Am 24.07.20 um 20:13 schrieb Gert Doering:
> commit 25a422cc60 deprecated --inetd, which is still something we want.
>
> Unlike all "usual" deprecated option warnings, we cannot print this at
> option parsing time, because we need logging to be set up first - otherwise
> the deprecation warning is
Acked-by: Gert Doering
Thanks for the v2. Builds nicely with "./build-snapshot" on my
ubuntu 18.04 builder now. I have not tested the resulting installer.
The code change for the C code look good to me.
Thanks for the explanation about the manifest ("I've heard that
before, but I won't ever
Hi,
On Fri, Jul 24, 2020 at 10:49:07PM +0300, Lev Stipakov wrote:
> > How do you build? I use the "build-snapshot" script, and that does
> > a "make dist" somewhere in between.
>
> ubuntu@ip-172-31-38-110:~/openvpn-build/windows-nsis$
> OPENVPN_VERSION=fix-remove-impersonation
> OPENVPN_URL=http
From: Lev Stipakov
Add manifest file to detect Windows versions greater than Windows 8.
Below is example output on Windows 10.
Before:
Windows version 6.2 (Windows 8 or greater) 64bit
After:
Windows version 10.0 (Windows 10 or greater) 64bit
Signed-off-by: Lev Stipakov
---
> How do you build? I use the "build-snapshot" script, and that does
> a "make dist" somewhere in between.
ubuntu@ip-172-31-38-110:~/openvpn-build/windows-nsis$
OPENVPN_VERSION=fix-remove-impersonation
OPENVPN_URL=https://github.com/lstipakov/openvpn/archive/fix/remove-impersonation.zip
./build-c
Hi,
On Fri, Jul 24, 2020 at 10:34:17PM +0300, Lev Stipakov wrote:
> 2) When I tested mingw build, I pointed source url to git repo, not to
> tarball - that's why it worked.
How do you build? I use the "build-snapshot" script, and that does
a "make dist" somewhere in between.
> That XML is requi
Hm.. I tested mingw build (windows-nsis) on Ubuntu 19.04 and
everything worked fine.
That's because:
1) Ubuntu 19.04 probably has recent enough mingw with _WIN32_WINNT_WINTHRESHOLD
2) When I tested mingw build, I pointed source url to git repo, not to
tarball - that's why it worked.
That XML is
Hi,
On Fri, Jul 24, 2020 at 05:14:45PM +0300, Lev Stipakov wrote:
> From: Lev Stipakov
>
> Add manifest file to detect Windows versions greater than Windows 8.
NAK, this breaks Ubuntu/MinGW builds. Actually, I think it breaks all
windows builds, if you build from tarballs (which the "generic"
Hi,
On Fri, Jul 24, 2020 at 02:26:31PM +0300, Lev Stipakov wrote:
> From: Lev Stipakov
>
> Body of check_subnet_conflict() was commented out
> (#if 0) back in 2011, so it is safe now to completely
> elimitate this function, including all calls to it.
I'm a bit sceptical about that one. Can we
commit 25a422cc60 deprecated --inetd, which is still something we want.
Unlike all "usual" deprecated option warnings, we cannot print this at
option parsing time, because we need logging to be set up first - otherwise
the deprecation warning is sent via the socket (on stdin/stdout)
towards the co
This patch adds a message that informs the user that the ncp-cipher
is renamed to data-ciphers. This should address the following concerns:
- Users being confused by old options.
- Nudge users to use the modern variant of an option
The man page already documents ncp-ciphers as an old name for
d
Am 24.07.20 um 16:04 schrieb Arne Schwabe:
> This patch adds a message that informs the user that the ncp-cipher
> is renamed to data-ciphers. This should address the following concerns:
>
> - Users being confused by old options.
> - Nudge users to use the modern variant of an option
>
> The ma
From: Lev Stipakov
Add manifest file to detect Windows versions greater than Windows 8.
Below is an example output on Windows 10.
Before:
Windows version 6.2 (Windows 8 or greater) 64bit
After:
Windows version 10.0 (Windows 10 or greater) 64bit
Signed-off-by: Lev Stipakov
---
This patch adds a message that informs the user that the ncp-cipher
is renamed to data-ciphers. This should address the following concerns:
- Users being confused by old options.
- Nudge users to use the modern variant of an option
The man page already documents ncp-ciphers as an old name for
d
From: Lev Stipakov
Body of check_subnet_conflict() was commented out
(#if 0) back in 2011, so it is safe now to completely
elimitate this function, including all calls to it.
As a bonus, remove unused local variable in do_set_mtu_service().
Signed-off-by: Lev Stipakov
---
src/openvpn/route.c
On 24/07/2020 12:45, Arne Schwabe wrote:
> First of all I did not want to reply to this since we had a lengthy
> discussion on IRC.
>
>> Lets take a few steps back try to see a broader picture.
>>
>> * --ncp-ciphers was introduced in OpenVPN 2.4 as a brand new option.
>>
>> * Steffan has suggested
From: Lev Stipakov
As discussed a while ago on the mailing list and
community meetings, having SYSTEM elevation hack
inside openvpn code considered harmful.
Since interactive service is the recommended way
of using openvpn on Windows, limiting wintun usage to
interactive service should not be an
First of all I did not want to reply to this since we had a lengthy
discussion on IRC.
> Lets take a few steps back try to see a broader picture.
>
> * --ncp-ciphers was introduced in OpenVPN 2.4 as a brand new option.
>
> * Steffan has suggested to add --data-ciphers alias into the next v2.4
>
>> Also route-pull works in both OpenVPN 2.x and 3.x
>> clients while pull-filter is currently 2.x only.
>
> Actually pull-filter cannot be compared with route-nopull as the
> former is customizable. The real question is whether there is any
> compelling reason to use it other than lack of altern
On 24/07/2020 10:14, Steffan Karger wrote:
> Hi,
>
> On 17-07-2020 15:47, Arne Schwabe wrote:
>> The change in name signals that data-ciphers is the preferred way to
>> configure data channel (and not --cipher). The data prefix is chosen
>> to avoid ambiguity and make it distinct from tls-cipher f
On 24/07/2020 02:35, Selva Nair wrote:
>> Also route-pull works in both OpenVPN 2.x and 3.x
>> clients while pull-filter is currently 2.x only.
>
> Actually pull-filter cannot be compared with route-nopull as the
> former is customizable. The real question is whether there is any
> compelling reas
Hi,
On 17-07-2020 15:47, Arne Schwabe wrote:
> The change in name signals that data-ciphers is the preferred way to
> configure data channel (and not --cipher). The data prefix is chosen
> to avoid ambiguity and make it distinct from tls-cipher for the TLS
> ciphers.
>
> Signed-off-by: Arne Schwa
Hi,
On 23-07-2020 18:09, David Sommerseth wrote:
>> This was a deliberate decision. We really want to people to move towards
>> ncp and putting another hurdle with having an option that works better
>> on but gives a warning and a option that does not work on 2.4 does not
>> help here. If we decid
23 matches
Mail list logo
