On Wed, Feb 15, 2017 at 10:34:16PM +0100, Olivier W wrote:
> Hello Steffan,
>
> 2017-02-14 23:00 GMT+01:00 Steffan Karger :
>
> > Code still looks good, patch looks a lot better (applies cleanly now),
> > but could use an extra newline in the subject. But that doesn't warrant
Hello Steffan,
2017-02-14 23:00 GMT+01:00 Steffan Karger :
> Code still looks good, patch looks a lot better (applies cleanly now),
> but could use an extra newline in the subject. But that doesn't warrant
> an extra patch iteration, so ACK.
Great, thanks!
Yes, I don't know
Hi,
On 13-02-17 19:38, O2 Graphics wrote:
> Use SSL_CTX_get0_privatekey() for OpenSSL >= 1.0.2
>
> Signed-off-by: Olivier Wahrenberger
> ---
> src/openvpn/ssl_openssl.c | 14 +++---
> 1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git
Hey :-)
2017-02-14 21:00 GMT+01:00 Gert Doering :
> Funny enough, I was already subscribed to that bug... :)
:-)
> I find it a bit weird that this not addressed upstream in git itself,
> but is burdened on the operating system maintainers... but most likely,
> I'm missing
Hi,
On Tue, Feb 14, 2017 at 08:32:42PM +0100, Olivier W wrote:
> So, finally I've been able to use "git-send-email" with TLS. The
> problem was a patch used by FreeBSD.
>
> If there are any FreeBSD users on this list or for the curious, you
> can find more information on FreeBSD's bugtracker:
>
Hello,
So, finally I've been able to use "git-send-email" with TLS. The
problem was a patch used by FreeBSD.
If there are any FreeBSD users on this list or for the curious, you
can find more information on FreeBSD's bugtracker:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214335#c10
Or if
Hello Selva,
2017-02-13 22:34 GMT+01:00 Selva Nair :
> On Debian jessie, the following .gitconfig works fo me.
>
> [sendemail]
> smtpEncryption = tls
> smtpServer = smtp.gmail.com
> smtpUser = user.n...@gmail.com
> smtpServerPort = 587
Hi,
On Mon, Feb 13, 2017 at 3:55 PM, Olivier W wrote:
> >> That's a not exactly helpful error message... :( - I tend to just turn
> >> off SSL on stuff that goes to public mailing lists anyway if it causes
> >> issues...
> >
> > OpenSSL errors requires quite some efforts
Hello David,
2017-02-13 20:37 GMT+01:00 David Sommerseth :
>
> smtpsslcertpath needs to point at a CA certificate which issued the SMTP
> server certificate. You can easily verify that things are correct by
> grabbing the server certificate using openssl:
>
>
On 13/02/17 18:50, Gert Doering wrote:
> Hi,
>
> On Mon, Feb 13, 2017 at 06:46:11PM +0100, Olivier W wrote:
[...snip...]
>> Now I'm fighting with git which doesn't want to use gmail's smtp
>> server to send the email. My .gitconfigure file is similar to:
>>
Hey :-)
2017-02-13 18:50 GMT+01:00 Gert Doering :
> That's a not exactly helpful error message... :( - I tend to just turn
> off SSL on stuff that goes to public mailing lists anyway if it causes
> issues...
Thanks. I also tried without SSL, but then I had messages about git
Use SSL_CTX_get0_privatekey() for OpenSSL >= 1.0.2
Signed-off-by: Olivier Wahrenberger
---
src/openvpn/ssl_openssl.c | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index
Hi,
On Mon, Feb 13, 2017 at 06:46:11PM +0100, Olivier W wrote:
> 2017-02-13 9:31 GMT+01:00 Gert Doering :
> > Look at "git rebase --interactive", which will enable you to squash
> > three commits into a single one. Then you can use "git commit --amend"
> > to work on the
Hello Gert,
2017-02-13 9:31 GMT+01:00 Gert Doering :
> Look at "git rebase --interactive", which will enable you to squash
> three commits into a single one. Then you can use "git commit --amend"
> to work on the (combined) commit message until you're happy with it.
Thanks
Hi,
On Mon, Feb 13, 2017 at 12:02:45AM +0100, Olivier W wrote:
> I'll be sending the patch with "git format-patch" + "git send-email"
> as I have three commits and I'm not sure how to send a single patch
> with only "git send-email"
Look at "git rebase --interactive", which will enable you to
Hello Steffan,
2017-02-10 22:20 GMT+01:00 Steffan Karger :
>
> The code change looks good to me, so ACK to that.
Thanks!
> The commit does need a better commit message though, and somewhere in
> the process the newlines got mangled. I think the commit message of
> your
Hi,
On 09-02-17 21:04, Olivier W wrote:
> Hello,
> Please find the new version of the patch.
>
> So, I added back the comment I had removed and new versions of OpenSSL
> will use SSL_CTX_get0_privatekey() instead of SSL_new() +
> SSL_get_privatekey() + SSL_free().
>
> It successfully compile
Hello,
Please find the new version of the patch.
So, I added back the comment I had removed and new versions of OpenSSL
will use SSL_CTX_get0_privatekey() instead of SSL_new() +
SSL_get_privatekey() + SSL_free().
It successfully compile with LibreSSL 2.4.5, 2.5.1 and OpenSSL 1.0.2k.
I've also
Hello,
2017-02-08 23:39 GMT+01:00 Steffan Karger :
>
> The code change looks good, and passes my (manual) tests. I'd like to
> keep the comment though, because this still is a hack/workaround to get
> the private key from the SSL_CTX object, it just does so a little nicer
> at
Am 08.02.17 um 23:39 schrieb Steffan Karger:
> Hi,
>
> On 06-02-17 20:18, Olivier W wrote:
>> Should be compatible with all versions of OpenSSL and LibreSSL.
>> Similar to what is done in curl:
>>
Hi,
On 07-02-17 09:45, Илья Шипицин wrote:
> I have a question (sorry if I couldn't check myself): did you check that
> SSL_get_privatekey() and SSL_free() won't crash when ssl is NULL ?
>
> what if we involve clang static analyzer for such things ? can we count
> on it ?
>
> it is
Hi,
On 06-02-17 20:18, Olivier W wrote:
> Should be compatible with all versions of OpenSSL and LibreSSL.
> Similar to what is done in curl:
> https://github.com/curl/curl/blob/028391df5d84d9fae3433afdee9261d565900355/lib/vtls/openssl.c#L603-L619
>
> Error while compiling was:
>
Hello,
Good question. For the test, I looked how it was done in other parts
of ssl_openssl.c, like around line 1518:
https://github.com/OpenVPN/openvpn/blob/master/src/openvpn/ssl_openssl.c#L1518-L1522
and did the same.
And as said by Gert, crypto_msg() solve it.
I'm sorry, in my first message,
2017-02-07 9:14 GMT+05:00 Antonio Quartulli :
> On Mon, Feb 06, 2017 at 08:18:01PM +0100, Olivier W wrote:
> > Should be compatible with all versions of OpenSSL and LibreSSL.
> > Similar to what is done in curl:
> >
Hi,
On Tue, Feb 07, 2017 at 12:14:51PM +0800, Antonio Quartulli wrote:
> > +if (!ssl)
> > +{
> > +crypto_msg(M_FATAL, "SSL_new failed");
> > +}
> > +pkey = SSL_get_privatekey(ssl);
> > +SSL_free(ssl);
>
> I have a question (sorry if I couldn't
On Mon, Feb 06, 2017 at 08:18:01PM +0100, Olivier W wrote:
> Should be compatible with all versions of OpenSSL and LibreSSL.
> Similar to what is done in curl:
> https://github.com/curl/curl/blob/028391df5d84d9fae3433afdee9261d565900355/lib/vtls/openssl.c#L603-L619
>
> Error while compiling was:
Should be compatible with all versions of OpenSSL and LibreSSL.
Similar to what is done in curl:
https://github.com/curl/curl/blob/028391df5d84d9fae3433afdee9261d565900355/lib/vtls/openssl.c#L603-L619
Error while compiling was:
"ssl_openssl.c:512:30: error: no member named 'cert' in 'struct
27 matches
Mail list logo