On Tue, Jun 19, 2012 at 2:20 AM, Thomas Habets wrote:
> Should be noted that the prompt is now "Enter Private Key Password:"
> instead of the engine-module generated "SRK authorization:".
Right. I can live with this... maybe in future the key names for all
kind of keys will be modified...
> But
On 18 June 2012 23:40, Alon Bar-Lev wrote:
>> Shouldn't it on be the default?
> This is a very long argument... weather to allow unsecured
> setup by default...
[googled a bit for it. I see.]
Should be noted that the prompt is now "Enter Private Key Password:"
instead of the engine-m
On Tue, Jun 19, 2012 at 1:27 AM, Thomas Habets wrote:
> When I specify --enable-password-save to ./configure askpass is able
> to read the password from a file.
Right, this is the idea, and if you use the management interface you
can specify the password via that interface.
> Seems despite what
When I specify --enable-password-save to ./configure askpass is able
to read the password from a file.
Seems despite what the --help says it actually defaults to off. :-(
Shouldn't it on be the default?
I'm not an OpenSSL ninja, but this looks suspicious:
--
if (!ENGINE_init(e))
msg (
Am 18.06.12 20:42, schrieb Alon Bar-Lev:
> On Mon, Jun 18, 2012 at 9:21 PM, Arne Schwabe wrote:
>> Am 12.05.12 21:31, schrieb Alon Bar-Lev:
>>> Platform independent interface for tun provider.
>>>
>>> Split the long tun.c into platform specific files using
>>> tun_engine interface.
>>>
>>> Functio
Hello Thomas,
Thank you for your comments and help.
I've updated the branch based on your work, but with changes...
The password is secret, and there is a standard mechanism in openvpn
to handle password...
So I tried to use it.
For the conditionals, I wanted to get rid of the openssl engine
cond
I can confirm that it works. I need to specify both engine and
engine-pvk in the config though. If "engine" is not specified then
ENGINE_load_builtin_engines() is never called. If you had this in mind
then I think "engine-pvk" should require "engine". (just putting
"engine" in the config file is en
On Mon, Jun 18, 2012 at 9:21 PM, Arne Schwabe wrote:
> Am 12.05.12 21:31, schrieb Alon Bar-Lev:
>> Platform independent interface for tun provider.
>>
>> Split the long tun.c into platform specific files using
>> tun_engine interface.
>>
>> Functionality is the same.
>>
>> Maintenance will be much
Signed-off-by: Arne Schwabe
---
src/openvpn/common.h |2 --
src/openvpn/crypto.c |6 --
src/openvpn/init.c |4
src/openvpn/misc.c |6 --
src/openvpn/options.c | 24
src/openvpn/options.h |6 --
This fixes starting openvpn compiled as client only version of systems that
have no /tmp (Android). --tmp-dir could only be set if P2MP_SERVER has been
enabled too.
Signed-off-by: Arne Schwabe
---
src/openvpn/options.c |7 +--
src/openvpn/options.h |4 +++-
2 files changed, 8 inser
Signed-off-by: Arne Schwabe
---
src/openvpn/init.c|6 --
src/openvpn/options.c |3 ---
src/openvpn/options.h |1 -
3 files changed, 0 insertions(+), 10 deletions(-)
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 61fd2a6..eacb67d 100644
--- a/src/openvpn/init.c
++
Signed-off-by: Arne Schwabe
---
src/openvpn/crypto.c |2 --
src/openvpn/mroute.c | 28
src/openvpn/multi.c |7 +--
src/openvpn/options.c|2 --
src/openvpn/route.c |1 -
src/openvpn/ss
Signed-off-by: Arne Schwabe
---
src/openvpn/httpdigest.c | 44 ++--
src/openvpn/ntlm.c |8
2 files changed, 26 insertions(+), 26 deletions(-)
diff --git a/src/openvpn/httpdigest.c b/src/openvpn/httpdigest.c
index 78b8344..61d4280 1006
Signed-off-by: Arne Schwabe
---
src/openvpn/init.c| 12
src/openvpn/manage.c |8
src/openvpn/manage.h |6 --
src/openvpn/options.c | 24
src/openvpn/options.h | 19 ---
src/openvpn/syshead.h | 16 +--
A few clean up patches that I have local. Some of these might be useful in a
2.3 release.
Arne Schwabe (6):
Only use tmpdir if tmp_dir is really used.
Completely remove ancient IANA port warning.
Remove ENABLE_INLINE_FILES conditionals, this code is always enabled
and removing the #ifde
Am 12.05.12 21:31, schrieb Alon Bar-Lev:
> Platform independent interface for tun provider.
>
> Split the long tun.c into platform specific files using
> tun_engine interface.
>
> Functionality is the same.
>
> Maintenance will be much easier! new options, like stacking
> several interfaces and del
src/openvpn/pkcs11.c:794:2: warning: passing argument 1 of
‘pkcs11h_setPINPromptHook’ from incompatible pointer type
Signed-off-by: Alon Bar-Lev
---
src/openvpn/pkcs11.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c
index d
Oh...
And I forgot mentioning that the UI method should be solved, using the
default is not something that is usable for openvpn.
Can you please take care of this?
Alon.
On Mon, Jun 18, 2012 at 3:25 PM, Alon Bar-Lev wrote:
> Hello Thomas,
>
> I did not have the global variable in mind :)
>
> I t
Hello Thomas,
I did not have the global variable in mind :)
I thought about your initial suggestion of specific private key
engine, and it has value, so I added a new option.
I propose the following [1], the problem is that I cannot test this out.
While looking on the current engine implementat
19 matches
Mail list logo