Re: [Openvpn-devel] Support for libsodium?

Hi, > From: Gert Doering [mailto:g...@greenie.muc.de] > Sent: donderdag 18 april 2013 22:45 > > Hi, > > On Thu, Apr 18, 2013 at 08:28:42PM +0100, Ed W wrote: > > Hi, given the new abstractions to support PolarSSL, what > > interest/resistance would there be to supporting libsodium? > > http

Re: [Openvpn-devel] Support for libsodium?

Hi I think I'm missing some of the subtleties of your reply, please forgive probable ignorance! There's a few issues that we need to overcome though: - Unfortunately as far as I know there's no TLS support in NaCl. I guess it could work as a crypto library for the data channel and TLS-Au

Re: [Openvpn-devel] Support for libsodium?

On 18/04/2013 21:44, Gert Doering wrote: Hi, On Thu, Apr 18, 2013 at 08:28:42PM +0100, Ed W wrote: Hi, given the new abstractions to support PolarSSL, what interest/resistance would there be to supporting libsodium? https://github.com/jedisct1/libsodium It took us quite some effort to re

Re: [Openvpn-devel] Support for libsodium?

> -Original Message- > From: Ed W [mailto:li...@wildgooses.com] > Sent: vrijdag 19 april 2013 11:50 > To: Adriaan de Jong > Cc: Gert Doering; openvpn-devel@lists.sourceforge.net > Subject: Re: [Openvpn-devel] Support for libsodium? > > Hi > > I think I'm missing some of the subtleties o

Re: [Openvpn-devel] Support for libsodium?

On 19/04/2013 11:13, Adriaan de Jong wrote: I misunderstood your wish to completely get rid of TLS. That would require a major overhaul in the way the control channel in OpenVPN is handled. OpenVPN is completely centered around the idea of a TLS control channel across which data channel keys

[Openvpn-devel] [PATCH] Improve the git revision tracking

From: David Sommerseth This removes the single 'git revision' line from the --version screen and moves this information on the top, together with the OpenVPN version. In addition this patch adds two git flags after the git committish. If there exists changed but unstaged files when the build wa

Re: [Openvpn-devel] [PATCH] Improve the git revision tracking

Hi, On Fri, Apr 19, 2013 at 02:40:12PM +0200, David Sommerseth wrote: > From: David Sommerseth > > This removes the single 'git revision' line from the --version screen and > moves this information on the top, together with the OpenVPN version. ACK! gert -- USENET is *not* the non-clickable p

[Openvpn-devel] [PATCH applied] Re: Improve the git revision tracking

Your patch has been applied to the master branch. commit fff03917947379167502934f09f79ca3e8817fe3 Author: David Sommerseth List-Post: openvpn-devel@lists.sourceforge.net Date: Fri Apr 19 13:21:54 2013 +0200 Improve the git revision tracking Signed-off-by: David Sommerseth Acke

[Openvpn-devel] Summary of the IRC meeting (18th Apr 2013)

Hi, Here's the summary of the previous IRC meeting. --- COMMUNITY MEETING Place: #openvpn-devel on irc.freenode.net List-Post: openvpn-devel@lists.sourceforge.net Date: Thursday 18th Apr 2013 Time: 18:00 UTC Planned meeting topics for this meeting were on this page:

[Openvpn-devel] forward-port of all outstanding 2.1 SVN patches

Hi folks, here's a patch series that brings all not-yet-ported changes from James' SVN 2.1 tree to the current git master tree (plus one of mine, 5/5 is a bugfix for 2/5 - I decided to have it as extra patch so it's clear that this is deviating from "just take what is in SVN"). This is necessary

[Openvpn-devel] [PATCH 1/5] Added remote-override option.

From: James Yonan OpenVPN SVN r8126 (2.1.20) Signed-off-by: Gert Doering --- src/openvpn/options.c | 7 ++- src/openvpn/options.h | 2 ++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index ec39212..88ed88a 100644 --- a/src/open

[Openvpn-devel] [PATCH 3/5] Minor fix to process_ipv4_header so that any combination of options can be defined.

From: James Yonan OpenVPN SVN r8219, slightly adapted for conflicts brought in by commit f0e8997a874a89b3 (IPv6 MSSFIX implementation). Signed-off-by: Gert Doering --- src/openvpn/forward.c | 6 +- src/openvpn/forward.h | 4 +++- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git

[Openvpn-devel] [PATCH 5/5] Fix usage of "compression ..." from global config.

The new compression framework introduced by SVN r8206 only works for a P2MP server if the compression settings are re-installed for each client via management interface, ccd/ file or client-connect script, but the "global" settings get lost due to (needlessly) clearing the c2.comp_context in the pe

[Openvpn-devel] [PATCH 4/5] Always push basic set of peer info values to server.

From: James Yonan On the client, allow certain peer info fields to be pushed even if push-peer-info isn't specified in the config. This is needed to allow the compression handshake to work correctly (i.e. where the client indicates its support for LZO and/or Snappy). Fields that have privacy im

[Openvpn-devel] [PATCH 2/5] Added support for the Snappy compression algorithm

From: James Yonan Added support for the Snappy compression algorithm which has shown to have considerably better compression speed than LZO at a comparable compression ratio. To enable Snappy add: compress snappy to both client and server config files. Alternatively, enable compression fram