-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 16/04/10 19:48, Jan Just Keijser wrote:
> man page patch to fix (based on the git page).
>
> - explicit-exit-notify text is misleading : parameter [n] is the number
> of attempts not the number of retries
>
> - I would make a statement that a sec
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 15/04/10 20:52, Davide Brini wrote:
> The man page does not mention that the default value of "mssfix" is 1450.
>
> --- openvpn-2.1.1/openvpn.8 2010-02-28 22:17:45.0 +
> +++ openvpn-2.1.1-a/openvpn.8 2010-04-15 19:43:53.0
From: David Sommerseth
Avoids using M_FATAL, which will terminate the OpenVPN process,
except where it really is needed. It's considered needed when
the function fails after 5 attempts, as that most likely
indicates problem with getting enough random data for the filename.
Signed-off-by: David
Hi,
On Fri, Apr 16, 2010 at 10:21:50PM +0200, David Sommerseth wrote:
> In a Debian bug report [1] there were worries that the --client-connect
> script hook was prune to a "symlink" attack. Even though this can
> be recognised if --tmp-dir is set to a world writable directory, it is not
> consid
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 16/04/10 23:42, Fabian Knittel wrote:
> Hi David,
>
> David Sommerseth wrote:
>> +}
>> + while (attempts < 6);
>>
>> - return gen_path (directory, BSTR (&fname), gc);
>> + msg (M_FATAL, "Failed to create temporary file after %i attempts",
Hi,
On Sat, Apr 17, 2010 at 09:06:09PM +0200, David Sommerseth wrote:
> If create_temp_file() returns NULL, this strlen() check would cause
> a SEGV.
Looks "obviously correct". ACK.
gert
--
USENET is *not* the non-clickable part of WWW!
