Hi,
Stared at the code and tested with/without Citrix DME (which caused
crash) - code is now cleaner
(add/delete separation) and no crash anymore. Next we will fix the driver :)
Acked-by: Lev Stipakov
___
Openvpn-devel mailing list
Hi,
On Wed, Feb 1, 2023 at 6:56 AM Frank Lichtenheld
wrote:
> On Sat, Jan 28, 2023 at 05:34:21PM -0500, selva.n...@gmail.com wrote:
> > From: Selva Nair
> >
> > Signed-off-by: Selva Nair
> > ---
> > src/openvpn/cryptoapi.c | 44 +++--
> > 1 file changed,
From: Selva Nair
- Require xkey-provider (thus OpenSSL 3.01+) for --cryptoapicert
Note:
Ideally we should also make ENABLE_CRYPTOAPI conditional
on HAVE_XKEY_PROVIDER but that looks hard unless we can agree
to move HAVE_XKEY_PROVIDER to configure/config.h.
v2: use "binary" instead of
From: Selva Nair
- An item added to undo-list was not removed on error, causing
attempt to free again in Undo().
Also fix a memory leak possibility in the same context.
Github: fixes OpenVPN/openvpn#232
v2: Split add and delete functions and reuse the delete
function for cleanup.
>
>
> Also I replaced 0x%x with %u in win_block_dns_service() for
> consistency. You may want to do it in your patch too :)
>
We have at least another place where it's %x, so will leave that for
another day. btw, shouldn't it be %d?
Selva
___
Acked-by: Gert Doering
Does what it says on the lid, not much to test here :-)
Your patch has been applied to the master branch.
commit b2e49465e6b837d97ecb3a4edbc06aba00584381 (master)
commit c8e94242e31cf94a12f6e897191548be5c4893fe (release/2.6)
Author: Frank Lichtenheld
Date: Wed Feb 1
I haven't tested it yet, but will have a close look at the GH test
runs after I push this - the route.c fix hasn't been merged yet
(want to stare more at it) so the MacOS/ASAN build should trigger
something now... non-fatal, but red :-)
Your patch has been applied to the master and release/2.6
Your patch has been applied to the master and release/2.6 branch.
commit dc8f1f3963af8bce5e03c333dce9a0b252f6e1fd (master)
commit 3973845ea5bc3fdc15a158917d819b5e9bd92635 (release/2.6)
Author: Arne Schwabe
Date: Mon Jan 30 18:29:34 2023 +0100
Update LibreSSL to 3.7.0 in Github actions
This one is fairly straightforward. We had discussions on IRC if
we really need to make this network byte order ("the data in the token
is only for the server, nobody else needs to care") but then decided
that if someone wants to run a cluster of an intel + a s390 host,
they need to be compatible
Hi,
> Good point. I have a version that splits "add" and "delete" actions into
> separate functions and does something like this.
>
> Please take a look here:
> https://github.com/selvanair/openvpn/tree/block-dns-fix
> The add and delete functions are in that order (with a forward declaration)
Hi,
On Wed, Feb 1, 2023 at 4:37 AM Lev Stipakov wrote:
> Hi,
>
> I made a slightly different fix but then noticed your mail.
>
> Indeed the problem is that get/set_interface_metric fails,
> and we call FwpmEngineClose0 after updating the undo list. When
> openvpn process exits, we execute
overlapped_io_init() has a "bool tuntap_buffer" argument which is only
passed onwards to alloc_buf_sock_tun(), which does nothing with it.
Remove from both functions.
v2:
move alloc_buf_sock_tun() to win32.c
v3:
leave alloc_buf_sock_tun() where it is, and fix non-WIN32 call from socket.c
When reviweing OpenVPN/openvpn#231 I noticed this was
missing from Changes.rst.
Signed-off-by: Frank Lichtenheld
---
Changes.rst | 5 +
src/openvpn/options.c | 1 -
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/Changes.rst b/Changes.rst
index 4942a580..dc829032
On Sat, Jan 28, 2023 at 05:34:20PM -0500, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> - Require xkey-provider (thus OpenSSL 3.01+) for --cryptoapicert
>
> Note:
> Ideally we should also make ENABLE_CRYPTOAPI conditional
> on HAVE_XKEY_PROVIDER but that looks hard unless we can agree
On Sat, Jan 28, 2023 at 05:34:21PM -0500, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> Signed-off-by: Selva Nair
> ---
> src/openvpn/cryptoapi.c | 44 +++--
> 1 file changed, 12 insertions(+), 32 deletions(-)
>
> diff --git a/src/openvpn/cryptoapi.c
Hi,
I made a slightly different fix but then noticed your mail.
Indeed the problem is that get/set_interface_metric fails,
and we call FwpmEngineClose0 after updating the undo list. When
openvpn process exits, we execute commands in undo list,
and second call to FwpmEngineClose0 causes Access
16 matches
Mail list logo