Re: [Openvpn-devel] [PATCH] bash->bourne script cleanup

On Sunday 28 February 2010, David Sommerseth wrote: > From: Dan Nelson > > Many of the scripts in the openvpn source have their shell set to > /bin/bash, but only two use bash features. The attached patch (against > openvpn-2.1_rc9) sets the shell on the rest of the scripts to /bin/sh for > bette

Re: [Openvpn-devel] FreeBSD funny in the code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28/02/10 23:14, Gert Doering wrote: > Hi, > > On Sun, Feb 28, 2010 at 04:37:45PM +0100, David Sommerseth wrote: >> On 28/02/10 16:10, Eric F Crist wrote: >>> ACK, >>> >>> It's not you, that's duplicate code. >> >> ACK. I this is indeed duplicated.

Re: [Openvpn-devel] [PATCH] make ipv6_payload compile under windowze ( feat_ipv6_payload branch )

Hi, to follow up on this... On Sun, Feb 21, 2010 at 09:14:16PM +0100, Gert Doering wrote: > On Sun, Feb 21, 2010 at 09:03:11PM +0100, Peter Stuge wrote: > > Gert Doering wrote: > > > I'll try to figure out how to setup a cross-compile environment > > > during next week, > > > > Some Linux distr

Re: [Openvpn-devel] FreeBSD funny in the code

Hi, On Sun, Feb 28, 2010 at 04:37:45PM +0100, David Sommerseth wrote: > On 28/02/10 16:10, Eric F Crist wrote: > > ACK, > > > > It's not you, that's duplicate code. > > ACK. I this is indeed duplicated. Thanks. I have committed this to my branch (because I'm too tired right now to get branch

[Openvpn-devel] [PATCH] Implement --passtos for tagged ethernet frames

From: Davide Guerri This patch makes it possible to use the --passtos option with 802.1Q tagged ethernet frames. sf.net tracker: Signed-off-by: David Sommerseth --- proto.c | 14 +++--- proto.h |

[Openvpn-devel] [PATCH] OpenVPN PKCS11-ID autoselect

From: Oliver Dumschat-Hötte When using smartcards, you have to supply the (not very handy) pkcs11-id in the config file or through the management interface. Normaly, there is only one smartcard at one time in use, so it is ok to automaticly set the first appearing smartcard id as pkcs11-id. This

[Openvpn-devel] [Feedback needed] Fix cross compile support

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm reviewing this patch in the patch tracker, and cannot make up my mind if this is correct or not. Can someone please advise if this is something we should include or not?

[Openvpn-devel] [PATCH] bash->bourne script cleanup

From: Dan Nelson Many of the scripts in the openvpn source have their shell set to /bin/bash, but only two use bash features. The attached patch (against openvpn-2.1_rc9) sets the shell on the rest of the scripts to /bin/sh for better portability. The only scripts that actually require bash are c

[Openvpn-devel] Win XP problem with framedyn.dll and PATH settings

Hi, I've been working on IPv6-Payload support on Windows over the last few days, and made some progress. Cross-compile succeeds, the resulting binary works fine for IPv6 and does some of the movements needed for IPv6. I have decided to use "netsh" commands to setup IPv6, as this seems to be "the

Re: [Openvpn-devel] [PATCH] FQDN for routes should expand to all IPs (second round)

> I was doing some considerations back and forth here before starting this > second round. The issue is that it changes the behaviour quite a lot > from what might be expected from earlier versions (if you're used to the > former behaviour). I'm at a loss when it comes to try and imagine someone

Re: [Openvpn-devel] [PATCH] Add CID to the management status overview

Hi, On Sun, Feb 28, 2010 at 04:31:53PM +0100, David Sommerseth wrote: > > In the grand scheme of things, small whitespace changes might later on > > lead to a merge conflict with another patch in this line (like "introduce > > version 4" or so), and so I'd avoid changes that are purely cosmetic

[Openvpn-devel] Macos X / Darwin funny in the code

Hi, today is the day... :-) tun.c, do_ifconfig() contains this beauty... #elif defined(TARGET_DARWIN) /* * Darwin (i.e. Mac OS X) seems to exhibit similar behaviour to OpenBSD... */ argv_printf (&argv,

Re: [Openvpn-devel] FreeBSD funny in the code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28/02/10 16:10, Eric F Crist wrote: > ACK, > > It's not you, that's duplicate code. > ACK. I this is indeed duplicated. David S. > On Feb 28, 2010, at 09:05:46, Gert Doering wrote: > >> Hi, >> >> tun.c contains this code, in the >> >> #elif

Re: [Openvpn-devel] FreeBSD funny in the code

ACK, It's not you, that's duplicate code. Eric On Feb 28, 2010, at 09:05:46, Gert Doering wrote: > Hi, > > tun.c contains this code, in the > > #elif defined(TARGET_FREEBSD)||defined(TARGET_DRAGONFLY) > > part of do_ifconfig() (about line 983 in the IPv6 payload branch): > > -

[Openvpn-devel] FreeBSD funny in the code

Hi, tun.c contains this code, in the #elif defined(TARGET_FREEBSD)||defined(TARGET_DRAGONFLY) part of do_ifconfig() (about line 983 in the IPv6 payload branch): - snip else { if (tt->topology == TOP_SUBNET) argv_printf (&argv,

Re: [Openvpn-devel] [PATCH] Allow 'lport 0' setup for random port binding

Hi, On Sun, Feb 28, 2010 at 02:44:14PM +0100, David Sommerseth wrote: > I am running a multihomed host where 'local ' must be specified > for proper operation. Unfortunately, this implies 'lport 1194' or > another static port. > > This causes problems with stateful firewalls which register the h

[Openvpn-devel] special-case code for OpenBSD - advice needed

Hi, while working on "make IPv6 payload work on Win32", I found something quite peculiar for OpenBSD in the OpenVPN code. In "init.c", do_open_tun(), calls two other functions from tun.c for tunnel setup: open_tun() --> find free /dev/tun device, open() it, thereby activating a

Re: [Openvpn-devel] [PATCH] Add CID to the management status overview

Hi, On Sun, Feb 28, 2010 at 01:50:35PM +0100, David Sommerseth wrote: > There are commands in the management interface which require the cid. The > only way at the moment to get the cid of connected clients is to have > always a management connection established. The patch adds the CID to the > st

[Openvpn-devel] [PATCH] Allow 'lport 0' setup for random port binding

From: Enrico Scholz I am running a multihomed host where 'local ' must be specified for proper operation. Unfortunately, this implies 'lport 1194' or another static port. This causes problems with stateful firewalls which register the host/port pairs in the internal connection tracking table. O

[Openvpn-devel] [PATCH] enhance tls-verify possibility

From: Mathieu GIANNECCHINI It should be nice to enhance tls-verify check possibilities against peer cert during a pending TLS connection like : - OCSP verification - check any X509 extensions of the peer certificate - delta CRL verification - ... This patch add a new "tls-export-cert" option whi

Re: [Openvpn-devel] OpenVPN Pf plugin/small status patch

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 26/06/09 17:00, Arne Schwabe wrote: > Hi, > > I have written a simple plugin for packet filtering that looks up fw rules > in the order > > Commonname.pf > IP_Port.pf > IP.pf > default.pf > > If one of this files is found the file is used as PF c

[Openvpn-devel] [PATCH] Add CID to the management status overview

From: Arne Schwabe There are commands in the management interface which require the cid. The only way at the moment to get the cid of connected clients is to have always a management connection established. The patch adds the CID to the status output. Signed-off-by: David Sommerseth --- multi.

Re: [Openvpn-devel] Unpackged Windows binaries? -- Problems building 2.1 rc15 on Windows XP

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/04/09 05:03, Karl O. Pinc wrote: > It occurs to me that if I want to do more than > beg I should submit a patch, so one is attached. > > On 04/08/2009 05:46:46 PM, Alon Bar-Lev wrote: >> Available as part of OpenSC build [1]. >> >> [1] http://ww

Re: [Openvpn-devel] [PATCH] FQDN for routes should expand to all IPs (second round)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 27/02/10 00:27, Stefan Monnier wrote: >> - From the following review discussion, a few other things needs to be >> changed and I hope you are willing to look into adopting your patch to >> those guidelines. This is also to follow the standards [1]