This is meant to give new users a quickstart for a useable OpenVPN
setup. Our own documentation is lacking in this regard and many
tutorials that can be found online are often questionable in some
aspects.
Linking the individaul RST file on github also give a tutorial
in a nicely formatted way.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
six minor improvements, could probably be made on commit.
One comment: This tutorial will not work on Windows because it relies
on a bashism to generate the self-signed certs. There is no mention
of that anywhere, may be it could be pointed
I have stared a bit at the code, and the changes mostly look reasonable
(though I got confused on the way, see below :-) ). Also, extra tests
are certainly good :-)
I have also run this through the client- and server-side test parcours.
The latter has auth-token instances, so also testing
Hi,
On 27/07/2021 16:37, Gert Doering wrote:
> This gets rid of a few #ifdef and also removes the need for
> commit a11bea18b1c93 (argv is only initialized after the
> early exit check on RT_DEFINED).
>
> Signed-off-by: Gert Doering
> ---
> src/openvpn/route.c | 34
>
> nice idea! :)
Thanks!
>> +
>> +void
>> +p2p_mode_ncp(struct tls_multi *multi, struct tls_session *session)
>> +{
>> +/* Set the common options */
>> +p2p_ncp_set_options(multi, session);
>> +
>> +struct gc_arena gc = gc_new();
>> +
>> +/* Query the common cipher here to
Hi,
I saw a few small things that can be fixed on the fly:
On 28/07/2021 14:30, Arne Schwabe wrote:
> Currently P2P mode of OpenVPN is on of the few places that cannot negotiate
> modern OpenVPN features. This becomes more and more problematic since P2P and
> P2MP code diverge more and more and
Currently P2P mode of OpenVPN is on of the few places that cannot negotiate
modern OpenVPN features. This becomes more and more problematic since P2P and
P2MP code diverge more and more and also the lack of switching to more
advanced features like Data v2 currently blocks P2P mode from working
The experience with openurl/OPEN_URL has shown that just sending
a URL to a client is not enough and we often need different
behaviour of the client depending on circumstances. Replace
OPEN_URL with a more flexible WEB_AUTH pending auth method.
Patch v2: use WEB_AUTH instead WEBAUTH