Hi!
I'm currently preparing the OpenVPN-NL 2.5 release at Fox-IT. (We're a
bit behind the times...) I thought that one of our patches, by Steffan
Karger, could be useful in regular OpenVPN. He said that he hadn't
submitted it yet, and thought it would be a good idea to ask.
The patch increases
Am 18.03.2021 um 21:52 schrieb David Sommerseth:
If this is due to an outdated pkg-config, I'm reluctant to give this
patch an ACK. Using properly up-to-date dependency stack should be a
reasonable precondition to build OpenVPN. If it is due to unavailable
pkg-config, it's a different
On 19/03/2021 00:00, Juliusz Sosinowicz wrote:
For reference, the version of pkg-config shipped on my Ubuntu 14 vm is
0.26-1ubuntu4. It looks like the default packages are very outdated.
Thanks for checking. You might want to reconsider if you want to
support Ubuntu 14 these days; Ubuntu
On 18/03/2021 21:52, David Sommerseth wrote:
It would be great to figure out if pkg-config is available on those
build hosts failing without this change. If it is present, it needs to
be checked which version it is.
If this is due to an outdated pkg-config, I'm reluctant to give this
patch
For reference, the version of pkg-config shipped on my Ubuntu 14 vm is
0.26-1ubuntu4. It looks like the default packages are very outdated.
Juliusz
On 18/03/2021 21:52, David Sommerseth wrote:
On 18/03/2021 19:12, Juliusz Sosinowicz wrote:
PKG_CHECK_VAR is not available on older versions of
On 18/03/2021 19:12, Juliusz Sosinowicz wrote:
PKG_CHECK_VAR is not available on older versions of autoconf. This
patch copies the definition generated by newer versions of autoconf to
be used for compatibility with older versions. Tested with automake
1.14.1-2ubuntu1 and autoconf 2.69-6.
PKG_CHECK_VAR is not available on older versions of autoconf. This patch copies
the definition generated by newer versions of autoconf to be used for
compatibility with older versions. Tested with automake 1.14.1-2ubuntu1 and
autoconf 2.69-6.
Signed-off-by: Juliusz Sosinowicz
---
compat.m4 |
On 18/03/2021 18:56, Gert Doering wrote:
Hi,
On Thu, Mar 18, 2021 at 06:25:13PM +0100, David Sommerseth wrote:
I'm not seeing the rationale to why we need this; can you explain that?
See my other mail: because the previous configure.ac patch (for WolfSSL
support) breaks some platforms.
Hi,
On Thu, Mar 18, 2021 at 06:25:13PM +0100, David Sommerseth wrote:
> I'm not seeing the rationale to why we need this; can you explain that?
See my other mail: because the previous configure.ac patch (for WolfSSL
support) breaks some platforms. Seems "some m4 bits" are not universally
there.
On 18/03/2021 12:14, Илья Шипицин wrote:
this probably will break windows cross compile (it uses lz4 bundle).
Samuli, can you please keep any eye on it (new test installer maybe) ?
Is it too early to consider --disable-lz4 all together? Maybe try that
initially for the 2.6 and see how well
On 18/03/2021 17:16, Juliusz Sosinowicz wrote:
Signed-off-by: Juliusz Sosinowicz
---
compat.m4 | 16
1 file changed, 16 insertions(+)
diff --git a/compat.m4 b/compat.m4
index e54a7203..47650f6d 100644
--- a/compat.m4
+++ b/compat.m4
@@ -64,6 +64,22 @@ ifdef(
Signed-off-by: Juliusz Sosinowicz
---
compat.m4 | 16
1 file changed, 16 insertions(+)
diff --git a/compat.m4 b/compat.m4
index e54a7203..47650f6d 100644
--- a/compat.m4
+++ b/compat.m4
@@ -64,6 +64,22 @@ ifdef(
AC_DEFUN([AC_TYPE_UINT64_T], [])
]
)
How embarrassing ..
On 18/03/2021 07:12, Gert Doering wrote:
Your patch has been applied to the master and release/2.5 branch.
I've corrected the spelling of "Diffy" to "Diffie", according to
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
I have not tested this further than "it
Hi,
On Thu, Mar 18, 2021 at 03:01:16PM +0100, Juliusz Sosinowicz wrote:
> which version of autoconf exactly is causing this explosion?
The one shipped with Ubuntu 16 is "2.69-9" and automake "1.15-4"
which matches NetBSD 8.1
nbsd81$ pkg_info |grep auto
autoconf-2.69nb8Generates automatic
Hi Gert,
which version of autoconf exactly is causing this explosion?
Juliusz
On 18/03/2021 14:56, Gert Doering wrote:
Hi,
On Thu, Mar 18, 2021 at 02:21:02PM +0100, Gert Doering wrote:
Your patch has been applied to the master branch.
I have not tested actual WolfSSL builds, but done a
Hi,
On Thu, Mar 18, 2021 at 02:21:02PM +0100, Gert Doering wrote:
> Your patch has been applied to the master branch.
>
> I have not tested actual WolfSSL builds, but done a quick compile test
> to see if it would break old/new openssl or old/new mbedtls configure
> runs. All works :-)
Well.
Acked-by: Gert Doering
Your patch has been applied to the master branch.
(This is a fairly old patch which has been sitting in my queue, waiting
for the WolfSSL patch to be merged)
commit f38819b7e42ea99f6ae218be6e6345c397c1af4c
Author: Arne Schwabe
Date: Fri Apr 17 09:43:45 2020 +0200
Your patch has been applied to the master branch.
I have not tested actual WolfSSL builds, but done a quick compile test
to see if it would break old/new openssl or old/new mbedtls configure
runs. All works :-)
commit f6dca235ae560597a0763f0c98fcc9130b80ccf4
Author: Juliusz Sosinowicz
Date:
Am 17.03.21 um 19:11 schrieb Juliusz Sosinowicz:
> This patch adds support for wolfSSL in OpenVPN. Support is added by using
> wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
> instead the OpenSSL includes point to wolfSSL headers and OpenVPN is linked
> against the
Hi,
On Mon, Feb 01, 2021 at 06:43:10PM +0100, Arne Schwabe wrote:
> We never had handling of this failure condition. But should it happen
> we can now handle it.
For the sake of the list archives: this patch was folded into the
larger "Prefer TLS libraries TLS PRF function, fix OpenVPN in FIPS
this probably will break windows cross compile (it uses lz4 bundle).
Samuli, can you please keep any eye on it (new test installer maybe) ?
чт, 18 мар. 2021 г. в 12:45, Gert Doering :
> Acked-by: Gert Doering
>
> I have tested compilation "with default options" on FreeBSD with lz4
> (works),
Acked-by: Gert Doering
Tested with exactly that testbed that initially discovered the SIGSEGV,
and as expected, it no longer crashes. Verified that it still crashes
with "--verb 8" (it does).
Code also looks secure and does what it says on the lid.
That said, ACKed and merged, I'm still not
Hi,
On 16-03-2021 13:44, Arne Schwabe wrote:
> The main motivation to make this change is to avoid a crash in mbed TLS
> 2.25 with --verb < 8.
>
> mbed TLS 2.25 has a nasty bug that the print function for Montgomery style
> EC curves (Curve25519 and Curve448) does segfault. See also the issue
>
Acked-by: Gert Doering
I have tested compilation "with default options" on FreeBSD with lz4
(works), Gentoo without lz4 (errors out), Gentoo with lz4 (works), and
with --disable-lz4 on Gentoo without lz4 (works).
I assume some of the buildbots will need a bit of tending now (because
"no lz4
Your patch has been applied to the master and release/2.5 branch.
I've corrected the spelling of "Diffy" to "Diffie", according to
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
I have not tested this further than "it compiles".
commit 4170da0778b926cea748c319163fdcfc7c6bc445
25 matches
Mail list logo