Author: Ricardo Manríquez
To enable the possibility of DNS autoconfiguration the IP address and
hostname of the client are needed to register at the DNS level, this patch
adds this information when using push-peer-info.
The motivation is that the domain name is as intrusive as the MAC address
From: Mateusz Markowicz
When using "--verify-x509-name [hostname] subject-alt-name" hostname
will now be accepted also when matched against one of the
X509v3 Subject Alternative Name IP or DNS entries (instead of just
Subject's CN).
While at it, fix a few uncrustify complaints to allow
This patch brings the following improvements:
* check that ETH proto and version in IP header are consistent;
* check that length of the packet is enough to store the expected IP
header (it may be an IPv4 or an IPv6 header)
* restyle a bit to improve readability;
* remove spaces before ')' in
From: Dmitry Zelenkovsky
Disconnect clients after session-timeout expires.
session-timeout can be defined in ccd files in order to limit
per-user connection time.
Signed-off-by: Dmitry Zelenkovsky
---
src/openvpn/forward.c | 22 ++
src/openvpn/init.c| 7 +++
From: "Vittorio Gambaletta (VittGam)"
Signed-off-by: "Vittorio Gambaletta (VittGam)"
---
src/openvpn/forward.c | 18 -
src/openvpn/forward.h | 2 +-
src/openvpn/multi.c | 2 +-
src/openvpn/options.c | 2 +-
src/openvpn/socket.h | 45
In this case the function would exit without releasing the argv object
initialized via argv_new().
Move initialization of argv after thic check is performed.
While at it, also move the declaration of gc and initizlize it with
gc_new().
Reported-by: Camille Guérin
Signed-off-by: Antonio
If t_client.sh is run interactively, more verbose output is useful
to quickly see what it is doing. If run from a CI environment, going
through lots of output for successful tests just to find the one that
failed is non-useful.
Introduce V= environment variable to control output verbosity
V=0
Hi,
On Sat, Sep 17, 2022 at 04:05:18PM +0200, Antonio Quartulli wrote:
> From: Alexandr Kutashov
>
> It's better to have distinct enums for more straightforward debug of exit
> function.
>
> Signed-off-by: Alexandr Kutashov
Not sure this is important. But if we do so, we should document
From: Lev Stipakov
While on it, remove redundant sentence
and quotation mark from --windows-driver man
description.
Signed-off-by: Lev Stipakov
---
v2:
- mark ovpn-dco adapter as default, instead
of tap-windows6
- mention that ovpn-dco requires --dev tun
My server test rig has a "--auth-user-pass-verify" script that already
does client-controlled success/failure returns (setenv UV...), and
this has now learned to return client-specific messages if
$auth_failed_reason_file is set...
2022-09-17 17:44:53 AUTH: Received control message:
Acked-by: Gert Doering
"That was an easy one", after the plugin/script auth related stuff :-)
Your patch has been applied to the master branch.
commit 7de4be94e297ab1ea87ab17934f2026d7124239c
Author: Lev Stipakov
Date: Sat Sep 17 19:34:25 2022 +0300
doc: add ovpn-dco to usage and man
Hi,
On Wed, Sep 14, 2022 at 08:59:36PM +0200, Antonio Quartulli wrote:
> #ifdef ENABLE_MANAGEMENT
> -auth_user_pass_setup(c->options.auth_user_pass_file,
> >options.sc_info);
> +auth_user_pass_setup(c->options.auth_user_pass_file,
> +
--auth-user-pass is probably the only option expecting a filename as
argument that cannot be inline'd as of today.
This patch allows specifying username and password inline in the config
file within the tag.
This logic was already implemented for --http-proxy-user-pass, therefore
it was just
From: Michael Karvan
Signed-off-by: Michael Karvan
---
src/plugins/auth-pam/auth-pam.c | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c
index 70339445..9f37c8c0 100644
---
"Anything that touches DCO" is suspect :-) - so I've submitted this
to Linux and FreeBSD DCO server tests, and everything passed (or,
precisely, only well-known problems failed). Instances still use
DCO where they should.
The whole "msglevel" thing passed to functions like dco_available() might
Hi,
On Thu, Sep 15, 2022 at 03:03:49PM +0300, Lev Stipakov wrote:
> From: Lev Stipakov
>
> While on it, remove redundant sentence
> and quotation from --windows-driver man
> description.
As Frank said, we should have a v2 of this, which moves the (default)
to "ovpn-dco" while at it.
> diff
Hi,
On 17/09/2022 14:37, Gert Doering wrote:
Hi,
On Wed, Sep 14, 2022 at 08:59:36PM +0200, Antonio Quartulli wrote:
#ifdef ENABLE_MANAGEMENT
-auth_user_pass_setup(c->options.auth_user_pass_file,
>options.sc_info);
+auth_user_pass_setup(c->options.auth_user_pass_file,
+
This was originally reported on GH, but never dealt with.
Make sure 'ptr' is always initialized to prevent derefence of null
pointer in case of empty dev string.
While at it, change the if condition to use ptr instead of dev, since
dev is not used anymore in the logic.
Signed-off-by: Antonio
From: Alexandr Kutashov
It's better to have distinct enums for more straightforward debug of exit
function.
Signed-off-by: Alexandr Kutashov
---
src/openvpn/error.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/error.h b/src/openvpn/error.h
index
From: Raphael Mader
When building in a non-systemd environment, `#include `
causes the build to break.
Signed-off-by: Raphael Mader
---
src/log/logwriters/journald.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/log/logwriters/journald.cpp
20 matches
Mail list logo