-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/08/16 20:27, Selva Nair wrote:
>
> On Fri, Aug 12, 2016 at 6:30 AM, David Sommerseth
> <open...@sf.lists.topphemmelig.net
> <mailto:open...@sf.lists.topphemmelig.net>> wrote:
>
> On 12/08/16 03:14, Selva Nair wr
ion are too easily ignored.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
> On 30/01/2017 08:48, Илья Шипицин wrote:
>> can we merge it ?
>> @mattock ?
>>
>> 2017-01-21 13:47 GMT+05:00 Илья Шипицин <chipits...@gmail.com
>> <mailto:chipi
ntributor related information
Acked-by: David Sommerseth <dav...@openvpn.net>
Message-Id: <1486364115-9801-1-git-send-email-chipits...@gmail.com>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14010.html
Signed-off-by: David Sommerset
ommit. Many calls this process the
"personal hygiene step". It's a fairly good description of the
importance of doing so.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Descriptio
ge text.
And it just takes a quick look at our git log to see that we try to stay
beyond that limit. We do sometimes exceed 50 characters, and we let
that pass silently. But more than 3 times longer, then something must
be done.
--
kind regards,
David Sommerseth
OpenVPN
On 02/02/17 09:27, Samuli Seppänen wrote:
> On 31/01/2017 15:49, David Sommerseth wrote:
>> On 30/01/17 13:34, Samuli Seppänen wrote:
>>> I agree with you on keeping the pull request template minimal and having
>>> the more fine-grained information in Trac.
>>&g
e much to say for the future in this
regards.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
--
Check out the vibrant tech community on one of the world's
Use SHA256 for the internal digest, instead of MD5
Signed-off-by: Steffan Karger <stef...@karger.me>
Acked-by: David Sommerseth <dav...@openvpn.net>
Message-Id: <1485101081-9784-1-git-send-email-stef...@karger.me>
URL:
https://www.mail-archive
: David Sommerseth
Date: Fri Jan 20 22:04:57 2017 +0100
git: Merge .gitignore files into a single file
Signed-off-by: David Sommerseth <dav...@openvpn.net>
Acked-by: Steffan Karger <stef...@karger.me>
Message-Id: <20170120210457.3383-1-dav...@openvpn.net>
On 23/01/17 01:23, David Sommerseth wrote:
> Your patch has been applied to the following branches
>
> commit d14b3c60c7796736e07bc3cddb0ab3a58475793e (master)
> commit 61da0031b2a0036680d9e0f822619ecc116f1178 (release/2.3)
> commit 2a7c994ca5b1583bc0f78c46be5b3a827f970b9
option.
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
doc/openvpn.8| 28
src/openvpn/plugin.c | 18 +-
2 files changed, 45 insertions(+), 1 deletion(-)
diff --git a/doc/openvpn.8 b/doc/openvpn.8
index e3d603e..a8d06f3 100644
---
t;m...@eworm.de>
Acked-by: Gert Doering <g...@greenie.muc.de>
Message-Id: <20170127084927.21040-1-l...@eworm.de>
URL:
http://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13966.html
Signed-off-by: David Sommerseth <dav...@openvpn.net>
-
ers. We
don't like to do spoon feeding ;-)
And a git trick, which you can instantly benefit from ... when doing git
commit ... add the -s argument ;-)
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
-
On 27/01/17 17:58, Selva Nair wrote:
>
> On Fri, Jan 27, 2017 at 10:08 AM, David Sommerseth
> <open...@sf.lists.topphemmelig.net
> <mailto:open...@sf.lists.topphemmelig.net>> wrote:
>
> On 27/01/17 14:56, Илья Шипицин wrote:
> >
>
>
_PLUGIN_SEARCH macro without changing
a .c/.h file. Does this block even make sense to enable at all?
So, as this patch got "clean-up" and "plugin path handling" in the
subject, lets cover a few more aspects of this clean-up :)
--
kind regards,
D
if changes needs
to be done.
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
.gitignore| 5 +
sample/sample-keys/.gitignore | 1 -
tests/unit_tests/.gitignore | 1 -
vendor/.gitignore | 2 --
4 files changed, 5 insertions(+), 4 deletions(-)
delet
gt; WorkingDirectory=/etc/openvpn/server
> -ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log
> --status-version 2 --suppress-timestamps --config %i.conf
> +ExecStart=@sbindir@ --status %t/openvpn-server/status-%i.log
> --status-version 2 --suppress-timestamps --confi
t new patches
should go into the master branch primarily, unless it is fixing a bug or
another issue which is only relevant for specific release branches?
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
--
sers might more
see this as a sample configuration for OpenVPN and be even more confused.
I propose ... either rename this file to tmpfiles.d--openvpn.conf or
move this openvpn.conf inside a tmpfiles.d/ subdirectory inside the
./distro/systemd/ director
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/01/17 21:38, Selva Nair wrote:
>
> On Fri, Jan 20, 2017 at 1:16 PM, David Sommerseth
> <dav...@openvpn.net <mailto:dav...@openvpn.net>> wrote:
>
> Your patch has been applied to the fol
an gain even
more performance if looking into sendmmsg() as well.
I'll try to play a bit with this patch and see how things go on my side
though.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
--
://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13843.html
That approach got rejected and we went for this [2] approach instead,
will that change anything in regards to the changes in this patch?
[2]
<https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13911.html>
cate we're in a good
state - even though that update will still not be visible
if --chroot is used (as before this patch).
Trac: #827, #801
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
src/openvpn/init.c | 29 ++---
1 file changed, 10 insertions(+), 19 dele
041fd6488434b5df01f86dd873b536a2b690ee13 (release/2.4)
Author: David Sommerseth
Date: Wed Jan 25 00:23:44 2017 +0100
systemd: Move the READY=1 signalling to an earlier point
Trac: #827, #801
Signed-off-by: David Sommerseth <dav...@openvpn.net>
Acked-by: Gert Doering <g...@greenie.muc.de>
ca5b4c2aad2370be7862660d274b7485f2d0af71 (master)
commit a125229f509b593dff7ecc24e21b3de384b3fa98 (release/2.4)
Author: Christian Hesse
Date: Tue Jan 24 15:39:46 2017 +0100
systemd: Use automake tools to install unit files
Signed-off-by: Christian Hesse <m...@eworm.de>
Acked-by: David Sommerset
Hesse
Date: Tue Jan 24 15:39:47 2017 +0100
systemd: Do not race on RuntimeDirectory
Signed-off-by: Christian Hesse <m...@eworm.de>
Acked-by: David Sommerseth <dav...@openvpn.net>
Message-Id: <20170124143947.27385-2-l...@eworm.de>
URL:
https://ww
Signed-off-by: Christian Hesse <m...@eworm.de>
Acked-by: David Sommerseth <dav...@openvpn.net>
Message-Id: <20161227221832.610-1-l...@eworm.de>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13743.html
Signed-off-by: Dav
This tool depends on a cloned upstream LZ4 git repository and a
checked out release tag. Then run the script like this:
$ ./dev-tools/lz4-rebaser.sh /path/to/lz4.git
To see the result before committing, use: git diff --cached
Signed-off-by: David Sommerseth <dav...@openvpn.net>
--
: Christian Hesse
Date: Wed Jan 25 21:19:47 2017 +0100
Clean up plugin path handling
Signed-off-by: Christian Hesse <m...@eworm.de>
Acked-by: David Sommerseth <dav...@openvpn.net>
Message-Id: <20170125201947.17197-1-l...@eworm.de>
URL:
http://www.mail-archiv
e 'git verify-commit' to
verify specific commits.
- --
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBCAAGBQJYrFVyAAoJEIbPlEyWcf3yQQYP/2I2IhT3fXhSZCAKjrfZfKah
1ymuSGfJMeef+PRpmPn5kzz1b4swOib73oBB+j8pPC6N
to the SoB when it comes to
documentation and text snippets (unless it is a massive contribution).
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
--
Check out
On 22/02/17 10:54, Antonio Quartulli wrote:
> On Wed, Feb 22, 2017 at 09:30:39AM +0100, Steffan Karger wrote:
>> On 22-02-17 08:39, Gert Doering wrote:
>>> On Wed, Feb 22, 2017 at 02:21:35AM +0100, David Sommerseth wrote:
>>>>>> >From d97f526a2ddbf2abe60a6
On 13/02/17 21:16, David Sommerseth wrote:
> On 13/02/17 20:50, Christian Hesse wrote:
>> And a lot more has to be done... There's a long list of packages to be
>> fixed. Sadly openssl developers do not care about ABI and API stability
>> or compatibility. :(
>
> I do
On 20/02/17 14:03, Gert Doering wrote:
> Hi,
>
> On Wed, Jan 25, 2017 at 09:53:02PM +0100, David Sommerseth wrote:
>> This tool depends on a cloned upstream LZ4 git repository and a
>> checked out release tag. Then run the script like this:
>>
>>$ ./dev-tool
n RHEL 6 though.
So unless your travis script is clever enough to only test OpenSSL
v1.0.1e on RHEL, CentOS or ScientificLinux *or* build OpenSSL using the
CentOS source RPM ... then I am not surprised things may fail. Red Hat
may very well have fixed some bugs which we're hitting.
--
kind
ll just work, or otherwise just needs some minor tweaking.
RHEL6 ships with OpenSSL 1.0.1e. We don't need anything older for git
master, and I would even argue release/2.4.
RHEL5 (which goes EOL by end of next month) ships with OpenSSL 0.9.8e.
So I vote for ditching 0.9.8e now.
--
kind regards,
Davi
On 19/02/17 05:48, Илья Шипицин wrote:
>
>
> 2017-02-19 4:16 GMT+05:00 David Sommerseth
> <open...@sf.lists.topphemmelig.net
> <mailto:open...@sf.lists.topphemmelig.net>>:
>
> On 18/02/17 08:34, Илья Шипицин wrote:
> > I added openssl-1.0.
olding anything back.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
--
Check out the vibrant tech community on one of the world's most
engaging tech site
The env_set_add_to_environmenti() and env_set_remove_from_environment()
functions where not used in the code at all and they would cause an
ASSERT() in setenv_str_ex() later on, as it would not allow the
struct env_set *es pointer to be NULL (misc.c:807).
Signed-off-by: David Sommerseth <
() which checks if the pointer
to a struct set_env is NULL or not. If it is NULL, it stops. And these
two functions ends up calling setenv_str_ex() with
struct env_set *es = NULL;
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
> 2017-02-25 7:02 GMT+05:00 David Sommerseth &
w and ACK/NAK it. I'm
not able to be objective on this patch.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index dc63475..3603c36 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1253,6 +1253,18 @@ initialization_se
Normal builds should generally not be built with ENABLE_DEBUG, that is a
intended as a "developer mode".
We should generally avoid '#if 0' or even '#if 1' as much as possible in
the code.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.
git-send-email-dav...@openvpn.net>
<http://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13576.html>
Christian Hesse (1):
Replace deprecated LZ4 function
David Sommerseth (2):
dev-tools: lz4-rebaser tool carried a typo
lz4: Rebase compat-lz4 against upstream v1.7.5
From: Christian Hesse
The LZ4 function LZ4_compress_limitedOutput() is deprecated, compiler
gives warning:
warning: ‘LZ4_compress_limitedOutput’ is deprecated: use
LZ4_compress_default() instead
The new function LZ4_compress_default() appeared in r129 (1.7.0), so
replace the
The HAVE_CONFIG_H block which gets added to compat-lz4.c was
missing a # before the first ifdef statement.
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
dev-tools/lz4-rebaser.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dev-tools/lz4-rebaser.sh b/dev
Sv1.3 from openssl-1.1 will not be
backported, as the code has changed too much since the 1.0.1 baseline.
But I would be surprised if a future RHEL 8 does not ship with openssl-1.1.x
--
kind regards,
David Sommerseth
OpenVPN Technologies, In
this year, I'll
try to dig up the slides from Tomas Mraz who had the talk. It was quite
informative why it was needed to break several APIs in v1.1.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital
res ;-)
> I've created my share of weird git e-mails in the past :-) - so what I've
> started to do is "send the mail to myself" (if possible, on a different
> account) and then verify if the result is what I want to see...
That's
On 24/01/17 15:36, Christian Hesse wrote:
> David Sommerseth <open...@sf.lists.topphemmelig.net> on Fri, 2017/01/20 21:55:
>> On 27/12/16 23:15, Christian Hesse wrote:
>>> From: Christian Hesse <m...@eworm.de>
>>>
>>> Different unit instan
And this
Makefile.am is so small and isolated it is good enough for me.
If we regret it later on, it's an easy move into a tmpfiles.d subdir.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Descr
stalled could
run some tests with this patch by EOB tomorrow (Friday Jan 20).
If I don't hear any objects by then, I am going to give this an ACK
without the AC_DEFINE line (unless good arguments having this in
config.h surfaces).
Selva, if you don't mind ... I can use this patch and just take out
variants (there are a few exceptions).
And as I understand the code, the RSA-* stuff is just ignored, as that
is not used by by HMAC functions in our code. So using --auth SHA512
would provide the same result.
- --
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
-BEGIN PGP SIGNATURE
er)
commit 6204fccb2441b5bae8b3f6e0b31a4a0b232fc8e6 (release/2.4)
Author: Christian Hesse
Date: Wed Dec 28 08:54:20 2016 +0100
man: fix formatting for alternative option
Signed-off-by: Christian Hesse <m...@eworm.de>
Acked-by: David Sommerseth <dav...@openvpn.n
.com/openvpn-devel@lists.sourceforge.net/msg13875.html
Signed-off-by: David Sommerseth <dav...@openvpn.net>
- --
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJYf8qpAAoJEIbPlEyWcf3yitwQAMZbK+6pQ062y2lnIEusYAR/
PPi44
On 19/01/17 16:32, Selva Nair wrote:
> Hi,
>
> Thanks for the comments.
>
> On Thu, Jan 19, 2017 at 9:41 AM, David Sommerseth
> <open...@sf.lists.topphemmelig.net
> <mailto:open...@sf.lists.topphemmelig.net>> wrote:
>
> Any reason to have this AC_
ed-by: David Sommerseth <dav...@openvpn.net>
Message-Id: <1484772172-19758-1-git-send-email-selva.n...@gmail.com>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13897.html
Signed-off-by: David Sommerseth <dav...@openvpn.net>
- --
kind regards,
not something
which changes much. So in 5 or 10 years from now, "standard" may just
as much be "legacy". Hence my suggestion for "preferred"; this is what
we prefer now. "legacy" is
try to make the overall
implementation more transparent, easy to review and easier to git
bisect when needing to debug. Each commit level should compile
cleanly. Please feel free to comment inline.
- --
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 30/08/16 00:20, David Sommerseth wrote:
> On 29/08/16 23:32, Steffan Karger wrote:
>> HI,
>
>> On 29 August 2016 at 23:03, David Sommerseth
>> <open...@sf.lists.topphemmelig.net> wrote:
>>> On 29/08/16 22:45
That should happen
automatically.
Some CentOS 5.11 details:
glibc-2.5-123.el5_11.3
glibc-headers-2.5-123.el5_11.3
gcc-4.1.2-55.el5
openssl-0.9.8e-40.el5_11
lzo-2.02-2.el5.1
- --
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcB
On 12/08/16 06:11, Selva Nair wrote:
> (sending again with the list in CC:)
>
> Mon, Aug 8, 2016 at 3:28 PM, David Sommerseth <dav...@openvpn.net
> <mailto:dav...@openvpn.net>> wrote:
>
> This provides exactly the same systemd functionality which exist
ts). In this case, autotools doesn't
even need to be installed (with the exception of libtool, iirc) ...
but that's a discussion outside this mail-thread, though.
- --
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iEYEARECAAYFAletnZUACgkQDC186MBRfrqt3wCfT+fo+9haooMUHZ2MUxlekWeY
ex8AnRcCNQey/fEbTakJSbrgUqzeULP2
=bN9r
-END PGP SIGNATURE-
e way.
It would be great if as many as possible could put this into somewhat
limited production environment for testing if this breaks any thing
*and* report back after a while; even if no issues where detected.
- --
kind regards,
David Somme
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/08/16 03:14, Selva Nair wrote:
>
>
> On Thu, Aug 11, 2016 at 2:50 PM, David Sommerseth
> <open...@sf.lists.topphemmelig.net
> <mailto:open...@sf.lists.topphemmelig.net>> wrote:
>
> -BEGIN PGP SIGNED M
lify
alternatives definition directly in console.h. For
now only depend on ENABLE_SYSTEMD]
[v2 - Removed the QUERY_USER_FOREACH macro]
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
configure.ac | 2 +-
src/openvpn/Makefile.am | 2 +-
src/openvpn
ct our users, even
though we might not put much maintenance resources into the core
OpenVPN code. Of course, we'll fix critical bugs and so on, but I
don't see that will take a lot of resources as things are right now.
Once we officially claim XP/Vista as unsupported, we can consider to
drop Open
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 31/08/16 20:55, David Sommerseth wrote:
>
> Hi,
>
> I have for a long time pondered on how we can make the management
> API more suitable for more modern tools and tasks. So I am just
> giving an extremely early heads-up on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/09/16 19:28, David Sommerseth wrote:
> On 31/08/16 20:55, David Sommerseth wrote:
>
>> Hi,
>
>> I have for a long time pondered on how we can make the management
>> API more suitable for more modern tools and task
> of sub-tests for test run $SUF.\n" >&2 trap - 0 1 2 3 15 -exit 10
> + SUMMARY_FAIL="$SUMMARY_FAIL $SUF" + exit_code=30 + continue fi
>
> # compare whether anything changed in ifconfig/route setup?
>
ACK. This looks reasonable and if
not abort t_client run if OpenVPN instance does not start.
Signed-off-by: Gert Doering <g...@greenie.muc.de>
Acked-by: David Sommerseth <dav...@openvpn.net>
Message-Id: 20160913200458.9906-1-g...@greenie.muc.de
URL:
http://www.mail-archive.com/search?l=mid=20160913200
On 25/08/16 15:45, David Sommerseth wrote:
>
> Hi,
>
[...snip...]
>
> What the patch-set does is:
>
> - Add --auth-gen-token, and when used the following steps happens
>
> - After a successful normal user/password authentication, it will
> generate a random
GS setting.
Your patch has been applied to the release/2.3 branch.
commit 130c27b1f24a33c77e01b2cf82c3427699153967
Author: Steffan Karger
Date: Fri Sep 16 17:40:36 2016 +0200
Make gnu89 support explicit
Signed-off-by: Steffan Karger <stef...@karger.me>
Acked-by: David
]
[ v3 - Kick out bashism - '&>' redirect ]
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
tests/t_client.sh.in | 40 +++-
1 file changed, 35 insertions(+), 5 deletions(-)
diff --git a/tests/t_client.sh.in b/tests/t_client.sh.in
index fc8
).
The umask is also set to a more permissive mode to ensure the test script is
capable of reading the OpenVPN PID file, as that will be created by root.
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
tests/t_client.sh.in | 46 +-
1 file chang
fingerprint support
Signed-off-by: Steffan Karger <stef...@karger.me>
Acked-by: David Sommerseth <dav...@openvpn.net>
Message-Id: 1462479247-21854-1-git-send-email-stef...@karger.me
Message-Id: 1474055635-7427-1-git-send-email-stef...@karger.me
URL:
http
l ?
This is tackled via the --with-mem-check argument to ./configure.
$ ./configure --with-mem-check=valgrind
That should make valgrind runs look far more reasonable.
- --
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iQI
-off-by: David Sommerseth <dav...@openvpn.net>
---
doc/openvpn.8 | 56 ++--
1 file changed, 54 insertions(+), 2 deletions(-)
diff --git a/doc/openvpn.8 b/doc/openvpn.8
index 2f42636..be9dc47 100644
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@
is needs to be checked far more
carefully and compared against all the callers of format_hex_ex().
The question which pops up in my head is: Is this patch purely
targeted to silence a code analyser warning? If so, this is most
likely not the right fix for the OpenVPN code base.
- --
kind
t_client runs on OpenSolaris
Signed-off-by: Gert Doering <g...@greenie.muc.de>
Acked-by: David Sommerseth <dav...@openvpn.net>
Message-Id: 20160920091914.37585-1-g...@greenie.muc.de
URL:
http://www.mail-archive.com/search?l=mid=20160920091914.37585-1-g...@gr
to 4096 bytes, regardless of the --enable-pkcs11 state.
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
src/openvpn/misc.h | 9 +++--
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/src/openvpn/misc.h b/src/openvpn/misc.h
index b694096..31ea10e 100644
--- a/src/o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22/09/16 12:04, David Sommerseth wrote:
> If running an OpenVPN client with --enable-pkcs11 and a server
> without and having a username and/or password with more than 128
> characters, the authentication will fail as the server
the systemd.exec(5) man page for more info.
Simple and brief enough? ;-)
> That said, you probably would not need a logfile, as you can view
> them with
>
> $ journalctl /usr/sbin/openvpn
Interesting approach. It is usually better to use
$ journalctl -u openvpn@CONFIG
If y
ect. There's nothing
>> OpenVPN can do about this, it's one of those weird idiosyncracies
>> of systemd.
>>
>> HTH,
>>
>> JJK
>>
>>
> Thanks JJK, this was *exactly* the problem .. I removed
> PrivateTmp=True from the unit file, (which I had over l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22/09/16 18:43, Selva Nair wrote:
> Hi,
>
> On Thu, Sep 22, 2016 at 6:04 AM, David Sommerseth
> <dav...@openvpn.net <mailto:dav...@openvpn.net>> wrote:
>
> If running an OpenVPN client with --enable-pkcs11 and
come
too.
David Sommerseth (1):
Remove static global allocation of HTTP proxy user/passwords
src/openvpn/ntlm.c | 16
src/openvpn/proxy.c | 41 +
src/openvpn/proxy.h | 2 +-
3 files changed, 38 insertions(+), 21 deletions(-)
-BEGIN
This avoids allocating static memory which is not used unless the
a HTTP proxy with authentication is configured.
Signed-off-by: David Sommerseth <dav...@openvpn.net>
---
src/openvpn/ntlm.c | 16
src/openvpn/proxy.c | 41 +
src/o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22/09/16 22:51, Selva Nair wrote:
> Hi,
>
> On Thu, Sep 22, 2016 at 3:40 PM, David Sommerseth
> <dav...@openvpn.net <mailto:dav...@openvpn.net>> wrote:
>
> This avoids allocating static memory which is not
ght think about
> this next May".
+1 ... Due to _exactly_ this reasoning, it was on my "If I have time
this week"-list.
Thanks Gert for taking care of it!
- --
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGB
ght have overseen
something ...
In general, I'm terribly sorry I haven't had time to follow up on the
patch queue lately. But if all goes as I hope/plan, I'm going to spend
some time this week and weekend going through patches. That implies
also evaluating patches for inclusion into the coming 2.2-beta4
most
bash versions? We must consider that there are some old systems with
older bash installations which we might break.
I'd rather see a similar patch which checks the exit code instead of
something more undefined like this approach. Also for clarity in the
code of what we expect or n
ilable, it
is still possible to build the rest of OpenVPN. You might even manage
to install the unsigned TUN/TAP driver with some tweaking.
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/11/10 17:55, Peter Stuge wrote:
> David Sommerseth wrote:
>>>> Modified win/build_all.py so that build does not fail even if
>>>> the optional signtool python class is not available.
>>>
>>> What is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/11/10 18:11, Samuli Seppänen wrote:
>
>> On 12/11/10 17:55, Peter Stuge wrote:
>>> David Sommerseth wrote:
>>>>>> Modified win/build_all.py so that build does not fail even if
>>>>>&g
commit fc1fa9ffc7e3356458ec38d43816e5ddeb0c580a
Author: Pierre Bourdon <delroth@?>
List-Post: openvpn-devel@lists.sourceforge.net
Date: Mon Oct 11 00:56:04 2010 +0200
kind regards,
David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
C
b3674f9d80871f496d1da8
Author: Gert Doering <g...@greenie.muc.de>
List-Post: openvpn-devel@lists.sourceforge.net
Date: Sat Oct 30 21:03:16 2010 +0200
Make "topology subnet" work on Solaris (ifconfig + route metric
changes by Kazuyoshi Aizawa, adding of loc
stead. With such a
plug-in you should be able to skip the usage of
- --username-as-common-name. I believe this would be a much cleaner
approach, as it's the authentication phase which decides if this
situation with a blank username is correct or not.
kind regards
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/11/10 01:22, Jesse Young wrote:
> On Thu, Nov 11, 2010 at 00:25:03 +0100, David Sommerseth wrote:
> On 01/11/10 17:33, Jesse Young wrote:
>>>> Signed-off-by: Jesse Young <jesse.yo...@gmail.com>
>>>> ---
>&g
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 28/08/10 22:31, David Sommerseth wrote:
> This is a patch series which tries to do some source code clean-up.
> After having noticed that ./configure --enable-pthread was simply doing
> *nothing*, as it was forcefully being disabled in sys
d to fail. This patch adds a check
to see if variable exists before trying to use it.
Signed-off-by: Samuli Seppänen <sam...@openvpn.net>
Acked-by: Peter Stuge <pe...@stuge.se>
Signed-off-by: David Sommerseth <d...@users.sourceforge.net>
kind regards,
Davi
The GNU C compiler gives a lot of different warnings when compiling
with -Wall set. This patch-set tries to clean up all these issues,
hopefully without breaking anything for other compilers - especially
on the Windows platform.
David Sommerseth (6):
Use stricter snprintf() formatting
1 - 100 of 2018 matches
Mail list logo