Attention is currently required from: flichtenheld, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/855?usp=email )
Change subject: Improve error reporting from AF_UNIX tun/tap support
..
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/805?usp=email )
Change subject: Rename aead-tag-at-end to aead-epoch
..
Rename aead-tag-at-end to aead-epoch
Since we introduce aead at the end and epoch
cron2 has uploaded a new patch set (#13) to the change originally created by
plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/805?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by MaxF
Change subject: Rename aead-tag-at-end to aead-epoch
.
Fairly straightforward renaming of things, which makes sense. Just
test compiled (as there is nothing yet which would care for the IV_
sent and push back "aead-epoch").
I've moved the "is" in the crypto.h comment to the end of the sentence,
where it now seems to make more sense.
Your patch has b
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/804?usp=email )
Change subject: Implement methods to generate and manage OpenVPN Epoch keys
..
Implement methods to generate and manage OpenVPN Epoch keys
cron2 has uploaded a new patch set (#13) to the change originally created by
plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/804?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by MaxF
Change subject: Implement methods to generate and manage OpenVPN Epoch key
Another patch in the series that doesn't actually change anything yet,
but builds infrastructure. It comes with a fairly extensive unit test,
which passes :-)
The changes look reasonable to me, and have a +2 from MaxF in Gerrit
(who understands crypto much better).
As the patch actually does add
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/803?usp=email )
Change subject: Add methods to read/write packet ids for epoch data
..
Add methods to read/write packet ids for epoch data
Change-Id: I2a1
cron2 has uploaded a new patch set (#13) to the change originally created by
plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/803?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by MaxF
Change subject: Add methods to read/write packet ids for epoch data
..
This basically does not really add "system testable" code yet - but it
does add unit tests (which pass), the code looks reasonable, and it
comes with a +2 from MaxF in Gerrit.
A comment explaining what packet_id_send_update_epoch() is about would
be nice, though...
Your patch has been applied to
From: Arne Schwabe
Since we introduce aead at the end and epoch data keys together
and only allow the aead tag at the end if epoch data keys are
used, we can use just one flag for both of them
Change-Id: I9e9433b56dcbaa538d9bed30e50cf74948c647cc
Signed-off-by: Arne Schwabe
Acked-by: MaxF
---
cron2 has uploaded a new patch set (#6) to the change originally created by
plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/843?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by MaxF
Change subject: Do not attempt to decrypt packets anymore after 2**36 faile
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/843?usp=email )
Change subject: Do not attempt to decrypt packets anymore after 2**36 failed
decryptions
..
Do not attempt to decrypt packets anymore afte
I have not actually tested this (hard to get 2^35 correctly-bad packets
out into reasonable time...) but stared at the code, and ran the full
client/server test suite "just to be sure". MaxF understands crypto
and has ACKed it in Gerrit.
As discussed on IRC, I have added a few references to the c
Attention is currently required from: flichtenheld, plaisthos.
MaxF has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/805?usp=email )
Change subject: Rename aead-tag-at-end to aead-epoch
..
Patch Set
From: Arne Schwabe
This implements functions that allow these keys to be generated and
managed. It does not yet implement using them for the data channel.
Change-Id: Id7d6a576ca8c9560cb2dfae82fc62175820e9b80
Signed-off-by: Arne Schwabe
Acked-by: MaxF
---
This change was reviewed on Gerrit and
From: Arne Schwabe
Change-Id: I2a104decdb1e77a460f7a6976bcd0560b67a07b5
Signed-off-by: Arne Schwabe
Acked-by: MaxF
---
This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/803
This mail r
Attention is currently required from: flichtenheld, plaisthos, stipa.
MaxF has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/803?usp=email )
Change subject: Add methods to read/write packet ids for epoch data
.
From: Arne Schwabe
To avoid attacks (especially on Chacha20-Poly1305) we do not allow
decryption anymore after 2**36 failed verifications.
Change-Id: I81440ac28a1ad553652e201234e5ddfe03a8c190
Signed-off-by: Arne Schwabe
Acked-by: MaxF
---
This change was reviewed on Gerrit and approved by at
Attention is currently required from: flichtenheld, plaisthos.
MaxF has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/843?usp=email )
Change subject: Do not attempt to decrypt packets anymore after 2**36 failed
decryptions
..
Attention is currently required from: flichtenheld, plaisthos.
MaxF has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/804?usp=email )
Change subject: Implement methods to generate and manage OpenVPN Epoch keys
Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/855?usp=email
to look at the new patch set (#2).
Change subject: Improve error reporting from AF_UNIX tun/tap support
...
Attention is currently required from: mattock, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/811?usp=email )
Change subject: Add lwip support to t_server_null
..
Patch Set 8:
(2
Attention is currently required from: mattock, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/811?usp=email )
Change subject: Add lwip support to t_server_null
..
Patch Set 8: Code
Attention is currently required from: cron2, flichtenheld, ordex, plaisthos.
Hello cron2, flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/765?usp=email
to look at the new patch set (#12).
Change subject: mroute: adapt to new
Attention is currently required from: flichtenheld, plaisthos.
ralf_lici has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/685?usp=email )
Change subject: Add support for HAProxy's PROXY protocol
..
P
Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/855?usp=email
to review the following change.
Change subject: Improve error reporting from AF_UNIX tun/tap support
.
From: Samuli Seppänen
Change-Id: Ie63f302402f469c3aa48ac146ca6b8c029f0d250
Signed-off-by: Samuli Seppänen
Acked-by: Frank Lichtenheld
---
This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.
Gerrit URL: https://gerrit.openvpn.net/c/openvp
Attention is currently required from: mattock, plaisthos.
flichtenheld has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/811?usp=email )
Change subject: Add lwip support to t_server_null
..
Patch Set
Attention is currently required from: cron2, plaisthos.
its_Giaan has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/764?usp=email )
Change subject: Bind to multiple ipv4/ipv6 addresses
..
Patch Set 11
Attention is currently required from: cron2, flichtenheld, plaisthos.
its_Giaan has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/763?usp=email )
Change subject: multiproto: move generic event handling code in dedicated files
Attention is currently required from: cron2, flichtenheld, ordex, plaisthos.
its_Giaan has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/436?usp=email )
Change subject: allow user to specify 'local' multiple times in config files
Attention is currently required from: flichtenheld, its_Giaan, ordex, plaisthos.
its_Giaan has uploaded a new patch set (#11) to the change originally created
by ordex. ( http://gerrit.openvpn.net/c/openvpn/+/436?usp=email )
Change subject: allow user to specify 'local' multiple times in config
Attention is currently required from: flichtenheld, plaisthos.
mattock has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/811?usp=email )
Change subject: Add lwip support to t_server_null
..
Patch Set
Attention is currently required from: mattock, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/811?usp=email
to look at the new patch set (#6).
Change subject: Add lwip support to t_server_null
..
Attention is currently required from: mattock, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/811?usp=email
to look at the new patch set (#7).
Change subject: Add lwip support to t_server_null
..
Attention is currently required from: mattock, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/811?usp=email
to look at the new patch set (#5).
Change subject: Add lwip support to t_server_null
..
Attention is currently required from: flichtenheld, plaisthos.
stipa has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/854?usp=email )
Change subject: Post tchar.h removal cleanup
..
Patch Set 2:
(1
Attention is currently required from: flichtenheld, its_Giaan, ordex, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/436?usp=email )
Change subject: allow user to specify 'local' multiple times in config files
39 matches
Mail list logo
