Hi Tony,
On 04/12/20 08:41, Tony He wrote:
Hi Jan,
Yeah, need option " -elapsed" because OpenSSL counts user time instead
of total time(user+sys time) without this option. You can see:
* aes-128-cbc and sha1 are accelerated by HW engine. I believe speed
is faster for openvpn dco module because
Hi,
On Fri, Dec 04, 2020 at 10:49:04AM +0100, Jan Just Keijser wrote:
> as far as I
> know no openvpn release supports CCM thus far (which is a shame, really).
I have heard rumors that someone got nerdsniped by this already... :-)
gert
--
"If was one thing all people took for granted, was con
Hi Jan,
>what HW engine is this? I think your best bet is to actually get the
engine to support GCM; with AES and SHA acceleration in place there is very
little to stop the HW engine from not being able to support GCM..
The HW engine is a part of SoC al314. It connects with A15 CPU via PCI in
SoC
hi Tony,
On 04/12/20 11:12, Tony He wrote:
Hi Jan,
>what HW engine is this? I think your best bet is to actually get the
engine to support GCM; with AES and SHA acceleration in place there is
very little to stop the HW engine from not being able to support GCM..
The HW engine is a part of So
I have not done much testing, and not even stared much at the
code. But it's your code and Antonio has a keen eye :-)
Your patch has been applied to the master and release/2.5 branch.
commit fb169c3b8fdfa9792c0eee8441956f062dfd7982 (master)
commit 06e769552481729ddae28ee46b30f2dc8ca77509 (releas
As for 1/2, I have not really reviewed or tested anything
here. Trusting you and Arne here.
>From a quick view this looks like a nice "code cleanup en passant",
though :-) (and it does pass the client side tests, of course).
Your patch has been applied to the master and release/2.5 branch.
comm
hey guys,
I'm posting this on behalf of the eduVPN team. François Kooman spent a
long time debugging an issue and finally managed to find the piece of
code that causes the weird behavior.
Let me explain:
For eduVPN, multiple openvpn instances are offered , both on UDP and TCP
ports and the c
Magic heuristics... but if Arne and Steffan agree that this is correct,
who am I to dispute it :-) - it passes client tests and is not
"obviously wrong".
Your patch has been applied to the master and release/2.5 branch.
commit 1387f52682dcd3789c56c9979ccedca281ff88f4 (master)
commit c27f97dc0ac99
Hi,
On Mon, Nov 16, 2020 at 03:08:57AM +0500, Vladislav Grishenko wrote:
> DNS SRV remote host discovery allows to have multiple OpenVPN servers for
> a single domain w/o explicit profile enumeration, to move services from
> host to host with little fuss, and to designate hosts as primary servers
Am 04.12.20 um 11:59 schrieb Jan Just Keijser:
> hey guys,
>
> I'm posting this on behalf of the eduVPN team. François Kooman spent a
> long time debugging an issue and finally managed to find the piece of
> code that causes the weird behavior.
> Let me explain:
>
> For eduVPN, multiple openvpn i
>> If I change the client config to list only a single
>> remote 1194 udp
>> line then this reconnect behavior does NOT occur ?!?!?!?
>>
> This might be a bug in the initialisation order. That the ping timer is
> armed before next_connection_entry is called. If you force it reconnect
> by restar
Hi,
On 04/12/20 15:38, Arne Schwabe wrote:
Am 04.12.20 um 11:59 schrieb Jan Just Keijser:
hey guys,
I'm posting this on behalf of the eduVPN team. François Kooman spent a
long time debugging an issue and finally managed to find the piece of
code that causes the weird behavior.
Let me explain:
---
src/openvpn/socket.c | 14 +-
1 file changed, 5 insertions(+), 9 deletions(-)
diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index bd085e8f..31e8fe9a 100644
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -625,10 +625,8 @@ query_servinfo(const char *domain, int
DNS SRV remote host discovery allows to have multiple OpenVPN servers for
a single domain w/o explicit profile enumeration, to move services from
host to host with little fuss, and to designate hosts as primary servers
for a service and others as backups.
Feature has been asked several times alread
DNS SRV remote host discovery allows to have multiple OpenVPN servers for
a single domain w/o explicit profile enumeration, to move services from
host to host with little fuss, and to designate hosts as primary servers
for a service and others as backups.
Feature has been asked several times alread
> This code path is present from 2.1 on, in more or less unaltered form
Yes but only used for profiles with . For version before
that profiles with only --remote entries used a different (now removed)
code path.
Arne
___
Openvpn-devel mailing
16 matches
Mail list logo