Re: [Openvpn-devel] [PATCH 1/2] Detect unusable ciphers on patched OpenSSL of RHEL/Centos

2021-09-08 Thread David Sommerseth
On 18/08/2021 23:33, Arne Schwabe wrote: OpenSSL on RHEL 8 and CentOS 8 system when these system are put into FIPS mode need extra code to figure out if a specific cipher algorithm is usable on these system. This is particularly problem in data-ciphers as the errors might occur much later when a

[Openvpn-devel] [PATCH] Fix Ubuntu spelling and duplicate run in Github Actions

2021-09-08 Thread Arne Schwabe
Ubuntu spelling was wrong and the matrix for operating system does not do anything but run the same build twice. --- .github/workflows/build.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index eb2c4f5fe..0

[Openvpn-devel] Summary of the community meeting (8th September 2021)

2021-09-08 Thread Samuli Seppänen
Hi, Here's the summary of the IRC meeting. --- COMMUNITY MEETING Place: #openvpn-meeting on libera.chat Date: Wed 8th September 2021 Time: 14:00 CET (12:00 UTC) Planned meeting topics for this meeting were here: Your local meeti

[Openvpn-devel] [PATCH applied] Re: reject compression by default

2021-09-08 Thread Gert Doering
This needed a bit of massaging for the Changes.rst hunk. The rest was straightforward. The interaction of this with existing configs is interesting. - if the local config has "comp-lzo" or "compress " in it, this will still work(!) - because the "allow-compress no" changed default will o

[Openvpn-devel] [PATCH applied] Re: compat-mode: allow user to specify version to be compatible with

2021-09-08 Thread Gert Doering
Acked-by: Gert Doering v2 is, basically "rebase, comment fix, and unsigned int" - so taking plaisthos' ACK and adding my own. As discussed on IRC we have worked on the comments to make them more understandable. I have not actually tested this, as there is nothing to test yet ("it compiles"). Y

[Openvpn-devel] [PATCH v2 2/7] compat-mode: allow user to specify version to be compatible with

2021-09-08 Thread Antonio Quartulli
This changes introduces the basic inbfrastructure required to allow the user to specify a specific OpenVPN version to be compatible with. Following changes will modify defaults to more modern and safer values, while allowing backwards-compatible behaviour on demand. The backwards-compatible behav