Re: [Openvpn-devel] [PATCH 1/6] Fix loading inline tls-crypt-v2 keys with mbed TLS

2019-01-16 Thread Steffan Karger
Hi, On 14-01-19 16:48, Arne Schwabe wrote: > From: Arne Schwabe > > Using a tls-crypt-v2 key with mbed TLS inline results in > > PEM decode error: source buffer not null-terminated > > This is because the mbed TLS decode PEM function excepts the last byte > in the buffer to be 0x00. When const

[Openvpn-devel] [PATCH] Extend tls-crypt-v2 unit tests

2019-01-16 Thread Steffan Karger
This commit adds two tests for tls-crypt-v2 to verify the client and server key generation. These are introduced primarily as a regression test for the off-by-one bug fixed by Arne in tls_crypt_v2_read_keyfile() recently (no commit hash availble, patch has not been applied yet). Signed-off-by: Ste

Re: [Openvpn-devel] Dropping Ubuntu 12.04 packages?

2019-01-16 Thread Matthias Andree
Am 20.12.18 um 14:17 schrieb Samuli Seppänen: > Hi, > > I've worked on openvpn-vagrant and sbuild_wrapper recently[*] and > noticed that mainstream support for Debian 7 and Ubuntu 12.04 ended: > > https://wiki.debian.org/DebianReleases > https://wiki.ubuntu.com/Releases > > However, Ubuntu 12.04 is

Re: [Openvpn-devel] [PATCH 2/6] Refactor tls_crypt_v2_write_server_key_file into crypto.c

2019-01-16 Thread Steffan Karger
Hi, On 14-01-19 16:48, Arne Schwabe wrote: > From: Arne Schwabe > > This allows the method to be resued for generating other types of keys > that should also not be reused as tls-crypt/tls-auth keys. > --- > src/openvpn/crypto.c| 34 ++ > src/openvpn/crypto.h

[Openvpn-devel] [PATCH applied] Re: Extend tls-crypt-v2 unit tests

2019-01-16 Thread Gert Doering
Acked-by: Gert Doering Patch does what it says on the tin - test for this particular regression. Without Arne's patch, running "make check" with mbedtls fails (openssl succeeds). With Arne's patch applied - commit 92a5ec31363e76e6 - both succeed. Your patch has been applied to the master branc

[Openvpn-devel] [PATCH applied] Re: Fix loading inline tls-crypt-v2 keys with mbed TLS

2019-01-16 Thread Gert Doering
Your patch has been applied to the master branch. commit 92a5ec31363e76e64748c4fc9aa144eefad17323 Author: Arne Schwabe Date: Mon Jan 14 16:48:14 2019 +0100 Fix loading inline tls-crypt-v2 keys with mbed TLS Acked-by: Steffan Karger Message-Id: <20190114154819.6064-1-a...@rfc254

[Openvpn-devel] compile-time error in argv_testdriver

2019-01-16 Thread Gert Doering
Hi, for whatever reason my local FreeBSD build system never did cmocka tests - now it does, and fails cc -DHAVE_CONFIG_H -I. -I../../../../openvpn/tests/unit_tests/openvpn -I../../.. -I../../../include-I../../../../openvpn/include -I/home/gert/src/openvpn-maint/test-build-master-fbsd/vendor

[Openvpn-devel] [PATCH applied] Re: Refactor tls_crypt_v2_write_server_key_file into crypto.c

2019-01-16 Thread Gert Doering
Your patch has been applied to the master branch. commit 801be382702f943c42784d26eb07605be8ba0a18 Author: Arne Schwabe Date: Mon Jan 14 16:48:15 2019 +0100 Refactor tls_crypt_v2_write_server_key_file into crypto.c Acked-by: Steffan Karger Message-Id: <20190114154819.6064-2-a...

[Openvpn-devel] [PATCH applied] Re: Add send_control_channel_string_dowork variant

2019-01-16 Thread Gert Doering
Acked-by: Gert Doering "Just moving of code" (though the change c2->c2.multi -> multi makes this harder for git to show). Tested with t_client testset plus a profile that uses user+pass auth so these still go out. Your patch has been applied to the master branch. commit 1000d5e1191d0a372e9e82

[Openvpn-devel] [PATCH applied] Re: Extend tls-crypt-v2 unit tests

2019-01-16 Thread Gert Doering
Acked-by: Gert Doering Patch does what it says on the tin - test for this particular regression. Without Arne's patch, running "make check" with mbedtls fails (openssl succeeds). With Arne's patch applied - commit 92a5ec31363e76e6 - both succeed. Your patch has been applied to the master branc