[Openvpn-devel] Possible bug: AEAD Decrypt error: cipher final failed

hi all, whilst testing some new hardware with OpenVPN I ran into the following messages which keep popping up from time to time:  AEAD Decrypt error: cipher final failed Config: server running OpenVPN 2.4.3, basic config, Ubuntu 17, kernel 4.14, openssl 1.0.2g client running OpenVPN 2.4.4,

[Openvpn-devel] [PATCH applied] Re: Avoid illegal memory access when malformed data is read from the pipe

ACK, and now with time to merge :-) Your patch has been applied to the master and release/2.4 branch. commit 6f20808c8f37301c43d822f6a22d30b3587abc57 (master) commit 17884fa4ab2b3113559542404704402e5fce7643 (release/2.4) Author: Selva Nair Date: Fri Oct 20 13:25:56 2017 -0400 Avoid illega

Re: [Openvpn-devel] [PATCH] make struct key * argument of init_key_ctx const

Hi, On Mon, Oct 23, 2017 at 11:40:13AM +0200, Steffan Karger wrote: > This can be const, and should thus be const. (Also, resolves a compiler > warning.) > > Signed-off-by: Steffan Karger > --- > src/openvpn/crypto.c | 2 +- > src/openvpn/crypto.h | 2 +- > src/openvpn/crypto_b

Re: [Openvpn-devel] [PATCH] make struct key * argument of init_key_ctx const

Hi, On Fri, Nov 03, 2017 at 07:24:33PM +0100, Gert Doering wrote: > On Mon, Oct 23, 2017 at 11:40:13AM +0200, Steffan Karger wrote: > > This can be const, and should thus be const. (Also, resolves a compiler > > warning.) [..] > I think the patch is good, but it *so* does not apply for me... > >

[Openvpn-devel] [PATCH applied] Re: make struct key * argument of init_key_ctx const

ACK, 2.4-only (already in master) Your patch has been applied to the release/2.4 branch. commit 94793462a977ad09c14530ff20eedc98bb35d36c Author: Steffan Karger Date: Mon Oct 23 11:40:13 2017 +0200 make struct key * argument of init_key_ctx const Signed-off-by: Steffan Karger A

[Openvpn-devel] [PATCH applied] Re: Fix missing check for return value of malloc'd buffer

ACK. Patch is actually fairly trivial as soon as one recognizes that "utf8to16()" is one of our functions, which does exactly what the code removed here does - length check, malloc, malloc check, conversion-if-memory-allocated. Your patch has been applied to the master and release/2.4 branch.

[Openvpn-devel] [PATCH applied] Re: Remove references to keychain-mcd in Changes.rst

ACK, trivial :-) Your patch has been applied to the master and release/2.4 branch. commit 6255706295bf128ec5b5e4c1272fc6ffbfddf0ba (master) commit b98a622bb43d01a4bce4795cc924a8ea910aa507 (release/2.4) Author: David Sommerseth Date: Thu Oct 5 23:22:23 2017 +0200 Remove references to keych

Re: [Openvpn-devel] [PATCH] man: Describe --proto options better

Hi, On Fri, Oct 06, 2017 at 01:25:42AM +0200, David Sommerseth wrote: > The --proto options changed a bit in OpenVPN v2.4. This tries to > expand this section, explaining the new variants and how they > related to older OpenVPN versions. As discussed on IRC, this is not fully right yet. I'm som