Thanks, Selva for having an extra eye :-) - I asked for the feature, and
it works beautifully for me, but what do I understand about OpenSSL
internals... ("unsigned long" fixed on the fly).
Tried on FreeBSD 14 with OpenSSL 3 and a broken provider (which is what
triggered the whole thing):
$
On Fri, Aug 11, 2023 at 8:16 AM Arne Schwabe wrote:
> This also shows the extra data from the OpenSSL error function that
> can contain extra information. For example, the command
>
> openvpn --providers vollbit
>
> will print out (on macOS):
>
> OpenSSL: error:12800067:DSO support
On Mon, Jan 30, 2023 at 06:29:36PM +0100, Arne Schwabe wrote:
> The -fno-sanitize-recover=all flag ensures that for all errors we actually
> abort the tests in the automated testing and not just print some errors in red
> that nobody sess. Also add the undefined tests to catch more bugs.
>
> For
cron2 has uploaded a new patch set (#2) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/319?usp=email )
Change subject: route: Fix overriding return value of add_route3
..
route: Fix
Acked-by: Gert Doering
Yep, Coverity is right :-) - silly code. Fix is in the same style we
use elsewhere, so fine.
(The whole error handling on route addition is a bit wonky, but even
then we should not forget about errors)
Test compiled on Linux, just to be sure I did not overlook anything.
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/319?usp=email )
Change subject: route: Fix overriding return value of add_route3
..
route: Fix overriding return value of add_route3
The return value of
Acked-by: Gert Doering
No functional change, just clarifying "yes we know that this could
happen, but if it does, this is still well-defined".
Test compiled on Linux, just in case I overlooked something.
Your patch has been applied to the master and release/2.6 branch.
commit
Has taken us long enough...
Tested in the server threadmill (Linux), and on buildbot/GHA (all
the OSes). No explosions.
Also, stared a bit at the code, if Frank has overlooked anything,
just for completeness - haven't found anything :-)
Your patch has been applied to the master branch.
commit
Am 11.08.23 um 17:12 schrieb Gert Doering:
Hi,
generally good, but...
On Fri, Jul 28, 2023 at 02:40:05PM +0200, Frank Lichtenheld wrote:
index ..0620f638
--- /dev/null
+++ b/.github/workflows/coverity-scan.yml
@@ -0,0 +1,45 @@
+name: coverity-scan
+on:
+ schedule:
+- cron: '0 20
cron2 has uploaded a new patch set (#2) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/320?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by plaisthos
Change subject: options: Do not hide variables from parent scope
Hi,
generally good, but...
On Fri, Jul 28, 2023 at 02:40:05PM +0200, Frank Lichtenheld wrote:
> index ..0620f638
> --- /dev/null
> +++ b/.github/workflows/coverity-scan.yml
> @@ -0,0 +1,45 @@
> +name: coverity-scan
> +on:
> + schedule:
> +- cron: '0 20 * * *' # Daily at 20:00 UTC
>
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/317?usp=email )
Change subject: pkcs11_openssl: Disable unused code
..
pkcs11_openssl: Disable unused code
Coverity: CID 1539183 (#1 of 1): Structurally
cron2 has uploaded a new patch set (#2) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/317?usp=email )
The following approvals got outdated and were removed:
Code-Review+1 by selvanair
Change subject: pkcs11_openssl: Disable unused code
ACK from Selva in Gerrit (and Gerrit URL recorded in the commit).
Patch makes sense. Test compiled on Linux with --enable-pkcs11.
Your patch has been applied to the master and release/2.6 branch.
commit 38fbddc94596b6b2d8fa93a8bd0aca7dbb220def (master)
commit
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/320?usp=email )
Change subject: options: Do not hide variables from parent scope
..
options: Do not hide variables from parent scope
msglevel hides the
Patch in Gerrit (https://gerrit.openvpn.net/c/openvpn/+/320) and on
the list, ACK from Lev on the list. Test compiled on Linux.
Your patch has been applied to the master and release/2.6 branch.
commit f7c8cc092b8b6f5659cf8abd8d8624fc16f3dda2 (master)
commit
cron2 has uploaded a new patch set (#4) to the change originally created by
stipa. ( http://gerrit.openvpn.net/c/openvpn/+/321?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by flichtenheld
Change subject: Set WINS servers via interactice service
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/321?usp=email )
Change subject: Set WINS servers via interactice service
..
Set WINS servers via interactice service
At the moments WINS servers are set
NOTE: this is merging the v3 of the patch from Gerrit, which has an
ACK in gerrit
https://gerrit.openvpn.net/c/openvpn/+/321
there are some diffs from v1 to v2, and rebase context from v2 to v3,
but the gist of the patch is the same.
I have not tested this beyond "does it look safe wrt
This also shows the extra data from the OpenSSL error function that
can contain extra information. For example, the command
openvpn --providers vollbit
will print out (on macOS):
OpenSSL: error:12800067:DSO support routines::could not load the shared
On Thu, Aug 10, 2023 at 04:02:10PM +0200, Arne Schwabe wrote:
> The undefined behaviour USAN clang checker found this.
>
> This fix is a bit messy but so are the original structures.
>
> Patch v2: handle the fact we need to beyond the struct ifr
> correctly when mapping the result to
21 matches
Mail list logo