Re: [Openvpn-devel] [PATCH] ssl: enable basic ecdsa

On Tue, Nov 12, 2013 at 3:51 PM, Jan Just Keijser wrote: > Alon Bar-Lev wrote: > > On Tue, Nov 12, 2013 at 1:37 PM, Jan Just Keijser wrote: > > > there was actually a follow-up to this patch, which was sent to the > openvpn-devel list on Feb 7th 2012: > > > Add

Re: [Openvpn-devel] [PATCH] ssl: enable basic ecdsa

On Tue, Nov 12, 2013 at 1:37 PM, Jan Just Keijser wrote: > there was actually a follow-up to this patch, which was sent to the > openvpn-devel list on Feb 7th 2012: > > > Added support for Elliptic curves (ECDSA) + SHA2 family signed > certificates. Great! And what is the status?

[Openvpn-devel] [PATCH] pkcs11: use generic evp key instead of rsa

Enables DSA, ECDSA key usages with newer pkcs11-helper. Signed-off-by: Alon Bar-Lev Tested-By: Sanaullah --- configure.ac | 2 +- src/openvpn/pkcs11_openssl.c | 14 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/configure.ac b/configure.ac index

Re: [Openvpn-devel] [PATCH] ssl: enable basic ecdsa

Hi, I re-send this patch as it proved to be somewhat helpful. It will be great to reach to a level it can be actually used. I guess configuration option should be added to make it optional and remove the hard coded curve? Regards, Alon Bar-Lev. On Tue, Nov 12, 2013 at 12:27 AM, Alon Bar-Lev

[Openvpn-devel] [PATCH] ssl: enable basic ecdsa

From: Jan Just Keijser Discussion: https://forums.openvpn.net/topic8404-30.html Tested-By: Sanaullah --- src/openvpn/ssl_openssl.c | 11 +++ 1 file changed, 11 insertions(+) diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index f64177a..665bb5c 100644 --- a/src/openv

Re: [Openvpn-devel] [PATCH 2/2 v4] add API for plug-ins to write to openvpn log

Thanks, although I think the extra macro is not required. Last thing I see is that you need to #include as va_list is used. And last style comment, I don't think use of enum for bit fields is common, better to simply #define the constants. On Thu, Aug 2, 2012 at 6:20 PM, Heiko Hund wrote: > Som

Re: [Openvpn-devel] [PATCH 2/2 v3] add API for plug-ins to write to openvpn log

What about the printf style pragma? It is very convenience to find format issue at compile times. On Thu, Aug 2, 2012 at 4:03 PM, Heiko Hund wrote: > Some plugins want to add messages to the openvpn log file. The > plugin_log() and plugin_vlog() APIs provide ways for them to do so. > > Signed-off

Re: [Openvpn-devel] [PATCH 2/2 v2.2] add plugin_log() API to write to openvpn log

And export vprintf variant as well, to allow wrapper. On Thu, Aug 2, 2012 at 1:02 PM, Alon Bar-Lev wrote: > This is how it should be done, no games with symbols and linkage. > > Please add printf style pragmas to the function. > > On Thu, Aug 2, 2012 at 12:53 PM, Heiko Hund

Re: [Openvpn-devel] [PATCH 2/2 v2.2] add plugin_log() API to write to openvpn log

This is how it should be done, no games with symbols and linkage. Please add printf style pragmas to the function. On Thu, Aug 2, 2012 at 12:53 PM, Heiko Hund wrote: > Some plugins want to add messages to the openvpn log file. The > plugin_log() API provides a way for them to do so. > > Signed-o

Re: [Openvpn-devel] [PATCH 2/2 fixed] add plugin_log() API to write to openvpn log

On Wed, Aug 1, 2012 at 3:48 PM, Heiko Hund wrote: > On Wednesday 01 August 2012 15:27:01 Alon Bar-Lev wrote: >> How will it work on Windows? > > Good question. Can't it work on Windows? According to objdump openvpn.exe > exports all the symbols statically on Windows. Is t

Re: [Openvpn-devel] [PATCH 2/2 fixed] add plugin_log() API to write to openvpn log

How will it work on Windows? Plugins should not require to be linked against anything. On Wed, Aug 1, 2012 at 2:57 PM, Heiko Hund wrote: > Some plugins want to add messages to the openvpn log file. The > plugin_log() API provides a way for them to do so. > > Signed-off-by: Heiko Hund > --- > in

Re: [Openvpn-devel] [PATCHv2 1/2] make non-blocking connect work on Windows

I had time to look at the code, what I don't understand is how come we work none blocking and do not test for EWOULDBLOCK at other places... If I get it right, at least after send() we can get EWOULDBLOCK even if select() returned we have free buffers. On Wed, Jul 18, 2012 at 7:20 AM, Alo

[Openvpn-devel] [PATCH] plugin: load plugin relative to plugindir

Bar-Lev --- src/openvpn/Makefile.am |1 + src/openvpn/options.c |3 + src/openvpn/plugin.c| 107 --- 3 files changed, 77 insertions(+), 34 deletions(-) diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am index 5d38628..ad78357

Re: [Openvpn-devel] [PATCH] plugin: load plugin relative to plugindir

Nobody disables the absolute path use. This patch permits relative use. On Wed, Jul 18, 2012 at 3:44 PM, Jonathan K. Bullard wrote: > On Tue, Jun 26, 2012 at 1:05 PM, Alon Bar-Lev wrote: >> >> Currently openvpn requires/endorses specifying full path in plugin >> param

Re: [Openvpn-devel] [PATCH] plugin: load plugin relative to plugindir

On Wed, Jul 18, 2012 at 4:34 PM, Alon Bar-Lev wrote: > Hi! > > On Wed, Jul 18, 2012 at 2:44 PM, Heiko Hund wrote: >> Hi Alon >> >> On Tuesday 26 June 2012 20:05:02 Alon Bar-Lev wrote: >>> Currently openvpn requires/endorses specifying full path in plugin >

Re: [Openvpn-devel] [PATCH] plugin: load plugin relative to plugindir

Hi! On Wed, Jul 18, 2012 at 2:44 PM, Heiko Hund wrote: > Hi Alon > > On Tuesday 26 June 2012 20:05:02 Alon Bar-Lev wrote: >> Currently openvpn requires/endorses specifying full path in plugin >> parameter. > > Specifying a custom full path is probably something we

Re: [Openvpn-devel] New build system questions

On Wed, Jul 18, 2012 at 4:26 PM, David Sommerseth > Agreed, this sounds like a feature regression. > > Dynamic loading requires dlopen() and such (provided by libdl) and > when compiled non-static, all this dlopen() stuff happens > automatically, as the linker have instructed the binary what to loa

Re: [Openvpn-devel] [PATCHv2 1/2] make non-blocking connect work on Windows

Thanks. I think this is the simplest solution to this issue. On Tue, Jul 17, 2012 at 7:19 PM, Heiko Hund wrote: > Instead of EINPROGRESS WinSock2 returns WSAEWOULDBLOCK if a non-blocking > connect(2) cannot be completed immediately. > > Signed-off-by: Heiko Hund > --- > src/openvpn/socket.c |

Re: [Openvpn-devel] [PATCH] don't treat socket related errors special anymore

On Tue, Jul 17, 2012 at 6:15 PM, Heiko Hund wrote: > On Tuesday 17 July 2012 18:11:25 Alon Bar-Lev wrote: >> #define EWOULDBLOCK WSAWOULDBLOCK > > EWOULDBLOCK is already defined in errno.h (also in Windows) and shouldn't be > redefined in my opinion. So if this is in one

Re: [Openvpn-devel] [PATCH] don't treat socket related errors special anymore

On Tue, Jul 17, 2012 at 6:09 PM, Heiko Hund wrote: > On Tuesday 17 July 2012 17:25:25 Alon Bar-Lev wrote: >> Just I don't like the CONNECT_IN_PROGRESS. >> I think it is better to rebase first and then submit the >> CONNECT_IN_PROGRESS afterwards, I think it would be sim

Re: [Openvpn-devel] [PATCH] don't treat socket related errors special anymore

This is a great cleanup. Just I don't like the CONNECT_IN_PROGRESS. I think it is better to rebase first and then submit the CONNECT_IN_PROGRESS afterwards, I think it would be simpler to just compare to the two statuses. On Tue, Jul 17, 2012 at 4:57 PM, Heiko Hund wrote: > WSAGetLastError() is j

Re: [Openvpn-devel] OpenVPN 3.3_alpha2 build problem

On Mon, Jul 16, 2012 at 11:24 PM, Jonathan K. Bullard wrote: >> Please try: >> >> ./configure CFLAGS="-Ixxx" LDFLAGS="-Lyyy" >> >> Should be simpler. > > > Thanks. Although > > LDFLAGS="-Lxxx -Lyyy -Lzzz" > > builds, but it causes config to output "checking for PKCS11_HELPER... no". I > assume tha

Re: [Openvpn-devel] New build system questions

On Mon, Jul 16, 2012 at 7:24 PM, Jonathan K. Bullard wrote: > I'm in the process of trying to build 2.3_alpha2 into Tunnelblick. It's slow > going because of my unfamiliarity with make/automake, etc. I have several > questions: > > (1) Is there a way to disable building "openvpnserv" and the "auth

Re: [Openvpn-devel] OpenVPN 3.3_alpha2 build problem

Please try: ./configure CFLAGS="-Ixxx" LDFLAGS="-Lyyy" Should be simpler. Alon. On Mon, Jul 16, 2012 at 7:24 PM, Jonathan K. Bullard wrote: > Thank you, Arne and Alon -- I finally managed to get Tunnelblick > more-or-less built using the new build system in 2.3_alpha2. > > For the record, I ha

Re: [Openvpn-devel] [PATCH] make non-blocking connect work on Windows

On Mon, Jul 16, 2012 at 12:42 PM, Heiko Hund wrote: > On Monday 16 July 2012 12:12:24 Alon Bar-Lev wrote: >> On Mon, Jul 16, 2012 at 11:39 AM, Heiko Hund wrote: >> > On Friday 13 July 2012 20:00:49 Alon Bar-Lev wrote: >> >> In my projects I always compare to

Re: [Openvpn-devel] [PATCH] make non-blocking connect work on Windows

On Mon, Jul 16, 2012 at 11:39 AM, Heiko Hund wrote: > Hi Alon > > On Friday 13 July 2012 20:00:49 Alon Bar-Lev wrote: >> In my projects I always compare to the two values EWOULDBLOCK and >> EINPROGRESS and it works without much conditionals. >> >> So

Re: [Openvpn-devel] Openvpn-2.3_alpha2 and easy-rsa-2.2.0_master packages and packaging files published

Hello Samuli, Why didn't you use rpmbuild -tb .tar.gz? And if you have changes in spec file you should probably add this with proper conditionals to the spec file within the appropriate package. There should be no external resource maintained. The debian packaging should also be integrated withi

Re: [Openvpn-devel] [PATCH] make non-blocking connect work on Windows

Hello, In my projects I always compare to the two values EWOULDBLOCK and EINPROGRESS and it works without much conditionals. So simply do: --- if (status == EINPROGRESS || status == EWOULDBLOCK) --- Alon. On Fri, Jul 13, 2012 at 12:55 PM, Heiko Hund wrote: > > Instead of EINPROGRESS WinSock2

Re: [Openvpn-devel] OpenVPN 3.3_alpha2 build problem

On Sat, Jul 7, 2012 at 5:39 PM, Jonathan K. Bullard wrote: >> Were does the lzo libraries and includes located? >> If these are not located at default search path of your compiler you >> should probably add: CFLAGS="-I" LDFLAGS="-L" to >> configure. > > > Thanks. So the CFLAGS > > --with-lzo-heade

Re: [Openvpn-devel] OpenVPN 3.3_alpha2 build problem

Hello, Were does the lzo libraries and includes located? If these are not located at default search path of your compiler you should probably add: CFLAGS="-I" LDFLAGS="-L" to configure. Alon. On Sat, Jul 7, 2012 at 5:21 PM, Jonathan K. Bullard wrote: > I'm trying to include OpenVPN 3.3_alpha2 i

Re: [Openvpn-devel] [Openvpn-users] OpenVPN 2.3_alpha2 released

loaded from here: > > <http://openvpn.net/index.php/open-source/downloads.html> > > The largest change in OpenVPN 2.3_alpha2 is the split into several > subprojects (thanks go to Alon Bar-Lev): > > - openvpn (the core project) > - tap-windows (Windows TAP-driver) >

Re: [Openvpn-devel] [PATCH] Incrementing version number of tap-windows to 9.9.1

Hi, If you are not going to release, you should keep the _master or _beta or any other suffix. Alon. On Mon, Jul 2, 2012 at 5:27 PM, wrote: > From: Samuli Seppänen > > Tap-windows driver is now built using it's own buildsystem, whereas earlier it > was built using the Python-based buildsystem

Re: [Openvpn-devel] Build issues on ScientificLinux 6.2

Libtool version please. Thanks On 7/2/12, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > Hi Alon & al, > > Just tried to do a scratch build on SL6.2 from the git tree. > > - - > $ autoreconf -vi > autorec

Re: [Openvpn-devel] [PATCH] Fix --management-external-key in 2.3alpha

On Thu, Jun 28, 2012 at 9:03 PM, Arne Schwabe wrote: > Am 28.06.12 19:58, schrieb Alon Bar-Lev: >> Hmmm I discussed this before in list... the whole external key >> should be modified... the management should be able to support >> certificate + key, and key should proba

Re: [Openvpn-devel] [PATCH] Fix --management-external-key in 2.3alpha

Hmmm I discussed this before in list... the whole external key should be modified... the management should be able to support certificate + key, and key should probably not be limited to RSA only. I had plans to clean this one as well. On Thu, Jun 28, 2012 at 8:44 PM, Arne Schwabe wrote: > >

Re: [Openvpn-devel] [PATCH] plugin: load plugin relative to plugindir

On Tue, Jun 26, 2012 at 8:05 PM, Alon Bar-Lev wrote: > Currently openvpn requires/endorses specifying full path in plugin > parameter. As build system already aware of plugin location, it is > possible to load plugin relative to this directory, so full path is not > required nor

[Openvpn-devel] [PATCH] plugin: load plugin relative to plugindir

Bar-Lev --- src/openvpn/Makefile.am |1 + src/openvpn/options.c |3 + src/openvpn/plugin.c| 102 +++ 3 files changed, 72 insertions(+), 34 deletions(-) diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am index d090d67..a2af0d4

Re: [Openvpn-devel] [PATCH] build: plugins: set default to no in Windows

On Tue, Jun 26, 2012 at 5:06 PM, Gert Doering wrote: > Hi, > > On Tue, Jun 26, 2012 at 04:56:54PM +0300, Alon Bar-Lev wrote: >> You are more than welcome to maintain the build system and do whatever you >> like. > > I'm not exactly sure what I did wrong this t

Re: [Openvpn-devel] [PATCH] build: plugins: set defaults using a complex logic

This removes the Linux from the help string. On Tue, Jun 26, 2012 at 5:03 PM, Alon Bar-Lev wrote: > pam cannot be compiled on OpenBSD and Windows. > down-root cannot be compiled on Windows. > > Signed-off-by: Alon Bar-Lev > --- >  configure.ac |   21 - >

[Openvpn-devel] [PATCH] build: plugins: set defaults using a complex logic

pam cannot be compiled on OpenBSD and Windows. down-root cannot be compiled on Windows. Signed-off-by: Alon Bar-Lev --- configure.ac | 21 - 1 files changed, 16 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index db19d4a..d3d974d 100644 --- a

Re: [Openvpn-devel] [PATCH] build: plugins: set default to no in Windows

On Tue, Jun 26, 2012 at 4:50 PM, Gert Doering wrote: > Hi, > > On Tue, Jun 26, 2012 at 04:41:49PM +0300, Alon Bar-Lev wrote: >> This is exactly the reason why *ALL* plugins should be disabled by default. >> We are left with only Linux enabled... and distro maintainer can

Re: [Openvpn-devel] [PATCH] build: plugins: set defaults using a complex logic

If anyone here is opened minded - still. This shows that default should be "no" for all plugins. Distro maintainer should decide what to switch on. Anyway, this is my recommendation. On Tue, Jun 26, 2012 at 4:55 PM, Alon Bar-Lev wrote: > pam cannot be compiled on OpenBSD and Windows

[Openvpn-devel] [PATCH] build: plugins: set defaults using a complex logic

pam cannot be compiled on OpenBSD and Windows. down-root cannot be compiled on Windows. Signed-off-by: Alon Bar-Lev --- configure.ac | 21 - 1 files changed, 16 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index db19d4a..b1140f8 100644 --- a

[Openvpn-devel] [PATCH] build: plugins: set defaults using a complex logic

pam cannot be compiled on *BSD and Windows. down-root cannot be compiled on Windows. Signed-off-by: Alon Bar-Lev --- configure.ac | 20 +++- 1 files changed, 15 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index db19d4a..9fb24ad 100644 --- a

Re: [Openvpn-devel] [PATCH] build: plugins: set default to no in Windows

Hi, > > On Tue, Jun 26, 2012 at 04:02:06PM +0300, Alon Bar-Lev wrote: >> Both plugins cannot be compiled on Windows anyway. > > Can you auto-disable plugin-auth-pam for OpenBSD as well, please? > > We ran into this on the OpenBSD buildslave today - OpenBSD has no PAM > what

[Openvpn-devel] [PATCH] build: plugins: set default to no in Windows

Both plugins cannot be compiled on Windows anyway. Signed-off-by: Alon Bar-Lev --- configure.ac | 20 +++- 1 files changed, 15 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index db19d4a..7235a87 100644 --- a/configure.ac +++ b/configure.ac @@ -195,16

Re: [Openvpn-devel] [PATCH] build: msvc: chdir with change drive to script location

Please apply. https://github.com/alonbl/openvpn/commit/692c35a3cce6226dd36bbc6b9138a353d1d14634 On Sat, Apr 28, 2012 at 9:51 PM, Alon Bar-Lev wrote: > Signed-off-by: Alon Bar-Lev > --- >  msvc-build.bat |    1 + >  msvc-dev.bat   |    2 +- >  msvc-env.bat   |    2 -- >  

Re: [Openvpn-devel] [PATCH] cleanup: windows: convert argv (UCS-2 to UTF-8) at earliest

Please apply. https://github.com/alonbl/openvpn/compare/master...unicode On Thu, May 3, 2012 at 8:47 PM, Alon Bar-Lev wrote: > On Thu, May 3, 2012 at 1:53 PM, Samuli Seppänen wrote: >> >>> On Thu, May 3, 2012 at 10:26 AM, David Sommerseth >>> wrote: >>

Re: [Openvpn-devel] PATCH: SSL Engine support

t; processing, to keep the same behaviour. >> >> When msg with M_SSLERR is issued, the program terminates... >> --- >> #define M_SSLERR  (M_FATAL | M_SSL) >> >>  if (flags & M_FATAL) >>    openvpn_exit (OPENVPN_EXIT_STATUS_ERROR); /* exit point */ >> >

Re: [Openvpn-devel] PATCH: SSL Engine support

cessing, to keep the same behaviour. When msg with M_SSLERR is issued, the program terminates... --- #define M_SSLERR (M_FATAL | M_SSL) if (flags & M_FATAL) openvpn_exit (OPENVPN_EXIT_STATUS_ERROR); /* exit point */ > But yes, it works. Thanks! Any more comments regarding engine us

Re: [Openvpn-devel] PATCH: SSL Engine support

t the user). > > (the SRK password is not really a secret. If you have it then you're > allowed to do operations  with the TPM chip. But you have to supply > the tpm-sealed data when doing the operation. I've seen several > recommendations to just leave it blank) >

Re: [Openvpn-devel] [V2.4 0/4] tun cleanups

On Mon, Jun 18, 2012 at 9:21 PM, Arne Schwabe wrote: > Am 12.05.12 21:31, schrieb Alon Bar-Lev: >> Platform independent interface for tun provider. >> >> Split the long tun.c into platform specific files using >> tun_engine interface. >> >> Functionality

[Openvpn-devel] [PATCH] cleanup: pkcs11.c: resolve wanings

src/openvpn/pkcs11.c:794:2: warning: passing argument 1 of ‘pkcs11h_setPINPromptHook’ from incompatible pointer type Signed-off-by: Alon Bar-Lev --- src/openvpn/pkcs11.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c index

Re: [Openvpn-devel] PATCH: SSL Engine support

Oh... And I forgot mentioning that the UI method should be solved, using the default is not something that is usable for openvpn. Can you please take care of this? Alon. On Mon, Jun 18, 2012 at 3:25 PM, Alon Bar-Lev wrote: > Hello Thomas, > > I did not have the global variable in mind

Re: [Openvpn-devel] PATCH: SSL Engine support

need to call ENGINE_init() at all. The attached patch > works, at least. > > I appreciate the code discipline. Really I do. :-) > > Regards, > Thomas > > On 17 June 2012 22:04, Alon Bar-Lev wrote: >> Yes, almost :) >> >> Won't it better to call ENGINE_

Re: [Openvpn-devel] PATCH: SSL Engine support

s not statically linked? What about ENGINE_finish() at proper place? Thank you for your patience, Alon Bar-Lev. On Sun, Jun 17, 2012 at 11:53 PM, Thomas Habets wrote: > Hi. > > Need? No. I thought you preferred reusing the loaded/inited ENGINE > struct cached by existing code instead

Re: [Openvpn-devel] PATCH: SSL Engine support

openssl-tpm-engine > doesn't yet support user data being sent to the callback functions. > A patch for that on its way to them. > > Some more details: > http://blog.habets.pp.se/2012/02/TPM-backed-SSL > > Signed-off-by: Thomas Habets > > > > On 17 June 2012 01:11, A

Re: [Openvpn-devel] PATCH: SSL Engine support

Hello, It is a good idea. But first, please remove the emacs stuff. Now, I see that the ENGINE_load_builtin_engines() is already called at crypto_openssl.c::crypto_init_lib_engine, is there any require to duplicate this? There is already "engine" option, available only to polarssl, it can easily

Re: [Openvpn-devel] RHEL's rpmbuild needs slight modification to build from tarball from openvpn-2.3-alpha1.tar.gz

You are correct. This was fixed in master. On Fri, Jun 15, 2012 at 2:23 AM, George Alexander wrote: > Hi everyone, I was building an rpm the other day of the latest release (it > looks great, can't wait to try it out) and noticed a lil problem: It doesn't > like "-" in version names... > > [root@

Re: [Openvpn-devel] ENABLE_PF and config.h breakage

Right. config.h should be included in all C sources never in .h file, it is also not protected for multiple includes. Don't know why the polarssl had this, as syshead used to perform this in the past so it should not have existed also in the past. Thanks, Alon. On Thu, Jun 14, 2012 at 5:44 PM, Ge

Re: [Openvpn-devel] PolarSSL 1.1.0 support?

Hello, Build system should only care about the interface, not the "quality" of the dependency. So if we are built OK with >=1.1.0 than this should be the boundary. Thanks, Alon. On Thu, Jun 7, 2012 at 12:35 PM, Frank de Brabander wrote: > Maybe this should actually be changed to >= 1.1.2, since t

[Openvpn-devel] [PATCH] build: support =polarssl-1.1.0

Repoted-by: Samuli Seppänen Signed-off-by: Alon Bar-Lev --- configure.ac |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/configure.ac b/configure.ac index 339164f..9511317 100644 --- a/configure.ac +++ b/configure.ac @@ -755,7 +755,7 @@ if test "${with_crypto_li

Re: [Openvpn-devel] PolarSSL 1.1.0 support?

On Thu, Jun 7, 2012 at 12:24 PM, Samuli Seppänen wrote: > Hi, > > I noticed that my Ubuntu 10.04 and 12.04 buildslaves which had PolarSSL > 1.1.0 failed build during the configure phase: > > checking polarssl version... configure: error: invalid polarssl version > > Updating to PolarSSL 1.1.1 or l

Re: [Openvpn-devel] [PATCH] build: update INSTALL to recent changes

On Mon, Jun 4, 2012 at 10:39 AM, Gert Doering wrote: > Hi, > > On Mon, Jun 04, 2012 at 07:45:07AM +0300, Alon Bar-Lev wrote: >> Signed-off-by: Alon Bar-Lev >> --- >>  INSTALL |  150 >> +-- > > A

[Openvpn-devel] [PATCH] build: update INSTALL to recent changes

Signed-off-by: Alon Bar-Lev --- INSTALL | 150 +-- 1 files changed, 88 insertions(+), 62 deletions(-) diff --git a/INSTALL b/INSTALL index ab0d671..fd1fb80 100644 --- a/INSTALL +++ b/INSTALL @@ -60,28 +60,30 @@ OPTIONAL (but

Re: [Openvpn-devel] [PATCH 6/8] Allow routes to be set before opening tun, similar to ifconfig before opening tun

Gert, You can see the tun branch[1]. I changed this per platform. Alon. [1] https://github.com/alonbl/openvpn/commits/tun [2] https://github.com/alonbl/openvpn/commit/4d2fc1f21e6c5cba163ec481119370235c736672 On Sun, Jun 3, 2012 at 1:11 PM, Gert Doering wrote: > Hi, > > On Sat, Jun 02, 2012 at 0

Re: [Openvpn-devel] [PATCH] build: update INSTALL to recent changes

On Sun, Jun 3, 2012 at 1:19 PM, Gert Doering wrote: > Hi, > > On Sat, Jun 02, 2012 at 06:30:15PM +0300, Alon Bar-Lev wrote: >> Signed-off-by: Alon Bar-Lev >> --- >>  INSTALL |  144 >> +-- > >

Re: [Openvpn-devel] [easy-rsa] New official git repository

Well, You removed all my work. I guess you do this your-self now. On Fri, Jun 1, 2012 at 4:14 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > Hi all, > > On behalf of the OpenVPN community developers, I have the pleasure to > announce a new git repository for e

[Openvpn-devel] [PATCH] build: support platforms that does not need explicit tun headers

Both "generic" and Darwin have no special headers to use tap. Fixes commit 7cacdfd4b7. Reported-by: Arne Schwabe Signed-off-by: Alon Bar-Lev --- configure.ac |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/configure.ac b/configure.ac index 5ace128..3391

Re: [Openvpn-devel] [PATCH] build: update INSTALL to recent changes

On Sat, Jun 2, 2012 at 6:30 PM, Alon Bar-Lev wrote: > Signed-off-by: Alon Bar-Lev This time with sign-off.

[Openvpn-devel] [PATCH] build: update INSTALL to recent changes

Signed-off-by: Alon Bar-Lev --- INSTALL | 144 +-- 1 files changed, 85 insertions(+), 59 deletions(-) diff --git a/INSTALL b/INSTALL index ab0d671..209cfa6 100644 --- a/INSTALL +++ b/INSTALL @@ -60,13 +60,12 @@ OPTIONAL (but

Re: [Openvpn-devel] Build broken on Mac OS X

Temporary workaround: have_tap_header="yes" ./configure ... On Sat, Jun 2, 2012 at 6:03 PM, Alon Bar-Lev wrote: > On Sat, Jun 2, 2012 at 5:28 PM, Arne Schwabe wrote: >> Am 02.06.12 16:19, schrieb Alon Bar-Lev: >>> Hello, >>> >>> On Sat, Jun 2, 20

Re: [Openvpn-devel] Build broken on Mac OS X

On Sat, Jun 2, 2012 at 5:28 PM, Arne Schwabe wrote: > Am 02.06.12 16:19, schrieb Alon Bar-Lev: >> Hello, >> >> On Sat, Jun 2, 2012 at 5:14 PM, Arne Schwabe wrote: >>> Hello, >>> >>> while preparing my patches for OS X I a

[Openvpn-devel] [PATCH] build: update INSTALL to recent changes

--- INSTALL | 144 +-- 1 files changed, 85 insertions(+), 59 deletions(-) diff --git a/INSTALL b/INSTALL index ab0d671..209cfa6 100644 --- a/INSTALL +++ b/INSTALL @@ -60,13 +60,12 @@ OPTIONAL (but recommended): (2) LZO real-time comp

Re: [Openvpn-devel] Build broken on Mac OS X

On Sat, Jun 2, 2012 at 5:28 PM, Arne Schwabe wrote: >>> In the INSTALL file  --with-lzo-headers and --with-lzo-lib is mentioned, >>> which do not work: >>> >> >> >>> LZO_CFLAGS="-I/opt/local/include" LZO_LIBS=-L/opt/local/lib ./configure >> This should have been: >> LZO_CFLAGS="-I/opt/local/inclu

Re: [Openvpn-devel] Build broken on Mac OS X

Hello, On Sat, Jun 2, 2012 at 5:14 PM, Arne Schwabe wrote: > Hello, > > while preparing my patches for OS X I also noticed that the build is > broken on OS X: > > [...] > checking net/if_tun.h usability... no > checking net/if_tun.h presence... no > checking for net/if_tun.h... no > checking net/

[Openvpn-devel] [PATCH] build: t_client re-addition

Adding integration tests that needs and/or manual intervention to make check is not something that should be encouraged. Tiered of arguing. But if you add this, at least use the following. --- tests/Makefile.am| 11 ++- tests/t_client.sh.in | 13 - 2 files changed, 14

Re: [Openvpn-devel] build revolution lost t_client test?

t_client.sh requires root/sudo privileges. "make check" should not assume any special privilege. Because of this it is removed from "make check". You can still run this by hand or we can add special target such as "make root-check" or similar. On Sun, May 27, 2012 at 11:27 PM, Gert Doering wrote:

[Openvpn-devel] [PATCH] build: check minimum polarssl version

Pre 1.1 is unsupported, API was changed. Signed-off-by: Alon Bar-Lev --- configure.ac | 21 + 1 files changed, 21 insertions(+), 0 deletions(-) diff --git a/configure.ac b/configure.ac index 4592727..5ace128 100644 --- a/configure.ac +++ b/configure.ac @@ -743,6 +743,27

Re: [Openvpn-devel] Pre-2.3-alpha2 Windows installers now available

Hello All, I want to emphasis the request to test as: 1. The installer was fully re-written almost nothing remained from the original one. 2. We now provide both 32bit and 64bit binaries, so far only 32bit binaries were provided. 3. All userspace binaries are compiled using mingw-w64 compiler,

Re: [Openvpn-devel] eurephia plugin

On Wed, May 16, 2012 at 5:30 PM, David Sommerseth wrote: >> But now that you describe you can do this using the plugin API, >> why not modify the plugin to perform this and just remove this? > > I don't know if I'm the only user of this information or not.  If I'm > not, then we will break things

Re: [Openvpn-devel] eurephia plugin

On Wed, May 16, 2012 at 3:33 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 16/05/12 14:03, Alon Bar-Lev wrote: > [...snip...] >> But if I get this right, a new configuration option is needed, not >> compile time directive, somethin

Re: [Openvpn-devel] eurephia plugin

On Wed, May 16, 2012 at 2:37 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 16/05/12 12:55, Alon Bar-Lev wrote: >> On Wed, May 16, 2012 at 1:46 PM, David Sommerseth >> wrote: >>> On 16/05/12 12:37, Alon Bar-Lev wrote: >

Re: [Openvpn-devel] eurephia plugin

On Wed, May 16, 2012 at 1:46 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 16/05/12 12:37, Alon Bar-Lev wrote: >> On Wed, May 16, 2012 at 1:27 PM, David Sommerseth >> wrote: >>> >>> -BEGIN PGP SIGNED MESSAGE

Re: [Openvpn-devel] eurephia plugin

On Wed, May 16, 2012 at 1:27 PM, David Sommerseth wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 16/05/12 09:17, Alon Bar-Lev wrote: > > Hello David, > > > > I guess this is yours: --- *  Additions for eurephia plugin done > > by: *    

[Openvpn-devel] eurephia plugin

Hello David, I guess this is yours: --- * Additions for eurephia plugin done by: * David Sommerseth Copyright (C) 2009 --- Looking at the code the eurephia plugin only do the following: --- #ifdef ENABLE_PLUGIN_EUREPHIA /* export X509 cert SHA1 fingerprint */ { unsigned char *

[Openvpn-devel] [PATCH] cleanup: update .gitignore

Signed-off-by: Alon Bar-Lev --- .gitignore |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/.gitignore b/.gitignore index 9f546a3..f762089 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ *.[oa] +*.l[oa] *.dll *.exe *.exe.* @@ -17,6 +18,7 @@ Release Debug

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Tue, May 15, 2012 at 10:34 AM, Seth Mos wrote: > Op 13-5-2012 20:23, Alon Bar-Lev schreef: >> On Sun, May 13, 2012 at 9:10 PM, Gert Doering  wrote: > >> Come on! most of installations are plain public key without any of >> these plugins. >> There is no need f

Re: [Openvpn-devel] [PATCH] build: integrate plugins build into core build

On Tue, May 15, 2012 at 1:42 AM, Alon Bar-Lev wrote: > As disucssed[1], keep plugins in repository. > > 1, Proper automake/libtool build. > > 2. Move example plugins to samples/sample-plugins. > > 3. Plugins are installed at LIBDIR/openvpn/plugins. > > [1

[Openvpn-devel] [PATCH] build: integrate plugins build into core build

As disucssed[1], keep plugins in repository. 1, Proper automake/libtool build. 2. Move example plugins to samples/sample-plugins. 3. Plugins are installed at LIBDIR/openvpn/plugins. [1] http://comments.gmane.org/gmane.network.openvpn.devel/6436 Signed-off-by: Alon Bar-Lev --- configure.ac

[Openvpn-devel] [PATCH 2/2] build: spec: we support openssl >= 0.9.7

Signed-off-by: Alon Bar-Lev --- distro/rpm/openvpn.spec.in |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/distro/rpm/openvpn.spec.in b/distro/rpm/openvpn.spec.in index de46f59..3c316bf 100644 --- a/distro/rpm/openvpn.spec.in +++ b/distro/rpm/openvpn.spec.in @@ -30,8

[Openvpn-devel] [PATCH 1/2] cleanup: spec: make space/tab consistent

Signed-off-by: Alon Bar-Lev --- distro/rpm/openvpn.spec.in | 34 +- 1 files changed, 17 insertions(+), 17 deletions(-) diff --git a/distro/rpm/openvpn.spec.in b/distro/rpm/openvpn.spec.in index a6f31bd..de46f59 100644 --- a/distro/rpm/openvpn.spec.in +++ b

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories - Discussion Summary

On Sun, May 13, 2012 at 9:11 PM, David Sommerseth wrote: > So, please!  Can we rather spend our precious time and energy to fix > *real* bugs?   I would like to spend time in completing the order of build/packaging, a task I started and would like

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Sun, May 13, 2012 at 9:10 PM, Gert Doering wrote: > Hi, > > On Sun, May 13, 2012 at 04:10:54PM +0300, Alon Bar-Lev wrote: >> >> And always have pam dependency for this example? >> > >> > FreeBSD, NetBSD, all Linuxes and Solaris have PAM anyway. &

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Sun, May 13, 2012 at 4:07 PM, Gert Doering wrote: > Hi, > > On Sun, May 13, 2012 at 03:24:59PM +0300, Alon Bar-Lev wrote: >> > If we ignore the examples, we really only have "auth-pam" and "down-root" >> > in the main distribution today, and thos

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Sun, May 13, 2012 at 3:19 PM, Gert Doering wrote: > Hi, > > On Sun, May 13, 2012 at 02:26:05PM +0300, Alon Bar-Lev wrote: >> OK... now you are talking... so you say that like apache we need to >> integrate the plugins to main build system, this was the other >> alter

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

> pfSense developer > > Op 13 mei 2012, om 13:12 heeft Gert Doering het volgende geschreven: > >> Hi, >> >> On Sun, May 13, 2012 at 02:00:32PM +0300, Alon Bar-Lev wrote: >>>>> Can't we progress? >>>> >>>> Why is that prog

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Sun, May 13, 2012 at 2:12 PM, Gert Doering wrote: > Hi, > > On Sun, May 13, 2012 at 02:00:32PM +0300, Alon Bar-Lev wrote: >> >> Can't we progress? >> > >> > Why is that progress? >> > >> > Change always has drawbacks.  If the plus s

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Sun, May 13, 2012 at 12:35 PM, Gert Doering wrote: > Hi, > > On Sun, May 13, 2012 at 12:30:37PM +0300, Alon Bar-Lev wrote: >> An healthy community dealing with openvpn need to gather all resources >> that are acting at that niche. >> There is no reason why we should

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Sun, May 13, 2012 at 12:23 PM, Gert Doering wrote: > Hi, > > On Sun, May 13, 2012 at 12:10:48PM +0300, Alon Bar-Lev wrote: >> And, if not split, they these two plugins should integrated within >> build system. > > This is certainly true. > >> The custom make

  1   2   3   4   5   6   7   8   9   >