Hello,
I am pondering about asynchronous OPENVPN_PLUGIN_CLIENT_CONNECT
callback. Basically, I want _not_ to establish connection until
response is received and ofcI don't want to block rest of traffic.
My idea is to have some kind of connect_control_file (similar to
auth_conrol_file) and pass it
Socket configuration of MTU discovery was done unconditionally at IP level,
which has no effect for other protocols. This fixes the issue of OpenVPN
sending fragmented tcp6/udp6 packets even when 'mtu-disc yes' option is passed.
Signed-off-by: Julien Muchembled
---
src/openvpn/mtu.c| 23
Hi,
On Tue, Jul 29, 2014 at 07:28:49PM +0200, Julien Muchembled wrote:
> Socket configuration of MTU discovery was done unconditionally at IP level,
> which has no effect for other protocols. This fixes the issue of OpenVPN
> sending fragmented tcp6/udp6 packets even when 'mtu-disc yes' option is
Le 07/29/14 20:57, Gert Doering a écrit :
> On Tue, Jul 29, 2014 at 07:28:49PM +0200, Julien Muchembled wrote:
>> Socket configuration of MTU discovery was done unconditionally at IP level,
>> which has no effect for other protocols. This fixes the issue of OpenVPN
>> sending fragmented tcp6/udp6 p
CBC mode is the only mode that OpenVPN supports that needs padding. So,
only include the worst case padding size in the frame size calculation when
using CBC mode.
While doing so, rewrite crypto_adjust_frame_parameters() to be better
readable, and provide debug output (for high debug levels).
Sig
Signed-off-by: Steffan Karger
---
src/openvpn/crypto_backend.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h
index a48ad6c..bc067a7 100644
--- a/src/openvpn/crypto_backend.h
+++ b/src/openvpn/crypto_backend.h
@@
Hi,
On Tue, Jul 29, 2014 at 10:27:42PM +0200, Julien Muchembled wrote:
> > Is there documentation for that socket option somewhere?
>
> 'man 7 ip' and 'man 7 ipv6'
Thanks, will read up.
> For example:
> A --[mtu=1500]-- B --[mtu=1400]-- C
>
> Given a UDP6 socket on A with IPV6_MTU_DISCOVER=I
ACK.
Your patch has been applied to the master and release/2.3 branches.
commit 38cd1ed5ee89218415c5edfc990cfd47fd879d55 (master)
commit d6865ba92eaff015fa5c5707186f4a9d52a68e25 (release/2.3)
Author: Steffan Karger
List-Post: openvpn-devel@lists.sourceforge.net
Date: Tue Jul 29 23:04:26 2014 +
Hi,
On Tue, Jul 29, 2014 at 10:52:24PM +0200, Steffan Karger wrote:
> CBC mode is the only mode that OpenVPN supports that needs padding. So,
> only include the worst case padding size in the frame size calculation when
> using CBC mode.
>
> While doing so, rewrite crypto_adjust_frame_parameters(
Hi,
On 29-07-14 23:20, Gert Doering wrote:
> On Tue, Jul 29, 2014 at 10:52:24PM +0200, Steffan Karger wrote:
>> CBC mode is the only mode that OpenVPN supports that needs padding. So,
>> only include the worst case padding size in the frame size calculation when
>> using CBC mode.
>>
>> While doin
10 matches
Mail list logo