On 22/08/13 10:50, Samuli Seppänen wrote: > Hi, > > We're having an IRC meeting today, starting at 18:00 UTC on > #openvpn-de...@irc.freenode.net. Current topic list is here: > > <https://community.openvpn.net/openvpn/wiki/Topics-2013-08-22>
I'm not able to attend the meeting today, but just wanted to quickly
comment on on a couple of the topics.
* --auth-user-pass - "Using a user-file (inline or not) with
challenge-response "
I think this is by design. As I understand the purpose of
challenge-response, it is to avoid static passwords. If it is possible
to detect the server uses a challenge-response setup, we should probably
bail-out with an error if --auth-user-pass is used with files anyway.
But I think it's how it is now, because detecting that was harder or
impossible.
* openvpn-build issues + snappy topic.
"The problem is that snappy pulls in a 8MB library as a dependency,
increasing installer size considerably "
Is this really a problem? It's not a small library, but it could still
be worse.
Another way to "solve" this (if it is a real problem) could be to have
have two openvpn binaries shipped in the installer. And ask at install
time if the user wants Snappy support or not. If not, don't install
this library and use a openvpn compiled without snappy support. If
support is wanted, install the library + openvpn binary with snappy
support. The installer will be somewhat bigger, but the user has an
option to opt out of snappy support.
Just my 2 cents.
--
kind regards,
David Sommerseth
signature.asc
Description: OpenPGP digital signature
