Hi,
On Thu, Jun 15, 2017 at 12:50:40PM +1000, Steven Haigh wrote:
> I'm just trying to figure out if its expected behaviour to have the
> 'username' set in the environment when using the auth-user-pass-verify
> script.
The code in question (ssl_verify.c) is older than the involvement of
any of
Hi,
fwiw, this builds fine against LibreSSL, which seems to provide some but
not all of the functions for which you wrote fallback implementations.
LibreSSL as shipped in OpenBSD-current, ie the development version.
make check passes, openvpn seems to behave correctly in client mode.
--
jca |
On 13/06/17 22:51, Selva Nair wrote:
> It takes only a few line sof code to exploit this on XP -- I have not
> been able to exploit this on Vista but not 100% sure it has been
> fixed for good on Vista+.
But do we really care much for anything older than Win7 these days? For
v2.3, perhaps yes - b
On 13/06/17 20:50, Samuli Seppänen wrote:
Hi,
If I'm not mistaken, this is the same or related problem to the one I
reported early on in 2.4.x release cycle. There might actually be a Trac
ticket for it.
I encountered the issue with the Powershell test suite
(openvpn-windows-test) which ran
On Thu, Jun 15, 2017 at 8:32 AM, David Sommerseth <
open...@sf.lists.topphemmelig.net> wrote:
> On 13/06/17 22:51, Selva Nair wrote:
> > It takes only a few line sof code to exploit this on XP -- I have not
> > been able to exploit this on Vista but not 100% sure it has been
> > fixed for good on
Hi Jeremie,
On Thu, Jun 15, 2017 at 2:04 PM, Jeremie Courreges-Anglas
wrote:
>
> Hi,
>
> fwiw, this builds fine against LibreSSL, which seems to provide some but
> not all of the functions for which you wrote fallback implementations.
> LibreSSL as shipped in OpenBSD-current, ie the development
On Thursday, 15 June 2017 5:47:39 PM AEST Gert Doering wrote:
> Hi,
>
> On Thu, Jun 15, 2017 at 12:50:40PM +1000, Steven Haigh wrote:
> > I'm just trying to figure out if its expected behaviour to have the
> > 'username' set in the environment when using the auth-user-pass-verify
> > script.
>
>
On 15/06/17 18:11, Steven Haigh wrote:
> On Thursday, 15 June 2017 5:47:39 PM AEST Gert Doering wrote:
>> Hi,
>>
>> On Thu, Jun 15, 2017 at 12:50:40PM +1000, Steven Haigh wrote:
[...snip...]
>>
>> old:
>>
>> else
>> {
>> setenv_str(session->opt->es, "username", up->usern
> On 16 Jun 2017, at 06:01, David Sommerseth
> wrote:
> That said ... this needs to be changed, I think it makes sense to take
> some action to reduce this possibility. By manipulating pointers
> provided to you via the the plug-in interface, you can make the OpenVPN
> process crash and burn ..
On 13/06/17 21:15, Selva Nair wrote:
On Tue, Jun 13, 2017 at 3:37 PM, Gert Doering wrote:
On Tue, Jun 13, 2017 at 03:33:35PM -0400, Selva Nair wrote:
Right :) But we could probably do better using Set instead of Add while
the address is set using the service. I'm not that familiar with ipa
From: Guido Vranken
Prevents that the client crashes if the peer does not specify
the 'realm' and/or 'nonce' values. These pointers are
dereferenced in DigestCalcHA1() and DigestCalcResponse();
hence, if not set, a null-pointer dereference would occur.
Signed-off-by: Guido Vranken
---
src/open
Hi,
On Fri, Jun 16, 2017 at 12:01:03AM +0200, David Sommerseth wrote:
> > That still poses the question, is a plugin supposed to be able to alter the
> > environment presented to the auth-user-pass-verify script?
>
> You have discovered something I've not been thinking of. But yes,
> plug-ins c
12 matches
Mail list logo
