00 PM David Sommerseth <
open...@sf.lists.topphemmelig.net> wrote:
> On 10/04/2019 17:58, Selva Nair wrote:
> >
> > As I replied to the openssl-users list[*], pkcs11-helper only supports
> PKCS1
> > signatures, not raw signature needed in this case.
> >
> > We have
couple of findings:
1) error when built with mbedtls-2.16.0 (surprizingly, build does not fail)
[ OK ] tls_crypt_v2_wrap_unwrap_no_metadata
[ RUN ] tls_crypt_v2_wrap_unwrap_max_metadata
[ OK ] tls_crypt_v2_wrap_unwrap_max_metadata
[ RUN ] tls_crypt_v2_wrap_too_long_metadata
On 10/04/2019 17:58, Selva Nair wrote:
>
> As I replied to the openssl-users list[*], pkcs11-helper only supports PKCS1
> signatures, not raw signature needed in this case.
>
> We have to either patch pkcs11-helper or switch to something else.
It would be wonderful to switch it for something
hello,
I have implemented cirrus-ci support (with freebsd fix),
please have a look
https://github.com/OpenVPN/openvpn/pull/125
builds:
https://cirrus-ci.com/task/6511771119517696
https://cirrus-ci.com/task/5385871212675072
thoughts ? suggestions ?
On Wed, Apr 10, 2019 at 12:59 PM Jan Just Keijser wrote:
> On 10/04/19 17:58, Selva Nair wrote:
>
> Hi,
>
> This is more relevant to OpenVPN than OpenSSL, so copying to the
> openvpn-devel list.
>
> On Wed, Apr 10, 2019 at 10:11 AM Francois Gelis
> wrote:
>
>> Hi all,
>>
>> I have a working
On 10/04/19 17:58, Selva Nair wrote:
Hi,
This is more relevant to OpenVPN than OpenSSL, so copying to the
openvpn-devel list.
On Wed, Apr 10, 2019 at 10:11 AM Francois Gelis
mailto:francois.ge...@gmail.com>> wrote:
Hi all,
I have a working openvpn setup with client certificate
Hi,
This is more relevant to OpenVPN than OpenSSL, so copying to the
openvpn-devel list.
On Wed, Apr 10, 2019 at 10:11 AM Francois Gelis
wrote:
> Hi all,
>
> I have a working openvpn setup with client certificate and private key
> stored on my laptop. Then, I have loaded them into a smartcard
On 4/10/19 3:45 PM, Michal Soltys wrote:
On 4/10/19 10:24 AM, Arne Schwabe wrote:
Am 09.04.19 um 16:34 schrieb Michal Soltys:
The man page states that when using --capath, the user is required to
provide CRLs for CAs. This is not true and providing CRLs is optional -
both in case of --capath
On 4/10/19 10:24 AM, Arne Schwabe wrote:
> Am 09.04.19 um 16:34 schrieb Michal Soltys:
>> The man page states that when using --capath, the user is required to
>> provide CRLs for CAs. This is not true and providing CRLs is optional -
>> both in case of --capath as well as --crl-verify options.
Am 09.04.19 um 16:34 schrieb Michal Soltys:
> The man page states that when using --capath, the user is required to
> provide CRLs for CAs. This is not true and providing CRLs is optional -
> both in case of --capath as well as --crl-verify options. When relevant
> CRL is not found OpenVPN simply
12 matches
Mail list logo
