the values
passed
to the %c places in, but it was not taken into consideration that size_t which
strlen() returns might not be the same as int or char.
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
---
socks.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff
The GNU C compiler warned about a potential issue with an if()
expression missing an extra set of parentheses.
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
---
ssl.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/ssl.c b/ssl.c
index c05d34f..8
.
On the other hand, the GNU C compiler complains about unused functions when
it discovers this situation.
This patch tries to only add these dummy() functions if the Microsoft Visual C
compiler is detected, via the _MSC_VER macro.
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
---
crypt
*** BLURB HERE ***
David Sommerseth (6):
Use stricter snprintf() formatting in socks_username_password_auth()
Fix compiler warnings about not used dummy() functions
Fixed potential misinterpretation of boolean logic
Only add some functions when really needed
Removed functions not being
The GNU C compiler gave warnings about some functions not being used.
These functions where only used if certian #ifdef sections was enabled.
This patch encapsulates these function declarations with matching #ifdef's
to make it more clear when these functions are needed.
Signed-off-by: David
The add_host_route_if_nonlocal() function is too simple to really
benefit from calling add_bypass_address() when this function is the
only caller to this function.
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
---
route.c | 34 --
1 files c
The GNU C compiler gave warnings about these functions in the patch
not being used anywhere. Doing a git grep on the code turned out
there were no callers to these functions. Taking these functions out,
as there is not good reason why to carry dead code.
Signed-off-by: David Sommerseth &l
to truncate the %c part
and not limit the %s as %.255s in this case.
Thanks for catching that, I'll send a new patch fixing this one!
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
may edit config-win32.h to enable or disable features, would
it be an idea to implement a config-win32.h parser which would extract
the relevant information? Look at configure_h.awk for more information.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
automatically discovered based on the --dev name, or set
using
the --dev-type option.
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
---
init.c |4
misc.c |3 +++
misc.h |1 +
3 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/init.c b/init.c
there's no harm in
starting with the beta2.2 branch. Your patches should fit well on top
of the new tree anyway.
Anyhow, thank you for your work! Please send your patches to this
mailing list, and we'll get them reviewed. If you have many smaller
commits, please ship them separately - as that i
oks, which will
enable the execve() code path for these hooks. And if
'--script-security 2 system' is set, it will use system() instead of
execve() to execute the scripts.
If --script-security 0 is used, the execve() calls will be completely
blocked.
For Linux, I believe the list of "built-in
ajority compile this with this feature enabled, we can consider
changing the default.
kind regards,
David Sommerseth
>
> On Thu, Oct 21, 2010 at 8:25 PM, Blaise Gassend <bla...@willowgarage.com>
> wrote:
>> Hi,
>>
>> To allow seamless roaming of our robots at willo
nteresting aspect of
using the NETLINK API.
Implementing NETLINK API will be investigated more for sure.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.
It fixes VS2008, and breaks compatibility with GCC before 3.0.
|
| For the records, it was discussed on IRC with David Sommerseth and yourself on
| 2010-12-04 around 11:08 UTC that we deem it unnecessary to keep GCC< 3.0
| compatibility for this new Windows-only code.
|
| From: Matthias Andree &
d regards,
David Sommerseth
> 2010/12/9 hmy <huangming...@gmail.com <mailto:huangming...@gmail.com>>
>
> I think tc can't do this. may be iptables can do it ?
>
> 2010/12/9 Peter Stuge <pe...@stuge.se <mailto:pe...@stuge.se>>
>
> hmy
-in functions.
In addition this patchset will also add a X509 certificate OpenSSL structure
to the openvpn_plugin_func_v3() calls, which contains the complete parsed
certificate sent from the client.
David Sommerseth (4):
Define the new openvpn_plugin_{open,func}_v3() API
Implement the core v3 plug
This just implements the basic API changes needed for the newer and more
flexible plug-in API.
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
---
openvpn-plugin.h | 222 +-
plugin.c |6 +-
plugin.h |
--nobind --auth-user-pass
This plug-in will only log arguments and environment variables it receives
during all the different plug-in phases OpenVPN currently supports. It will
also parse the X509 certificate information given during the TLS_VERIFY phase.
Signed-off-by: David Sommerseth &l
Let OpenVPN call the openvpn_plugin_open_v3() and
openvpn_plugin_func_v3() plug-in functions if they exist in the plug-in.
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
---
plugin.c | 29 +++--
1 files changed, 27 insertions(+), 2 deletions(-)
diff
The certificates sent to the plug-in API will only happen during the
OPENVPN_PLUGIN_TLS_VERIFY phase and will contain a pointer to the OpenSSL
X509 certificate data.
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
---
init.c |2 +-
misc.c |2 +-
m
to get the final inclusion go smoother in the end.
Adriaan, will this work for you? Any other comments or thoughts?
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 28/02/10 23:07, David Sommerseth wrote:
| From: Davide Guerri<dgue...@users.sourceforge.net>
|
| This patch makes it possible to use the --passtos option with 802.1Q tagged
| ethernet frames.
|
| sf.net tracker:
|
<https://sourceforge.ne
e OpenVPN v3 control
data, as they don't support it. And newer clients will receive these data
and can make use of it.
Kind regards,
David Sommerseth
Meeting minutes:
<http://thread.gmane.org/gmane.network.openvpn.devel/4221>
[1] See meeting minutes, 20:17:08 to 20:19:16 and 20:49
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 13/12/10 17:29, Karl O. Pinc wrote:
> On 12/13/2010 05:56:16 AM, David Sommerseth wrote:
>> By giving the "t" flag to _fdopen() on Windows, the file will be
>> opened in a "translate mode", where it will ta
M disk) and let OpenVPN use that.
kind regards,
David Sommerseth
> Vineet
> On Mon, Dec 13, 2010 at 4:35 PM, chantra <chan...@debuntu.org
> <mailto:chan...@debuntu.org>> wrote:
>
> Vineet,
>
> I think you could use Packet filtering plugin hook and use th
wrote the attached patch which will make the whole
- --x509-username-field and compile-time opt-in feature instead. Thus
covering this feature, including additional extensions of it.
With this patch in place, I believe we can more easily accept Markus'
patch into the git tree. We need however to re
that one can cause more issues with
cross-compilation.
Unfortunately this patch is arriving too late to get accepted for the OpenVPN
2.2 release we're putting together nowadays, but we will be able to get an
adjusted patch into the development tree for the next version.
kind regards,
David Somme
ul in a production
environment as well.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk0cvKgACgkQDC186MBRfrobVQCeNe4F7bHmmHilW3bqSAuOoUUk
x28AnjhHzSGKFJwptLNp9A8GypyPBEWA
ython file, or use the help() function in
python to get the documentation of a function/method/class/etc.
I suggest cleaning up these comments as a separate patch on top of this
patch.
Except of that, PATCH 1/6 gets an ACK from me.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/01/11 10:56, Samuli Seppänen wrote:
>
>
ACK!
(For the future, some of the comments you placed in the code would fit
well into a commit log comment as well)
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/01/11 10:57, Samuli Seppänen wrote:
> FYI: show.py is only used interactively to visualize current build
> configuration
ACK.
Kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment:
probably rearrange the order of these three so they come together.
This patch gets an ACK from me anyway.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.m
he automake/gcc-based Windows builds?
>
I'm leaning towards a NAK on this one, as it might influence
non-Visual C builds. OpenVPN have openvpn_snprintf() which is a
portable snprintf() function, and this one should be used instead. It's
found in buffer.[ch].
kind regards,
David Sommerseth
Makefile.am, and then have
separate Makefile.am per plugin? That way, each plug-in can more easily
control the build independently.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
constant for all
the v3 structures. It is not expected that these strucutures will change too
much and too often.
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
---
openvpn-plugin.h | 14 ++
plugin.c |4 ++--
plugin/examples/log_v3.c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/01/11 23:53, Matthias Andree wrote:
| Am 06.01.2011 22:50, schrieb David Sommerseth:
|> On 06/01/11 18:13, Matthias Andree wrote:
|> | Greetings,
|> |
|> | this is the beta2.2 patch pair for hooking the auth-pam and down-root
hope more people can help out and contribute, also if
you don't consider yourself a developer.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/11 09:40, Matthias Andree wrote:
> Am 11.01.2011 12:20, schrieb David Sommerseth:
>>
>> Hi folks!
>>
>> This is a little cry for help from us playing with the OpenVPN code.
>>
>> We have a quite good m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/11 21:48, Jan Just Keijser wrote:
> Hi David,
>
> David Sommerseth wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>>
>> Hi folks!
>>
>> This is a little cry for help from us p
rrectly, in the strict
manner they was designed for. Wiki-markup/HTML is way more flexible.
Or to say it another way, converting *roff -> HTML is easy as going
downhill, HTML -> *roff is more like going uphill.
However - nothing is impossible, it just takes a bit longer time :)
kind r
pn/ticket/84
Thank you very much for your report! I've sent a notification to the
developer of the IPv6 transport patch, and I hope he chimes in soon.
kind regards,
David Sommerseth
(+), 5 deletions(-)
Thank you very much, but I'm sorry to be a party killer ... this is already
implemented in the beta2.2, bugfix2.1 and allmerged branches.
commit d6b783a8ec505c8e158bd0304c5e195cff5bb8c3
Author: David Sommerseth <d...@users.sourceforge.net>
List-Post: openvpn-devel@lists.sou
ng at
best to read. However, we do have some source documentation patches is the
wild somewhere, waiting to go in soonish too - which I'd like to see go into
the 2.3 cycle. So - there's a little coordination needed to be done here with
such an overhaul too.
kind regards,
David Sommerseth
-BEGIN
first version of NSI installer script to win/openvpn.nsi
commit 3b315a57d579d9ba8e259216f722094f1c1dbcde
[PATCH] Changes to buildsystem patchset
commit c75a8976f070ef86cfced71b3df5cbce0e32e01a
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU
e...@the2masters.de>
ACK!
Thanks a lot for this fix. Good catch!
Applied to bugfix2.1 and merged into allmerged.
commit 4c4b8cedfa98e8892a53eadd154836f8fa8cea7a
Author: Stefan Hellermann <ste...@the2masters.de>
List-Post: openvpn-devel@lists.sourceforge.net
Date: Sun Feb 27 22:15:44
: Stefan Hellermann <ste...@the2masters.de>
>> Date: Sun Feb 27 22:15:44 2011 +0100
>>
>> Signed-off-by: Stefan Hellermann <ste...@the2masters.de>
>> Acked-by: David Sommerseth <dav...@redhat.com>
>> Signed-off-by: David Sommerseth &l
nclude that into the final 2.2 release.
However, I do not have any configuration available to cross compile with
mingw32 available. So if someone can please review and test this patch on
such a platform, I'll include as soon as I get an ACK.
Thanks for the heads-up!
kind regards,
it for 2.3, due to the work related to it.
But if it is ready in time, we can add it to 2.3. If not, there's always the
next 2.4 release in the horizon as well.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with
This patch is slightly modified, to honour --enable-x509-alt-username
compile time configuration. Two #ifdef's are added.
Signed-off-by: Markus Koetter <koet...@rrzn-hiwi.uni-hannover.de>
Signed-off-by: David Sommerseth <dav...@redhat.com>
Acked-by: David Sommerseth
restrict the usage of TCP. In addition, the --tls-auth
feature would not be useful in at all.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk157MQACgkQDC186MBRfrqQdg
nd UDP. If that works
better, then see how adaptable this solution is compared to the
implementation in OpenVPN. We can not remove the support for the current
OpenVPN wire format - as we need to be compatible (at least as long as we
are on OpenVPN 2.x) for older clients.
kind regards,
David So
for UDP servers and currently is only implemented
~ on Linux.
~ Note: clients connecting to a --multihome server should always
~ use the --nobind option.
Can you please test this?
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: Gn
;sam...@openvpn.net>
Acked-by: Gert Doering <g...@greenie.muc.de>
Signed-off-by: David Sommerseth <dav...@redhat.com>
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using G
t 4b312378e9e7084a0699ca6d4b895bdadb7540db
Author: Samuli Seppänen <sam...@openvpn.net>
List-Post: openvpn-devel@lists.sourceforge.net
Date: Tue Mar 15 16:37:41 2011 +0200
Replaced config-win32.h with win/config.h.in
Signed-off-by: Samuli Seppänen <sam...@openvpn.net>
Acked
s.sourceforge.net
Date: Tue Mar 15 16:36:41 2011 +0200
Fixes to win/openvpn.nsi
Signed-off-by: Samuli Seppänen <sam...@openvpn.net>
Acked-by: James Yonan <ja...@openvpn.net>
Signed-off-by: David Sommerseth <dav...@redhat.com>
-BEGIN PGP SIGNATURE
n-devel@lists.sourceforge.net
Date: Tue Mar 15 16:38:07 2011 +0200
Updated INSTALL-win32.txt
Signed-off-by: Samuli Seppänen <sam...@openvpn.net>
Acked-by: Gert Doering <g...@greenie.muc.de>
Signed-off-by: David Sommerseth <dav...@redhat.com>
-BEGIN PGP SIG
crash course:
<https://community.openvpn.net/openvpn/wiki/GitCrashCourse>
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2HxVYACgkQDC186MBRfrplqwCeP4Swqfhg6L2otdSE9K
eppänen <sam...@openvpn.net>
Acked-by: David Sommerseth <dav...@redhat.com>
Signed-off-by: David Sommerseth <dav...@redhat.com>
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedor
It is not clear in the manual that this feature is disabled
by default.
Signed-off-by: David Sommerseth <dav...@redhat.com>
---
openvpn.8 |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/openvpn.8 b/openvpn.8
index 525ddd5..9639f75 100644
--- a/openvpn.8
+++ b/ope
MMONNAME" replaced with certificate common
name in pam conversation.
Signed-off-by: Joe Patterson <j.m.patter...@gmail.com>
Acked-By: David Sommerseth <dav...@redhat.com>
Signed-off-by: David Sommerseth <dav...@redhat.com>
kind regards,
David Sommerset
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/03/11 14:54, David Sommerseth wrote:
> It is not clear in the manual that this feature is disabled
> by default.
>
> Signed-off-by: David Sommerseth <dav...@redhat.com>
> ---
> openvpn.8 |2 +-
> 1 files
?
The use of WSA_IO_INCOMPLETE without including winsock2.h is invalid!
Look at http://msdn.microsoft.com/en-us/library/aa921087.aspx
Signed-off-by: Alon Bar-Lev <alon.bar...@gmail.com>
Acked-by: James Yonan <ja...@openvpn.net>
Signed-off-by: David Sommerseth <dav...@redhat.com
regards,
David Sommerseth
[1] <http://thread.gmane.org/gmane.network.openvpn.devel/3829>
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2MYGgACgkQDC186MBRfrqOzQCaAxhIVqjz+a0ApmoArN
and beta2.2.
commit dc2ccc825c6952546132286c57b193d8bb9daacd
Author: chantra <chan...@debuntu.org>
List-Post: openvpn-devel@lists.sourceforge.net
Date: Fri Mar 25 10:24:30 2011 +0100
Clarify --tmp-dir option
Signed-off-by: chantra <chan...@debuntu.org>
Acked-By: Da
mitted proposals approved for the final
2.2 release. Which means that we need to have them latest within the next
couple of weeks. What is lacking will be postponed to OpenVPN 2.3.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with
/topic7751.html
Signed-off-by: David Sommerseth <dav...@redhat.com>
---
ssl.c | 10 ++
1 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/ssl.c b/ssl.c
index ed10714..6d9a9fd 100644
--- a/ssl.c
+++ b/ssl.c
@@ -1874,13 +1874,15 @@ init_ssl (const struct options *o
in the configuration
file by using the --tmp-dir option, as before.
To check what the default is at runime, you can see this easily by doing
this:
$ ./openvpn --verb 4 --dev tun | grep tmp_dir
Signed-off-by: David Sommerseth <dav...@redhat.com>
Tested-by: Jan Just Keijser <janj...@
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[resend copy to openvpn-devel list as well]
On 07/04/11 14:15, Alon Bar-Lev wrote:
> On Wed, Apr 6, 2011 at 7:10 PM, David Sommerseth <dav...@redhat.com> wrote:
>> In commit 4e1cc5f6dda22e9 the create_temp_filename() function
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/04/11 14:58, Jan Just Keijser wrote:
> David Sommerseth wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> [resend copy to openvpn-devel list as well]
>>
>> On 07/04/11 14:15, Alon Bar-Lev w
directory path. If this is not found,
/tmp will be used as the default. Nothing has changed in this
regard for Windows environments, where %TEMP% and %TMP% are checked
before the fallback.
Kind regards,
David Sommerseth
[1] <http://thread.gmane.org/gmane.network.openvpn.devel/4561>
the temporary directory can be defined by either setting
$TMPDIR or using the --tmp-dir option. Otherwise, /tmp will be the
default
[1]
http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03
Signed-off-by: David Sommerseth <dav...@redhat.com>
---
configure.ac
as the fallback.
Signed-off-by: David Sommerseth <dav...@redhat.com>
---
win/config.h.in |3 ---
win32.c | 36 ++--
2 files changed, 26 insertions(+), 13 deletions(-)
diff --git a/win/config.h.in b/win/config.h.in
index abf71d2..fb349d0 100644
---
to
behave as before - write temporary files in the directory where OpenVPN was
started.
[1] <http://thread.gmane.org/gmane.network.openvpn.devel/4561>
David Sommerseth (1):
Change the default --tmp-dir path to a more suitable path
options.c | 18 ++
win32.c
, this default value can be overridden in the configuration
file by using the --tmp-dir option, as before.
To check what the default is at runime, you can see this easily by doing
this:
$ ./openvpn --verb 4 --dev tun | grep tmp_dir
Signed-off-by: David Sommerseth <dav...@redhat.com>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/04/11 18:24, Gert Doering wrote:
> Hi,
>
> On Tue, Mar 29, 2011 at 01:15:39PM +0200, David Sommerseth wrote:
>> I have checked the man page against the options OpenVPN 2.2 supports and
>> cross-checked it against the man p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 14/04/11 23:52, Peter Stuge wrote:
> David Sommerseth wrote:
>> In commit 4e1cc5f6dda22e9 the create_temp_filename() function was
>> reviewed and hardened, which in the end renamed this function to
>> create_temp_file() in
n using prebuilt
TAP-drivers
Signed-off-by: Samuli Seppänen <sam...@openvpn.net>
Acked-by: David Sommerseth <d...@users.sourceforge.net>
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
Kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version
Thu Apr 14 17:41:23 2011 +0300
Removed Win2k from supported platforms list in INSTALL and
win/openvpn.nsi
Signed-off-by: Samuli Seppänen <sam...@openvpn.net>
Acked-by: David Sommerseth <d...@users.sourceforge.net>
Signed-off-by: David Sommerseth <d...@users.so
rce code directory. This makes
config_ti.py look for ../tapinstall/7600/sources instead.
Signed-off-by: Samuli Seppänen <sam...@openvpn.net>
Acked-by: David Sommerseth <d...@users.sourceforge.net>
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
kind reg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 14/04/11 16:29, David Sommerseth wrote:
> After all the discussions regarding the --tmp-dir patch [1], I have now
> condenced everything into one single patch. The main change is that
> the new win_get_tempdir() function is simplified
was introduced in commit 110e42d199e735ab1a31388c5678f59d0fa9
Trac-ticket: 120
Signed-off-by: Samuli Seppänen <sam...@openvpn.net>
Acked-by: David Sommerseth <dav...@redhat.com>
Signed-off-by: David Sommerseth <dav...@redhat.com>
(cherry picked from commit 6d1d08f6792109a4a4cdd9
module
instead will be very interesting.
I generally think that the crypto context needs to stay in memory for some
time, especially in UDP mode, to avoid re-negotiating of the connections in
case of connectivity issues between client and server. But when the
session is defined as closed by the OpenVPN se
From: David Sommerseth <d...@users.sourceforge.net>
A quick and dirty compile fix was introduced in commit 77d244050964525417,
and was accepted under the condition that it would be a temporary fix.
As the usage of _snprintf() is realy not ideal on Windows, this patch
uses the same well
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 21/04/11 20:47, David Sommerseth wrote:
> From: David Sommerseth <d...@users.sourceforge.net>
>
> A quick and dirty compile fix was introduced in commit 77d244050964525417,
> and was accepted under the condition that it would
ve done. Those
releases based on the git tree will also be signed tags.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk29pP4ACgkQDC186MBRfrpC9gCghFxLS2bZPW9uDWHSljrWv0zB
Qo
+0200
From: David Sommerseth <openvpn.l...@topphemmelig.net>
To: William Cooley <will...@wtip.net>
CC: Jan Just Keijser <janj...@nikhef.nl>, openvpn-users
<openvpn-us...@lists.sourceforge.net>
On 12/05/11 14:23, William Cooley wrote:
>
> On 5/12/2011 1:46 PM, Jan
would be prune to
get the same host again, due to TTL and randomisation of that result could
pick the same host again.
For a more proper and cleaner fail-over solution, you can use multiple
- --remote options together with --remote-random. This can also be used for
load-balancing as well.
kind regards,
escription of why this change is needed.
But you might want to get answer Gert's comment before submitting a new patch.
Kind regards,
David Sommerseth
On 18/05/11 16:38, Xavier Franquet wrote:
>if (!r->defined)
> return;
> @@ -1113,23 +1114,26 @@ add_route (struct route *r, c
e.network.openvpn.devel/4639
Signed-off-by: Matthew L. Creech <mlcre...@gmail.com>
Acked-by: Gert Doering <g...@greenie.muc.de>
Signed-off-by: David Sommerseth <dav...@redhat.com>
Next time, please commit your patch to your local tree and mail a patch
file generate
more appropriate
patch would consider the 'vpn_gateway' keyword. So if the gateway the new
route will use matches with what 'vpn_gateway' expands to, then adding a
'dev' argument to route makes sense.
What do you think?
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: Gnu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 16/05/11 13:10, David Sommerseth wrote:
> This makes 'comp-lzo' pushable without requiring clients to have
> --comp-lzo defined in the client configs. To make 'comp-lzo' not
> pushable on the client, a new 'disabled' argument have b
reconnect with '--comp-lzo no' in this kind of situation, without
giving odd errors in the log files. This auto-fix feature should probably
be possible to disable, for those wanting more control over what's happening.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
The push_peer_info feature depends on the SSL infrastructure and openvpn
will fail to build if ./configure --disable-crypto --disable-ssl is
used. The solution is to not define ENABLE_PUSH_PEER_INFO if we don't
have crypto/ssl.
Signed-off-by: David Sommerseth <dav...@redhat.com>
---
sys
build = host = x86_64-redhat-linux-gnu) with
> "--disable-management" also produces the same error (it passes through
> when "--disable-management" is removed).
Quick fix: add --disable-pkcs11 in addition to --disable-management
Can you try to apply the attached patch?
cs11.c was missing some header files which the management
interface includes. When you disable the management API, these include
files is missing and it collapses.
If this works for you, I'll take this as an ACK from you, then this patch
will get into the queue for a 2.2.1 release.
Kind regards,
from people who understand this.
Pure feature wise, this really sounds like a reasonable thing to change.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/06/11 19:22, Gert Doering wrote:
> Hi,
>
> On Fri, Jun 03, 2011 at 01:53:45PM +0200, David Sommerseth wrote:
>> Considering that the last Linux 2.2 update was released 25-Feb-2004
>> and the first Linux 2.4 rel
ceforge.net
Date: Fri Jun 17 12:18:02 2011 +0300
Fix a build-ca issue on Windows
Fixes Trac ticket #125
Signed-off-by: Samuli Seppänen <sam...@openvpn.net>
Acked-by: David Sommerseth <dav...@redhat.com>
Signed-off-by: David Sommerseth <dav...@redhat.com>
5a5325b (release/2.2)
Author: Samuli Seppänen <sam...@openvpn.net>
List-Post: openvpn-devel@lists.sourceforge.net
Date: Mon Jun 20 10:49:41 2011 +0300
Add new openssl.cnf to easy-rsa/Windows
This is required for patch "Fix a build-ca issue on Windows" to work
Signed-off-by: Samuli
101 - 200 of 2018 matches
Mail list logo