Re: [Openvpn-devel] [PATCH v2] Add deferred authentication support to plugin-auth-pam

Hi, On Tue, Jul 14, 2020 at 01:47:06PM -0400, Selva Nair wrote: > Sorry for the long delay in getting back to this.. A few minor > nitpicks on style follows: Thanks for the review. Indeed, my style fu was sort of absent when I wrote this :-) (it's "mgetty+sendfax" style, with "I must remember to

Re: [Openvpn-devel] [PATCH v2] Add deferred authentication support to plugin-auth-pam

Hi, Sorry for the long delay in getting back to this.. A few minor nitpicks on style follows: On Tue, Jun 23, 2020 at 5:29 AM Gert Doering wrote: > > If OpenVPN signals deferred authentication support (by setting > the internal environment variables "auth_control_file" and > "deferred_auth_pam")

[Openvpn-devel] [PATCH applied] Re: client-connect: Refactor multi_client_connect_source_ccd

Your patch has been applied to the master branch. Tested on the server side framework (though I still do not have a ccd/DEFAULT file set up...) - it's not breaking anything unexpected, and the change "should" not break DEFAULT. Rewrapped as discussed on the list (... I have the itch to go through

[Openvpn-devel] [PATCH applied] Re: Added support for DHCP option 119 (dns search suffix list) for Windows. As of Windows 10 1809 Windows finally supports this so it makes sense to add support to Open

Acked-by: Gert Doering Yay :-) (I have reviewed it once again, and tested on my Win10 VM, and it still works!) Your patch has been applied to the master branch. I have reformatted and extended the commit message to give more details on what you did and what it can and can not do. commit 78359

Re: [Openvpn-devel] [PATCH v5 08/14] client-connect: Add CC_RET_DEFERRED and cope with deferred client-connect

Hi, On 11/07/2020 11:36, Arne Schwabe wrote: > From: Fabian Knittel > > This patch moves the state, that was previously tracked within the > multi_connection_established() function, into struct client_connect_state. > The > multi_connection_established() function can now be exited and re-enter

Re: [Openvpn-devel] [PATCH v5 07/14] client-connect: Change cas_context from int to enum

Hi, On 11/07/2020 11:36, Arne Schwabe wrote: > This deviates from Fabian's original patch that relied on the now > removed connection_established bool as pointer being NULL or non NULL as > implicit third state and makeing connection_established as a substate of > (cas_context == CAS_PENDING) > >

Re: [Openvpn-devel] [PATCH v5 06/14] client-connect: Refactor client-connect handling to calling a bunch of hooks in a loop

Hi, On 11/07/2020 11:36, Arne Schwabe wrote: > From: Fabian Knittel > > This patch changes the calling of the client-connect functions into an array > of hooks and a block of code that calls them in a loop. > > Signed-off-by: Fabian Knittel > Signed-off-by: Arne Schwabe > > Patch V5: Rebase

Re: [Openvpn-devel] [PATCH v5 05/14] client-connect: Refactor to use return values instead of modifying a passed-in flag

Hi, On 11/07/2020 11:36, Arne Schwabe wrote: > From: Fabian Knittel > > This patch changes the way the client-connect helper functions communicate > with > the main function. Instead of updating cc_succeeded and cc_succeeded_count, > they now return either CC_RET_SUCCEEDED, CC_RET_FAILED or CC

[Openvpn-devel] [PATCH] [V5] Added support for DHCP option 119 (dns search suffix, list) for Windows. As of Windows 10 1809 Windows finally supports this so it, makes sense to add support to OpenVPN a

Hi, On 11/07/20 12:44, Gert Doering wrote: On Fri, Jul 10, 2020 at 06:42:18PM +0200, Jan Just Keijser wrote: On 08/07/20 10:24, Gert Doering wrote: Can I have a v4, please? :-) V4: Okay, here we go... thanks for the review, I incorporated your suggestions and comments almost verbatim ;) Se

Re: [Openvpn-devel] [PATCH v5 04/14] client-connect: Move multi_client_connect_setenv into early_setup

Hi, On 11/07/2020 11:36, Arne Schwabe wrote: > From: Fabian Knittel > > This patch moves multi_client_connect_setenv into > multi_client_connect_early_setup and makes sure that every client-connect > handling function updates the virtual address selection. > > Background: This unifies how the c

Re: [Openvpn-devel] [PATCH v5 03/14] client-connect: Refactor multi_client_connect_source_ccd

Hi, On 11/07/2020 11:36, Arne Schwabe wrote: > From: Fabian Knittel > > Refactor multi_client_connect_source_ccd(), so that options_server_import() > (or > the success path in general) is only entered in one place within the function. > > Signed-off-by: Fabian Knittel > > Patch V5: Simplify

[Openvpn-devel] [PATCH applied] Re: client-connect: Split multi_connection_established into separate functions

Your patch has been applied to the master branch. I have fixed typo and grammar in the commit message as requested, and re-wrapped the commit message a bit. Tested yesterday with a "full t_client and t_server" test with no issues. commit 0c8c50ca93392e1d0534ac35637899e0017863b9 Author: Fabian Kn

Re: [Openvpn-devel] [PATCH v5 02/14] client-connect: Split multi_connection_established into separate functions

Hi, On 11/07/2020 11:36, Arne Schwabe wrote: > From: Fabian Knittel > > This patch splits up the multi_connection_established() function. Each new > helper function does a specific job. Functions that do a similar job receive > a > similar calling interface. > > The patch tries not to reinde

Re: [Openvpn-devel] [PATCH 1/3] Drop support for OpenSSL 1.0.1

> > Also, there's some export_keying_material and "security level" related > #ifdefs that look liek they can go now. Just git grep for "0x10001" and > "1\.0\.1" in the code and you'll see. I missed that, will update the patch accordingly. > Finally, did you check openssl_compat.h to see of we c

Re: [Openvpn-devel] [PATCH 1/3] Drop support for OpenSSL 1.0.1

Hi, Feature-ACK for sure. Some comments below. On 13-07-2020 11:46, Arne Schwabe wrote: > OpenSSL 1.0.1 was supported until 2016-12-31. Rhel6/Centos6 still > use this version but considering that RHEL7 and RHEL8 are already > out, these versions can also stay with OpenVPN 2.4. > > All the suppor