[Openvpn-devel] [PATCH v2] implement --session-timeout

From: Dmitry Zelenkovsky Disconnect clients after session-timeout expires. session-timeout can be defined in ccd files in order to limit per-user connection time. Signed-off-by: Dmitry Zelenkovsky --- Changes from v1: * added documentation to manpage * added entry in Changes.rst ---

Re: [Openvpn-devel] [PATCH] p2p/dco: renew peer in P2P mode upon reconnection

On Mon, Sep 19, 2022 at 04:17:57PM +0200, Antonio Quartulli wrote: > In P2P mode when the peer reconnects we have to renew the state in DCO > in order to inform it about the new peer-id. > > Cc: Arne Schwabe > Signed-off-by: Antonio Quartulli > --- > src/openvpn/forward.c | 2 +- >

[Openvpn-devel] [PATCH v2] p2p/dco: renew peer in P2P mode upon reconnection

In P2P mode when the peer reconnects we have to renew the state in DCO in order to inform it about the new peer-id. Cc: Arne Schwabe Signed-off-by: Antonio Quartulli --- Changes from v1: * remove useless arguments from tls_multi_process() (and descendant calls) as we now pass 'c' directly ---

Re: [Openvpn-devel] [PATCH] p2p/dco: renew peer in P2P mode upon reconnection

Hi, On 19/09/2022 16:47, Frank Lichtenheld wrote: On Mon, Sep 19, 2022 at 04:17:57PM +0200, Antonio Quartulli wrote: In P2P mode when the peer reconnects we have to renew the state in DCO in order to inform it about the new peer-id. Cc: Arne Schwabe Signed-off-by: Antonio Quartulli ---

[Openvpn-devel] [PATCH] p2p/dco: renew peer in P2P mode upon reconnection

In P2P mode when the peer reconnects we have to renew the state in DCO in order to inform it about the new peer-id. Cc: Arne Schwabe Signed-off-by: Antonio Quartulli --- src/openvpn/forward.c | 2 +- src/openvpn/ssl.c | 42 +- src/openvpn/ssl.h

Re: [Openvpn-devel] [PATCH] Updated URLs in README

Hi, On 07/11/2021 19:12, Frank Lichtenheld wrote: From: Peppernrino Updated to current links, and added SSL to all. Changed tap-windows to reflect NDIS 6 repository shift. Signed-off-by: Frank Lichtenheld --- README | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) As

Re: [Openvpn-devel] [PATCH v2] openssl: alternative names support for --verify-x509-name CN checks

On Mon, Sep 19, 2022 at 12:07:40AM +0200, Antonio Quartulli wrote: > From: Mateusz Markowicz > > When using "--verify-x509-name [hostname] subject-alt-name" hostname > will now be accepted also when matched against one of the > X509v3 Subject Alternative Name IP or DNS entries (instead of just >

Re: [Openvpn-devel] [PATCH] Add common_name to the conv method. This allows the common_name to be accessible in PAM.

Hi, On 18/09/2022 20:30, Selva Nair wrote: On Sat, Sep 17, 2022 at 10:09 AM Antonio Quartulli > wrote: From: Michael Karvan mailto:michael.kar...@gmail.com>> Signed-off-by: Michael Karvan mailto:michael.kar...@gmail.com>> ---  

Re: [Openvpn-devel] [PATCH] implement net_gateway_ipv6 for --route-ipv6

For the records, the following changes were requested to this patch (some via GH): 1) improve (add?) commit message; 2) add comments/documentation to ipv6_get_special_addr() 3) get rid of the ipv6_is_special_addr() wrapper as it is not really doing much. Cheers, On 23/11/2021 09:37,

Re: [Openvpn-devel] [PATCH] implement --session-timeout

Hi, On Mon, Sep 19, 2022 at 12:29:20AM +0200, Antonio Quartulli wrote: > On 18/09/2022 12:37, Gert Doering wrote: > > On Sun, Sep 18, 2022 at 01:10:30AM +0200, Antonio Quartulli wrote: > >> From: Dmitry Zelenkovsky > >> > >> Disconnect clients after session-timeout expires. > >> session-timeout

Re: [Openvpn-devel] --explicit-exit-notify and P2P mode (trac #1337)

Hi, On Mon, Sep 19, 2022 at 01:17:32AM +0200, Arne Schwabe wrote: > In our current state where inetd is no longer supported, this behaviour > to exit makes little sense and we should probably change the behaviour > to SIGUSR1. What does SIGUSR1 do in p2mp mode on the server end? If it does

Re: [Openvpn-devel] [PATCH] introduce V= level to manage t_client.sh output verbosity

Hi, On 17/09/2022 13:41, Gert Doering wrote: If t_client.sh is run interactively, more verbose output is useful to quickly see what it is doing. If run from a CI environment, going through lots of output for successful tests just to find the one that failed is non-useful. Introduce V=

Re: [Openvpn-devel] [PATCH] implement --session-timeout

Hi, On Mon, Sep 19, 2022 at 08:36:21AM +0200, Gert Doering wrote: > > we don't get here at all, if we have no event object that is timing out. > > process_coarse_timers() is run once per second, and does not need > additional timers to be called. > > This new check is added to

Re: [Openvpn-devel] [PATCH] implement --session-timeout

Hi, On 19/09/2022 09:11, Gert Doering wrote: Hi, On Mon, Sep 19, 2022 at 08:36:21AM +0200, Gert Doering wrote: we don't get here at all, if we have no event object that is timing out. process_coarse_timers() is run once per second, and does not need additional timers to be called. This new