For good measure, ran through all the client & server side tests on
Linux (other platforms not affected). Since this is where I developed
and tested the patch, no surprises :-)
Thanks to having RTA_SUCCESS/RTA_EEXIST now, doing a double-review
again ("did I get all the numbers right?") was also v
Hi,
On Wed, Jan 18, 2023 at 2:47 AM Gert Doering wrote:
> The code in sitnl_route_set() used to treat "route can not be installed
> because it already exists" (EEXIST) as "not an error".
>
> This is arguably a reasonable approach, but needs to handled higher
> up - if the low level add_route() f
Hi,
(copying openvpn-devel, as Arne and Antonio are not reading -users)
On Wed, Jan 18, 2023 at 05:34:51PM +0100, Ralf Hildebrandt via Openvpn-users
wrote:
> You might have noticed our bug reports regarding capabilities && 2.6rc2.
> The whole point of it all was to test 2.6.x's DCO in our openvp
The bounding set being empty will overpower the likes of su/sudo
and will make it impossible for any child processes to ever gain
additional privileges again.
This fixes https://github.com/OpenVPN/openvpn/issues/220
Signed-off-by: Timo Rothenpieler
---
src/openvpn/platform.c | 2 +-
1 file chan
Hi,
On 12/01/2023 17:37, Arne Schwabe wrote:
This workaround avoids the kernel trigger ENOBUFS when the kernel
internal queue is overrun with events of disconnectingh clients or
similar. This is a workaround until we come up with a more permanent
solution.
Signed-off-by: Arne Schwabe
After f
