Am 11.07.2020 um 18:48 schrieb Gert Doering:
> Acked-by: Gert Doering
>
> The patch is trivial enough (it just allows "cipher" in ccd/ files, with
> no logic changes) - it's built on the changes in the previous patches, which
> makes it "just work".
>
> Without the patch, trying to set & push a
Am 23.06.20 um 11:12 schrieb Dmitry Melekhov:
> 23.06.2020 13:02, Gert Doering пишет:
>>
>>
>> That patch is from Steffan, and review has been sitting in my lap for
>> way too long. Need to see if it still applies.
>>
>
> Unfortunately it is not compatible with 2.4.9, because of introduced
>
As we never do client-connect and authentication at the same time
it is safe to reuse the existing fields for client-connect return
status file
Signed-off-by: Arne Schwabe
---
src/openvpn/multi.c | 16 +---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git
From: Fabian Knittel
This patch changes the way the client-connect helper functions communicate with
the main function. Instead of updating cc_succeeded and cc_succeeded_count,
they now return either CC_RET_SUCCEEDED, CC_RET_FAILED or CC_RET_SKIPPED.
In addition, the client-connect helpers are
From: Fabian Knittel
Refactor multi_client_connect_source_ccd(), so that options_server_import() (or
the success path in general) is only entered in one place within the function.
Signed-off-by: Fabian Knittel
Patch V5: Simplify the logic even further to make more easy to understand.
From: Fabian Knittel
This patch moves multi_client_connect_setenv into
multi_client_connect_early_setup and makes sure that every client-connect
handling function updates the virtual address selection.
Background: This unifies how the client-connect handling functions work.
Signed-off-by:
From: Fabian Knittel
This patch splits up the multi_connection_established() function. Each new
helper function does a specific job. Functions that do a similar job receive a
similar calling interface.
The patch tries not to reindent code, so that the real changes are as clearly
visible as
This allows to control the fallback cipher that is used when the
client/server do have any common cipher on a per client basis.
The patch is similar to Steffan's
[PATCH v4] Allow changing cipher from a ccd file.
Steffan's old patch also moves the cipher negotiation to
From: Fabian Knittel
Uses the infrastructure provided and used in the previous patch to provide
deferral support to the v1 client-connect plugin handler as well.
Signed-off-by: Fabian Knittel
PATCH V3: Modify the API to also (optionally) call the plugin on a deferred
call. This allows the
Patch V5: Fix typos, clarify man page section about deferred client-connect
script. Add section to Changes.rst
Signed-off-by: Arne Schwabe
---
Changes.rst | 4 +++
doc/openvpn.8 | 55 +++--
include/openvpn-plugin.h.in | 21
This make the code a bit better readable and also prepares resuing
the function for client-connect return files
Signed-off-by: Arne Schwabe
---
src/openvpn/multi.c | 43 ---
1 file changed, 28 insertions(+), 15 deletions(-)
diff --git
The V2 API is simpler than the V1 API since there is no passing of
data via files. This also means that with the current API the V2 API
cannot support async notify via files. Adding a file just for async
notify seems very hacky and when needed we should implement a better
option when async is
From: Fabian Knittel
This patch introduces the concept of a return value file for the client-connect
handlers. (This is very similar to the auth value file used during deferred
authentication.) The file name is stored in the client_connect_state struct.
In addition, the patch also allows the
This deviates from Fabian's original patch that relied on the now
removed connection_established bool as pointer being NULL or non NULL as
implicit third state and makeing connection_established as a substate of
(cas_context == CAS_PENDING)
Signed-off-by: Arne Schwabe
Patch V5: extend
Hi,
On Fri, Jul 10, 2020 at 06:42:18PM +0200, Jan Just Keijser wrote:
> On 08/07/20 10:24, Gert Doering wrote:
> > Can I have a v4, please? :-)
> V4:
Okay, here we go...
Generally speaking, it works now :-)
In the "ipconfig /all" output, I can now see a long list of DNS suffixes.
Together
From: Fabian Knittel
This patch moves the state, that was previously tracked within the
multi_connection_established() function, into struct client_connect_state. The
multi_connection_established() function can now be exited and re-entered as
many times as necessary - without losing the
From: Fabian Knittel
This patch changes the calling of the client-connect functions into an array
of hooks and a block of code that calls them in a loop.
Signed-off-by: Fabian Knittel
Signed-off-by: Arne Schwabe
Patch V5: Rebase on master.
Signed-off-by: Arne Schwabe
---
Acked-by: Gert Doering
The patch is trivial enough (it just allows "cipher" in ccd/ files, with
no logic changes) - it's built on the changes in the previous patches, which
makes it "just work".
Without the patch, trying to set & push a cipher from ccd/:
Jul 11 18:27:53 gentoo
18 matches
Mail list logo
