On Wed, 2020-06-24 at 01:18 +0500, Илья Шипицин wrote:
[...]
> I've added output of log.txt, if you are going to modify "grep"
> magic, can you adopt something like that, please ?
OK, I folded this into the --enable-small correction
James
---8>8>8><8<8<8---
From: James Bottomley
Subject: [PATCH
Hi,
Arne and I have discussed the challenge of DNS configuration and we have paid
attention to a recent discussion here on the mailing list as well [1]. We
have tried to consider various platforms and have a few proposals for unifying
and documenting DNS configuration as much as possible.
[1]
<
ср, 24 июн. 2020 г. в 00:37, Gert Doering :
> Hi,
>
> On Tue, Jun 23, 2020 at 12:32:42PM -0700, James Bottomley wrote:
> > > James, are you triggering on specific openvpn messages? "--enable-
> > > small"
> > > changes these (trimming some warnings and help texts). Can you test
> > > with
> > >
Hi,
On Tue, Jun 23, 2020 at 3:22 AM Jan Just Keijser wrote:
>
> Hi,
>
> On 21/06/20 17:14, Selva Nair wrote:
> > On Sun, Jun 21, 2020 at 7:14 AM Gert Doering wrote:
> >>
> >> going through OpenVPN threads that went stale - I think this is
> >> actually a nice addition (read: other people have al
Hi,
On Tue, Jun 23, 2020 at 12:32:42PM -0700, James Bottomley wrote:
> > James, are you triggering on specific openvpn messages? "--enable-
> > small"
> > changes these (trimming some warnings and help texts). Can you test
> > with
> > "configure --enable-small", please?
> >
> > https://travis-
On Tue, 2020-06-23 at 21:26 +0200, Gert Doering wrote:
> Hi,
>
> On Tue, Jun 23, 2020 at 08:47:33PM +0200, Gert Doering wrote:
> > On Tue, Jun 23, 2020 at 11:36:49PM +0500, ??
> > wrote:
> > > Also, I think we should out log.txt in case of failure.
> >
> > Indeed, this would
Hi,
On Tue, Jun 23, 2020 at 08:47:33PM +0200, Gert Doering wrote:
> On Tue, Jun 23, 2020 at 11:36:49PM +0500, ?? wrote:
> > Also, I think we should out log.txt in case of failure.
>
> Indeed, this would help.
Yep.
The "make distcheck" travis instance is now happy, but the "
Hi,
On Tue, Jun 23, 2020 at 11:36:49PM +0500, ?? wrote:
> Also, I think we should out log.txt in case of failure.
Indeed, this would help.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures
Acked-by: Gert Doering
Looks reasonable, explanation is reasonable, and it passes "make distcheck"
(only tested on Linux, but there should not be a difference here).
Your patch has been applied to the master branch.
Thanks.
commit 21e3e9fc34128d37bd612def2acca29a5a18de77 (HEAD -> master)
Autho
вт, 23 июн. 2020 г. в 23:17, James Bottomley <
james.bottom...@hansenpartnership.com>:
> On Tue, 2020-06-23 at 21:43 +0500, Илья Шипицин wrote:
> > as far as I understand, openssl-1.0.2 does not support engines ?
>
> No, it does. Engines were a pre 0.9.8 thing. I support openssl in my
> builds f
On Tue, 2020-06-23 at 21:43 +0500, Илья Шипицин wrote:
> as far as I understand, openssl-1.0.2 does not support engines ?
No, it does. Engines were a pre 0.9.8 thing. I support openssl in my
builds for the TPM engine down to 1.0.1
However, the failure:
> Key mismatch not detected
>
> FAIL: ch
Hi,
On Tue, Jun 23, 2020 at 09:42:51PM +0500, ?? wrote:
> apparently, it fails for some build on travis
> https://travis-ci.org/github/OpenVPN/openvpn/jobs/701158156
This is the reason why James sent this new patch - what we have in
master works but fails "make distcheck".
[
as far as I understand, openssl-1.0.2 does not support engines ?
вт, 23 июн. 2020 г. в 21:42, Илья Шипицин :
> apparently, it fails for some build on travis
> https://travis-ci.org/github/OpenVPN/openvpn/jobs/701158156
>
> вт, 23 июн. 2020 г. в 18:07, James Bottomley <
> james.bottom...@hansenpar
apparently, it fails for some build on travis
https://travis-ci.org/github/OpenVPN/openvpn/jobs/701158156
вт, 23 июн. 2020 г. в 18:07, James Bottomley <
james.bottom...@hansenpartnership.com>:
> On Tue, 2020-06-23 at 09:21 +0200, Gert Doering wrote:
> > Hi,
> >
> > On Tue, Jun 23, 2020 at 08:28:3
On Tue, 2020-06-23 at 09:21 +0200, Gert Doering wrote:
> Hi,
>
> On Tue, Jun 23, 2020 at 08:28:36AM +0200, Gert Doering wrote:
> > Acked-by: Gert Doering
> >
> > Tested on :
> > - MacOS Mojave with OpenSSL 1.1.1c (brew) and out-of-tree build,
> > works.
> > - Linux with mbedtls (does not try e
Hi,
On Tue, Jun 23, 2020 at 01:12:42PM +0400, Dmitry Melekhov wrote:
> 23.06.2020 13:02, Gert Doering ??:
> > That patch is from Steffan, and review has been sitting in my lap for
> > way too long. Need to see if it still applies.
>
> Unfortunately it is not compatible with 2.4.9, becaus
If OpenVPN signals deferred authentication support (by setting
the internal environment variables "auth_control_file" and
"deferred_auth_pam"), do not wait for PAM stack to finish. Instead,
the privileged PAM process returns RESPONSE_DEFER via the control
socket, which gets turned into OPENVPN_PLU
Hi,
On 22/06/2020 16:02, Arne Schwabe wrote:
[CUT]
> @@ -343,6 +348,42 @@ tls_ctx_set_cert_profile(struct tls_root_ctx *ctx, const
> char *profile)
> }
> }
>
> +void
> +tls_ctx_set_tls_groups(struct tls_root_ctx *ctx, const char *groups)
> +{
> +ASSERT(ctx);
> +struct gc_arena g
23.06.2020 13:02, Gert Doering пишет:
That patch is from Steffan, and review has been sitting in my lap for
way too long. Need to see if it still applies.
Unfortunately it is not compatible with 2.4.9, because of introduced
change...
___
Op
Hi,
On Tue, Jun 23, 2020 at 10:34:47AM +0200, Arne Schwabe wrote:
> > Well, may be it is possible to add support for setting cipher in ccd
> >
> > as it was possible before 2.4.9 using patch from here
> >
> > https://community.openvpn.net/openvpn/ticket/845
> >
>
> I get that this might have be
23.06.2020 12:34, Arne Schwabe пишет:
Am 23.06.20 um 06:16 schrieb Dmitry Melekhov:
22.06.2020 20:58, Selva Nair пишет:
+*WARNING* This MAY break configurations where the client uses
+ ``--disable-occ`` feature where the ``--cipher`` has
+ not been explicitly co
Am 23.06.20 um 06:16 schrieb Dmitry Melekhov:
> 22.06.2020 20:58, Selva Nair пишет:
>> +*WARNING* This MAY break configurations where the client uses
>> + ``--disable-occ`` feature where the ``--cipher`` has
>> + not been explicitly configured on both client and
>>
Hi,
On 21/06/20 17:14, Selva Nair wrote:
On Sun, Jun 21, 2020 at 7:14 AM Gert Doering wrote:
going through OpenVPN threads that went stale - I think this is
actually a nice addition (read: other people have already asked
me if this can be done).
On Thu, Mar 05, 2020 at 01:53:12PM +0100, Jan
Hi,
On Tue, Jun 23, 2020 at 08:28:36AM +0200, Gert Doering wrote:
> Acked-by: Gert Doering
>
> Tested on :
> - MacOS Mojave with OpenSSL 1.1.1c (brew) and out-of-tree build, works.
> - Linux with mbedtls (does not try engine tests, good :-) )
> - Linux with OpenSSL 1.1.1, works
> - FreeBSD 1
24 matches
Mail list logo
