Re: [Openvpn-devel] [PATCH v3] Change parameter of send_auth_pending_messages from context to tls_multi

Hi, On Mon, Feb 01, 2021 at 04:03:40PM +0100, Arne Schwabe wrote: > This prepares send_auth_pending_messages to be used a in context that > does not have context c available but also does not need to schedule > an immediate sending of the message (auth plugin/script) > > Patch V2: Adjust the comm

[Openvpn-devel] [PATCH applied] Re: Refactor extract_var_peer_info into standalone function and add ssl_util.c

Thanks for taking my suggestions to v2 into account (though the ssl.c newline-at-end-of-file mishap is still there in v3 :-) - ignoring that hunk). Stared-at-code, while this looks very different, it's still doing the same things (and in the same funny way, using strstr() to search for a single ch

[Openvpn-devel] [PATCH v4] Change parameter of send_auth_pending_messages from context to tls_multi

This prepares send_auth_pending_messages to be used a in context that does not have context c available but also does not need to schedule an immediate sending of the message (auth plugin/script) Patch V2: Adjust the comment of reschedule_multi_process to actually fit a function. Patch

[Openvpn-devel] Summary of the community meeting (10th March 2021)

Hi, Here's the summary of the IRC meeting. --- COMMUNITY MEETING Place: #openvpn-meeting on irc.freenode.net Date: Wed 10th March 2021 Time: 11:30 CET (10:30 UTC) Planned meeting topics for this meeting were here: Your local mee

[Openvpn-devel] [PATCH applied] Re: Change parameter of send_auth_pending_messages from context to tls_multi

Acked-by: Gert Doering Reviewed (did that for v3), only change in v4 is the push.h prototype fix. Taking Lev's ACK from v1 or v2 in as well. Stared-at-code, tested client-and-server, all good! Your patch has been applied to the master branch. commit d8ed59320e619eb5c9e5ba2acbac1a4fecae36b1 Au

[Openvpn-devel] [PATCH v3] Require at least 100MB of mlock()-able memory if --mlock is used.

If --mlock is used, the amount of memory OpenVPN can use is guarded by the RLIMIT_MEMLOCK value (see mlockall(2)). The OS default for this is usually 64 Kbyte, which is enough for OpenVPN to initialize, but as soon as the first TLS handshake comes it, OpenVPN will crash due to "ouf of memory", and

[Openvpn-devel] [PATCH applied] Re: Allow pending auth to be send from a auth plugin

Stared at the code a bit, tortured it on the server test rig (which excercises delayed-auth plugin and delayed-client-connect-*anything*, so breaking something plugin-related "big time" should have been caught). I have not tested the delayed-auth plugin feature yet. A few observations, staring at

Re: [Openvpn-devel] [PATCH v4] Implement deferred auth for scripts

Hi, On Thu, Mar 04, 2021 at 12:40:52PM +0100, Arne Schwabe wrote: > This patch also refactors the if condition that checks the result of > the authentication since that has become quite unreadable. It renames > s1/s2 and extracts some parts of the condition into individual variables > to make the