Re: [Openvpn-devel] [PATCH] multi.c: Allow floating to a new IP right after connection setup

Am 25.06.25 um 15:30 schrieb Walter Doekes: Good. I backported the patch so it ran against the culprit version (b3647114). I got these mesages: SENT CONTROL [mycommonname]: 'PUSH_REPLY,route ... 255.255.255.255 net_gateway,route-gateway 10.x.x.1,topology subnet,ping 15,ping-restart 55,route

[Openvpn-devel] [S] Change in openvpn[master]: Added PQE to WolfSSL

Attention is currently required from: comododragon, flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1046?usp=email ) Change subject: Added PQE to WolfSSL .. Patch Set 5: Code

[Openvpn-devel] [S] Change in openvpn[master]: Added PQE to WolfSSL

Attention is currently required from: comododragon, flichtenheld, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1046?usp=email ) Change subject: Added PQE to WolfSSL .. Patch Set

[Openvpn-devel] [XS] Change in openvpn[master]: dco linux: avoid sending local port to ovpn

cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/1068?usp=email ) Change subject: dco linux: avoid sending local port to ovpn .. dco linux: avoid sending local port to ovpn When sending an OVPN_CMD_NEW_P

[Openvpn-devel] [XS] Change in openvpn[master]: dco linux: avoid sending local port to ovpn

cron2 has uploaded a new patch set (#2) to the change originally created by ralf_lici. ( http://gerrit.openvpn.net/c/openvpn/+/1068?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by ordex Change subject: dco linux: avoid sending local port to ovpn .

[Openvpn-devel] [PATCH applied] Re: dco linux: avoid sending local port to ovpn

I have tested this on Linux + DCO "client side" (which should not excercise this code path at all, so "no change") and have set up a server instance that has "--multihome" in the config - and as expected, the current code fails 2025-06-25 18:37:44 us=736543 freebsd-74-amd64/udp6:194.97.140.3:51620

[Openvpn-devel] [PATCH v1] dco linux: avoid sending local port to ovpn

From: Ralf Lici When sending an OVPN_CMD_NEW_PEER netlink message to ovpn, we currently attempt to include the local port along with the local address. However, `dco_multi_get_localaddr()` does not record the port, so we end up sending a zero value. This zero is rejected by ovpn's netlink policy,

Re: [Openvpn-devel] [PATCH] multi.c: Allow floating to a new IP right after connection setup

Good. I backported the patch so it ran against the culprit version (b3647114). I got these mesages: SENT CONTROL [mycommonname]: 'PUSH_REPLY,route ... 255.255.255.255 net_gateway,route-gateway 10.x.x.1,topology subnet,ping 15,ping-restart 55,route 10.x.x.0 255.255.0.0 vpn_gateway,ifconfig 10.x

[Openvpn-devel] [S] Change in openvpn[master]: Added PQE to WolfSSL

Attention is currently required from: cron2, flichtenheld, plaisthos. comododragon has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1046?usp=email ) Change subject: Added PQE to WolfSSL .. Patch Set

[Openvpn-devel] [XS] Change in openvpn[master]: dco linux: avoid sending local port to ovpn

Attention is currently required from: flichtenheld, plaisthos, ralf_lici. ordex has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1068?usp=email ) Change subject: dco linux: avoid sending local port to ovpn ...

[Openvpn-devel] [XS] Change in openvpn[master]: dco linux: avoid sending local port to ovpn

Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/1068?usp=email to review the following change. Change subject: dco linux: avoid sending local port to ovpn ...

Re: [Openvpn-devel] [PATCH] multi.c: Allow floating to a new IP right after connection setup

Am 25.05.25 um 22:27 schrieb Walter Doekes: Good. Your understanding of the situation is the same. I did not yet make a reproducer config -- mostly because I don't think we're doing anything non-standard. But I did double check that latest 2.6 is affected, tested both client and server. With

[Openvpn-devel] [S] Change in openvpn[master]: Added PQE to WolfSSL

Attention is currently required from: comododragon, cron2, flichtenheld. Hello cron2, flichtenheld, plaisthos, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/1046?usp=email to look at the new patch set (#4). The following approvals got outdated and w

[Openvpn-devel] [M] Change in openvpn[master]: Check message-id too when doing sessionid cookie

Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/1067?usp=email to review the following change. Change subject: Check message-id too when doing sessionid cookie

[Openvpn-devel] [S] Change in openvpn[master]: Added PQE to WolfSSL

Attention is currently required from: comododragon, cron2, flichtenheld. Hello cron2, flichtenheld, plaisthos, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/1046?usp=email to look at the new patch set (#5). Change subject: Added PQE to WolfSSL

[Openvpn-devel] [XS] Change in openvpn[master]: fix macOS dns-updown handling of parallel full redirects

Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/1066?usp=email to review the following change. Change subject: fix macOS dns-updown handling of parallel full

[Openvpn-devel] [M] Change in openvpn[master]: run forced --dns-updown without --script-security

Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/1065?usp=email to review the following change. Change subject: run forced --dns-updown without --script-securi