[Openvpn-devel] [PATCHv2] Handle DNS6 option on Android

Patch V2: Prefer IPv6 DNS servers --- doc/android.txt | 3 ++- src/openvpn/tun.c | 10 -- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/doc/android.txt b/doc/android.txt index 5f4ee95..e287be0 100644 --- a/doc/android.txt +++ b/doc/android.txt @@ -47,7 +47,8 @@ ROUTE

[Openvpn-devel] [PATCH] --tls-crypt fixes

* Check return value of buf_init() (found by coverity) * Use the TLS frame to determine the buffer size, as is done for the reliability buffers used for tls-auth. (We previously incorrectly used the TLS *plaintext* buffer size, which is bigger for typical setups with tun-mtu <= 1500.

Re: [Openvpn-devel] [PATCH v4] Poor man's NCP for non-NCP peers

Hi, I totally want to have this, and overall the changes all make sense (so ACK for the refactoring part, needs a few windows held side by side in addition to tkdiff... :-) ), but something puzzles me... On Tue, Nov 22, 2016 at 08:57:11PM +0100, Steffan Karger wrote: [..] > @@ -2320,6 +2318,26

[Openvpn-devel] [PATCH applied] Re: Change cmocka remote to use https in stead of git protocol

ACK. Tested :-) Your patch has been applied to the master branch. commit da941141f34935f2c362b262a83de3cd722b65d6 Author: Steffan Karger Date: Tue Nov 22 21:12:08 2016 +0100 Change cmocka remote to use https in stead of git protocol Signed-off-by: Steffan Karger

Re: [Openvpn-devel] IPv6 --dev-node error not correctly identified (Moved to -devel))

Hi, On Tue, Nov 22, 2016 at 05:01:49PM +, debbie10t wrote: > >> So the error message is not correctly identifying the problem that the > >> specified device does not exist. > > > > There is no trac for that that I'm aware of. > > > > I agree that the error message should be more

[Openvpn-devel] [PATCH applied] Re: --tls-crypt fixes

ACK, makes sense. And compiles and tests :) Your patch has been applied to the master branch. commit 418d2d98489dfe7afafcaf21828541d034afb7f4 Author: Steffan Karger Date: Tue Nov 22 21:41:26 2016 +0100 --tls-crypt fixes Signed-off-by: Steffan Karger

[Openvpn-devel] [PATCH applied] Re: generate_key_expansion: make assumption explicit, use C99 features

ACK. Except for the check, it boils down to "the same code", and the check makes sense. Your patch has been applied to the master branch. commit 48d41413c4b181e00769cdb83ccfe179299ad8e4 Author: Steffan Karger Date: Tue Nov 22 21:09:26 2016 +0100 generate_key_expansion: make assumption

[Openvpn-devel] [PATCH] generate_key_expansion: make assumption explicit, use C99 features

This function potentially allocates memory, and can therefor not be run again on an initialized key_ctx_bi. Make this explicit by adding an error if someone tries do to this anyway. While touching the function, cleanup it up a bit to make up for the added lines of code. Signed-off-by: Steffan

[Openvpn-devel] [PATCH v4] Poor man's NCP for non-NCP peers

Allows non-NCP peers (<= 2.3, or 2.4+ with --ncp-disable) to specify a --cipher that is different from the one in our config, as long as the new cipher value is allowed (i.e. in --ncp-ciphers at our side). This works both client-to-server and server-to-client. I.e. a 2.4 client with "cipher

[Openvpn-devel] [PATCH] Change cmocka remote to use https in stead of git protocol

From: Steffan Karger Allows to clone the cmocka submodule from networks where 'anything but web and mail' is firewalled. Signed-off-by: Steffan Karger --- .gitmodules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git

Re: [Openvpn-devel] [PATCHv2] Handle DNS6 option on Android

Hi, On Tue, Nov 22, 2016 at 6:38 AM, Arne Schwabe wrote: ... > - for (i = 0; i < tt->options.dns_len; ++i) { > + /* Prefer IPv6 DNS servers, > + * Android will use the DNS server in the order we specify*/ > + for (int i = 0; i < tt->options.dns6_len; i++) { > +

Re: [Openvpn-devel] [PATCHv2] Handle DNS6 option on Android

Hi, On Tue, Nov 22, 2016 at 11:33:36AM -0500, Selva Nair wrote: > The code looks good to me, so ACK Beat you to it :) > (Note: the preferred comment closing style may be '*/' on a line by > itself?). Indeed it is. I overlooked that, otherwise I would have fixed it on the fly. Meh. gert --

[Openvpn-devel] [PATCH applied] Re: Handle DNS6 option on Android

ACK. Code looks reasonable and straightforward (and even C99 :) ), but not having an Android build environment I can't say whether it compiles or even works :-) - it won't break anything else, though. Your patch has been applied to the master branch. commit

[Openvpn-devel] [PATCH applied] Re: Handle --dhcp-option DNS6 on Windows using netsh

ACK, code looks reasonable. Only tested for "it compiles", though. I've taken the liberty to reformat a few lines with leading blanks into the (still-)current style with tabs. Your patch has been applied to the master branch. commit 786e06ade9f5dfad8ac360499187fa8e536d15cb Author: Selva Nair

[Openvpn-devel] IPv6 --dev-node error not correctly identified (Moved to -devel))

Hi, On 22/11/16 16:10, Gert Doering wrote: > Hi, > > (why -users? this is a -devel topic) Moved to Openvpn-devel > > On Tue, Nov 22, 2016 at 03:44:08PM +, debbie10t wrote: >> this may be related to another trac but i could not find a suitable >> ticket, so posting here first for