Hi!
On 15.11.2013 16:49, Heikki Hannikainen wrote:
Nov 15 15:18:01 gw ovpn-udp[9964]: hessu/85.188.36.24.36:58640 MULTI:
Floated with HMAC authentication to a new client address:
[AF_INET]85.188.36.24.36:58640
In this case the client's source port changed, because the client is
behind a NAT dev
On Wed, Oct 30, 2013 at 10:12 PM, André Valentin wrote:
> Add support for floating in tls mode using the HMAC of a packet. It costs
> a roundtrip through the clients. Its security comes from a secret key, both
> peers have. This key and the data form the signature used, which is then
> checked aga
Hi,
On Wed, Oct 30, 2013 at 09:12:26PM +0100, André Valentin wrote:
> Add support for floating in tls mode using the HMAC of a packet. It costs
> a roundtrip through the clients. Its security comes from a secret key, both
> peers have. This key and the data form the signature used, which is then
>
Add support for floating in tls mode using the HMAC of a packet. It costs
a roundtrip through the clients. Its security comes from a secret key, both
peers have. This key and the data form the signature used, which is then
checked againts existing peer connections. Therefore a good auth algo is
rec
Hi!
While running my patched openvpn in gdb, I had this error multiple times now:
---
Fri Oct 25 16:41:19 2013 84.139.3.24:40797 Data Channel Decrypt: Cipher
'AES-256-CBC' initialized with 256 bit key
Fri Oct 25 16:41:19
Hi,
please take a look at multi_find_instance_udp(), I am unsure about gc usage
there.
André
Am 23.10.2013 09:54, schrieb André Valentin:
Add support for floating in tls mode using the HMAC of a packet. It costs
a roundtrip through the clients. Its security comes from a secret key, both
peers
Add support for floating in tls mode using the HMAC of a packet. It costs
a roundtrip through the clients. Its security comes from a secret key, both
peers have. This key and the data form the signature used, which is then
checked againts existing peer connections. Therefore a good auth algo is
rec
Hi!
Master, please. Everything goes into master first, and if we decide it
goes into 2.3, is cherry-picked master->2.3
The last should have been also to master, I do not understand what
happend to it...
André
Add support for floating in tls mode using the HMAC of a packet. It costs
a roundtrip through the clients. Its security comes from a secret key, both
peers have. This key and the data form the signature used, which is then
checked againts existing peer connections. Therefore a good auth algo is
rec
Hi,
On Tue, Oct 22, 2013 at 04:48:22PM +0200, André Valentin wrote:
> It should, but I will post a fixed patch tonight. Do you want it for master
> or release2.3?
Master, please. Everything goes into master first, and if we decide it
goes into 2.3, is cherry-picked master->2.3
gert
--
USENET i
Hi Steffan,
at firsts thanks for taking a review!
On 22.10.2013 16:28, Steffan Karger wrote:
> Thank you for coding and sharing! I marked your original mail for later
> processing, just had not gotten to it yet. This is a cool feature, and
> it has been proposed before on this list (see
> http:/
Hi André,
Thank you for coding and sharing! I marked your original mail for later
processing, just had not gotten to it yet. This is a cool feature, and
it has been proposed before on this list (see
http://thread.gmane.org/gmane.network.openvpn.devel/7384/focus=7395).
That patch did not make it i
Hi,
no comments for this patch? It is really cool if you roam from wifi to edge on
mobiles,
you are immediately reconnected to your vpn after a connection change. No 1
minute wait
for openvpn to complete the openvpn authentication. (cause is the ~1s GSM EDGE
roundtrip
time) If you travel in a t
Add support for floating in tls mode using the HMAC of a packet. It costs
a roundtrip through the clients. Because it is based on the HMAC, it is
secure in ways of cryptography. Before the iteration starts, some sanity
checks are done.
It would be nice if you could take a look into the
multi_find_
14 matches
Mail list logo
