Re: [Openvpn-devel] [PATCH] Fix file checks when --chroot is being used

Hi David, This solution looks good. I did not test, but I do have one minor comment after glancing at the code: @@ -2662,7 +2700,14 @@ check_cmd_access(const char *command, const char > *opt) > * only requires X_OK to function on Unix - a scenario not unlikely to > * be seen on suid

[Openvpn-devel] [PATCH applied] Re: Refactor tls_ctx_use_external_private_key()

Your patch has been applied to the master and release/2.3 branches. commit c3b2d487bc5089c8c0cf65df8e6cc2232d84b05b (master) commit a1e2e7699ca265e911ea8068eadffe1b5a7d24bf (release/2.3) Author: Joachim Schipper List-Post: openvpn-devel@lists.sourceforge.net Date: Thu Sep 19 12:47:27 2013 +0200

[Openvpn-devel] [PATCH applied] Re: --management-external-key for PolarSSL

Your patch has been applied to the master and release/2.3 branches. commit 38ace48c6820c611e689bc69b0cf5380bf7a8891 (master) commit 5269096bde5350d7afb51694b0c38b560c32b5f4 (release/2.3) Author: Joachim Schipper List-Post: openvpn-devel@lists.sourceforge.net Date: Thu Sep 19 12:47:28 2013 +0200

[Openvpn-devel] [PATCH applied] Re: external_pkcs1_sign: Support non-RSA_SIG_RAW hash_ids

Your patch has been applied to the master and release/2.3 branches. commit 32f07c8e5b0f6ec66cfa8566cb8e97b4a6238037 (master) commit d81e29fe89976e4553ce2f491732611416d76fee (release/2.3) Author: Joachim Schipper List-Post: openvpn-devel@lists.sourceforge.net Date: Thu Sep 19 12:47:29 2013 +0200

Re: [Openvpn-devel] [PATCH 1/3] Refactor tls_ctx_use_external_private_key()

Hi, On Thu, Sep 19, 2013 at 12:47:27PM +0200, steffan.kar...@fox-it.com wrote: > From: Joachim Schipper > > OpenSSL's tls_ctx_load_cert_file() had a parameter in which a copy of the > context's certificate chain was stored on return, used by > tls_ctx_use_external_private_key() only and free()d

[Openvpn-devel] [PATCH] Fix compile error in ssl_openssl introduced by polar external-management patch

--- src/openvpn/ssl_openssl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index d6e194a..120aa66 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -534,7 +534,7 @@ void tls_ctx_load_cert_file

Re: [Openvpn-devel] [PATCH] Fix compile error in ssl_openssl introduced by polar external-management patch

Argh, this must have slipped in while rewriting my git history to extract these patches from my own try. Sorry! ACK to Arne's quick fix, thanks for acting quickly. -Steffan On Sat, Nov 23, 2013 at 1:40 PM, Arne Schwabe wrote: > --- > src/openvpn/ssl_openssl.c | 4 ++-- > 1 file changed, 2 in

[Openvpn-devel] [PATCH applied] Re: Fix compile error in ssl_openssl introduced by polar external-management patch

Thanks. ACKed on #openvpn-devel and on the list (and this time, actually compile-tested locally before pushing). Patch has been applied to the master and release/2.3 branches. commit 20fe5561dfe7a6f1da3aac07b38d0773c2758e5e (master) commit 816ccf2666a2de6b7098c4b28d931ea378c278ea (release/2.3)

[Openvpn-devel] [PATCH applied] Re: Simplify print_sockaddr_ex function, merge duplicate ipv4/ipv6 logic.

ACK, with two fixes taken from patch 11/14 in that series, namely this hunk for socket.c: @@ -2235,12 +2209,14 @@ print_sockaddr_ex (const struct sockaddr *sa, case AF_INET6: buf_puts (&out, "[AF_INET6]"); salen = sizeof (struct sockaddr_in6); - addr_is_defined = IN6_IS_

[Openvpn-devel] [PATCH] Split the PROTO_UDP_xx options into AF_INET/AF_INET6 and PROTO_TCP/PROTO_UDP part.

Splitting will make the code a little bit cleaner and prepares for dual stack Signed-off-by: Arne Schwabe --- src/openvpn/error.c | 6 +- src/openvpn/forward.c | 8 +-- src/openvpn/init.c| 21 +++--- src/openvpn/options.c | 73 ++-- src/openvpn/options.h | 2 + src/