Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Thanks Gert for your reply. Suppose the maintainer for OpenVPN port at OpenBSD says that the current OpenVPN 2.3.4 version will only be available for OpenBSD 5.6 (scheduled for release in November 2014), what should users of OpenBSD 5.5 do? Regards. Lisa From: Gert Doering g...@greenie.muc.de Sent: Tue Jul 29 07:41:58 CEST 2014 To: Lisa Minogue lmino...@mail.be Subject: Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD? Hi, On Tue, Jul 29, 2014 at 04:08:07AM +0200, Lisa Minogue wrote: Could someone tell me where I can download the binary package of the latest version, 2.3.4, of OpenVPN client for OpenBSD? The version available for OpenBSD 5.5 in the packages directory is 2.3.2. That's a question that should be posed to whoever maintains the OpenBSD binary package (and the ports tree). See here: http://www.openbsd.org/faq/ports/ports.html section 1.9 explains how to find the maintainer for a port, so find the maintainer for the OpenVPN port, and ask him to bump the revision to 2.3.4 (which FreeBSD and NetBSD have done, btw :) ). I do not have a current OpenBSD system around, otherwise I could look myself. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de - Mail.be, WebMail and Virtual Office http://www.mail.be -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Hi, On Tue, Jul 29, 2014 at 11:27:27AM +0200, Lisa Minogue wrote: Thanks Gert for your reply. Suppose the maintainer for OpenVPN port at OpenBSD says that the current OpenVPN 2.3.4 version will only be available for OpenBSD 5.6 (scheduled for release in November 2014), what should users of OpenBSD 5.5 do? Compile it yourself? OpenVPN should compile nicely and without issues on OpenBSD (and compiling OpenVPN on unix versions is straightforward). OTOH, if they bump the version in the ports tree, you can just compile from the ports tree - ports tree usually works for older versions as well. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgp93gRNXiGvh.pgp Description: PGP signature -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
From: Gert Doering g...@greenie.muc.de Sent: Tue Jul 29 11:54:37 CEST 2014 To: Lisa Minogue lmino...@mail.be Subject: Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD? Compile it yourself? OpenVPN should compile nicely and without issues on OpenBSD (and compiling OpenVPN on unix versions is straightforward). Is there any guide on how to compile OpenVPN on *nix operating systems? I have search for a how-to on openvpn.net and found none there. If I were to get someone to help me compile, what would be the technical (I mean IT) knowledge that THAT person needs to have? A background in C, C++, networking, OpenBSD? The source code of OpenVPN is in C, yes? OTOH, if they bump the version in the ports tree, you can just compile from the ports tree - ports tree usually works for older versions as well. Thanks for the above tip, Gert. Regards. Lisa - Mail.be, WebMail and Virtual Office http://www.mail.be -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Hi, On Tue, Jul 29, 2014 at 01:30:35PM +0200, Lisa Minogue wrote: Compile it yourself? OpenVPN should compile nicely and without issues on OpenBSD (and compiling OpenVPN on unix versions is straightforward). Is there any guide on how to compile OpenVPN on *nix operating systems? I have search for a how-to on openvpn.net and found none there. Well, in the package itself, there are two files called README and INSTALL. On community.openvpn.net, there should be something, but for anyone who has compiled any piece of open source software beforehand, OpenVPN is just as basic as it gets. - get the tar ball - call tar xvfz openvpn-2.3.4.tar.gz to extract - cd openvpn-2.3.4 - ./configure - make - make install If I were to get someone to help me compile, what would be the technical (I mean IT) knowledge that THAT person needs to have? A background in C, C++, networking, OpenBSD? The source code of OpenVPN is in C, yes? No background needed, just basic capabilities in reading instructions and using google. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpqtnpFKFbFH.pgp Description: PGP signature -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Hi, From: Gert Doering g...@greenie.muc.de Sent: Tue Jul 29 13:53:27 CEST 2014 To: Lisa Minogue lmino...@mail.be Subject: Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD? Well, in the package itself, there are two files called README and INSTALL. On community.openvpn.net, there should be something, but for anyone who has compiled any piece of open source software beforehand, OpenVPN is just as basic as it gets. - get the tar ball - call tar xvfz openvpn-2.3.4.tar.gz to extract - cd openvpn-2.3.4 - ./configure - make - make install Thanks, Gert, for the tip. No background needed, just basic capabilities in reading instructions and using google. Awesome reply :) [seriously, if it's so easy as you seem to make it out to be, why doesn't the maintainer of OpenVPN for OpenBSD compile and upload version 2.3.4 sooner? What's holding him back? If I can compile it successfully I will do everyone a favor by submitting it for inclusion in the packages directory. Doesn't OpenBSD pride itself in being the security-focused OS?] Regards. Lisa - Mail.be, WebMail and Virtual Office http://www.mail.be -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Hi Samuli It's nice to hear from you. Gert has helped to clarify my doubts. That's nice of him :) Maybe there is no OpenBSD binary package for OpenVPN 2.3.4? In that case you need to compile 2.3.4 from the sources available on openvpn.net. Yes, Gert did advise me to compile it using the source tarball at openvpn.net as there is no OpenBSD binary package for OpenVPN 2.3.4. After downloading the source tarball, 2.3.4, and unzipping it, I studied the contents of INSTALL file. 1. Do I have to download easy-rsa, OpenSSL library and LZO compression library? The INSTALL file's directions SEEM to tell me those 3 items are not included in the source tarball. 2. There is a paragraph in the INSTALL file that says: OpenBSD users can use ports or packages to install lzo, but remember to add CFLAGS=-I/usr/local/include LDFLAGS=L/usr/local/lib directives to configure, since gcc will not find them otherwise. Does that mean that I'll have to modify the 'configure' command to look like the following? ./configure --CFLAGS=-I/usr/local/include LDFLAGS=L/usr/local/lib Thanks for your help. Lisa - Mail.be, WebMail and Virtual Office http://www.mail.be -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Hi, On Tue, Jul 29, 2014 at 03:08:25PM +0200, Lisa Minogue wrote: [seriously, if it's so easy as you seem to make it out to be, why doesn't the maintainer of OpenVPN for OpenBSD compile and upload version 2.3.4 sooner? What's holding him back? Ask them. Maybe they are just humans, need to eat and sleep at times, and have other more urgent things to do in the meantime. If I can compile it successfully I will do everyone a favor by submitting it for inclusion in the packages directory. Doesn't OpenBSD pride itself in being the security-focused OS?] 2.3.2 - 2.3.4 has no significant security impact (if I remember correctly), it's just the provided *windows* binaries have, because they bundle OpenSSL and that one was vulnerable. So from a security PoV, it's ok to stick to 2.3.2, as any version change could bring in new bugs... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgptawRZHzVz_.pgp Description: PGP signature -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Hi 2.3.2 - 2.3.4 has no significant security impact (if I remember correctly), it's just the provided *windows* binaries have, because they bundle OpenSSL and that one was vulnerable. So from a security PoV, it's ok to stick to 2.3.2, as any version change could bring in new bugs... Thanks Gert. Hi Samuli As you are the community manager and the person who compiles and creates binaries for Windows and Debian platforms, could you confirm that, from a security point of view, there is no difference in using Linux versions 2.3.2 and 2.3.4? Thanks for your help. Lisa - Mail.be, WebMail and Virtual Office http://www.mail.be -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi 2.3.2 - 2.3.4 has no significant security impact (if I remember correctly), it's just the provided *windows* binaries have, because they bundle OpenSSL and that one was vulnerable. So from a security PoV, it's ok to stick to 2.3.2, as any version change could bring in new bugs... Thanks Gert. Hi Samuli As you are the community manager and the person who compiles and creates binaries for Windows and Debian platforms, could you confirm that, from a security point of view, there is no difference in using Linux versions 2.3.2 and 2.3.4? Thanks for your help. I can't confirm that 2.3.2 and 2.3.4 are equal from a security point of view, because as Gert said, any version change could bring in new [security] bugs :). However, what I can confirm is that OpenVPN Linux binaries are almost always linked to OpenSSL packages provided by the Linux distribution; this is also the case for my OpenVPN Debian/Ubuntu packages, Just use an up-to-date OpenSSL version from your distro's repositories and you should be fine. - -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlPXukIACgkQwp2X7RmNIqMrDQCgguBEM8i9gASkan83BKB1dcb+ RjYAn2Rzb6dRkmLG0ZftY78F5WpA6Pz3 =fSVE -END PGP SIGNATURE- -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Samuli I can't confirm that 2.3.2 and 2.3.4 are equal from a security point of view, because as Gert said, any version change could bring in new [security] bugs :). Please clarify for me and possibly for those who are interested in this issue. On the page entitled Overview of changes in OpenVPN v2.3 (url: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23), as one moves from version 2.3.2 to 2.3.3, there are more than 20 fixes by various OpenVPN developers. And again from version 2.3.3 to 2.3.4 there are a few more fixes. Are those fixes soley for Windows platform? Do the fixes apply to Linux platforms as well? If yes, don't you think it's better for me to compile an OpenVPN package binary (version 2.3.4) for OpenBSD if I wish to use OpenBSD as my primary OS? If the fixes are platform-specific, they will be marked as such. For example, Fixed an issue x on platform y. If OpenVPN 2.3.2 is working fine for you don't need to upgrade to 2.3.4. New issues are found and fixes all the time, but those don't make older versions unusable, only slightly less perfect than the newer ones. Then again, new versions of software introduce new problems, so an older version might be better in some respects than a newer one. Best regards, - -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlPX1JUACgkQwp2X7RmNIqP0kQCg0FcvN4Y0irA/lv0ut8GFmVnk +9IAoIjvcMVt1BTAb1RxcNxHHriUnE5w =yROK -END PGP SIGNATURE- -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Hi, On Tue, Jul 29, 2014 at 06:00:48PM +0200, Lisa Minogue wrote: I can't confirm that 2.3.2 and 2.3.4 are equal from a security point of view, because as Gert said, any version change could bring in new [security] bugs :). Please clarify for me and possibly for those who are interested in this issue. On the page entitled Overview of changes in OpenVPN v2.3 (url: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23), as one moves from version 2.3.2 to 2.3.3, there are more than 20 fixes by various OpenVPN developers. And again from version 2.3.3 to 2.3.4 there are a few more fixes. Those are bugfixes, but not *security* fixes. Like, some seldom-used functionality not working right on some of the supported OSes (like the route-gateway stuff, which only affects *client* use on some of the BSDs). Are those fixes soley for Windows platform? Do the fixes apply to Linux platforms as well? If yes, don't you think it's better for me to compile an OpenVPN package binary (version 2.3.4) for OpenBSD if I wish to use OpenBSD as my primary OS? I'm not sure OpenBSD is the right OS for you. OpenBSD will require that you get friends with the ports system, how to compile software from packages, and so on. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpoubcBbmY5L.pgp Description: PGP signature -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Hi Gert, Those are bugfixes, but not *security* fixes. Like, some seldom-used functionality not working right on some of the supported OSes (like the route-gateway stuff, which only affects *client* use on some of the BSDs). You wrote: which only affects client use on some of the BSDs. Is OpenBSD one of them? I'm not sure OpenBSD is the right OS for you. I don't know the reasons for your saying that. One of my hobbies is to learn how to use other *nix operating systems as an end-user. Is there anything wrong with that? OpenBSD will require that you get friends with the ports system, how to compile software from packages, and so on. I don't exactly understand what you mean by you get friends with the ports system. Well I can find someone among my friends such as those on Facebook who can help me compile OpenVPN from source tarball for OpenBSD. Regards. Lisa - Mail.be, WebMail and Virtual Office http://www.mail.be -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?
Hi, On Tue, Jul 29, 2014 at 11:03:46PM +0200, Lisa Minogue wrote: Those are bugfixes, but not *security* fixes. Like, some seldom-used functionality not working right on some of the supported OSes (like the route-gateway stuff, which only affects *client* use on some of the BSDs). You wrote: which only affects client use on some of the BSDs. Is OpenBSD one of them? Could be. Check the ChangeLogs. But it's *client* use, so you won't see this if you run the server on OpenBSD. I'm not sure OpenBSD is the right OS for you. I don't know the reasons for your saying that. One of my hobbies is to learn how to use other *nix operating systems as an end-user. Is there anything wrong with that? The hobby is fine, but the questions you ask give me the impression that OpenBSD and you won't get along too well. OpenBSD is very user friendly, but it's very selective who its friends are. Well I can find someone among my friends such as those on Facebook who can help me compile OpenVPN from source tarball for OpenBSD. What is Facebook? gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpFydyWCDjVd.pgp Description: PGP signature -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users