cron2 has uploaded a new patch set (#2) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/932?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by cron2
Change subject: GHA: Make sure renovate notifies us about AWS LC releas
I have not tested this beyond "does it make mingw happy" (it does),
but stare-at-code and comparison to the master commit (f60a493) makes
clear that this is fine.
Your patch has been applied to the release/2.6 branch.
commit 9c888671832041febf9284ca66fb163ab9d54a93
Author: Lev Stipakov
Date: We
From: Arne Schwabe
This fixes an internal server error condition that can be triggered by a
malicous authenticated client, a very unlucky corruption of packets in
transit or by an attacker that is able to inject a specially created
packet at the right time and is able to observe the traffic to co
From: Arne Schwabe
SSL_get0_peer_signature_name returns a string instead of hardcoded NIDs.
NIDS do not work with provider provided signatures or the new PQ
signatures introduced in OpenSSL 3.5.
Remove also the comment that was added earlier that says that there
is no proper API replacement for
Thanks for fixing this. Stared at the code, discussed a bit, and actually
went out and tested (on FreeBSD 14 server test set). Without the patch
an instance with both UDP and TCP starts with DCO and dies miserably
when a TCP connection comes in - with the patch, it will disable DCO,
and do UDP+TC
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/932?usp=email )
Change subject: GHA: Make sure renovate notifies us about AWS LC releases
..
GHA: Make sure renovate notifies us about AWS LC releases
Cha
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/925?usp=email )
Change subject: Fix FreeBSD-DCO and Multisocket interaction
..
Fix FreeBSD-DCO and Multisocket interaction
FreeBSD-DCO does not support TC
cron2 has uploaded a new patch set (#2) to the change originally created by
its_Giaan. ( http://gerrit.openvpn.net/c/openvpn/+/925?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by cron2
Change subject: Fix FreeBSD-DCO and Multisocket interaction
..
Attention is currently required from: flichtenheld, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/931?usp=email )
Change subject: GHA: Dependency and Actions update April 2025 (2.6)
...
From: Frank Lichtenheld
- Update all actions to latest releases.
- Update vcpkg commit to latest master.
Change-Id: Ie9bffcc487f53a3a8ae6e59b79e654360d99902c
Signed-off-by: Frank Lichtenheld
Acked-by: Arne Schwabe
Message-Id: <20250331153309.77901-1-fr...@lichtenheld.com>
URL:
https://www.mai
Attention is currently required from: flichtenheld, plaisthos.
ordex has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/927?usp=email )
Change subject: Use SSL_get0_peer_signature_name instead of
SSL_get_peer_signature_nid
...
From: Frank Lichtenheld
Change-Id: I3434c35da75ede90a1b479b152142142ecc2fd40
Signed-off-by: Frank Lichtenheld
Acked-by: Gert Doering
---
This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.
Gerrit URL: https://gerrit.openvpn.net/c/openvpn
Attention is currently required from: flichtenheld, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/932?usp=email )
Change subject: GHA: Make sure renovate notifies us about AWS LC releases
.
Attention is currently required from: plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/913?usp=email )
Change subject: Use USER_PASS_LEN instead of TLS_USERNAME_LEN for
override-username
From: Arne Schwabe
SSL_get0_peer_signature_name returns a string instead of hardcoded NIDs.
NIDS do not work with provider provided signatures or the new PQ
signatures introduced in OpenSSL 3.5.
Remove also the comment that was added earlier that says that there
is no proper API replacement for
From: Gianmarco De Gregori
FreeBSD-DCO does not support TCP as transport protocol so in order to
be able to use DCO in a multi-socket environment we need to check the
local_list entries and disable DCO if any of the listening socket
is TCP.
While at it, removed some dead code left from Multisock
From: Arne Schwabe
Currently override-username is artificially restricted to the length of
TLS common-name (64) for the corner case of using username-as-common-name,
which we explicitly do not recommend to use.
Do away with that limitation and only error out on longer usernames when
username-as-
Attention is currently required from: flichtenheld, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/930?usp=email )
Change subject: GHA: Pin version of CMake for MinGW build
..
Patc
From: Gianmarco De Gregori
Fix the HTML format for --local directive
to match the manpage structure.
Change-Id: I8d981a66932a5424ed959b12ee0cdddf881de91e
Signed-off-by: Gianmarco De Gregori
Acked-by: Samuli Seppänen
---
This change was reviewed on Gerrit and approved by at least one
developer
cron2 has uploaded a new patch set (#2) to the change originally created by
stipa. ( http://gerrit.openvpn.net/c/openvpn/+/933?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by cron2
Change subject: dco-win: Ensure correct OVERLAPPED scope
.
Attention is currently required from: flichtenheld, its_Giaan, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/925?usp=email )
Change subject: Fix FreeBSD-DCO and Multisocket interaction
Attention is currently required from: cron2, plaisthos.
flichtenheld has uploaded this change for review. (
http://gerrit.openvpn.net/c/openvpn/+/931?usp=email )
Change subject: GHA: Dependency and Actions update April 2025 (2.6)
.
Attention is currently required from: flichtenheld, plaisthos, stipa.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/933?usp=email )
Change subject: dco-win: Ensure correct OVERLAPPED scope
..
From: Lev Stipakov
This is a backport of the master commit
f60a493 ("dco-win: Fix crash when cancelling pending operation")
Although I am unable to reproduce this issue on release branch,
the code is clearly wrong and has to be fixed.
The OVERLAPPED structure must remain valid for the entir
Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/932?usp=email
to review the following change.
Change subject: GHA: Make sure renovate notifies us about AWS LC releases
..
25 matches
Mail list logo
