Hi,
On Mon, Dec 26, 2016 at 12:20:53AM +0100, Steffan Karger wrote:
> The oldest OpenSSL we support in release/2.4 and master is 0.9.8, and
> has SHA256 support (was introduced in 2004). Also, the --tls-crypt
> feature already unconditionally requires SHA256 to be available.
Good enough for me.
On 26 December 2016 at 04:18, Jonathan K. Bullard wrote:
> The OpenSSL included in macOS (was OS X) 10.11 and 10.12 (the two
> most recent versions) is 0.9.8zh (an Apple-patched version) and as far
> as I can tell, it does not seem to include SHA256 (i.e., "openssl sha1
> foo" works but "openssl
Am 25.12.16 um 22:38 schrieb Steffan Karger:
> Ever since we support TLS 1.2 (OpenVPN 2.3.3+), the RSA_SIGN might not
> only request MD5-SHA1 'TLS signatures', but also other variants.
> Document this by updating the implementation hints, and explicitly
> stating that we expect a PKCS#1 1.5 signatu
Am 26.12.16 um 09:14 schrieb Steffan Karger:
> openssl dgst -sha256
works for me
[9:37]{SIGINT}arne@styx:~% openssl version
OpenSSL 0.9.8zh 14 Jan 2016
[9:37]arne@styx:~% openssl dgst -sha256
abcd^D
fc4b5fd6816f75a7c81fc8eaa9499d6a299bd803397166e8c4cf9280b801d62c
[9:37]arne@styx:~%
But anyway. I
Am 26.12.16 um 08:05 schrieb Gert Doering:
> Hi,
>
> On Mon, Dec 26, 2016 at 12:20:53AM +0100, Steffan Karger wrote:
>> The oldest OpenSSL we support in release/2.4 and master is 0.9.8, and
>> has SHA256 support (was introduced in 2004). Also, the --tls-crypt
>> feature already unconditionally re
On 26/12/16 00:20, Steffan Karger wrote:
> Hi,
>
> On 18-12-16 22:26, Gert Doering wrote:
>> On Sun, Dec 18, 2016 at 05:40:55PM +0100, Steffan Karger wrote:
>>> Our internal options digest uses MD5 hashes to store the state, instead of
>>> storing the full options string. There's nothing wrong wi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Your patch has been applied to the following branches
commit 1e36b814073c0f56c77e4922cc105f00b8558e7e (master)
commit 9b42853eea285ad54aed8b466e7f5a789a943933 (release/2.4)
Author: Steffan Karger
Date: Sun Dec 25 23:38:25 2016 +0100
Document
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ACK. Looks good and I agree this is a good idea.
Your patch has been applied to the following branches
commit 403dfe1bfdbdf6e5f8abac3401a96852562aec54 (master)
commit ebd24617f97c63fbe40a07e855ae3469f96474d7 (release/2.4)
Author: Steffan Karger
Da
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm adding an ACK as well. I can confirm that the IV_RGI6 peer-info
signalling have only been available git master/v2.4.
The first commit introducing IV_RGI6 is 3ddb56433b1fa0f2. This commit
is only present in the following tags:
$ git tag --co
Commit 554504c5e2692c3e6cfd3f removed the IV_RGI6 peer-info singaling
but forgot to update the man page. Removing this reference as well.
Signed-off-by: David Sommerseth
---
doc/openvpn.8 | 4
1 file changed, 4 deletions(-)
diff --git a/doc/openvpn.8 b/doc/openvpn.8
index eb85d23..7bd6d9d
Am 26.12.16 um 12:26 schrieb David Sommerseth:
> Commit 554504c5e2692c3e6cfd3f removed the IV_RGI6 peer-info singaling
> but forgot to update the man page. Removing this reference as well.
>
> Signed-off-by: David Sommerseth
> ---
> doc/openvpn.8 | 4
> 1 file changed, 4 deletions(-)
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Your patch has been applied to the following branches
commit 4ba943b02aa728aa077a0b3be79626b0f20ea8a7 (master)
commit febeb485a2e9c5ca67705c95b088f70e3e5d5fdc (release/2.4)
Author: David Sommerseth
Date: Mon Dec 26 13:26:43 2016 +0100
man: R
debbie10t on Sat, 2016/12/24 11:10:
> On 16/12/16 22:00, Christian Hesse wrote:
> > From: Christian Hesse
> >
> > Different unit instances create and destroy the same RuntimeDirectory.
> > This leads to running instances where the status file (and possibly
> > more runtime data) is no longer acce
On 26/12/16 17:12, Christian Hesse wrote:
> debbie10t on Sat, 2016/12/24 11:10:
>> On 16/12/16 22:00, Christian Hesse wrote:
>>> From: Christian Hesse
>>>
>>> Different unit instances create and destroy the same RuntimeDirectory.
>>> This leads to running instances where the status file (and poss
David Sommerseth on Mon, 2016/12/26 17:45:
> On 26/12/16 17:12, Christian Hesse wrote:
> > debbie10t on Sat, 2016/12/24 11:10:
> >> On 16/12/16 22:00, Christian Hesse wrote:
> >>> From: Christian Hesse
> >>>
> >>> Different unit instances create and destroy the same RuntimeDirectory.
> >>> T
We will likely refer many people to the Changes.rst file once we've
released 2.4. This commits tries to polish the language a bit, and
adds two real changes:
* Remove duplicate mention of the changes --tls-cipher defaults
* Move the 'redirect-gateway' behavioural change from 'features' to
'be
Hi,
Not a thorough proof read, but some comments:
Support for providing IPv6 DNS servers
> - A new DHCP sub-options ``DNS6`` is added alongside with the already
> existing
> - ``DNS`` sub-option. This is used to provide DNS resolvers available
> over
> - IPv6. This will be pushed
Hi,
On 26 Dec 2016 9:36 p.m., "Selva Nair" wrote:
Hi,
Not a thorough proof read, but some comments:
Support for providing IPv6 DNS servers
> - A new DHCP sub-options ``DNS6`` is added alongside with the already
> existing
> - ``DNS`` sub-option. This is used to provide DNS resolvers
18 matches
Mail list logo