Hi,
On Thu, Jun 06, 2024 at 01:33:24PM +0200, Gert Doering wrote:
> As instructed I have removed the "and fallback requested" part
> from the comment where "fallback" was removed from the code.
>
> Your patch has been applied to the master branch.
>
> commit 13ee7f902f18e27b981f8e440facd2e6515c6
Am Donnerstag, 6. Juni 2024 um 13:34:27 MESZ hat Gert Doering
Folgendes geschrieben:
> Thanks, Selva, for the review.
>
> I have not tested this beyond "does it make GH actions happy",
> "does it build on the local mingw setup" (it does) and "does
> the code look generally safe wrt memory etc"
Hi,
On Thu, Jun 06, 2024 at 05:23:31PM +0400, Dmitry Melekhov wrote:
> redirect-gateway def1 block-local
>
> also apply block-outside-dns ?
"everything" includes DNS, so, yes.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a comput
06.06.2024 16:23, Gert Doering пишет:
Hello!
We used to have
block-outside-dns
to prevent Windows from doing DNS lookups "around the VPN" - the main
intent of this was "make sure split DNS works", but a side effect has
also been "avoid DNS leaks".
Heiko has now extended this code to be ab
Hi,
On Thu, Jun 06, 2024 at 02:23:33PM +0200, Gert Doering wrote:
> Now - this code has been merged into "git master", and installers
> are here:
>
>https://github.com/OpenVPN/openvpn-build/actions/runs/9391365526?pr=641
>
> (bottom of the page, "Artifacts", .zip files with a .msi inside).
uddr has abandoned this change. (
http://gerrit.openvpn.net/c/openvpn/+/661?usp=email )
Change subject: Test: please ignore
..
Abandoned
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/661?usp=email
To unsubscribe, or f
Hi,
we have new code in master that helps with the "TunnelCrack" and
"TunnelVision" attacks, that is, packets intended to go into the
VPN being leaked away by means of a malicious DHCP server (= routing
points outside the tunnel, so packets never hit OpenVPN).
We used to have
block-outside-dns
Gerrit is back.
Please, anyone who made pushes to Gerrit today or yesterday, check and re-push
if any are missing in Gerrit.
Sorry for inconvenience.
> On Jun 6, 2024, at 12:02, Yuriy Darnobyt wrote:
>
> Hello,
>
> Yesterday Gerrit was updated to the new version.
> That didn't go well.
> Integ
cron2 has uploaded a new patch set (#3) to the change originally created by
ssbssa. ( http://gerrit.openvpn.net/c/openvpn/+/621?usp=email )
Change subject: Implement Windows CA template match for Crypto-API selector
..
Implemen
Attention is currently required from: flichtenheld, plaisthos, stipa.
its_Giaan has uploaded a new patch set (#7) to the change originally created by
d12fk. ( http://gerrit.openvpn.net/c/openvpn/+/489?usp=email )
Change subject: Windows: enforce 'block-local' with WFP filters
..
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/489?usp=email )
Change subject: Windows: enforce 'block-local' with WFP filters
..
Windows: enforce 'block-local' with WFP filters
In an attempt to better
Attention is currently required from: cron2, flichtenheld, plaisthos.
its_Giaan has uploaded a new patch set (#3) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/642?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by plai
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/621?usp=email )
Change subject: Implement Windows CA template match for Crypto-API selector
..
Implement Windows CA template match for Crypto-API selector
Attention is currently required from: cron2, its_Giaan, plaisthos.
its_Giaan has uploaded a new patch set (#2) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/641?usp=email )
Change subject: test_user_pass: Fix building with --enable-systemd
...
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/642?usp=email )
Change subject: LZO: do not use lzoutils.h macros
..
LZO: do not use lzoutils.h macros
Instead of lzo_{free,malloc} we can just use the
fr
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/641?usp=email )
Change subject: test_user_pass: Fix building with --enable-systemd
..
test_user_pass: Fix building with --enable-systemd
Need to make sure
Thanks, Selva, for the review.
I have not tested this beyond "does it make GH actions happy",
"does it build on the local mingw setup" (it does) and "does
the code look generally safe wrt memory etc" (it does).
As instructed I have removed the "and fallback requested" part
from the comment where
Attention is currently required from: flichtenheld, plaisthos.
Hello plaisthos, flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/661?usp=email
to review the following change.
Change subject: Test: please ignore
From: Heiko Wundram
The certificate selection process for the Crypto API certificates
is currently fixed to match on subject or identifier. Especially
if certificates that are used for OpenVPN are managed by a Windows CA,
it is appropriate to select the certificate to use by the template
that it
Hello,
Yesterday Gerrit was updated to the new version.
That didn't go well.
Integration with Buildbot checks is broken.
I decided to revert the update from the backup.
Will let you know once it is done.
Sorry for inconvenience.
Best,
Yuriy Darnobyt
20 matches
Mail list logo
