From: Antonio Quartulli
There is no need to check the result of a boolean function and then
assign a constant value to a variable based on that check.
Directly assign the return value of the function to the variable.
Signed-off-by: Antonio Quartulli
---
src/openvpn/ssl.c | 7 ++-
1 file c
Hi,
On 05/04/2021 12:38, Gert Doering wrote:
> Hi,
>
> On Mon, Apr 05, 2021 at 10:00:07AM +0200, Antonio Quartulli wrote:
>> /* compute PRF */
>> -if (!ssl_tls1_PRF(BPTR(&seed), BLEN(&seed), secret, secret_len, output,
>> output_len))
>> -{
>> -ret = false;
>> -}
>> +
Acked-by: Gert Doering
(As the original mail already claimed :-) )
I have stared-at-diff and grepped for P2MP, SHAPER and BACKTRACK remains
(no complaints). Client-side tested, server-side tested in all combinations
I have (p2mp, p2p), no surprises. I did not test --shaper, but I am
reasonabl
Acked-by: Gert Doering
According to OpenSSL documentation, this can indeed return NULL,
so catch it... (Note: as for 1/3, this code is only in master, so
no need to backport to release/2.5)
Your patch has been applied to the master branch.
commit f3c7698957483e0ea0f14e712502d34c826c53ca
Author
Acked-by: Gert Doering
Looks reasonable, matches coding style & OpenSSL documentation, and
passes my client-side tests with OpenSSL 1.1.1
Your patch has been applied to the master branch.
commit 24e58164b845614c2176bc6b2a939856fd830c53
Author: Antonio Quartulli
Date: Mon Apr 5 10:00:05 2021 +
Hi,
On Mon, Apr 05, 2021 at 10:00:07AM +0200, Antonio Quartulli wrote:
> /* compute PRF */
> -if (!ssl_tls1_PRF(BPTR(&seed), BLEN(&seed), secret, secret_len, output,
> output_len))
> -{
> -ret = false;
> -}
> +ret = ssl_tls1_PRF(BPTR(&seed), BLEN(&seed), secret, secre
> Hi,
>
> On Mon, Apr 05, 2021 at 10:16:07AM +0200, Simon Matter wrote:
>> Then I misunderstood what is written here?
>>
>> https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#Option:--compress
>>
>> "Compression is not recommended and is a feature users should avoid
>> using.
>> To signal
Am 05.04.21 um 09:38 schrieb Simon Matter:
>> Hi,
>>
>> On Sat, Apr 03, 2021 at 03:07:11PM +0200, Simon Matter wrote:
>>> Apr 3 15:00:30 gw-X1 openvpn[1477]: pre-compress bytes,833300152
>>> Apr 3 15:00:30 gw-X1 openvpn[1477]: post-compress bytes,796650159
>>> Apr 3 15:00:30 gw-X1 openvpn[1477]:
Hi,
On Mon, Apr 05, 2021 at 10:16:07AM +0200, Simon Matter wrote:
> Then I misunderstood what is written here?
>
> https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#Option:--compress
>
> "Compression is not recommended and is a feature users should avoid using.
> To signal this clearl
> Hi Simon
>
> On 05/04/2021 09:38, Simon Matter wrote:
>>> Hi,
>>>
>>> On Sat, Apr 03, 2021 at 03:07:11PM +0200, Simon Matter wrote:
Apr 3 15:00:30 gw-X1 openvpn[1477]: pre-compress bytes,833300152
Apr 3 15:00:30 gw-X1 openvpn[1477]: post-compress bytes,796650159
Apr 3 15:00:30 g
From: Antonio Quartulli
A context allocated with EVP_PKEY_CTX_new_id() must be ultimately free'd
by Eng VP_PKEY_CTX_free(). Failing to do so will result in a memory leak.
This bug was discovered using GCC with "-fsanitize=address".
Signed-off-by: Antonio Quartulli
---
src/openvpn/crypto_opens
From: Antonio Quartulli
There is no need to check the result of a boolean function and then
assign a constant value to a variable based on that check.
Directly assign the return value of the function to the variable.
Signed-off-by: Antonio Quartulli
---
src/openvpn/ssl.c | 6 ++
1 file ch
From: Antonio Quartulli
EVP_PKEY_CTX_new_id() may return NULL and for this reason we must check
its return value and bail out in case of failure.
Failing to do so, may result in NULL pointer dereferece when we
pass the returned pointer (NULL) to other functions.
Signed-off-by: Antonio Quartulli
Hi Simon
On 05/04/2021 09:38, Simon Matter wrote:
>> Hi,
>>
>> On Sat, Apr 03, 2021 at 03:07:11PM +0200, Simon Matter wrote:
>>> Apr 3 15:00:30 gw-X1 openvpn[1477]: pre-compress bytes,833300152
>>> Apr 3 15:00:30 gw-X1 openvpn[1477]: post-compress bytes,796650159
>>> Apr 3 15:00:30 gw-X1 openvp
> Hi,
>
> On Sat, Apr 03, 2021 at 03:07:11PM +0200, Simon Matter wrote:
>> Apr 3 15:00:30 gw-X1 openvpn[1477]: pre-compress bytes,833300152
>> Apr 3 15:00:30 gw-X1 openvpn[1477]: post-compress bytes,796650159
>> Apr 3 15:00:30 gw-X1 openvpn[1477]: pre-decompress bytes,343572096
>> Apr 3 15:00:3
15 matches
Mail list logo
