Hello,
It was broadcasted several times that we will get rid of bundled lz4
someday.
Currently, windows installer is built using that lib. Does it make sense to
change windows installer?
Cheers,
Ilya Shipitsin
--
Check o
Hi,
On Sun, Mar 4, 2018 at 6:22 PM, Steffan Karger wrote:
>
> On 05-03-18 00:13, Jeremie Courreges-Anglas wrote:
>> On Sun, Mar 04 2018, Selva Nair wrote:
>> --8<--
>> [...]. OpenSSL itself only provided said setters (since 2015)[2]. The
>> getters were added to OpenSSL later (Sep 2017)[3].
>>
On 05-03-18 00:26, Steffan Karger wrote:
> Yes, I'd rather not use the workaround if not needed.
Bad wording. Read that as "I'm no longer opposed to a patch".
-Steffan
--
Check out the vibrant tech community on one of
Hi,
On 04-03-18 19:59, Jeremie Courreges-Anglas wrote:
> On Thu, Dec 14 2017, Steffan Karger wrote:
>
> [...]
>
>> NAK.
>>
>> Looking at this patch again I realize I have misunderstood the
>> intentions when first looking at it. I thought LibreSSL *did* have an
>> SSL_CTX_get0_certificate() an
On 05-03-18 00:13, Jeremie Courreges-Anglas wrote:
> On Sun, Mar 04 2018, Selva Nair wrote:
> --8<--
> [...]. OpenSSL itself only provided said setters (since 2015)[2]. The
> getters were added to OpenSSL later (Sep 2017)[3].
>
> [2]
> https://github.com/openssl/openssl/commit/7946ab33cecce60
On Sun, Mar 04 2018, Selva Nair wrote:
> Hi,
>
> On Sun, Mar 4, 2018 at 1:48 PM, Jeremie Courreges-Anglas
> wrote:
>> On Sun, Mar 04 2018, selva.n...@gmail.com wrote:
>>> From: Selva Nair
>>>
>>> Openssl docs do not explicitly state these to be macros although they
>>> are currently defined as
On 04-03-18 23:23, Jeremie Courreges-Anglas wrote:
> On Sun, Mar 04 2018, Selva Nair wrote:
>> Libressl developers break API compatibility with openssl in such
>> perverse ways that there are no easy ways to support it. Take, for
>> example, the patch I just sent out which checks for certain func
Hi,
Most has been said, so I won't reiterate that. Gert++, Selva++.
On 04-03-18 13:43, Mina Barret via Openvpn-devel wrote:
> Ok, bummer, the (german) wikipedia experience again - rejected. The
> second and third read of the well distributed Changelog(s) and release
> note(s) does not bring up a
On Sun, Mar 04 2018, Selva Nair wrote:
[...]
> Libressl developers break API compatibility with openssl in such
> perverse ways that there are no easy ways to support it. Take, for
> example, the patch I just sent out which checks for certain functions
> instead of disabling using LIBRESSL_VERSI
Hi,
On Sun, Mar 4, 2018 at 1:48 PM, Jeremie Courreges-Anglas
wrote:
> On Sun, Mar 04 2018, selva.n...@gmail.com wrote:
>> From: Selva Nair
>>
>> Openssl docs do not explicitly state these to be macros although they
>> are currently defined as such.
>
> Actually they are documented as macros by
On Thu, Dec 14 2017, Steffan Karger wrote:
[...]
> NAK.
>
> Looking at this patch again I realize I have misunderstood the
> intentions when first looking at it. I thought LibreSSL *did* have an
> SSL_CTX_get0_certificate() and this patch would make us use it (instead
> of the workaround in the
Hi,
On Sun, Mar 4, 2018 at 11:47 AM, Jeremie Courreges-Anglas
wrote:
> On Sun, Mar 04 2018, Gert Doering wrote:
>
> [...]
>
>> "Please note that LibreSSL is not a supported crypto backend. We
>> accept patches and we do test on OpenBSD 6.0 which comes with
>> LibreSSL, but if newer versions of
On Sun, Mar 04 2018, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> Openssl docs do not explicitly state these to be macros although they
> are currently defined as such.
Actually they are documented as macros by OpenSSL since day 1, see
NOTES.
> Use AC_CHECK_DECLS to test for these so that
Great, Thank You!
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Openvpn-devel mailing list
From: Selva Nair
Openssl docs do not explicitly state these to be macros although they
are currently defined as such. Use AC_CHECK_DECLS to test for these so that
both function and macro forms could be detected.
Signed-off-by: Selva Nair
---
Though not meant as a fixup for libressl, as a side e
On Sun, Mar 04 2018, Gert Doering wrote:
[...]
> "Please note that LibreSSL is not a supported crypto backend. We
> accept patches and we do test on OpenBSD 6.0 which comes with
> LibreSSL, but if newer versions of LibreSSL break API compatibility
> we do not take responsibility to fix that."
On Sun, Mar 04 2018, Steffan Karger wrote:
> Hi,
>
> On 04-03-18 10:08, Gert Doering wrote:
>> On Thu, Mar 01, 2018 at 12:11:23AM +0100, Steffan Karger wrote:
>>> As discussed in the community meeting of 13-12-2017, we should warn our
>>> users that LibreSSL is not officially supported. We expect
Hi,
On Sun, Mar 04, 2018 at 07:43:14AM -0500, Mina Barret via Openvpn-devel wrote:
> The release last week was different than the releases before.
> Usually all i have to do is updating the version, rebuild and QA.
> The release notes state 'This is primarily a maintenance release,
> with further
Check the return values of management_query_cert() and
tls_ctx_use_external_private_key(), and error out with a more descriptive
error message. To do so, we make the openssl-backed implementation of
tls_ctx_use_external_private_key() not throw fatal error anymore.
(And fix line wrapping while tou
Hallo OpenVPN developers,
The last years i closely follow your advances in the source. When you release a
new version of the software, i will pull it, build it in different
configurations and ship it to a small userbase.
To allow the users to choose the flavor of SSL, one of the configurations i
Your patch has been applied to the master and release/2.4 branch
(with some conflicts due to changed context in master, but that was
easy enough to resolve).
Thanks.
commit 6bee1a1fc01f3d3ddf114b48e52e5b10d57033cb (master)
commit 1f342aad6a13aaae1cc54f632498e0646a1bfe1a (release/2.4)
Author: Joos
Hi,
On 01-03-18 05:15, Selva Nair wrote:
> We can avoid all overflow and eliminate the check and the ASSERT
> by writing it as
>
> time_t wakeup = (et->last - local_now) + et->n; // parens added for clarity
>
> For the first subtraction to overflow, last and now have to differ by
>> INT_MAX (for
Hi,
On 28-02-18 14:52, Joost Rijneveld wrote:
> In tls_ctx_use_external_private_key, the return codes were inverted
> compared to what is documented in ssl_backend.h (and what can
> reasonably be expected). Internally the return code is never checked,
> so this did not directly result in any chang
Hi,
On 04-03-18 10:08, Gert Doering wrote:
> On Thu, Mar 01, 2018 at 12:11:23AM +0100, Steffan Karger wrote:
>> As discussed in the community meeting of 13-12-2017, we should warn our
>> users that LibreSSL is not officially supported. We expect that it
>> currently works, but it might suddenly b
Hi,
On Thu, Mar 01, 2018 at 12:11:23AM +0100, Steffan Karger wrote:
> As discussed in the community meeting of 13-12-2017, we should warn our
> users that LibreSSL is not officially supported. We expect that it
> currently works, but it might suddenly break or we might decide to no
> longer build
Your patch has been applied to the release/2.4 branch.
(I've added a commit message explaining what Selva wrote about the
cherrypick etc., setting you as author)
commit 88abb911ea22a306e87fba58410da45c2baad57f
Author: Simon Matter
Date: Fri Mar 2 08:49:31 2018 +0100
Add missing #ifdef SSL
Acked-by: Gert Doering
Test compiled, not actually run - but "stare at code" is convincing enough.
Your patch has been applied to the master and release/2.4 branch.
commit b607900ba937b5f45796d2e3810ef91a32826927 (master)
commit 716fdb24be7857e242c3174a51485446502481ea (release/2.4)
Author: Sel
On 04/03/18 16:05, Samuli Seppänen wrote:
> The owner would get a notification email but the ticket would not be
> automatically assigned to him/her.
>
> Thoughts?
I like that. Because we mostly need "somebody responsible for that area"
to be notified and it does not necessarily need to be the
Il 03/03/2018 17:58, Selva Nair ha scritto:
> Hi,
>
> These days many (all?) trac tickets appears with an owner set. When I
> see an owner it gives the impression that person is looking into it
> and makes me less inclined to investigate.
>
> But it looks like this is automatically assigned and i
29 matches
Mail list logo