[Openvpn-devel] OpenVPN 2.3.9 released

2015-12-16 Thread Samuli Seppänen
The OpenVPN community project team is proud to release OpenVPN 2.3.9. It can be downloaded from here: This release includes many small improvements and fixes. The biggest change is the addition of --block-outside-dns option, which can b

Re: [Openvpn-devel] [PATCH] Warn user if their certificate has expired

2015-12-16 Thread David Sommerseth
On 16/12/15 09:24, Gert Doering wrote: > > OTOH, 0.9.8 and 1.0.0 will be discontinued end of this year, so we should > see vendor upgrades. Enterprise distributions will not rebase OpenSSL on their supported distroes. RHEL5 will continue to ship the openssl-0.9.8 base. But it will be, as it alwa

Re: [Openvpn-devel] [PATCH] Warn user if their certificate has expired

2015-12-16 Thread Gert Doering
Hi, On Tue, Dec 15, 2015 at 10:41:33PM +0100, Jan Just Keijser wrote: > is loaded, but - as Steffan pointed out - this would mean that multiple > places need a function call to check this: > - when loading an x509 file > - when loading a pkcs12 file > - when loading an inline blob > - when loadin

Re: [Openvpn-devel] [PATCH] Updates to Changes.rst

2015-12-16 Thread Gert Doering
Hi, On Tue, Dec 15, 2015 at 05:10:57PM -0500, Selva Nair wrote: > > Well, it is not an "unknown option" on XP... and the code doesn't really > > lend itself to "just claim it's an unknown option if it cannot be enabled" > > without being truly ugly... > > Well, > else if (streq (p[0], "block-out

Re: [Openvpn-devel] [PATCH] Replace ENABLE_CLIENT_CR with ENABLE_MANAGMENT with unconditionally enables it

2015-12-16 Thread Selva Nair
Hi, Though nothing breaks, this leads to confusing code fragments like the one around this one @@ -1143,7 +1142,7 @@ get_user_pass_cr (struct user_pass *up, > { msg(M_FATAL, "neither stdin nor stderr are a tty device, > can't ask for %s password. If you used --daemon, you need to use

Re: [Openvpn-devel] [PATCH 1/3] Fix CR prompting when user & pass are read from a file.

2015-12-16 Thread Selva Nair
Hi, On Tue, Dec 15, 2015 at 5:16 PM, Wayne Davison wrote: > The code that reads the challenge response (both dynamic & static) will > not prompt the user if the username and password information was read > from a file. > Agreed this is not good and should be fixed. But the patch is broken > I