On 24/02/2017 16:10, Steffan Karger wrote:
> Hi,
>
> On 24-02-17 22:28, James Yonan wrote:
>> On 24/02/2017 02:40, Steffan Karger wrote:
>>> On 23-02-17 22:41, James Yonan wrote:
On 23/02/2017 01:22, Steffan Karger wrote:
> On 22-02-17 19:48, James Yonan wrote:
>> mbedTLS 2 has a new
The env_set_add_to_environmenti() and env_set_remove_from_environment()
functions where not used in the code at all and they would cause an
ASSERT() in setenv_str_ex() later on, as it would not allow the
struct env_set *es pointer to be NULL (misc.c:807).
Signed-off-by: David Sommerseth
---
src/
When the auth-token option is pushed from the server to the client,
the latter has to ignore the auth-nocache directive (if specified).
The password will now be substituted by the unique token, therefore
it can't be wiped out, otherwise the next renegotiation will fail.
Trac: #840
Cc: David Somme
Hi,
On 24-02-17 22:28, James Yonan wrote:
> On 24/02/2017 02:40, Steffan Karger wrote:
>> On 23-02-17 22:41, James Yonan wrote:
>>> On 23/02/2017 01:22, Steffan Karger wrote:
On 22-02-17 19:48, James Yonan wrote:
> mbedTLS 2 has a new feature that allows rejection of certificates if the
>
Christian Hesse on Fri, 2017/02/24 13:13:
> Christian Hesse on Thu, 2017/02/23 21:57:
> > Built v3 against openssl 1.0.2k without issues, tests succeed and two
> > instanced successfully established vpn connection (with server version
> > 2.3.12 and 2.4.0).
>
> Just tested a server instance wi
On 24/02/2017 02:40, Steffan Karger wrote:
> On 23-02-17 22:41, James Yonan wrote:
>> On 23/02/2017 01:22, Steffan Karger wrote:
>>> On 22-02-17 19:48, James Yonan wrote:
mbedTLS 2 has a new feature that allows rejection of certificates if the
key size is too small or the signing hash is
Patch has been applied to the master and release/2.4 branch.
As ordered, '||' have been moved to pos_arith=lead, and the tab
has been extabinated.
commit 22c5381b71710ad0e1dbbccc1d5680fccb602311 (master)
commit 2085c1f3875b9c96ac739941712247b805677efa (release/2.4)
Author: Gert Doering
Date: F
Hi,
On 24-02-17 14:52, Gert Doering wrote:
> To test whether a server is reachable and all the key handling is
> right, openvpn can connect with "--dev null --ifconfig-noexec" to
> avoid needing to the client with elevated privileges.
>
> This was erroring out for no good reason (because the "set
Hi,
On Fri, Feb 24, 2017 at 04:32:14PM +0200, Samuli Seppänen wrote:
> On 24/02/2017 15:52, Gert Doering wrote:
> > To test whether a server is reachable and all the key handling is
> > right, openvpn can connect with "--dev null --ifconfig-noexec" to
> > avoid needing to the client with elevated
Hi,
On 24/02/2017 15:52, Gert Doering wrote:
> To test whether a server is reachable and all the key handling is
> right, openvpn can connect with "--dev null --ifconfig-noexec" to
> avoid needing to the client with elevated privileges.
There seems to be a typo here. Did you mean "to avoid needin
To test whether a server is reachable and all the key handling is
right, openvpn can connect with "--dev null --ifconfig-noexec" to
avoid needing to the client with elevated privileges.
This was erroring out for no good reason (because the "set environment
variables appropriately" code didn't know
ACK. See, I'm totally pro-systemd (today)!!
Your patch has been applied to the master and release/2.4 branch.
commit b13bc6c9570e00d12e26bb3b8e5bf9bdb0b16eff (master)
commit 4c241acc67c1d6b42dbe1f6199c75d9f7f228ac2 (release/2.4)
Author: Christian Hesse
Date: Fri Feb 24 13:22:52 2017 +0100
From: Christian Hesse
Signed-off-by: Christian Hesse
---
src/openvpn/init.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index ff1551e..7da0061 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -567,7 +567,7 @@ context_ini
Christian Hesse on Thu, 2017/02/23 21:57:
> Built v3 against openssl 1.0.2k without issues, tests succeed and two
> instanced successfully established vpn connection (with server version
> 2.3.12 and 2.4.0).
Just tested a server instance with ancient client (version 2.1.4). Works as
well.
I will
On 23-02-17 22:41, James Yonan wrote:
> On 23/02/2017 01:22, Steffan Karger wrote:
>> On 22-02-17 19:48, James Yonan wrote:
>>> mbedTLS 2 has a new feature that allows rejection of certificates if the
>>> key size is too small or the signing hash is weak.
>>>
>>> The feature is controlled via struc
15 matches
Mail list logo
