Old expiration was October 2024, less than a year away.
Give everyone the chance to get the new keys before tests
start failing.
Change-Id: Ie264ec1ec61fd71e8cc87987be3e2adc2735c201
Signed-off-by: Frank Lichtenheld
Acked-by: Arne Schwabe
---
This change was reviewed on Gerrit and approved by
These are all fixes I considered "safe". They either
- Have sufficient checks/shifts for a cast to be safe
- Fix the type of a variable without requiring code changes
- Are in non-critical unittest code
v2:
- add min_size instead of abusing min_int
Change-Id:
From: Arne Schwabe
Instead of repeating near identical code several times
in manage.c, use a small helper function instead.
Change-Id: I91f739f5cb43386b2ce767cf3603a76e6b93e216
Acked-by: Frank Lichtenheld
Signed-off-by: Arne Schwabe
---
This change was reviewed on Gerrit and approved by at
Attention is currently required from: plaisthos.
flichtenheld has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/443?usp=email )
Change subject: Remove unused/uneeded defines from configure and cmake config
Old expiration was October 2024, less than a year away.
Give everyone the chance to get the new keys before tests
start failing.
Change-Id: Ie264ec1ec61fd71e8cc87987be3e2adc2735c201
Signed-off-by: Frank Lichtenheld
---
sample/sample-config-files/loopback-client | 319 +++--
From: Arne Schwabe
When we receive an SSL alert from a server we currently only log a
very cryptic OpenSSL error message:
OpenSSL: error:0A00042E:SSL routines::tlsv1 alert protocol version:SSL alert
number 70
This also enables logging the much more readable SSL error message:
Received
Using "tun" as the variable name for the return of
is_tun_p2p is probably a historical accident. But
it has actual consequences in that the other code
often seems to assume that it does less checks
than it actually does.
Use "tun_p2p" as the variable name and remove checks
that are not required.
From: Arne Schwabe
Change-Id: I1141eb7740d8900ed4af0ff5ff52aa3659df99aa
Acked-by: Frank Lichtenheld
---
This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/451
This mail reflects
This was an easy one. Quick local review and test compile, and ship it :-)
Your patch has been applied to the master and release/2.6 branch
(because it really is no actual *code* change at all, and keeping changes
between branches small is desirable).
commit
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/451?usp=email )
Change subject: Remove unused function prototype crypto_adjust_frame_parameters
..
Remove unused function prototype
cron2 has uploaded a new patch set (#2) to the change originally created by
plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/451?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by flichtenheld
Change subject: Remove unused function prototype
Passes selftests on master and release/2.6, and that's all these
keys are there for.
A minor script change has made it into the patch (gen-sample-keys.sh)
but this is fine as well (and only run for generating these files, not
automatically).
Your patch has been applied to the master and
Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/453?usp=email
to review the following change.
Change subject: configure.ac: Remove unused AC_TYPE_SIGNAL macro
Attention is currently required from: flichtenheld.
plaisthos has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/378?usp=email )
Change subject: configure: allow to disable NTLM
..
Patch Set 1:
Attention is currently required from: plaisthos.
Hello flichtenheld,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/443?usp=email
to look at the new patch set (#3).
Change subject: Remove unused/uneeded defines from configure and cmake config
Attention is currently required from: flichtenheld.
plaisthos has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/453?usp=email )
Change subject: configure.ac: Remove unused AC_TYPE_SIGNAL macro
..
Attention is currently required from: plaisthos.
flichtenheld has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/452?usp=email )
Change subject: Rename state_change to continue_tls_process
..
Patch
Attention is currently required from: flichtenheld.
plaisthos has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/378?usp=email )
Change subject: configure: allow to disable NTLM
..
Patch Set 1:
(1
Attention is currently required from: flichtenheld.
plaisthos has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/365?usp=email )
Change subject: Print SSL peer signature information in handshake debug details
Better diagnostics is goood!
Your patch has been applied to the master and release/2.6 branch
(very basic change, no code flow change, enhanced diagnostics good).
We might consider moving from dmsg() to msg() - this is neither
very time consuming nor increasing binary size hugely.
commit
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/448?usp=email )
Change subject: Log SSL alerts more prominently
..
Log SSL alerts more prominently
When we receive an SSL alert from a server we
cron2 has uploaded a new patch set (#4) to the change originally created by
plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/448?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by flichtenheld
Change subject: Log SSL alerts more prominently
Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/454?usp=email
to review the following change.
Change subject: Fix unaligned access in macOS/Solaris hwaddr
Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/455?usp=email
to review the following change.
Change subject: Cache mbed TLS dependency and build latest 2.x mbed TLS as well
Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/457?usp=email
to look at the new patch set (#2).
Change subject: Implement generating TLS 1.0 PRF using new OpenSSL 3.0 APIs
Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/456?usp=email
to review the following change.
Change subject: Extend the error message when TLS 1.0 PRF fails
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/450?usp=email )
Change subject: Introduce report_command_status helper function
..
Introduce report_command_status helper function
Instead of repeating
Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/456?usp=email
to look at the new patch set (#2).
Change subject: Extend the error message when TLS 1.0 PRF fails
Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/457?usp=email
to review the following change.
Change subject: Implement generating TLS 1.0 PRF using new OpenSSL 3.0 APIs
This can happen if the memory alloc fails.
Patch V2: add goto error
Patch V3: return -ENOMEM instead of going to error
Change-Id: Iee66caa794d267ac5f8bee584633352893047171
Signed-off-by: Arne Schwabe
---
src/openvpn/dco_linux.c | 6 ++
1 file changed, 6 insertions(+)
diff --git
Attention is currently required from: flichtenheld, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/454?usp=email )
Change subject: Fix unaligned access in macOS/Solaris hwaddr
..
cron2 has uploaded a new patch set (#2) to the change originally created by
plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/450?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by flichtenheld
Change subject: Introduce report_command_status helper function
Skimmed the code, test compiled, not excercised the management interface.
Obvious improvement.
"client-auth" morphed into "client_auth" here, which I took the liberty
to change back (checked with Arne, avoid a new round).
Your patch has been applied to the master branch.
commit
33 matches
Mail list logo
