[Openvpn-devel] Async OPENVPN_PLUGIN_CLIENT_CONNECT plugin support

Hello, I am pondering about asynchronous OPENVPN_PLUGIN_CLIENT_CONNECT callback. Basically, I want _not_ to establish connection until response is received and ofcI don't want to block rest of traffic. My idea is to have some kind of connect_control_file (similar to auth_conrol_file) and pass it

[Openvpn-devel] [PATCH] Fix --mtu-disc option with IPv6 transport

Socket configuration of MTU discovery was done unconditionally at IP level, which has no effect for other protocols. This fixes the issue of OpenVPN sending fragmented tcp6/udp6 packets even when 'mtu-disc yes' option is passed. Signed-off-by: Julien Muchembled --- src/openvpn/mtu.c| 23

Re: [Openvpn-devel] [PATCH] Fix --mtu-disc option with IPv6 transport

Hi, On Tue, Jul 29, 2014 at 07:28:49PM +0200, Julien Muchembled wrote: > Socket configuration of MTU discovery was done unconditionally at IP level, > which has no effect for other protocols. This fixes the issue of OpenVPN > sending fragmented tcp6/udp6 packets even when 'mtu-disc yes' option is

Re: [Openvpn-devel] [PATCH] Fix --mtu-disc option with IPv6 transport

Le 07/29/14 20:57, Gert Doering a écrit : > On Tue, Jul 29, 2014 at 07:28:49PM +0200, Julien Muchembled wrote: >> Socket configuration of MTU discovery was done unconditionally at IP level, >> which has no effect for other protocols. This fixes the issue of OpenVPN >> sending fragmented tcp6/udp6 p

[Openvpn-devel] [PATCH] Fix frame size calculation for non-CBC modes.

CBC mode is the only mode that OpenVPN supports that needs padding. So, only include the worst case padding size in the frame size calculation when using CBC mode. While doing so, rewrite crypto_adjust_frame_parameters() to be better readable, and provide debug output (for high debug levels). Sig

[Openvpn-devel] [PATCH] Fix typo in cipher_kt_mode_{cbc, ofb_cfb}() doxygen.

Signed-off-by: Steffan Karger --- src/openvpn/crypto_backend.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index a48ad6c..bc067a7 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@

Re: [Openvpn-devel] [PATCH] Fix --mtu-disc option with IPv6 transport

Hi, On Tue, Jul 29, 2014 at 10:27:42PM +0200, Julien Muchembled wrote: > > Is there documentation for that socket option somewhere? > > 'man 7 ip' and 'man 7 ipv6' Thanks, will read up. > For example: > A --[mtu=1500]-- B --[mtu=1400]-- C > > Given a UDP6 socket on A with IPV6_MTU_DISCOVER=I

[Openvpn-devel] [PATCH applied] Re: Fix typo in cipher_kt_mode_{cbc, ofb_cfb}() doxygen.

ACK. Your patch has been applied to the master and release/2.3 branches. commit 38cd1ed5ee89218415c5edfc990cfd47fd879d55 (master) commit d6865ba92eaff015fa5c5707186f4a9d52a68e25 (release/2.3) Author: Steffan Karger List-Post: openvpn-devel@lists.sourceforge.net Date: Tue Jul 29 23:04:26 2014 +

Re: [Openvpn-devel] [PATCH] Fix frame size calculation for non-CBC modes.

Hi, On Tue, Jul 29, 2014 at 10:52:24PM +0200, Steffan Karger wrote: > CBC mode is the only mode that OpenVPN supports that needs padding. So, > only include the worst case padding size in the frame size calculation when > using CBC mode. > > While doing so, rewrite crypto_adjust_frame_parameters(

Re: [Openvpn-devel] [PATCH] Fix frame size calculation for non-CBC modes.

Hi, On 29-07-14 23:20, Gert Doering wrote: > On Tue, Jul 29, 2014 at 10:52:24PM +0200, Steffan Karger wrote: >> CBC mode is the only mode that OpenVPN supports that needs padding. So, >> only include the worst case padding size in the frame size calculation when >> using CBC mode. >> >> While doin