Re: [Openvpn-devel] OpenVPN 3 Linux client - v8 beta released

On 10/02/2020 23:32, David Sommerseth wrote: > > Hi, > > The OpenVPN 3 Linux v8 beta is now released. > > This is available in our git repositories [0] and URLs for source tarballs > are listed later in this e-mail. We have pre-built binaries for the > following Linux distributions: > > *

[Openvpn-devel] [PATCH v4 2/2] Allow unicode search string in --cryptoapicert option

From: Selva Nair Currently when the certificate is specified as "SUBJ:foo", the string foo is assumed to be ascii. Change that and interpret it as utf-8, convert to a wide string, and flag it as unicode in CertFindCertifcateInStore(). Signed-off-by: Selva Nair --- v4: matched to v4 of 1/2

[Openvpn-devel] [PATCH v4 1/2] Skip expired certificates in Windows certificate store

From: Selva Nair Have the cryptoapicert option find the first matching certificate in store that is valid at the present time. Currently the first found item, even if expired, is returned. This makes it possible to update certifiates in store without having to delete old ones. As a side effect,

Re: [Openvpn-devel] [PATCH] openssl: alternative names support for --verify-x509-name CN checks

On 12/02/2020 15:39, Arne Schwabe wrote: >> +bool >> +x509v3_is_host_in_alternative_names(mbedtls_x509_crt *cert, const char >> *host, bool *has_alt_names) >> +{ >> +    msg(M_WARN, "Missing support for subject alternative names in >> mbedtls."); I'm not happy about this at all. This should be

Re: [Openvpn-devel] [PATCH] openssl: alternative names support for --verify-x509-name CN checks

Am 10.02.20 um 18:59 schrieb Mateusz Markowicz via Openvpn-devel: > when using "--verify-x509-name [hostname] name" hostname will now be > accepted > also when matched against one of the X509v3 Subject Alternative Name IP > or DNS > entries (instead of just Subject's CN). > > see also: 

Re: [Openvpn-devel] [PATCH 2/4] argv: do fewer memory re-allocations

Am 06.02.20 um 14:21 schrieb David Sommerseth: > From: Heiko Hund > > Prevent the re-allocations of memory when the internal argv grows > beyond 2 and 4 arguments by initially allocating argv to hold up to > 7 (+ trailing NULL) pointers. > > While at it rename argv_reset to argv_free to

Re: [Openvpn-devel] [PATCH 3/4] Add gc_arena to struct argv to save allocations

Am 06.02.20 um 14:21 schrieb David Sommerseth: > From: Heiko Hund > > With the private gc_arena we do not have to allocate the strings > found during parsing again, since we know the arena they are > allocated in is valid as long as the argv vector is. > > Signed-off-by: Heiko Hund >

Re: [Openvpn-devel] [PATCH 4/4] Documented all the argv related code with minor refactoring

Am 06.02.20 um 14:21 schrieb David Sommerseth: > Added doxygen comments for all the functions in argv.c. > > There are some slight refactoring, renaming a few variables to make > their use case more obvious and ensure lines do not break our 80-chars > per line coding style limit. > >

Re: [Openvpn-devel] [PATCH 1/4] re-implement argv_printf_*()

Am 06.02.20 um 14:21 schrieb David Sommerseth: > From: Heiko Hund > > The previous implementation had the problem that it was not fully > compatible with printf() and could only detect % format directives > following a space character (0x20). > > It modifies the format string and inserts marks

Re: [Openvpn-devel] [PATCH 1/2] Skip DNS address validation

Hi! My I ask if there is anything else I can (or should) do regarding this patch? Perhaps send patch again with revised/updated description as suggested by Simon? Thank you! Regards, Domagoj ___ Openvpn-devel mailing list