Thanks, Selva for having an extra eye :-) - I asked for the feature, and
it works beautifully for me, but what do I understand about OpenSSL
internals... ("unsigned long" fixed on the fly).
Tried on FreeBSD 14 with OpenSSL 3 and a broken provider (which is what
triggered the whole thing):
$ src/
On Fri, Aug 11, 2023 at 8:16 AM Arne Schwabe wrote:
> This also shows the extra data from the OpenSSL error function that
> can contain extra information. For example, the command
>
> openvpn --providers vollbit
>
> will print out (on macOS):
>
> OpenSSL: error:12800067:DSO support routi
On Mon, Jan 30, 2023 at 06:29:36PM +0100, Arne Schwabe wrote:
> The -fno-sanitize-recover=all flag ensures that for all errors we actually
> abort the tests in the automated testing and not just print some errors in red
> that nobody sess. Also add the undefined tests to catch more bugs.
>
> For l
cron2 has uploaded a new patch set (#2) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/319?usp=email )
Change subject: route: Fix overriding return value of add_route3
..
route: Fix ov
Acked-by: Gert Doering
Yep, Coverity is right :-) - silly code. Fix is in the same style we
use elsewhere, so fine.
(The whole error handling on route addition is a bit wonky, but even
then we should not forget about errors)
Test compiled on Linux, just to be sure I did not overlook anything.
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/319?usp=email )
Change subject: route: Fix overriding return value of add_route3
..
route: Fix overriding return value of add_route3
The return value of a
Acked-by: Gert Doering
No functional change, just clarifying "yes we know that this could
happen, but if it does, this is still well-defined".
Test compiled on Linux, just in case I overlooked something.
Your patch has been applied to the master and release/2.6 branch.
commit f19391139836aa073
Has taken us long enough...
Tested in the server threadmill (Linux), and on buildbot/GHA (all
the OSes). No explosions.
Also, stared a bit at the code, if Frank has overlooked anything,
just for completeness - haven't found anything :-)
Your patch has been applied to the master branch.
commit
Am 11.08.23 um 17:12 schrieb Gert Doering:
Hi,
generally good, but...
On Fri, Jul 28, 2023 at 02:40:05PM +0200, Frank Lichtenheld wrote:
index ..0620f638
--- /dev/null
+++ b/.github/workflows/coverity-scan.yml
@@ -0,0 +1,45 @@
+name: coverity-scan
+on:
+ schedule:
+- cron: '0 20 *
cron2 has uploaded a new patch set (#2) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/320?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by plaisthos
Change subject: options: Do not hide variables from parent scope
..
Hi,
generally good, but...
On Fri, Jul 28, 2023 at 02:40:05PM +0200, Frank Lichtenheld wrote:
> index ..0620f638
> --- /dev/null
> +++ b/.github/workflows/coverity-scan.yml
> @@ -0,0 +1,45 @@
> +name: coverity-scan
> +on:
> + schedule:
> +- cron: '0 20 * * *' # Daily at 20:00 UTC
> +
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/317?usp=email )
Change subject: pkcs11_openssl: Disable unused code
..
pkcs11_openssl: Disable unused code
Coverity: CID 1539183 (#1 of 1): Structurally d
cron2 has uploaded a new patch set (#2) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/317?usp=email )
The following approvals got outdated and were removed:
Code-Review+1 by selvanair
Change subject: pkcs11_openssl: Disable unused code
...
ACK from Selva in Gerrit (and Gerrit URL recorded in the commit).
Patch makes sense. Test compiled on Linux with --enable-pkcs11.
Your patch has been applied to the master and release/2.6 branch.
commit 38fbddc94596b6b2d8fa93a8bd0aca7dbb220def (master)
commit dd0a3f3af229c62957d6a223fcb91278c6b
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/320?usp=email )
Change subject: options: Do not hide variables from parent scope
..
options: Do not hide variables from parent scope
msglevel hides the fu
Patch in Gerrit (https://gerrit.openvpn.net/c/openvpn/+/320) and on
the list, ACK from Lev on the list. Test compiled on Linux.
Your patch has been applied to the master and release/2.6 branch.
commit f7c8cc092b8b6f5659cf8abd8d8624fc16f3dda2 (master)
commit 4b4f6ff7f933ddd8e767d2a5add927f435edd5
cron2 has uploaded a new patch set (#4) to the change originally created by
stipa. ( http://gerrit.openvpn.net/c/openvpn/+/321?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by flichtenheld
Change subject: Set WINS servers via interactice service
..
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/321?usp=email )
Change subject: Set WINS servers via interactice service
..
Set WINS servers via interactice service
At the moments WINS servers are set e
NOTE: this is merging the v3 of the patch from Gerrit, which has an
ACK in gerrit
https://gerrit.openvpn.net/c/openvpn/+/321
there are some diffs from v1 to v2, and rebase context from v2 to v3,
but the gist of the patch is the same.
I have not tested this beyond "does it look safe wrt memory/
This also shows the extra data from the OpenSSL error function that
can contain extra information. For example, the command
openvpn --providers vollbit
will print out (on macOS):
OpenSSL: error:12800067:DSO support routines::could not load the shared
library:filename(/opt/homebrew/Cell
On Thu, Aug 10, 2023 at 04:02:10PM +0200, Arne Schwabe wrote:
> The undefined behaviour USAN clang checker found this.
>
> This fix is a bit messy but so are the original structures.
>
> Patch v2: handle the fact we need to beyond the struct ifr
> correctly when mapping the result to st
21 matches
Mail list logo
