Re: [Openvpn-devel] [PATCH 2/2] When using UDP over SOCKS5, send the actual remote hostname (FQDN) to the proxy server in the first packet.

On Thu, Aug 22, 2013 at 7:08 PM, Josh Cepek wrote: >> akin to how HTTP reverse proxies commonly delegate to a physical server >> according to the HTTP 1.1 Host header—so that many hostnames can map >> to the same IP of the reverse proxy. > > There was some issue figuring out what this all means. D

Re: [Openvpn-devel] [PATCH 2/2] When using UDP over SOCKS5, send the actual remote hostname (FQDN) to the proxy server in the first packet.

We discussed this patch briefly in today's IRC developer meeting, and wanted some clarification on the intent/goal here. Comments inline (code removed since we're trying to wrap our heads around the feature in the general sense first.) Once we have a better idea of the intent, it will be easier to

Re: [Openvpn-devel] [PATCH] TLS versioning

On 21/08/13 10:28, Arne Schwabe wrote: [...snip...] Well I am not really sure what is going on on the Tomato firmware. I build a OpenSSL 0.9.7e (0.9.7e-3sarge3 to be exact, might already have some fixes in it, Tomato has 0.9.8d) on amd64 + OpenVPN 2.2.2 and that worked against 2.4-master. Before

[Openvpn-devel] [PATCH] Add timeout option for socks proxies

>From https://github.com/OpenVPN/openvpn/pull/1 (I am not the patch author) This patch adds a socks-proxy-timeout option. Defaults to 5 seconds which is the hardcoded value in master right now. I updated the patch slightly to merge successfully against master. 0001-Add-timeout-option-for-socks

Re: [Openvpn-devel] [PATCH 2/2] When using UDP over SOCKS5, send the actual remote hostname (FQDN) to the proxy server in the first packet.

On Thu, Aug 22, 2013 at 5:11 PM, Arne Schwabe wrote: > I will be happy to look at the patch Thanks. (As mentioned in the initial summary, the newly introduced behavior probably needs to be a configurable option, but I did not want to spend time implementing that unless there was general agreemen

Re: [Openvpn-devel] [PATCH 2/2] When using UDP over SOCKS5, send the actual remote hostname (FQDN) to the proxy server in the first packet.

Am 22.08.13 18:22, schrieb Jesse Glick: On Thu, Aug 8, 2013 at 1:59 PM, Jesse Glick wrote: Also as: https://github.com/OpenVPN/openvpn/pull/6 Ping. Anyone care about this? Yes. I will be happy to look at the patch after my dual stack patches are applied. Arne smime.p7s Description: S/MI

Re: [Openvpn-devel] Proposed change to allow use of statically linked OpenSSL

Hi, On Thu, Aug 22, 2013 at 10:38:49PM +0300, Samuli Seppänen wrote: > In today's meeting we briefly touched upon this suggested fix to > configure.ac to allow using statically linked OpenSSL: > > > > We couldn't figure out if the proposed chang

[Openvpn-devel] tls_ctx_load_ca: Improve certificate error messages

>From https://github.com/OpenVPN/openvpn/pull/4 (I am not the patch author) If a CA certificate file includes intermediate certificates, and any of them fail to verify, the current code will file with "Cannot load CA certificate file". Instead, generate a more specific error message identifying th

[Openvpn-devel] Summary of the IRC meeting (22nd Aug 2013)

Hi, Here's the summary of the previous IRC meeting. --- COMMUNITY MEETING Place: #openvpn-devel on irc.freenode.net List-Post: openvpn-devel@lists.sourceforge.net Date: Thursday 22nd Aug 2013 Time: 18:00 UTC Planned meeting topics for this meeting were on this page:

[Openvpn-devel] Proposed change to allow use of statically linked OpenSSL

Hi, In today's meeting we briefly touched upon this suggested fix to configure.ac to allow using statically linked OpenSSL: We couldn't figure out if the proposed change would have negative side-effects, so we didn't dare to implement it as-is.

[Openvpn-devel] [PATCH applied] Re: Allow use of NetBeans without saving nbproject/ directory.

Your patch has been applied to the master branch. commit 550fe1a3a12ad9affbdff6ab1fc3e846f5e8d0b5 Author: Jesse Glick List-Post: openvpn-devel@lists.sourceforge.net Date: Thu Aug 8 13:56:38 2013 -0400 Allow use of NetBeans without saving nbproject/ directory. Acked-by: Samuli Seppän

Re: [Openvpn-devel] [PATCH 2/2] When using UDP over SOCKS5, send the actual remote hostname (FQDN) to the proxy server in the first packet.

Yes. The patch is on the official "to be reviewed" queue here: We try to be as responsive as possible, but we are few in number so patch review tends to drag on for too long. We try to review unreviewed patches and tickets during IRC meetings[1

[Openvpn-devel] [PATCH applied] Re: Correct error text when no Windows TAP device is present

Your patch has been applied to the master and release/2.3 branches. commit 2d34628af995676c8ecddb953897c334b96a6a6b (master) commit 4276540e698d18838f62e2b06c7b875a55a37f77 (2.3) Author: Josh Cepek List-Post: openvpn-devel@lists.sourceforge.net Date: Wed Aug 21 16:20:30 2013 -0500 Correct

Re: [Openvpn-devel] [PATCH 2/2] When using UDP over SOCKS5, send the actual remote hostname (FQDN) to the proxy server in the first packet.

On Thu, Aug 8, 2013 at 1:59 PM, Jesse Glick wrote: > Also as: https://github.com/OpenVPN/openvpn/pull/6 Ping. Anyone care about this?

Re: [Openvpn-devel] Topics for today's community meeting

On 22/08/13 13:51, Gert Doering wrote: > Hi, > > On Thu, Aug 22, 2013 at 12:34:45PM +0200, David Sommerseth wrote: >> * openvpn-build issues + snappy topic. >> >>"The problem is that snappy pulls in a 8MB library as a dependency, >> increasing installer size considerably " >> >> Is this re

Re: [Openvpn-devel] Topics for today's community meeting

Hi, On Thu, Aug 22, 2013 at 12:34:45PM +0200, David Sommerseth wrote: > * openvpn-build issues + snappy topic. > >"The problem is that snappy pulls in a 8MB library as a dependency, > increasing installer size considerably " > > Is this really a problem? It's not a small library, but it

Re: [Openvpn-devel] [PATCH] Correct error text when no Windows TAP device is present

On 22/08/13 09:24, Josh Cepek wrote: > Patch/description attached; this resolves bug #320. ACK to patch 24be21ea2f1d02631685a0a11bf187372cf10fa4 in the attachement. > On an unrelated note, I'm trying out OpenPGP/MIME (RFCs 4880 & 3156) in > this submission since it appears the only non-broken way

Re: [Openvpn-devel] Topics for today's community meeting

On 22/08/13 10:50, Samuli Seppänen wrote: > Hi, > > We're having an IRC meeting today, starting at 18:00 UTC on > #openvpn-de...@irc.freenode.net. Current topic list is here: > > I'm not able to attend the meeting today, but just wan

[Openvpn-devel] Topics for today's community meeting

Hi, We're having an IRC meeting today, starting at 18:00 UTC on #openvpn-de...@irc.freenode.net. Current topic list is here: If you have any other things you'd like to bring up, respond to this mail, send me mail privately or add the

[Openvpn-devel] [PATCH] Correct error text when no Windows TAP device is present

Patch/description attached; this resolves bug #320. On an unrelated note, I'm trying out OpenPGP/MIME (RFCs 4880 & 3156) in this submission since it appears the only non-broken way to sign patches. Sane clients should eat this fine (Outlook Express may not.) If this poses a particular problem for