On Mon, Apr 20, 2015 at 16:30 +0200, Yegor Yefremov wrote:
> Release pCertName, if SecCertificateCopyValues() fails.
>
> Found via cppcheck.
>
> Signed-off-by: Yegor Yefremov <yegorsli...@googlemail.com>
> Cc: Vasily Kulikov <seg...@openwall.com>
Acked-by: Vasil
Hi,
On Mon, Mar 30, 2015 at 10:26 +0300, Samuli Seppänen wrote:
> > On Fri, Mar 06, 2015 at 17:29 +0300, Vasily Kulikov wrote:
> >> On Fri, Feb 27, 2015 at 20:34 +0100, Gert Doering wrote:
> >>> Mmmh. Actually we don't usually do Makefile changes, as this is always
&
Hi,
On Fri, Mar 06, 2015 at 17:29 +0300, Vasily Kulikov wrote:
> On Fri, Feb 27, 2015 at 20:34 +0100, Gert Doering wrote:
> > Mmmh. Actually we don't usually do Makefile changes, as this is always
> > generated by configure for us - so normally, it is good to have it in
Hi Gert,
On Fri, Feb 27, 2015 at 19:28 +0100, Gert Doering wrote:
> On Wed, Feb 25, 2015 at 07:07:18PM +0300, Vasily Kulikov wrote:
> > The patch is against commit 3341a98c2852d1d0c1eafdc70a3bdb218ec29049.
> >
> > v4:
> > - added '--management-external-cert' argum
d-off-by: Vasily Kulikov <seg...@openwall.com>
--
diff --git a/.gitignore b/.gitignore
index 538c020..f504ddb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -19,7 +19,6 @@ Debug
Win32-Output
.deps
.libs
-Makefile
Makefile.in
aclocal.m4
autodefs.h
diff --git a/contrib/keychain-mcd/Makefile b/contrib/k
On Mon, Feb 23, 2015 at 12:55 +, David Woodhouse wrote:
> On Mon, 2015-02-23 at 09:28 +0100, Arne Schwabe wrote:
> >
> > Am 23.02.15 um 09:04 schrieb Vasily Kulikov:
> > > management-external-cert 'macosx-keychain:SUBJECT:c=US'
> > >
> > > With th
SIGN or NEEDS-CERTIFICATE if it
> contains characters that are used as delimiters.)
IMNSHO don't change rsa-sign at all and have no API breakage.
--
Vasily Kulikov
http://www.openwall.com - bringing security into open computing environments
Hi,
On Sun, Feb 15, 2015 at 23:01 +0100, Gert Doering wrote:
> Hi,
>
> On Sun, Feb 15, 2015 at 10:05:07PM +0100, Arne Schwabe wrote:
> > Am 24.01.15 um 18:04 schrieb Vasily Kulikov:
> [..]
> > > OpenVPN itself gets new 'NEED-CERTIFICATE" command which is called
ge right away :-)
Thank you for the review, I'll send the patch during the weekends.
--
Vasily Kulikov
http://www.openwall.com - bringing security into open computing environments
ssage/33125844/):
- used RSA_METHOD to extend openvpn itself
- used autoconf and automake scripts
- used newer Mac OS X API
- improved crypto API errors checking
Brian Raderman's version:
http://thread.gmane.org/gmane.network.openvpn.devel/3631
Signed-off-by: Vasily Kulikov <seg...@openwall.com&
On Mon, Jan 12, 2015 at 13:54 +0100, Arne Schwabe wrote:
>
> Am 12.01.15 12:45, schrieb David Woodhouse:
> > On Mon, 2015-01-12 at 11:51 +0300, Vasily Kulikov wrote:
> >> This patch adds support for using certificates stored in the Mac OSX
> >> Keychain to authen
:
http://thread.gmane.org/gmane.network.openvpn.devel/9320
Signed-off-by: Vasily Kulikov <seg...@openwall.com>
---
diff --git a/.gitignore b/.gitignore
index 538c020..f504ddb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -19,7 +19,6 @@ Debug
Win32-Output
.deps
.libs
-Makefile
Makef
and the external daemon. On
> the rsa-sign request, Tunnelblick would just connect to the external
> daemon ask that daemon to process the rsa-sign request.
Right. I was talking more about breaking current state of affairs
rather than completely incompatible changes that cannot be fixed on the
Tunnelblick side.
--
Vasily Kulikov
http://www.openwall.com - bringing security into open computing environments
Hi,
On Fri, Dec 12, 2014 at 19:24 +0100, Arne Schwabe wrote:
> > On Mon, Dec 08, 2014 at 14:52 +0300, Vasily Kulikov wrote:
> >> This patch adds support for using certificates stored in the Mac OSX
> >> Keychain to authenticate with the OpenVPN server. This works with
Hi Arne,
On Fri, Dec 12, 2014 at 19:24 +0100, Arne Schwabe wrote:
> Am 12.12.14 17:52, schrieb Vasily Kulikov:
> > Any comments?
> >
> None yet. The patch is very large and our time is unfortenately limited.
> And the number of people how do crypto and Mac OS is even smal
Hi,
On Mon, Dec 08, 2014 at 14:52 +0300, Vasily Kulikov wrote:
> This patch adds support for using certificates stored in the Mac OSX
> Keychain to authenticate with the OpenVPN server. This works with
> certificates stored on the computer as well as certificates on hardware
() and similar. However, they are used in other OpenVPN
code, so I decided not to touch it.
The patch is against commit 3341a98c2852d1d0c1eafdc70a3bdb218ec29049.
Signed-off-by: Vasily Kulikov <seg...@openwall.com>
--
diff --git a/configure.ac b/configure.ac
index 608ab6d..127e173
17 matches
Mail list logo