Re: [Openvpn-devel] [RFC] openssl minimum supported version

Hi, On Tue, Feb 21, 2012 at 09:20:50PM +0200, Samuli Seppänen wrote: > Also, ecrist publishes source tarballs every couple of weeks already... > couldn't these old autotools users use those and still get failrly > recent OpenVPN versions on their boxes? Exactly. You need autotools if you want

Re: [Openvpn-devel] [RFC] openssl minimum supported version

Hi, On Tue, Feb 21, 2012 at 04:56:37PM +0100, David Sommerseth wrote: > There might be similar restrictions related to autoconf/automake tools > too. As James has some automation for the Access Server builds for those > supported platforms, we must be sure we don't break that for him. From >

Re: [Openvpn-devel] [RFC] openssl minimum supported version

Hi, On Tue, Feb 21, 2012 at 05:15:22PM +0200, Alon Bar-Lev wrote: > OpenVPN supports minimum openssl version of 0.9.6, while this version > is unsupported by upstream and probably a security risk. > > What would be a suitable minimum version to support? > > I think that 0.9.8 is the one.

Re: [Openvpn-devel] [RFC] openssl minimum supported version

On Tue, Feb 21, 2012 at 7:51 PM, David Sommerseth wrote: >> No there is none. Unlike other dependencies autotools dependencies are >> of development machine. You should create tarball on newer machine >> then compile it on the target platform. Target platform may

Re: [Openvpn-devel] [RFC] openssl minimum supported version

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 21/02/12 17:12, Alon Bar-Lev wrote: > On Tue, Feb 21, 2012 at 5:56 PM, David Sommerseth > wrote: >> There might be similar restrictions related to autoconf/automake >> tools too. As James has some automation for

[Openvpn-devel] [PATCH] mask out X_OK when calling WIN32 API _waccess()

This reverts commit 4ebc587e. Instead of defining X_OK 0 for MSVC, this undefined mode value is now simply masked out close to where it causes the trouble; in the call to _waccess() as suggested during the discussion on the development mailing list:

Re: [Openvpn-devel] [RFC] openssl minimum supported version

On Tue, Feb 21, 2012 at 5:56 PM, David Sommerseth wrote: > There might be similar restrictions related to autoconf/automake tools > too.  As James has some automation for the Access Server builds for those > supported platforms, we must be sure we don't break that

Re: [Openvpn-devel] [RFC] openssl minimum supported version

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 21/02/12 16:15, Alon Bar-Lev wrote: > Hello, > > OpenVPN supports minimum openssl version of 0.9.6, while this version > is unsupported by upstream and probably a security risk. > > What would be a suitable minimum version to support? > > I

Re: [Openvpn-devel] [RFC] openssl minimum supported version

- Mail original - > De: "Alon Bar-Lev" > À: "openvpn-devel@lists.sourceforge.net" > Envoyé: Mardi 21 Février 2012 16:15:22 > Objet: [Openvpn-devel] [RFC] openssl minimum supported version > > Hello, > > OpenVPN supports

Re: [Openvpn-devel] [RFC] openssl minimum supported version

Alon Bar-Lev wrote: > Hello, > > OpenVPN supports minimum openssl version of 0.9.6, while this version > is unsupported by upstream and probably a security risk. > > What would be a suitable minimum version to support? > > I think that 0.9.8 is the one. > EL5 and most SuSE distro's still use

[Openvpn-devel] [RFC] openssl minimum supported version

Hello, OpenVPN supports minimum openssl version of 0.9.6, while this version is unsupported by upstream and probably a security risk. What would be a suitable minimum version to support? I think that 0.9.8 is the one. Regards, Alon.

Re: [Openvpn-devel] [PATCH] remove wrapper code for Windows CryptoAPI function

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17/08/11 17:53, Heiko Hund wrote: > The CryptoAPI function CryptAcquireCertificatePrivateKey() was > previously unsupported in MinGW. With recent w32api headers it's now > defined, mostly. Since the code used to load the CryptoAPI DLL is > prone to

Re: [Openvpn-devel] [PATCH] fix warnings in event.c when building for win32-64

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 18/08/11 14:12, Heiko Hund wrote: > When compiling for 64-bit Windows gcc warns about > > "cast from pointer to integer of different size" > > on two occasions in file event.c, due to invalid casting. This patch > removes the type casts and uses

[Openvpn-devel] OpenVPN 2.3-alpha1 preview 1 installer now available

Hi all, A preview of OpenVPN 2.3-alpha1 installer for Windows is now available here: It's essentially the same as the to-be 2.3-alpha1, except that - the installer is not signed - the new OpenVPN-GUI is not

Re: [Openvpn-devel] [PATCH 00/35] build revolution

On Tue, Feb 21, 2012 at 1:52 PM, Frank de Brabander wrote: > The pkg-config website says it runs on OS X, so that shouldn't be the issue. > > But if pkg-config is required for the new build process, shouldn't > configure test for a valid version of pkg-config early on? Now

Re: [Openvpn-devel] [PATCH 00/35] build revolution

Il 21.02.2012 13:46, Alon Bar-Lev ha scritto: > On Tue, Feb 21, 2012 at 1:39 PM, Adriaan de Jong wrote: >> Does pkgconfig work/exist across many platforms, or is it a dependency that >> might hurt us on for example Mac OS, Windows or *BSD? The reason why I ask >> is that an

Re: [Openvpn-devel] [PATCH 00/35] build revolution

The pkg-config website says it runs on OS X, so that shouldn't be the issue. But if pkg-config is required for the new build process, shouldn't configure test for a valid version of pkg-config early on? Now it either fails at the pkcs11 part of ./configure or with linking errors with openssl (if

Re: [Openvpn-devel] [PATCH 00/35] build revolution

On Tue, Feb 21, 2012 at 1:39 PM, Adriaan de Jong wrote: > Does pkgconfig work/exist across many platforms, or is it a dependency that > might hurt us on for example Mac OS, Windows or *BSD? The reason why I ask is > that an argument against other systems such as scons and

Re: [Openvpn-devel] [PATCH 00/35] build revolution

On Tue, Feb 21, 2012 at 1:32 PM, Frank de Brabander wrote: > When I try to build like this, it seems to fail at linking to openssl > (OS X Lion). > > ./configure PKG_CONFIG=true > make > mekboek:openvpn-2.x-master brabander$ ls /usr/lib/libcrypto.* > /usr/lib/libssl.* >

Re: [Openvpn-devel] [PATCH 00/35] build revolution

Hello, On Tue, Feb 21, 2012 at 12:30 PM, Adriaan de Jong wrote: > Hi Alon, > > It's great to see a lot of work on the build system. Working with the old > system was often a pain, I hope the new system gives some more control and > especially flexibility to packagers. Still,

Re: [Openvpn-devel] [PATCH 00/35] build revolution

> -Original Message- > From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] > Sent: dinsdag 21 februari 2012 10:02 > > Oh, and I forgot. > Most optional dependencies are now disabled by default. > You should explicitly enable lzo with --enable-lzo > Hi Alon, It's great to see a lot of

Re: [Openvpn-devel] [PATCH 00/35] build revolution

Alon: how complete is the new buildsystem? I could put it to test using our buildbot farm and see if/how it breaks. Samuli > Oh, and I forgot. > Most optional dependencies are now disabled by default. > You should explicitly enable lzo with --enable-lzo > > > On Tue, Feb 21, 2012 at 11:01 AM,

Re: [Openvpn-devel] [DEVELOPER REQUESTED] Repackage TAP-Win32

> 2012/2/20 Samuli Seppänen >>> Here are the tasks to perform: >>> 1. Create a GIT repository of the master TAP-Win32 sources with all >>> history, to ease our work, please use github. >> Any thoughts of this anyone? Personally, I don't care where the source >> code lives. It

Re: [Openvpn-devel] [PATCH 00/35] build revolution

Oh, and I forgot. Most optional dependencies are now disabled by default. You should explicitly enable lzo with --enable-lzo On Tue, Feb 21, 2012 at 11:01 AM, Alon Bar-Lev wrote: > Hi! > > Will there are no more --with-*-headers configure options, as they are > none

Re: [Openvpn-devel] [PATCH 00/35] build revolution

Ok, this tarball works! But now I get the following ( with ./configure --with-lzo-headers=/opt/local/include --with-lzo-lib=/opt/local/lib ): checking for lzo1x_1_15_compress in -llzo... no checking for PKCS11_HELPER... no configure: error: in

Re: [Openvpn-devel] [PATCH 00/35] build revolution

Hello Frank, Thank you for testing. Can you please try to download my tarball[1] and not autoreconf at your machine? I think your autotools are waaay to old. And... can you please send me: # autoconf --version # aclocal --version # automake --version # libtool --version Alon [1]

Re: [Openvpn-devel] [PATCH 33/35] build: proper crypto detection and usage

I need to delve into this one a little further once I have time. At first glance, a minor nack: OpenSSL 0.9.6 isn't supported anymore, so the autoconf statement and any >= 0.9.7 statements can go. Adriaan > -Original Message- > From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] > Sent:

Re: [Openvpn-devel] [PATCH 02/35] cleanup: crypto_openssl.c: remove support for pre-openssl-0.9.6

Ack, I'll be glad to be rid of some of this cruft. Adriaan > -Original Message- > From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] > Sent: dinsdag 21 februari 2012 2:22 > To: openvpn-devel@lists.sourceforge.net > Cc: Alon Bar-Lev > Subject: [Openvpn-devel] [PATCH 02/35] cleanup:

[Openvpn-devel] [PATCH 23/35] build: standard directory layout

Too big for mailing list... Suitable for mature project. root - administrative stuff doc- documents src- sources tests - tests distro - distro specific files sample - samples Signed-off-by: Alon Bar-Lev On Tue, Feb 21, 2012 at 3:25 AM,

[Openvpn-devel] [PATCH 35/35] build: move out config.h include from syshead

Yet another step in reducing the syshead.h content. Conditional compilation of sources needs to be based on a minimum program prefix (config.h only). Signed-off-by: Alon Bar-Lev --- src/openvpn/base64.c |6 ++ src/openvpn/buffer.c |6

[Openvpn-devel] [PATCH 34/35] build: win-msvc: msbuild format

Signed-off-by: Alon Bar-Lev --- .gitignore| 10 +- Makefile.am | 10 +- build/Makefile.am |2 + build/msvc/Makefile.am| 15 +

[Openvpn-devel] [PATCH 33/35] build: proper crypto detection and usage

Signed-off-by: Alon Bar-Lev --- configure.ac | 224 ++--- doc/doxygen/doc_data_crypto.h |2 +- include/openvpn-plugin.h | 31 -- src/openvpn/Makefile.am |2 + src/openvpn/crypto.c

[Openvpn-devel] [PATCH 32/35] build: proper lzo detection and usage

Signed-off-by: Alon Bar-Lev --- configure.ac | 101 - doc/doxygen/doc_compression.h |2 +- src/openvpn/Makefile.am |2 + src/openvpn/forward.c |4 +- src/openvpn/init.c| 14

[Openvpn-devel] [PATCH 31/35] build: properly process lzo-stub

Signed-off-by: Alon Bar-Lev --- configure.ac | 12 +++- src/openvpn/lzo.c | 20 ++-- src/openvpn/lzo.h | 20 ++-- src/openvpn/ssl.c |2 +- src/openvpn/syshead.h | 12 5 files changed, 28

[Openvpn-devel] [PATCH 28/35] build: autoconf: minor cleanups

Signed-off-by: Alon Bar-Lev --- configure.ac | 145 +- 1 files changed, 72 insertions(+), 73 deletions(-) diff --git a/configure.ac b/configure.ac index d18e2b0..8bc23cc 100644 --- a/configure.ac +++ b/configure.ac

[Openvpn-devel] [PATCH 27/35] build: properly detect and use socket libs

Signed-off-by: Alon Bar-Lev --- configure.ac| 27 +-- src/openvpn/Makefile.am |3 ++- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/configure.ac b/configure.ac index e893d8d..d18e2b0 100644 --- a/configure.ac

[Openvpn-devel] [PATCH 29/35] build: proper selinux detection and usage

Signed-off-by: Alon Bar-Lev --- configure.ac| 35 +++ src/openvpn/Makefile.am |1 + src/openvpn/init.c |4 ++-- src/openvpn/options.c |6 +++--- src/openvpn/options.h |2 +- src/openvpn/syshead.h |

[Openvpn-devel] [PATCH 25/35] build: autoconf: commands as environment

Signed-off-by: Alon Bar-Lev --- configure.ac | 66 - 1 files changed, 28 insertions(+), 38 deletions(-) diff --git a/configure.ac b/configure.ac index 5afcacc..c34e8c4 100644 --- a/configure.ac +++ b/configure.ac

[Openvpn-devel] [PATCH 24/35] build: add libtool + windows resources for executables

Signed-off-by: Alon Bar-Lev --- .gitignore |6 Makefile.am |2 +- build/Makefile.am| 15 +++ build/ltrc.inc | 23

[Openvpn-devel] [PATCH 22/35] build: remove awk and non-standard autoconf output processing

Replace with simpler environment solution. Signed-off-by: Alon Bar-Lev --- Makefile.am | 12 ++-- configure.ac |3 +++ configure_h.awk | 39 --- configure_log.awk | 33 -

[Openvpn-devel] [PATCH 21/35] build: autoconf: remove OPENVPN_ADD_LIBS useless macro

Signed-off-by: Alon Bar-Lev --- configure.ac | 26 ++ m4/ax_openvpn_lib.m4 |4 2 files changed, 10 insertions(+), 20 deletions(-) delete mode 100644 m4/ax_openvpn_lib.m4 diff --git a/configure.ac b/configure.ac index

[Openvpn-devel] [PATCH 19/35] build: m4/ax_socklen_t.m4: cleanup

Signed-off-by: Alon Bar-Lev --- configure.ac |2 +- m4/ax_socklen_t.m4 | 95 +-- 2 files changed, 55 insertions(+), 42 deletions(-) diff --git a/configure.ac b/configure.ac index fbed6bf..69a3736 100644 ---

[Openvpn-devel] [PATCH 20/35] build: autotools: first pass of trivial autotools changes

Signed-off-by: Alon Bar-Lev --- Makefile.am | 12 +- configure.ac | 1227 +++--- lladdr.c |2 +- misc.c |2 +- misc.h |2 +- options.c| 12 +- route.c | 18 +- socket.c |

[Openvpn-devel] [PATCH 18/35] build: m4/ax_emptyarray.m4: cleanup

Signed-off-by: Alon Bar-Lev --- m4/ax_emptyarray.m4 | 49 +++-- 1 files changed, 31 insertions(+), 18 deletions(-) diff --git a/m4/ax_emptyarray.m4 b/m4/ax_emptyarray.m4 index 0a8755c..c6781c1 100644 --- a/m4/ax_emptyarray.m4

[Openvpn-devel] [PATCH 13/35] Remove tap-win32

Introduce tap-win32.h which is modified tap-win32/common.h. Except of function rename, it is the same without the tap_id. This file should be provided as part of tap-win32 MSI. For now we hold a copy. Signed-off-by: Alon Bar-Lev --- Makefile.am|3

[Openvpn-devel] [PATCH 14/35] cleanup: rename tap-windows function from win32 to win

Signed-off-by: Alon Bar-Lev --- configure.ac| 18 +++--- errlevel.h |2 +- error.c |6 +- forward.c |2 +- options.c |8 +- service-win32/service.h |2 +- sig.c |

[Openvpn-devel] [PATCH 12/35] Remove easy-rsa

Signed-off-by: Alon Bar-Lev --- Makefile.am|1 - easy-rsa/1.0/README| 161 easy-rsa/1.0/build-ca | 13 - easy-rsa/1.0/build-dh | 12 -

[Openvpn-devel] [PATCH 11/35] Remove install-win32

Signed-off-by: Alon Bar-Lev --- Makefile.am|5 +- configure.ac |3 - images/.svnignore |2 - images/Makefile.am | 41 -- images/icon.ico|

[Openvpn-devel] [PATCH 09/35] build: rename plugin directory to plugins

This to avoid conflit with plugin.c rules Signed-off-by: Alon Bar-Lev --- Makefile.am |3 +- plugin/README | 47 --- plugin/auth-pam/.svnignore|1 - plugin/auth-pam/Makefile | 30 -- plugin/auth-pam/README|

[Openvpn-devel] [PATCH 10/35] build: plugins: properly use CFLAGS and LDFLAGS

Signed-off-by: Alon Bar-Lev --- plugins/auth-pam/Makefile |9 + plugins/defer/build|6 +++--- plugins/down-root/Makefile |6 +++--- plugins/examples/build |6 +++--- 4 files changed, 14 insertions(+), 13 deletions(-) diff --git

[Openvpn-devel] [PATCH 08/35] build: handle printf style format in mingw

Signed-off-by: Alon Bar-Lev --- buffer.h | 12 ++-- error.h |6 +- misc.h | 12 ++-- status.h |6 +- 4 files changed, 30 insertions(+), 6 deletions(-) diff --git a/buffer.h b/buffer.h index 6c79007..9bc33db 100644 --- a/buffer.h +++

[Openvpn-devel] [PATCH 07/35] build: tests do not work disable

Signed-off-by: Alon Bar-Lev --- Makefile.am |5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Makefile.am b/Makefile.am index 26b80f3..f96eb45 100644 --- a/Makefile.am +++ b/Makefile.am @@ -57,16 +57,17 @@ SUBDIRS = \ service-win32 \

[Openvpn-devel] [PATCH 04/35] cleanup: memcmp.c: remove unused source

Signed-off-by: Alon Bar-Lev --- configure.ac |3 --- memcmp.c | 43 --- 2 files changed, 0 insertions(+), 46 deletions(-) delete mode 100644 memcmp.c diff --git a/configure.ac b/configure.ac index 25dcc37..1c4d66c 100644

[Openvpn-devel] [PATCH 03/35] cleanup: tun.c: fix incorrect option in message (ip-win32)

Signed-off-by: Alon Bar-Lev --- tun.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tun.c b/tun.c index c92c0d7..81b66fb 100644 --- a/tun.c +++ b/tun.c @@ -4492,7 +4492,7 @@ dhcp_masq_addr (const in_addr_t local, const in_addr_t netmask, const

[Openvpn-devel] [PATCH 05/35] build: correct place to alter WINVER is at build system

Signed-off-by: Alon Bar-Lev --- configure.ac|2 +- syshead.h |4 win/msvc.mak.in |2 +- 3 files changed, 2 insertions(+), 6 deletions(-) diff --git a/configure.ac b/configure.ac index 1c4d66c..aa1d509 100644 --- a/configure.ac +++

[Openvpn-devel] [PATCH 02/35] cleanup: crypto_openssl.c: remove support for pre-openssl-0.9.6

autoconf rejecting this anyway: --- AC_MSG_CHECKING([that OpenSSL Library is at least version 0.9.6]) AC_MSG_ERROR([OpenSSL crypto Library is too old.]) --- Signed-off-by: Alon Bar-Lev --- crypto_openssl.c | 49 - 1 files

[Openvpn-devel] [PATCH 01/35] cleanup: options.c: remove redundant include

Signed-off-by: Alon Bar-Lev --- options.c |1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/options.c b/options.c index a596ffe..3d8085c 100644 --- a/options.c +++ b/options.c @@ -50,7 +50,6 @@ #include "manage.h" #include "forward.h" #include

[Openvpn-devel] [PATCH 00/35] build revolution

As asked by David Sommerseth, I am sending the series to the list for review. This is a lot to review, please don't ACK just for the sake of ACK. The mission, as I understood, is to cleanup the project build system and reduce source complexity. This process touches all sources and reached only to

Re: [Openvpn-devel] configure patch for MacOS 10.7

Am 07.02.2012 11:24, schrieb Gert Doering: > Hi, > > I'm forwarding this "as-is", as I do not have enough understanding of > autoconf to say whether this is necessary, or "the right fix" - but > anyway, I've been told that this is needed to make our configure > behave on MacOS 10.7. Looks