subject:"\\\\\\\[Openvpn\\\\\\\-devel\\\\\\\] CFT\\\\\\\: OpenVPN 2.4 port update \\\\\\\(upstream rc2\\\\\\\) for FreeBSD"

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

2016-12-22 Thread Steffan Karger

Hi,

On 22-12-16 19:23, Gert Doering wrote:
> On Thu, Dec 22, 2016 at 07:01:32PM +0100, Matthias Andree wrote:
>> I haven't seen anything mentioned by a Jonathan recently, and see
>> nothing in the openvpn-devel archives, but yes it is about optionally
>> obfuscating OpenVPN traffic on the wire, adding an undocumented
>> --scramble option, and taken from here:
>> .
> 
> Sorry, my fault.  That was Jonathan K. Bullard on openvpn-*users*, who
> is maintaining Tunnelblick, and he mentioned that his builds do contain
> an obfuscation patch.  So it seems to be the same thing.
> 
> Jonathan's mail is here:
> 
> http://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg03396.html
> 
> (he calls it the "openvpn_xorpatch")

Also, check out what he writes on
https://tunnelblick.net/cOpenvpn_xorpatch.html about the original OPN patch:

"However, a Tunnelblick developer has reviewed the patch, found some
problems, and modified it in Tunnelblick to resolve those problems. The
problems that were found and fixed involved insufficient parameter
validation, null pointer dereferences, division by zero errors, and a
buffer overflow."

So might be worth checking out which patch you're using.

-Steffan




signature.asc
Description: OpenPGP digital signature
--
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/intel___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

2016-12-22 Thread Gert Doering

Hi,

On Thu, Dec 22, 2016 at 07:01:32PM +0100, Matthias Andree wrote:
> I haven't seen anything mentioned by a Jonathan recently, and see
> nothing in the openvpn-devel archives, but yes it is about optionally
> obfuscating OpenVPN traffic on the wire, adding an undocumented
> --scramble option, and taken from here:
> .

Sorry, my fault.  That was Jonathan K. Bullard on openvpn-*users*, who
is maintaining Tunnelblick, and he mentioned that his builds do contain
an obfuscation patch.  So it seems to be the same thing.

Jonathan's mail is here:

http://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg03396.html

(he calls it the "openvpn_xorpatch")

gert
-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


signature.asc
Description: PGP signature
--
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/intel___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

2016-12-22 Thread Matthias Andree

Am 22.12.2016 um 11:24 schrieb Gert Doering:
> Hi,
>
> On Thu, Dec 22, 2016 at 09:58:07AM +0100, Matthias Andree wrote:
>> I have an updated version with TUNNELBLICK patch re-enabled up for
>> testing at
>> 
> Is that the xor obfuscation patch Jonathan mentioned?  Or something else?

Hi Gert,

I haven't seen anything mentioned by a Jonathan recently, and see
nothing in the openvpn-devel archives, but yes it is about optionally
obfuscating OpenVPN traffic on the wire, adding an undocumented
--scramble option, and taken from here:
.

The upstream FreeBSD port does not normally apply the patch by default,
and I have marked it as controversial and only for compatibility in an
extended help.

The binary packages build the default option set, so they also *exclude*
this patch/feature.

Cheers,
Matthias


--
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/intel
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

2016-12-22 Thread Gert Doering

Hi,

On Thu, Dec 22, 2016 at 09:58:07AM +0100, Matthias Andree wrote:
> I have an updated version with TUNNELBLICK patch re-enabled up for
> testing at
> 

Is that the xor obfuscation patch Jonathan mentioned?  Or something else?

gert

-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


signature.asc
Description: PGP signature
--
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/intel___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

2016-12-22 Thread Matthias Andree

Am 16.12.2016 um 21:21 schrieb Matthias Andree:
> Greetings,
>
> I've put up a new OpenVPN 2.4-rc2 port for FreeBSD for testing.
>
> Get it from .
>
> This time, it also contains the openvpn23 and openvpn23-polarssl ports
> (as modified copies of what we have now) that I plan to keep for the
> first quarter of 2017 and then retire, just in case.
>
> The diff at https://reviews.freebsd.org/D8813 has been updated, too.
>
> Cheers,
> Matthias

I have an updated version with TUNNELBLICK patch re-enabled up for
testing at



signature.asc
Description: OpenPGP digital signature
--
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/intel___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD

2016-12-16 Thread Matthias Andree

Greetings,

I've put up a new OpenVPN 2.4-rc2 port for FreeBSD for testing.

Get it from .

This time, it also contains the openvpn23 and openvpn23-polarssl ports
(as modified copies of what we have now) that I plan to keep for the
first quarter of 2017 and then retire, just in case.

The diff at https://reviews.freebsd.org/D8813 has been updated, too.

Cheers,
Matthias









signature.asc
Description: OpenPGP digital signature
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

Re: [Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD, now with TUNNELBLICK

[Openvpn-devel] CFT: OpenVPN 2.4 port update (upstream rc2) for FreeBSD

6 matches

Site Navigation

Mail list logo

Footer information