t
git or svn or cvs or...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
Hi,
On Wed, Jan 27, 2010 at 09:32:05PM +1300, Jason Haar wrote:
> On 01/27/2010 09:17 PM, Gert Doering wrote:
> > Is this a single server listening on both ports, or is this two independent
> > servers?
>
> server running openvpn on tcp:1195 and udp:1195
So it's
ing this job, I will step aside and let others do this
> job. No hard feelings :) But as I've not seen or heard about anyone
> stepping up yet, so I take the chance of doing that now.
Thanks for volunteering!
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
forward to see what I did wrong :)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
#if 0
>/* export common name string as environmental variable */
>openvpn_snprintf (envname, sizeof(envname), "tls_common_name_%d",
> ctx->error_depth);
> --
> 1.6.6
>
>
> --------
and whether something
should be done in a fundamentally different way.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax:
would be "leave
the code as it is, merge jjo's code, and then revisit what he already
had to change for IPv6 connection handling". If gethostbyname() is still
there, come back and make this lookup function v4- and v6-capable, and
implement FQDN routes for IPv6 :-)
gert
--
USENET is *no
that it should be that way, or should not be that
way, it's not something brought in by the patch in question, so should
not be covered by its review.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
;if the argument does
not start with a "/", treat as CN - but as you said, this is just a
sample script anyway).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany
e non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
f #ifdef'ing changes that affect so many
different places of the code (JJO's patch has 109 chunks, my patch
has 119 chunks) because it will make the code much harder to read, and
also harder to test ("how many different combinations of compile-time
options need to be ena
27;t break anything in my code, though
(lucky me :-) ) - my use of it in print_in6_addr() is mutex-locked anyway,
due to the use of a static buffer there.
Is getnameinfo() *guaranteed* to be thread-safe?
Do you have a reference that documents that inet_ntop() and inet_pton()
are unsave to be
tie-breaker here :-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
in circumstances)
and it doesn't break current usage.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-3565
CK.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
s-family independent functions (like getaddrinfo()) for
10 years now, so this would break more applications.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
er all, the summary is only my personal interpretation of the discussion.
No objections. It's an open discussion after all.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Ger
Hi,
On Fri, Feb 19, 2010 at 08:33:04PM +0100, Gert Doering wrote:
> > [uclibc without UCLIBC_HAS_IPV6]
>
> I have to investigate.
And so I did. The impact of UCLIBC_HAS_IPV6=0 is fairly low:
- getaddrinfo() will not resolve IPv6 addresses (but *will* be available)
- the exte
16 bytes of static data.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
le part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
ct applying it over
> allmerged once the latter includes ipv6_transport.
Shouldn't git sort this out, if it's exactly the same change?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doerin
Hi,
On Sun, Feb 21, 2010 at 09:03:11PM +0100, Peter Stuge wrote:
> Gert Doering wrote:
> > I'll try to figure out how to setup a cross-compile environment
> > during next week,
>
> Some Linux distributions have premade mingw packages.
>
> In Gentoo building a
RC...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
ge conflict with another patch in this line (like "introduce
version 4" or so), and so I'd avoid changes that are purely cosmetic in
a "feature" patch.
gert
--
USENET is *not* the non-clickable part of WWW!
ely not sending a patch right now, because I don't understand
the reason for the code being what it is.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
us need for it.
-> ACK.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
27;ll send in a patch that drops the
duplicate bits. The tun.c code is still hard enough to read...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...
n the svn logs who did the MacOS X port
and check with him...)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
fix this one when merging it into the git tree, is that
> good enough for you, Gert?
Yes, I'm fine with that.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany
}
+
+ /* make sure PATH is set */
+ if ( !path_seen )
+ {
+ msg( M_INFO, "env_block: add %s", force_path );
+ strcpy( p, force_path );
+ p += strlen(force_path) + 1;
}
+
*p = '\0';
return
de in my branch, of course,
so please pull that to feat_ipv6_payload as well :-) - mostly code cleanups,
and Win32 preparations)
thanks,
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Mun
Hi,
to follow up on this...
On Sun, Feb 21, 2010 at 09:14:16PM +0100, Gert Doering wrote:
> On Sun, Feb 21, 2010 at 09:03:11PM +0100, Peter Stuge wrote:
> > Gert Doering wrote:
> > > I'll try to figure out how to setup a cross-compile environment
> > > durin
tem and could test the
OpenVPN IPv6 payload stuff there?)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
fects 58 (!) places in the source.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
use issues on some platforms.
(Don't put the tmp_file condition into the surrounding if(), as it
would then skip the call to gc_free() as well).
With that change, and a manpage documentation of the new option, ACK.
gert
--
USENET is *not* the non-clickable part of WWW!
nsions of the peer certificate
> - delta CRL verification
> - ...
ACK.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
package) are going extremely slowly and others not.
TCP_NODELAY
David has already suggested that you should try setting
"socket-flags TCP_NODELAY"
- did you?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.
, but not for VPN-like traffic)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
Hi,
On Fri, Mar 05, 2010 at 09:42:23AM +0100, Heiko Hund wrote:
> On Sunday 28 February 2010 15:50:01 Gert Doering wrote:
> > Now, for all operatings systems *except* Win32 and OpenBSD, the sequence
> > of execution is
> >
> > open_tun()
> > do_ifconfig()
g through the socket code of OpenVPN is fairly
far down on my "what to do with OpenVPN in my spare time" list.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germa
Hi,
On Fri, Mar 05, 2010 at 11:44:28AM +0100, Heiko Hund wrote:
> On Friday 05 March 2010 10:11:51 Gert Doering wrote:
> > What happened exactly? Could you ask your colleague for a log file?
>
> Well, he couldn't ping any remote host. Nothing special in the log, reall
logic. I'll send the
patch to the list for testing.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
Hi,
On Sun, Feb 28, 2010 at 11:23:26PM +0100, Gert Doering wrote:
> to follow up on this...
Next round of "do things on windows" :-)
> [ TUN / TAP driver on windows ]
>
> Now... is there someone who has worked on this before, and can help
> me a bit with it?
Hi,
On Sun, Mar 07, 2010 at 09:47:17PM +0100, Peter Stuge wrote:
> Gert Doering wrote:
> > -!define PRODUCT_TAP_RELDATE "06/22/2009"
> > +!define PRODUCT_TAP_RELDATE "07/03/2010"
>
> Seems month/date are swapped.
Stupid american
g to the code that does neighbor discovery / neighbor
advertisement spoofing, so it's visible in the logs what happens and
why.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany
tem.
I'm not saying it can't be done :-) - but just that the "simple way"
is not so simple, it's just complex in other places.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doeri
ns as with IPv4.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
> configure OpenVPN.
Seconded.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025
VPN wants to be friendly to the users, and give them an option
to do DHCP-on-TAP without(!) having to fiddle with their local network
setup.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich,
S X
and Window - and it's not OpenVPN's job to fix the local equivalent of
ifplugd on each of these systems. OpenVPN's aim is to provide an
easy-to-use VPN environment for people that do not want to endlessly
fiddle with operating system settings.
gert
--
USENET is *not* t
=-2.6 required=7.0 tests=BAYES_00 autolearn=no
version=3.2.5
From: Ben Bird
To: Gert Doering
Subject: Re: [PATCH] IPv6 support for TUN/TAP driver on windows
List-Post: [email protected]
Date: Thu, 11 Mar 2010 16:45:24 -0700
Reply-To: [email protected]
In-Reply-To
led packages work perfectly well...)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
navoidable for required functionality, see ipv6 payload vs. ipv6 transport).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
n out though :)
Given the amount of religous discussions about OpenSource stuff, this
is a very reasonable point of view ;-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany
sn't work "as is", as it requires a signed
driver.
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
pgpxZVlmr0KDP.pgp
Description: PGP signature
ls.
(If I increase the log verbosity to "verb 9", lots of stuff is going
on, but nothing in there that gives any indication of signals being
received)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.
ges (which is an important bit).
When running openvpn.exe from the "cmd.exe" command line, it does not matter
which binary I am using - "ctrl-c" never does anything, and "F4" always
causes a clean shutdown.
Weird, this.
gert
--
USENET is *not* the non-clickable part o
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
ms supports
64 bit - and fallback to 32 bit where it is not possible.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
ntain the
> complete ./configure line which was used when configuring the package
> for building.
A bit late, but "looks good to me" (and useful, too :) ). ACK.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.m
smissions) on a different VID.
So you can't rely on "VID 1 = untagged".
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie
n in real-world scenarios).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
to
non-existant files (like "-> /etc/nologin").
It *will* protect against symlink attacks to existing files (overwriting
/etc/passwd or something similarily nasty).
gert
--
USENET is *not* the non-clickable part of WWW!
//w
ame is a symbolic link, open() will fail
even if the symbolic link points to a non-existent name.
- so please disregard my comment. Everything is fine.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Ger
able part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
n.
Overall, this looks good to me (with the additional changes by Fabian
and you). So ACK.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@g
is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
affect the
Solaris-specific part of tun.c.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025
o
"my" tun.c, and commit to the IPv6 payload branch. (Will take a few
days...)
If someone urgently needs TAP support for Solaris later on, but refuses
to use the IPv6 stuff, we can still sort out what to do then.
gert
--
USENET is *not* the non-clickable part of WWW!
unduly overhead. (Of course, down that road is hell and windows vista).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
w value is %s/%d").
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
orrect size. Defensive coding, less surprises
later on.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
rom an 'application
> controlled' adapter .
I'd assume that windows services are not "bound" to "dynamic" interfaces...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Ger
ch (which David will have "soonish" :) ) would be great as well.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
f
Hi,
On Wed, Jun 23, 2010 at 10:50:45PM +0300, Henno Täht wrote:
> On Wed, Jun 23, 2010 at 22:48, Gert Doering wrote:
> > On Wed, Jun 23, 2010 at 09:10:10AM +0200, Jan Just Keijser wrote:
> > > assigns a 169.254 address. If this works for you as well then maybe the
> > &g
he wiki)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
Hi,
On Sun, Jun 27, 2010 at 05:13:35PM +0200, Gert Doering wrote:
> as promised a few weeks ago at the IRC meeting, I've sat down and built
> an OpenVPN-devel package (based on ecrist's weekly tar balls, which
> in come from dazo's git tree).
>
> I've
oesn't work for OpenBSD, I need to see the parts from your
config.log relating to
gert
-- snip ----
Signed-off-by: Gert Doering
---
configure.ac |3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/configure.ac b/configure.ac
index 4626e46..
Hi,
On Fri, Jul 09, 2010 at 10:31:02AM +0200, Gert Doering wrote:
> the following patch fixes the IFF_MULTICAST compile-time problems on NetBSD,
> and it should also fix them on OpenBSD (trac entry #17).
This would have been too easy... on NetBSD, can be
include before (which the or
y TODO list :-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
pgpo5NBI3dkaX.pgp
Description: PGP signature
all "major" platforms supported by
OpenVPN and generally gets the job done :-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
the mailing list as well to get review.
Well, here you are :-)
gert
>From e1f41b55a294c4f70a72d02e77aca140ac10a3a3 Mon Sep 17 00:00:00 2001
From: Gert Doering
List-Post: [email protected]
Date: Sun, 8 Aug 2010 12:34:00 +0200
Subject: [PATCH] implement IPv6 ifconfig +
t_client.rc).
- this is neither finished nor pretty, but it helps me a *lot* in
quickly testing whether I broke anything when fiddling system-dependent
code (tun.c, route.c) across multiple build hosts - so I hope this
is going to be fairly useful to Samuli and the buildbot :-)
enjoy
Hi,
On Sun, Aug 08, 2010 at 09:48:47PM +0200, Gert Doering wrote:
> as discussed in one of the previous the IRC meetings, I've been working
> on a test framework to enable full "fire up openvpn client, establish
> VPN connection, run ping tests, clean up, verify cleanup"
uot;if you don't want to
test this, this must be a mistake!!!") - but since this is not
something everyone will be using, your patch makes more sense.
ACK, and thanks.
gert
--
USENET is *not* the non-clickable part of WWW!
non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
that can be successfully
tested "just by extracting the tarball and run make ; make check".
We ship a t_client.rc-sample that explains what goes in there and how
to enable this.
gert
--
USENET is *not* the non-clickable part of WWW!
check
> if there are more (I've not been looking at the source script for lack of
> time).
There are some more.
David, could you patch these as well? Otherwise I need to go cherrypicking
your changes first (and this might take longer).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
pgpVlgCvTiva5.pgp
Description: PGP signature
rt
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
pgpJA0tfGiNHg.pgp
Description: PGP signature
Hi,
On Fri, Aug 20, 2010 at 10:56:51AM -0500, Karl O. Pinc wrote:
> On 08/20/2010 10:48:17 AM, Gert Doering wrote:
>
> > The app is cross-compileable today - but to make that work requires
> > that
> > all relevant Windows APIs are exported in mingw headers *and
> >
Hi,
On Fri, Aug 20, 2010 at 06:24:06PM +0200, Peter Stuge wrote:
> Gert Doering wrote:
> > The app is cross-compileable today - but to make that work requires that
> > all relevant Windows APIs are exported in mingw headers *and libraries*.
>
> Sure. You emphasize libraries
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: [email protected]
pgpA4Qq6JBUY9.pgp
Description: PGP signature
ck test, so we didn't investigate
further why it failed.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025
handling, of I remember right], so
use with care.
(You really have more than 16000 users on a single OpenVPN instance?
Wow, I'm impressed!)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
G
1 - 100 of 6788 matches
Mail list logo
