Thanks Arne!
I'll fix this in the next upload.
On Wed, Jan 04, 2017 at 07:21:07PM +0100, Arne Schwabe wrote:
> Am 21.11.16 um 10:10 schrieb Alberto Gonzalez Iniesta:
> > Hi,
> >
> > I'm preparing an upload to Debian Experimental of 2.4-beta1 in order to
> >
On Mon, Jan 02, 2017 at 03:26:46PM +0100, Gert Doering wrote:
> Hi,
>
> On Mon, Jan 02, 2017 at 03:17:23PM +0100, Alberto Gonzalez Iniesta wrote:
> > I just got this [1] bug report on OpenVPN 2.4 threating all certs as
> > expired when upgrading from 2.3. I find this quite we
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
able now. If all goes well it'll be
in Stretch in 10 days.
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF
On Tue, Dec 06, 2016 at 01:36:04PM +0100, Arne Schwabe wrote:
> Am 06.12.16 um 13:26 schrieb Gert Doering:
> > The existing code can leak socket FDs to the "--up" script, which is
> > not desired. Brought up by Alberto Gonzalez Iniesta, based on debian
> > bug 3
On Mon, Dec 05, 2016 at 09:05:04PM +0100, Gert Doering wrote:
> Hi,
>
> On Mon, Dec 05, 2016 at 08:01:14PM +0100, Alberto Gonzalez Iniesta wrote:
> > The patch, after being adjusted to the new source, is not working anymore:
> >
> > Mon Dec 5 19:39:34 2016 Set FD_CLOE
On Wed, Nov 23, 2016 at 07:43:21PM +0100, Gert Doering wrote:
> Hi,
>
> On Wed, Nov 23, 2016 at 11:20:18AM +0100, Gert Doering wrote:
> > The existing code can leak socket FDs to the "--up" script, which is
> > not desired. Brought up by Alberto Gonzalez Iniesta,
On Mon, Nov 21, 2016 at 03:37:45PM +0100, David Sommerseth wrote:
> On 21/11/16 14:32, Samuli Seppänen wrote:
> > Il 21/11/2016 11:10, Alberto Gonzalez Iniesta ha scritto:
> >> Hi,
> >>
> >> I'm preparing an upload to Debian Experimental of 2.4-beta1 in
>
;bug=367716;filename=openvpn_367716.diff;msg=10
Fixing this:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=367716
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred
to check if the stock openvpn version you had
> installed ships with a pre-created /var/run/openvpn directory? (or
> /run/openvpn, or whatever Debian uses as the runtime directory)
>
> Otherwise, great testing!
>
The Debian package creates /run/openvpn/.
/var/run is a symlink t
sider for v2.4 just
> >> because this seems very useful and doesn't add a very complicated patch.
> >> Considering that 2.4 will live in Debian for a long while, that
> >> platform can make most out of this patch as well. In addition, the
> >>
On Mon, Apr 14, 2014 at 11:42:23AM +0200, Gert Doering wrote:
> Hi,
>
> On Mon, Apr 14, 2014 at 11:29:28AM +0200, Alberto Gonzalez Iniesta wrote:
> > There're already packages for PolarSSL in Debian (and thus, in Ubuntu).
> > So I don't think there's need to maintain differ
PolarSSL debs, we might as well do it
> upstream in the PolarSSL project instead of within the OpenVPN project.
> We could of course publish the PolarSSL packages in our own apt repos to
> make using them easier for our users.
There're already packages for PolarSSL in Debian (and thu
> versions of OpenVPN software.
>
Hi Leroy,
Mind this patch is only required for Samuli's (backported) packages. The
packages in Debian (and later Ubuntu) do not need any patching, since
the required version of pkcs11 is already present in the development and
testing suites (sid and
apitalized. Please consider its inclusion, or an
alternative to address this matter.
Thanks,
Alberto
[1]
x509-username-field foo -> will look for a field named FOO
x509-username-field [emailAddress] -> will look for emailAddress
--
Alberto Gonzalez Iniesta| Formación, consultoría y sop
On Mon, Jun 17, 2013 at 05:36:23PM +0200, Gert Doering wrote:
> Hi,
>
> On Mon, Jun 17, 2013 at 04:36:44PM +0200, Alberto Gonzalez Iniesta wrote:
> > Seems like "cmsg_len" went nuts...
>
> Seems your compiler grew too much smarts and optimized that bug to death
or should we go back to 2.2.1 without
the patch to fix CVE-2013-2061?
Thanks,
Alberto
[0]
https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707329
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712414
wrote:
> I'll take a look at the one in unstable. I'm not sure what parts have been
> back ported to 2.2 that I have been testing in the 2.3 branch. I would
> have thought that 2.3 is mature enough to be in the debian repos by now.
>
>
> On Wed, May 29, 2013 at 9:38 AM, Albert
ating the IPv6 patches anyway that bring most of
> the 2.3 ipv6 functionality to 2.2?
Yes, it is. AFAIK.
Anyway, I'll try to make a backport one of these days, but the one in
unstable should work in Wheezy too.
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(
workaround (editing PAM limits) and a plea to
document this behaviour. I guess it's better to document this (after
verification of the facts) in OpenVPN's man page rather than just
Debian's package.
Regards,
Alberto
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406895
--
Alberto Gonzal
On Fri, Mar 16, 2012 at 02:09:44PM +0200, Alon Bar-Lev wrote:
> On Fri, Mar 16, 2012 at 1:47 PM, Alberto Gonzalez Iniesta
> <a...@inittab.org> wrote:
> > Since support for LZO is enabled/disabled in runtime configuration, I
> > don't see why disabling it on built time, thu
ckages with LZO support (if I don't forget to
set the option when upgrading to the new version).
Since support for LZO is enabled/disabled in runtime configuration, I
don't see why disabling it on built time, thus limiting its use later.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Fo
the patch successfully. It works for me(tm). OpenVPN stopped
adding those random routes, while it added the right one for the
"remote_host".
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
E
the VPN server and see if that fixes it in the meantime.
Cheers,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
Just a tiny fix.
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
Index: openvpn-2.1.0
ord, the same feature was requested in Debian [1] some 5
years ago :)
Regards,
Alberto
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=237251
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail
Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
Index: openvpn-2.1_rc15/options.c
] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494998
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495964
[3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494998#10
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
On Wed, Dec 22, 2004 at 05:11:51AM -0700, James Yonan wrote:
> On Wed, 22 Dec 2004, Charles Duffy wrote:
>
> > On Wed, 22 Dec 2004 11:00:09 +0100, Alberto Gonzalez Iniesta wrote:
> > > Recent updates of openvpn appear to have changed the handling of
> > > white
from Ron <r...@debian.org> -
From: Ron <r...@debian.org>
To: Alberto Gonzalez Iniesta <a...@inittab.org>
Subject: openvpn config parsing
List-Post: openvpn-devel@lists.sourceforge.net
Date: Fri, 10 Dec 2004 12:09:42 +1030
X-CRM114-Version: 20040816.BlameClockworkOrange-auto.3
On Wed, Nov 03, 2004 at 12:24:15PM -0700, James Yonan wrote:
> On Tue, 2 Nov 2004, Alberto Gonzalez Iniesta wrote:
>
> > Hi again,
> >
> > Another bug report received in the Debian BTS [1]. Quoting:
> > |when the link which was used for openvpn transport goes do
(eg.
|wavemon) can handle this situation more sanely.
Regards,
Alberto
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278933
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred
On Sun, Oct 17, 2004 at 01:36:33PM -, James Yonan wrote:
> Alberto Gonzalez Iniesta <a...@inittab.org> said:
>
> > Hi all,
> >
> > After I decided to push OpenVPN 2.0 into Debian for future inclusion in
> > Sarge, I got this [1] bug report from one Debian
agging it
irreproducible.
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=265632
--
Alberto Gonzalez Iniesta| BOFH excuse #175:
agi@(inittab.org|debian.org)| OS swapped to disk
Encrypted mail preferred|
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
/bugreport.cgi?bug=265632
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=270005
--
Alberto Gonzalez Iniesta | BOFH excuse #178:
agi@(agi.as|debian.org)| short leg on process table
Encrypted mail preferred |
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
the route deleted from.
[1] http://bugs.debian.org/251304
--
Alberto Gonzalez Iniesta | BOFH excuse #263:
agi@(agi.as|debian.org)| It's stuck in the Web.
Encrypted mail preferred |
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
On Wed, Mar 31, 2004 at 12:31:13PM +0200, Alberto Gonzalez Iniesta wrote:
> Debian package available (for testing/unstable) at:
>
> http://tmp.inittab.org/~agi/openvpn_2.0_beta18-1_i386.deb
>
Sorry, that should read:
http://tmp.inittab.org/~agi/openvpn_2.0_test18-1_i386.deb
t Beta, and report bugs to openvpn-devel@lists.sourceforge.net
(in case of openvpn related problem) or me (in case of packaging
errors).
--
Alberto Gonzalez Iniesta | BOFH excuse #191:
agi@(agi.as|debian.org)| Just type 'mv * /dev/null'.
Encrypted mail preferred |
Key fingerprint = 9
thoughts?
[1] http://bugs.debian.org/237251
--
Alberto Gonzalez Iniesta | BOFH excuse #304:
agi@(agi.as|debian.org)| routing problems on the neural net
Encrypted mail preferred |
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
On Thu, May 08, 2003 at 08:30:34AM -, James Yonan wrote:
> Alberto Gonzalez Iniesta <a...@agi.as> said:
>
> > When compiled with 2.4.* kernel headers (libc6-dev 2.2.5-14.3 headers)
> > it detects this header file and defines HAVE_LINUX_IF_TUN_H. This allow
>
uot; <mar...@oberhumer.com>
To: Alberto Gonzalez Iniesta <a...@agi.as>
Subject: Re: Compiling and/or linking liblzo with OpenSSL
List-Post: openvpn-devel@lists.sourceforge.net
Date: Sat, 3 May 2003 16:57:42 +0200
X-no-Archive: yes
X-GPG-KeyID: 0x0B2043C9
X-GPG-Fingerprint: 1077 CF79 F341
On Fri, May 02, 2003 at 06:07:07PM +0200, Matthias Andree wrote:
> On Mon, 28 Apr 2003, Alberto Gonzalez Iniesta wrote:
>
> > Sorry for the huge forward, but everything needed to understand this
> > problem should be there :)
>
> FYI:
>
> My post of the FreeBSD-p
to get lots of feedback,
Alberto
[1] http://www.openssl.org/support/faq.html#LEGAL2
[2] Yes, it's a joke
- Forwarded message from James Yonan <j...@yonan.net> -
From: James Yonan <j...@yonan.net>
To: Alberto Gonzalez Iniesta <a...@agi.as>
Subject: Re: comp-lzo and licensin
, it's not easy but it's
possible.
Let each tool do its job, and only that.
--
Alberto Gonzalez Iniesta | They that give up essential liberty
agi@(agi.as|debian.org)| to obtain a little temporary safety
Encrypted mail preferred | deserve neither liberty nor safety.
Key fingerpri
this should be better:
for(x = 3; x < 100; x++)
Since the first 3 fds (stdin, stdout and stderr) should be kept open.
Regards,
Alberto
--
Alberto Gonzalez Iniesta | They that give up essential liberty
agi@(agi.as|debian.org)| to obtain a little temporary safety
Encrypted mail preferred | deserve neither liberty nor safety.
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
the report here:
http://bugs.debian.org/179551
Thanks.
--
Alberto Gonzalez Iniesta | They that give up essential liberty
agi@(agi.as|debian.org)| to obtain a little temporary safety
Encrypted mail preferred | deserve neither liberty nor safety.
Key fingerprint = 9782 04E7 2B75 405C
t from the wrong address,
sorry James)
--
Alberto Gonzalez Iniesta | They that give up essential liberty
agi@(agi.as|debian.org)| to obtain a little temporary safety
Encrypted mail preferred | deserve neither liberty nor safety.
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C8
ser and/or --group. That means that when an OpenVPN
> daemon is ready to exit, it might lack the privilege to delete its own
> pidfile. I've seen other daemons deal with this by chowning the pid file to
> the user/group that the daemon plans to setuid/setgid to.
Didn't think
ser and/or --group. That means that when an OpenVPN
> daemon is ready to exit, it might lack the privilege to delete its own
> pidfile. I've seen other daemons deal with this by chowning the pid file to
> the user/group that the daemon plans to setuid/setgid to.
Didn't think
daemon that created it.
It has no sense to have the init.d scripts deleting these files (and
stoping nonexistent daemons) since the daemon could have been killed
before the init.d script tried to stop it.
Thanks in advance for any comments.
Best regards.
--
Alberto Gonzalez Iniesta
daemon that created it.
It has no sense to have the init.d scripts deleting these files (and
stoping nonexistent daemons) since the daemon could have been killed
before the init.d script tried to stop it.
Thanks in advance for any comments.
Best regards.
--
Alberto Gonzalez Iniesta
51 matches
Mail list logo