Greetings Steffan, David and Gert
Thank you very much for your comments.
1) log level switched to D_TLS_DEBUG_MED
2) ekm_size removed, ekm_size != 0 condition is used instead.
3) changed to: exported_keying_material
4) minimum set to 16 bytes and maximum set to 4095 bytes.
Added 2 patches relate
When server exits / restarts (gets SIGUSR1, SIGTERM, SIGHUP, SIGINT) and
explicit-exit-notify is set, server broadcasts new OCC_SERVER_EXIT command
to all clients and reschedules received signal in 2 secs.
When client receives OCC_SERVER_EXIT, it fires SIGUSR1 and switches to
the next server. Next
When client receives OCC_SERVER_EXIT, it fires SIGUSR1 and switches to
the next server. Next server is defined as same remote with different IP
address if remote resolves into multiple addresses or next remote
otherwise.
This is a client-side only verion of "Notify clients about server's
exit/rest
When client connects to the server which is in unreachable network (for
example hostname got resolved into ipv6 address and client has no ipv6),
throw SIGUSR1 and connect to the next server without waiting 60 seconds
for "TLS key negotiation failed".
---
src/openvpn/forward.c | 10 ++
1 fi
Hi there
Back in Aug 2014, I needed the server to support exporting the UV_*
variables the client sets into external programs the server calls on
client-connect, so was told to try out openvpn-2.3_git - which had that
missing code. So I did a clone of that and off I went
I've been happily running
Hi,
On Tue, Mar 03, 2015 at 08:54:08AM +1300, Jason Haar wrote:
> Back in Aug 2014, I needed the server to support exporting the UV_*
> variables the client sets into external programs the server calls on
> client-connect, so was told to try out openvpn-2.3_git - which had that
> missing code. So
