Re: [Openvpn-devel] use of --cipher with no arguments?

2016-07-25 Thread Steffan Karger
Hi, On Mon, Jul 25, 2016 at 10:04 PM, Gert Doering wrote: > has anyone ever used "--cipher" without an argument? If yes, what is the > intended usage? It sort of "tells openvpn we want crypto!" but does not > go into detail about it... > > Normally, this would just be a

[Openvpn-devel] [PATCH] Fix "--cipher none --cipher" crash

2016-07-25 Thread Steffan Karger
As reported in trac #699, OpenVPN crashes when an "--cipher none" option is followed by "--cipher" (without arguments). Fix this by removing the redudant ciphername_defined and authname_defined members of struct options. That not only fixes the issue, but also cleans up the code a bit.

[Openvpn-devel] use of --cipher with no arguments?

2016-07-25 Thread Gert Doering
Hi, has anyone ever used "--cipher" without an argument? If yes, what is the intended usage? It sort of "tells openvpn we want crypto!" but does not go into detail about it... Normally, this would just be a random weird option, but I ran across --cipher none --cipher which first tells

Re: [Openvpn-devel] [PATCH applied] Re: Allow ncp-disable and ncp-ciphers to be specified in ccd files

2016-07-25 Thread Gert Doering
Hi, On Mon, Jul 25, 2016 at 09:20:03PM +0200, Gert Doering wrote: > Your patch has been applied to the master branch. > > commit 834f602fd069118b5d00a9042c9fdb20930257eb > Author: Steffan Karger > Date: Mon Jul 25 20:52:46 2016 +0200 > > Allow ncp-disable and ncp-ciphers to be specified

[Openvpn-devel] [PATCH applied] Re: Allow ncp-disable and ncp-ciphers to be specified in ccd files

2016-07-25 Thread Gert Doering
Your patch has been applied to the master branch. commit 834f602fd069118b5d00a9042c9fdb20930257eb Author: Steffan Karger List-Post: openvpn-devel@lists.sourceforge.net Date: Mon Jul 25 20:52:46 2016 +0200 Allow ncp-disable and ncp-ciphers to be specified in ccd files Signed-off-by:

[Openvpn-devel] [PATCH applied] Re: Add server-side support for cipher negotiation

2016-07-25 Thread Gert Doering
Another ACK from me. Stared at the code, tested it vs. iOS OpenVPN and 2.2/2.3/git master clients (works!), and we've discussed it quite a bit on IRC, so it finally all made sense :-) Testing this turned up something we need to fix: with the patch set 1-5 enabled, and "delayed key init" active

Re: [Openvpn-devel] [PATCH] Added client-ip option to NAT

2016-07-25 Thread Arne Schwabe
Am 05.07.16 um 15:13 schrieb Rafael Gava: > Hi Arne, sorry for replying so late. > > Below is the NAT client-ip patch fixing the messed up whitespaces. > The only difference from the previous patch, besides the whitespaces, > is that I'm considering both strings 'client-ip' and 'localhost' as >