Re: [Openvpn-devel] Recently-disclosed LZO vulnerability and OpenVPN's use of LZO

Hi, On 29-06-14 18:09, Jonathan K. Bullard wrote: > A recent _"Lab Mouse Security research blog" entry_ > > claimed > that a bug exists in several implementations of the LZO algorithm > commonly used by OpenVPN and

Re: [Openvpn-devel] Recently-disclosed LZO vulnerability and OpenVPN's use of LZO

Hi, On Sun, Jun 29, 2014 at 12:09:01PM -0400, Jonathan K. Bullard wrote: > Am I correct to assume that OpenVPN's use of LZO is restricted to much > smaller block sizes? I assume the block sizes that OpenVPN uses LZO for are > limited to the maximum packet size, which would be on the order of 1500

Re: [Openvpn-devel] session-id implementation

Am 27.03.14 09:57, schrieb Lev Stipakov: > Hi, > > Same patch with added NULL check in push.c:308. Turns out that > peer_info might be NULL. > I looked at the patched, a few minor nitpicks: - The test should be if the IV_PROTO is at least 2 and not if exactly 2 - use_session_id should be bool inst

[Openvpn-devel] Recently-disclosed LZO vulnerability and OpenVPN's use of LZO

A recent *"Lab Mouse Security research blog" entry* claimed that a bug exists in several implementations of the LZO algorithm commonly used by OpenVPN and that the bug causes a security vulnerability. A rebuttal on t

Re: [Openvpn-devel] [PATCH] Fix socket-flag/TCP_NODELAY on Mac OS X

Am 26.06.14 13:40, schrieb James Bekkema: > Hi All, > > OpenVPN 2.3.4 will currently throw a warning of "NOTE: setsockopt > TCP_NODELAY=1 failed (No kernel support)” when attempting to use the > TCP_NODELAY socket option on Mac OS X/Darwin. Kernel support is there, > however the required header