Acked-by: Gert Doering
"Explanation and Code make sense, Debian testing confirmed it fixes
the problem observed" (which was a user error in the end, but led to an
unexpected error in openvpn).
Basic client test run with openssl 1.1.1 on Linux/Gentoo.
Your patch has been applied to the master
Carrying around the INLINE_TAG is not really efficient,
because it requires a strcmp() to be performed every
time we want to understand if the data is stored inline
or not.
Convert all the *_inline attributes to bool to make the
logic easier and checks more efficient.
Signed-off-by: Antonio
Hi Arne,
On 22/04/20 10:13, Arne Schwabe wrote:
SSL_check_chain() function".
Which we don't, I just grepped through our source tree.
So, unless I misunderstand something about OpenSSL intricacies, I think
we're safe - no new installers needed, and OpenVPN is not in risk.
the advisory
Hi,
On Wed, Apr 22, 2020 at 10:21:52AM +0200, Christian Hesse wrote:
> > So, speaking to myself again :-) - I've looked at the advisory, and
> > it talks about "Server or client applications that call the
> > SSL_check_chain() function".
>
> Are you sure that openvpn code does not call any
Gert Doering on Tue, 2020/04/21 20:59:
> Hi,
>
> On Tue, Apr 21, 2020 at 08:37:35PM +0200, Gert Doering wrote:
> > On Tue, Apr 21, 2020 at 02:15:43PM -0400, mike tancsa wrote:
> > > Will the sec issue with OpenSSL force a new release of OpenVPN ?
> > >
> > >
>> SSL_check_chain() function".
>>
>> Which we don't, I just grepped through our source tree.
>>
>> So, unless I misunderstand something about OpenSSL intricacies, I think
>> we're safe - no new installers needed, and OpenVPN is not in risk.
>>
>>
> the advisory applies only to application that
Hi Gert,
On 21/04/20 20:59, Gert Doering wrote:
Hi,
On Tue, Apr 21, 2020 at 08:37:35PM +0200, Gert Doering wrote:
On Tue, Apr 21, 2020 at 02:15:43PM -0400, mike tancsa wrote:
Will the sec issue with OpenSSL force a new release of OpenVPN ?
