Re: [Openvpn-devel] man page patch

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 16/04/10 19:48, Jan Just Keijser wrote: > man page patch to fix (based on the git page). > > - explicit-exit-notify text is misleading : parameter [n] is the number > of attempts not the number of retries > > - I would make a statement that a

Re: [Openvpn-devel] [PATCH] Mention mssfix default value in the man page

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 15/04/10 20:52, Davide Brini wrote: > The man page does not mention that the default value of "mssfix" is 1450. > > --- openvpn-2.1.1/openvpn.8 2010-02-28 22:17:45.0 + > +++ openvpn-2.1.1-a/openvpn.8 2010-04-15 19:43:53.0

[Openvpn-devel] [PATCH] Use more appropriate error codes in create_temp_file()

From: David Sommerseth Avoids using M_FATAL, which will terminate the OpenVPN process, except where it really is needed. It's considered needed when the function fails after 5 attempts, as that most likely indicates problem with getting enough random data for the

Re: [Openvpn-devel] [PATCHv2 0/3] Harden create_temp_filename()

Hi, On Fri, Apr 16, 2010 at 10:21:50PM +0200, David Sommerseth wrote: > In a Debian bug report [1] there were worries that the --client-connect > script hook was prune to a "symlink" attack. Even though this can > be recognised if --tmp-dir is set to a world writable directory, it is not >

Re: [Openvpn-devel] [PATCHv2 1/3] Harden create_temp_filename() (version 2)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 16/04/10 23:42, Fabian Knittel wrote: > Hi David, > > David Sommerseth wrote: >> +} >> + while (attempts < 6); >> >> - return gen_path (directory, BSTR (), gc); >> + msg (M_FATAL, "Failed to create temporary file after %i attempts", >>

Re: [Openvpn-devel] [PATCH 2/2] Fixed potential NULL pointer issue

Hi, On Sat, Apr 17, 2010 at 09:06:09PM +0200, David Sommerseth wrote: > If create_temp_file() returns NULL, this strlen() check would cause > a SEGV. Looks "obviously correct". ACK. gert -- USENET is *not* the non-clickable part of WWW!