ACK.
Patch has been applied to the master and release/2.3 branches.
commit dd3e319c1d66c7da51b8555d745a1139e0b322f2 (master)
commit 191af656f84dbb83a338ded5a72e1a23427837a5 (master)
Author: Steffan Karger
List-Post: openvpn-devel@lists.sourceforge.net
Date: Wed Jan 1 21:10:21 2014 +0100
ACK.
Your patch has been applied to the master and release/2.3 branches.
commit 441be9f4f91a16218d40b401384ead51b5aac0cc (master)
commit dce118c833433cc0300cbcfe6b2d0cc3d5c34a3d (release/2.3)
Author: Steffan Karger
List-Post: openvpn-devel@lists.sourceforge.net
Date: Wed Jan 1 21:10:22 2014
Hi Arne,
I am researching how "session id" can be added to packet. Could you please
clarify the statement "If we choose the session id to be 3 or 7 byte we
would not need the "hack" for the packets with
session id." ?
I am currently at very beginning, so questions might look odd.
1) "3 or 7"
Hi!
On 30.12.2013 18:31, Arne Schwabe wrote:
For negoating the packet format the client would submit something like
IV_CLNT_SUPPORT 1 or similar (look at the IV_SNAPPY, IV_LZO for
compression) to tell the server the supported format and the server
would push a packet-format 1 or something
Am 01.01.14 21:10, schrieb Steffan Karger:
> Export ciphers are deliberately weak ciphers, and not fully supported by
> OpenVPN since ephemeral RSA support has been removed a few commits ago.
> This commit removes them from the default cipher list to avoid confusion.
>
> PolarSSL does not support
Am 03.01.14 12:58, schrieb Lev Stipakov:
> Hi Arne,
>
> I am researching how "session id" can be added to packet. Could you please
> clarify the statement "If we choose the session id to be 3 or 7 byte we
> would not need the "hack" for the packets with
> session id." ?
>
> I am currently at
Am 01.01.14 21:10, schrieb Steffan Karger:
> This allows to check the available TLS ciphers for a specific configuration
> by supplying both --tls-cipher and --show-tls options.
>
>
ACK.
Arne
Am 01.01.14 21:10, schrieb Steffan Karger:
> This code would not really generate ephemeral keys every time it is called,
> but a single key that would be reused during process lifetime and returned
> each time the function was called; probably not what users would expect.
>
> TLS allowes ephemeral
Your patch has been applied to the master and release/2.3 branches.
commit cb03dca83e37fd65666bf776f39da902fb10acbc (master)
commit 5690c525e58769a72fb5dbe63b5f6af78dff92ad (release/2.3)
Author: Steffan Karger
List-Post: openvpn-devel@lists.sourceforge.net
Date: Wed Jan 1 21:10:23 2014 +0100
Your patch has been applied to the master branch.
commit 813aa55754c27bdae5380dce415497a574b47e1b
Author: Steffan Karger
List-Post: openvpn-devel@lists.sourceforge.net
Date: Wed Jan 1 21:10:24 2014 +0100
Remove OpenSSL tmp_rsa_callback. Removes support for ephemeral RSA in TLS.
Hi,
On Fri, Jan 03, 2014 at 02:28:51PM +0100, Arne Schwabe wrote:
> > 2) What you mean by "hack"? Do you mean new packet format or something else?
> The byte juggling the compress does.
Actually the "compress byte swap hack" is for the de-crypted material,
while *this* discussion is concernced
---
README.IPv6 | 29 ++---
TODO.IPv6 | 11 +--
2 files changed, 19 insertions(+), 21 deletions(-)
diff --git a/README.IPv6 b/README.IPv6
index 56c97ab..3d8fbeb 100644
--- a/README.IPv6
+++ b/README.IPv6
@@ -35,31 +35,22 @@ over an IPv6 network ("OpenVPN over
ACK.
Your patch has been applied to the master branch, with two minor fixes
("OpenVPN 2.4.0" and we have 2014 :) ).
commit 36a844e59f7af2d79e4a7c8e83f82fc49f79d51a (master)
Author: Arne Schwabe
List-Post: openvpn-devel@lists.sourceforge.net
Date: Fri Jan 3 15:49:40 2014 +0100
Update
Entries in options->ce are never used and overwritten by the first usable
connection profile on initialisation.
---
src/openvpn/options.c | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 26d5aec..aa06c0a 100644
---
Am 01.01.14 22:57, schrieb Gert Doering:
> Implement LZ4 compression, similar to the existing snappy / push-peer-info
> model: a LZ4 capable client will send IV_LZ4=1 to the server, and the
> algorithm is selected by pushing "compress lz4" back.
>
> LZ4 does not compress as well as LZO or Snappy,
Am 01.01.14 22:57, schrieb Gert Doering:
> Bundle lz4.c and lz4.h from http://code.google.com/p/lz4/ (r109) as
> src/compat/compat-lz4.[ch], and use that (via #define NEED_COMPAT_LZ4)
> if autoconf cannot find lz4.h or -llz4 in the system.
ACK from me. Also:
plaisthos: one of the problems with
Hi,
Attached a v2 of the patch below, that removes the else to make the diff
a lot smaller and changes a //-style comment to /* */-style.
-Steffan
On 01-01-14 21:10, Steffan Karger wrote:
> This diff look like a lot has changed, but this just adds some ifs to check
> for NULL in
17 matches
Mail list logo
