[Openvpn-devel] [PATCH] Improve shuffling algorithm of connection list

2024-11-15 Thread Hurukawa2121
--- Improve shuffling algorithm of connection list This patch implements the Fisher-Yates shuffle algorithm to ensure that all permutations of the connection target list are generated with equal probability, eliminating biases present in the previous shuffling method. In the Fisher-Yates algo

[Openvpn-devel] [PATCH] Improve shuffling algorithm of connection list

2024-11-15 Thread Hurukawa2121
From: Hurukawa2121 --- Improve shuffling algorithm of connection list This patch implements the Fisher-Yates shuffle algorithm to ensure that all permutations of the connection target list are generated with equal probability, eliminating biases present in the previous shuffling method. In

[Openvpn-devel] [PATCH] Improve shuffling algorithm of connection list

2024-11-15 Thread Hurukawa2121
--- Improve shuffling algorithm of connection list This patch implements the Fisher-Yates shuffle algorithm to ensure that all permutations of the connection target list are generated with equal probability, eliminating biases present in the previous shuffling method. In the Fisher-Yates alg

[Openvpn-devel] [PATCH] Improve shuffling algorithm of connection list

2024-11-15 Thread Hurukawa2121
From: Hurukawa2121 --- Improve shuffling algorithm of connection list This patch implements the Fisher-Yates shuffle algorithm to ensure that all permutations of the connection target list are generated with equal probability, eliminating biases present in the previous shuffling method. In

[Openvpn-devel] [PATCH] Improve shuffling algorithm of connection list

2024-11-15 Thread Hurukawa2121
From: Hurukawa2121 --- Improve shuffling algorithm of connection list This patch implements the Fisher-Yates shuffle algorithm to ensure that all permutations of the connection target list are generated with equal probability, eliminating biases present in the previous shuffling method. In

[Openvpn-devel] [PATCH] Improve shuffling algorithm of connection list

2024-11-15 Thread Hurukawa2121
From: Hurukawa2121 --- Improve shuffling algorithm of connection list This patch implements the Fisher-Yates shuffle algorithm to ensure that all permutations of the connection target list are generated with equal probability, eliminating biases present in the previous shuffling method. In

[Openvpn-devel] [M] Change in openvpn[master]: Use XOR instead of concatenation for calculation of IV from implicit IV

2024-11-15 Thread ordex (Code Review)
Attention is currently required from: cron2, flichtenheld, plaisthos. ordex has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/797?usp=email ) Change subject: Use XOR instead of concatenation for calculation of IV from implicit IV ..

[Openvpn-devel] [M] Change in openvpn[master]: Trigger renegotiation of data key if getting close to the AEAD usage ...

2024-11-15 Thread plaisthos (Code Review)
Attention is currently required from: cron2, flichtenheld. Hello flichtenheld, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/796?usp=email to look at the new patch set (#4). Change subject: Trigger renegotiation of data key if getting close to the

[Openvpn-devel] [M] Change in openvpn[master]: Use XOR instead of concatenation for calculation of IV from implicit IV

2024-11-15 Thread plaisthos (Code Review)
Attention is currently required from: cron2, flichtenheld, ordex. Hello flichtenheld, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/797?usp=email to look at the new patch set (#4). Change subject: Use XOR instead of concatenation for calculation of

[Openvpn-devel] [L] Change in openvpn[master]: Implement methods to generate and manage OpenVPN Epoch keys

2024-11-15 Thread plaisthos (Code Review)
Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/804?usp=email to look at the new patch set (#4). Change subject: Implement methods to generate and manage OpenVPN Epoch keys

[Openvpn-devel] [L] Change in openvpn[master]: Implement HKDF expand function based on RFC 8446

2024-11-15 Thread plaisthos (Code Review)
Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/798?usp=email to look at the new patch set (#4). Change subject: Implement HKDF expand function based on RFC 8446 ...

[Openvpn-devel] [L] Change in openvpn[master]: Implement epoch key data format

2024-11-15 Thread plaisthos (Code Review)
Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/806?usp=email to look at the new patch set (#4). Change subject: Implement epoch key data format

Re: [Openvpn-devel] Subject: OpenVPN Client Vulnerability - TLS Key Negotiation Timeout Leading to DoS (Black Box Pentest)

2024-11-15 Thread Arne Schwabe
Am 15.11.24 um 13:37 schrieb נתי שטרן: ‫בתאריך יום ו׳, 15 בנוב׳ 2024 ב-14:31 מאת נתי שטרן <‪nsh...@gmail.com ‬‏>:‬ Is it cve/vdp? Whether it is or not, I would appreciate it if you could guide me on how to develop a patch that will close the aforementione

Re: [Openvpn-devel] Subject: OpenVPN Client Vulnerability - TLS Key Negotiation Timeout Leading to DoS (Black Box Pentest)

2024-11-15 Thread David Sommerseth via Openvpn-devel
On 15/11/2024 13:37, נתי שטרן wrote: ‫בתאריך יום ו׳, 15 בנוב׳ 2024 ב-14:31 מאת נתי שטרן <‪nsh...@gmail.com ‬‏>:‬ Is it cve/vdp? Whether it is or not, I would appreciate it if you could guide me on how to develop a patch that will close the aforementioned

Re: [Openvpn-devel] Subject: OpenVPN Client Vulnerability - TLS Key Negotiation Timeout Leading to DoS (Black Box Pentest)

2024-11-15 Thread נתי שטרן
Thank you! ‫בתאריך יום ו׳, 15 בנוב׳ 2024 ב-15:28 מאת ‪David Sommerseth‬‏ <‪ dazo+open...@eurephia.org‬‏>:‬ > On 15/11/2024 13:37, נתי שטרן wrote: > > > > > > ‫בתאריך יום ו׳, 15 בנוב׳ 2024 ב-14:31 מאת נתי שטרן <‪nsh...@gmail.com > > ‬‏>:‬ > > > > Is it cve/vdp? > >

[Openvpn-devel] [M] Change in openvpn[master]: Use XOR instead of concatenation for calculation of IV from implicit IV

2024-11-15 Thread plaisthos (Code Review)
Attention is currently required from: cron2, flichtenheld, ordex. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/797?usp=email ) Change subject: Use XOR instead of concatenation for calculation of IV from implicit IV ..

Re: [Openvpn-devel] Subject: OpenVPN Client Vulnerability - TLS Key Negotiation Timeout Leading to DoS (Black Box Pentest)

2024-11-15 Thread נתי שטרן
‫בתאריך יום ו׳, 15 בנוב׳ 2024 ב-14:31 מאת נתי שטרן <‪nsh...@gmail.com‬‏>:‬ > Is it cve/vdp? > Whether it is or not, I would appreciate it if you could guide me on how > to develop a patch that will close the aforementioned loophole > > > thanks, > > Netanel > > ‫בתאריך יום ה׳, 14 בנוב׳ 2024 ב-23:4

[Openvpn-devel] [M] Change in openvpn[master]: Use XOR instead of concatenation for calculation of IV from implicit IV

2024-11-15 Thread plaisthos (Code Review)
Attention is currently required from: cron2, flichtenheld, ordex. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/797?usp=email ) Change subject: Use XOR instead of concatenation for calculation of IV from implicit IV ..

[Openvpn-devel] [M] Change in openvpn[master]: Use XOR instead of concatenation for calculation of IV from implicit IV

2024-11-15 Thread ordex (Code Review)
Attention is currently required from: cron2, flichtenheld, plaisthos. ordex has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/797?usp=email ) Change subject: Use XOR instead of concatenation for calculation of IV from implicit IV ..