Hi
On Tue, Dec 7, 2021 at 1:07 PM Arne Schwabe wrote:
>
> Make the external crypto consumer oblivious to the internal cipher
> type that both mbed TLS and OpenSSL use. This change is mainly done
> so the cipher type that is used can be stay a const type but instead
> of an SSL library type, we
The family specific options were generally omitted.
---
doc/man-sections/client-options.rst | 5 +
doc/man-sections/link-options.rst | 5 -
src/openvpn/options.c | 17 +
3 files changed, 18 insertions(+), 9 deletions(-)
diff --git
- Broken/missing formatting
- Make it obvious which arguments are optional
- In some cases moved the "Valid syntax" block
earlier to make sure the text references argument
names after they have been declared.
Only the files touched have been reviewed, all other
files likely have similar
For now the dependencies are statically defined, which
should be fine and is still a much better solution than
to have no dependencies.
Signed-off-by: Frank Lichtenheld
---
doc/Makefile.am | 21 +++--
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/doc/Makefile.am
> Frank Lichtenheld hat am 09.12.2021 14:49 geschrieben:
> > Arne Schwabe hat am 07.12.2021 18:02 geschrieben:
> > diff --git a/doc/man-sections/link-options.rst
> > b/doc/man-sections/link-options.rst
> > index b1ae4e75a..f41c0c4f1 100644
> > --- a/doc/man-sections/link-options.rst
> > +++
> Arne Schwabe hat am 07.12.2021 18:02 geschrieben:
> diff --git a/Changes.rst b/Changes.rst
> index cf6a2f86d..c673196fa 100644
> --- a/Changes.rst
> +++ b/Changes.rst
> @@ -63,10 +63,11 @@ Optional ciphers in ``--data-ciphers``
> those as optional and only use them if the SSL library
> Arne Schwabe hat am 07.12.2021 18:02 geschrieben:
>
>
> The current mssfix parameter is a bit as it needs manual calculation of
missing word after "bit"?
> the allowable packet size and also the resulting MSS value does not take
> into account if IPv4 or IPv6 is used on the outer
Hi,
On Tue, Dec 07, 2021 at 07:06:45PM +0100, Arne Schwabe wrote:
> Patch v2: rebase on master
v2 includes a new check for AES-256-CTR (diffing v1 and v2 has the
"token++" change, plus this extra check), which breaks (at least)
tls_crypt_testdriver when compiled with mbedtls
(./configure
> Arne Schwabe hat am 07.12.2021 18:02 geschrieben:
>
>
> This function is supposed to calculate the overhead of the protocol
> header (IP/IPv6 + TCP/UDP). But at some point the index that used
FWIW, that point was 30077d1f415b8dc9bd7c8a1ac6a7585136ac6261, AFAICT
commit
> Arne Schwabe hat am 07.12.2021 18:01 geschrieben:
[...]
> diff --git a/src/openvpn/mss.c b/src/openvpn/mss.c
> index aa5b68ce9..56dea0292 100644
> --- a/src/openvpn/mss.c
> +++ b/src/openvpn/mss.c
> @@ -30,6 +30,8 @@
> #include "syshead.h"
> #include "error.h"
> #include "mss.h"
>
> Arne Schwabe hat am 07.12.2021 18:01 geschrieben:
[...]
> diff --git a/src/openvpn/mtu.c b/src/openvpn/mtu.c
> index 0ab716d7a..25b943722 100644
> --- a/src/openvpn/mtu.c
> +++ b/src/openvpn/mtu.c
[...]
> @@ -51,6 +52,85 @@ alloc_buf_sock_tun(struct buffer *buf,
> ASSERT(buf_safe(buf,
Acked-by: Gert Doering
Having unit tests is good. Actually running them is better :-) - found
at testing the latest MaxF patch on 2.5...
Your patch has been applied to the master and release/2.5 branch.
commit cc39fc7f3bddc6567507406cf8a389418e101bf8 (master)
commit
> Arne Schwabe hat am 07.12.2021 18:01 geschrieben:
> diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
> index 8cbb129d2..303e3fe8f 100644
> --- a/src/openvpn/ssl.c
> +++ b/src/openvpn/ssl.c
> @@ -1897,7 +1897,7 @@ tls_session_update_crypto_params_do_work(struct
> tls_session *session,
>
13 matches
Mail list logo