Hi,
On Thu, Sep 22, 2016 at 3:40 PM, David Sommerseth
wrote:
> This avoids allocating static memory which is not used unless the
> a HTTP proxy with authentication is configured.
.
The only place the original code referred to the global
static_proxy_user_pass appears to be in this functio
Hi,
On 18 September 2016 at 22:07, Selva Nair wrote:
> Does this mean that --tls-crypt will imply --tls-auth with the same key-file
> (or make the latter redudnant?). The man-page description in the patch
> appears to imply so, but not very clear..
--tls-crypt also includes authentication, and t
This avoids allocating static memory which is not used unless the
a HTTP proxy with authentication is configured.
Signed-off-by: David Sommerseth
---
src/openvpn/ntlm.c | 16
src/openvpn/proxy.c | 41 +
src/openvpn/proxy.h | 2 +-
3 file
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This patch tries to remove allocating memory which will not being used unless
a specific feature is enabled. This is merely to get a patch out to be tested
and to see if this is worth the efforts. The code does get extended, but
for embedded devices,
Hi,
On Thu, Sep 22, 2016 at 1:44 PM, David Sommerseth <
open...@sf.lists.topphemmelig.net> wrote:
> On 22/09/16 18:43, Selva Nair wrote:
> >
> > Also usernames > 64 bytes will break --username-as-common-name as
> > CN is limited to 64 bytes (could 64 code points, but it seems
> > openvpn interpre
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22/09/16 18:43, Selva Nair wrote:
> Hi,
>
> On Thu, Sep 22, 2016 at 6:04 AM, David Sommerseth
> mailto:dav...@openvpn.net>> wrote:
>
> If running an OpenVPN client with --enable-pkcs11 and a server
> without and having a username and/or password w
Hi,
On Thu, Sep 22, 2016 at 6:04 AM, David Sommerseth
wrote:
> If running an OpenVPN client with --enable-pkcs11 and a server without
> and having a username and/or password with more than 128 characters,
> the authentication will fail as the server truncates the password
> to 128 bytes.
>
> Thi
>> Basically --log and --log-append will work, if the logfile is
>> stored under /etc/openvpn. If you try to put the it under /tmp, it
>> will never appear.
>
> Eeek ... never suggest putting log data into /etc ... /var/log please!
Just for the record: I was not suggesting putting the logfiles th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22/09/16 16:06, debbie10t wrote:
> Hi,
>
>
> On 22/09/16 14:40, Jan Just Keijser wrote:
>> Hi,
>>
>> On 22/09/16 15:07, debbie10t wrote:
>>> Hi
>>>
>>> posting in devel because I am asking for clarification of what
>>> the source code really doe
Hi,
On 22/09/16 15:07, debbie10t wrote:
> Hi
>
> posting in devel because I am asking for clarification of
> what the source code really does.
>
> Re: https://forums.openvpn.net/viewtopic.php?f=30&t=22485
>
> Config:
> |---
> server *normal stuff*
> log-append /tmp/openvpn.log
> ---
>
> I have jus
Hi,
On 22/09/16 14:40, Jan Just Keijser wrote:
> Hi,
>
> On 22/09/16 15:07, debbie10t wrote:
>> Hi
>>
>> posting in devel because I am asking for clarification of
>> what the source code really does.
>>
>> Re: https://forums.openvpn.net/viewtopic.php?f=30&t=22485
>>
>> Config:
>> |---
>> server *
On 22/09/16 15:32, Samuli Seppänen wrote:
> Il 22/09/2016 16:07, debbie10t ha scritto:
[...snip...]
>> Obviously, systemctl start openvpn@client1 appends more options
>> when starting openvpn (in my hand written service the only
>> addition is --daemon client1) So I presume that by daemonizing
>> s
Hi
posting in devel because I am asking for clarification of
what the source code really does.
Re: https://forums.openvpn.net/viewtopic.php?f=30&t=22485
Config:
|---
server *normal stuff*
log-append /tmp/openvpn.log
---
I have just tried with Ubuntu1604 myself and observe that:
(My basic config
Il 22/09/2016 16:07, debbie10t ha scritto:
> Hi
>
> posting in devel because I am asking for clarification of
> what the source code really does.
>
> Re: https://forums.openvpn.net/viewtopic.php?f=30&t=22485
>
> Config:
> |---
> server *normal stuff*
> log-append /tmp/openvpn.log
> ---
>
> I have j
Hi,
On Thu, Sep 22, 2016 at 01:36:15PM +0200, Steffan Karger wrote:
> > +#define USER_PASS_LEN 4096
> > +
> > struct user_pass
> > {
> >bool defined;
> >bool nocache;
> >
> > -/* max length of username/password */
> > -# ifdef ENABLE_PKCS11
> > -# define USER_PASS_LEN 4096
> > -# els
Hi,
On 22-09-16 12:04, David Sommerseth wrote:
> If running an OpenVPN client with --enable-pkcs11 and a server without
> and having a username and/or password with more than 128 characters,
> the authentication will fail as the server truncates the password
> to 128 bytes.
>
> This makes things
On Thu, Sep 22, 2016 at 6:04 AM, David Sommerseth wrote:
> If running an OpenVPN client with --enable-pkcs11 and a server without
> and having a username and/or password with more than 128 characters,
> the authentication will fail as the server truncates the password
> to 128 bytes.
>
> This make
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22/09/16 12:04, David Sommerseth wrote:
> If running an OpenVPN client with --enable-pkcs11 and a server
> without and having a username and/or password with more than 128
> characters, the authentication will fail as the server truncates
> the pass
If running an OpenVPN client with --enable-pkcs11 and a server without
and having a username and/or password with more than 128 characters,
the authentication will fail as the server truncates the password
to 128 bytes.
This makes things easier and more predictable. Username/passwords
can be up t
19 matches
Mail list logo
