[Openvpn-devel] Topics for the upcoming (Monday, 7th Nov 2016) community meeting

Hi, We're going to have an IRC meeting on Monday 7th November 2016. The meeting begins at 20:00 CET (19:00 UTC) on #openvpn-meeting irc.freenode.net. You do not have to be logged in to Freenode to join the channel. Current topic list along with basic information is here:

[Openvpn-devel] [PATCH applied] Re: Drop recursively routed packets

ACK (finally). Tested with tun+tap for proper recursion drops on v4+v6 (works, though on tap it's sometimes non-trivial to reproduce as you need an valid ARP entry first...), and with all I have for client or server side breakage (tun, tap, p2mp, p2p, --inetd, ...) - no breakage. Your patch has

[Openvpn-devel] [PATCH] Poor man's NCP for 2.3 clients.

Proper cipher negotiation needs clients that announce IV_NCP=1 and can handle pushing of ciphers. 2.3 clients can not do that. To work around that, here's a hacky patch to make it work. On the client side, set cipher AES-128-CBC push-peer-info setenv UV_CIPHER AES-128-CBC (same cipher!).

[Openvpn-devel] [PATCH] Prevent generation of duplicate EXPECT_IFCONFIG entries

From: Samuli Seppänen Previously, if t_client.rc did not source t_client_ips.rc, update_t_client_ips.sh would add (the same) EXPECT_IFCONFIG entries to t_client_ips.rc on every run. With this patch update_t_client_ips.sh checks if the entry exists before adding it. Signed-off-by: Samuli Seppänen

Re: [Openvpn-devel] dhcp-option DNS IPv6 server address for windows client

Hi, On Sun, Oct 30, 2016 at 03:23:06PM -0400, Selva Nair wrote: > > >> ?probably not only DHCPv6, but also Router Advertisement too. I doubt > > that DHCPv6 could be used without RA on Windows. > > > > > > It's a somewhat multi-stage thing > > > > > > - first, define a new dhcp-option (like, "DNS

[Openvpn-devel] [PATCH] Fix --tls-version-max in mbed TLS builds

These define renames were missed in the migration to 2.x, causing the maximum TLS version to be detected incorrectly. Signed-off-by: Steffan Karger --- src/openvpn/ssl_mbedtls.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mb

Re: [Openvpn-devel] [PATCH applied] Fix --tls-version-max in mbed TLS builds

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ACK. Extended the commit message slightly on the fly, explaining the macros and how to interpret them. Your patch has been applied to the master branch. commit 8215b7a873400b85137f6e42cd7999dd12b00b71 Author: Steffan Karger Date: Fri Nov 4 21:03:4

[Openvpn-devel] any reason to not adding tap-windows.h to https://github.com/OpenVPN/openvpn/tree/master/include ?

Hello, I'm geting "build only" travis-ci mingw cross compile config and I came to idea that I do not understand why "tap-windows.h" must be downloaded separately 1) if we use some functions, we should include prototypes. it is not very common to download prototypes from different location 2) such