I have not reviewied this in full depth, trusting Frank here.
I *have* tested this on the server side testbed with "plain", "tls-auth"
and "tls-crypt" instances - and besides the fact that tls-crypt breaks
the 2.3 client (no support ;-) ) it all works nicely.
All the comments and whitespace bits
From: Lev Stipakov
Add vcpkg manifest file which lists
dependencies and enable manifest usage in
project file.
This simplifies build process by eliminating
separate "vcpkg install" step to install dependencies.
Signed-off-by: Lev Stipakov
---
.github/workflows/build.yaml | 15 ++-
From: Lev Stipakov
Add vcpkg manifest file which lists
dependencies and enable manifest usage in
project file.
This simplifies build process by eliminating
separate "vcpkg install" step to install dependencies.
Signed-off-by: Lev Stipakov
---
v2: add missing lz4 dependency
.github/workflow
Hi,
On Thu, May 05, 2022 at 12:18:11PM +0200, Gert Doering wrote:
> All the comments and whitespace bits have been fixed-on-the-fly
> as instructed. I have also fixed the "Return *true* if this packet..."
> comment before do_pre_decrypt_check() and rewrapped the very long
> comment lines in mudp.
Stare-at-code and running client/server tests confirm that this is,
indeed, only trivial move-around.
Your patch has been applied to the master branch.
commit 8b9b8f91b76af59e26edee46f1a1f4eebdca762b
Author: Arne Schwabe
Date: Fri Apr 22 16:29:46 2022 +0200
Extract read_incoming_tls_ciphe
I think that makes the code slightly more readable.
Signed-off-by: Frank Lichtenheld
---
src/openvpn/ssl.c | 20 +-
src/openvpn/ssl_backend.h | 35 ++-
src/openvpn/ssl_mbedtls.c | 44 +++
3 files changed, 52
Hi,
JFYI, I have added the last two "just whitespace" patches to
the master .git-blame-ignore-revs file
diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs
index 1e940dba..c104cce9 100644
--- a/.git-blame-ignore-revs
+++ b/.git-blame-ignore-revs
@@ -39,3 +39,9 @@ f57431cdc88f22fa4d796294
From: Lev Stipakov
Add vcpkg manifest file which lists
dependencies and enable manifest usage in
project file.
This simplifies build process by eliminating
separate "vcpkg install" step to install dependencies.
Since vcpkg added openssl3 port, remove ours.
Signed-off-by: Lev Stipakov
---
.gi
From: Lev Stipakov
Add vcpkg manifest file which lists
dependencies and enable manifest usage in
project file.
This simplifies build process by eliminating
separate "vcpkg install" step to install dependencies.
Signed-off-by: Lev Stipakov
---
v3: fix GitHub Actions cache
v2: add missing lz4
Tls-crypt v2 is more complicated to implement a proper stateless
handshake. To allow state handshake this commit does
- introduce a new packet CONTROL_WKC_V1 that repeats the wrapped
client key.
- introduce a way to negotiate the support for this packet in the
three way handshake
Details
Hi,
On 05/05/2022 15:03, Arne Schwabe wrote:
Tls-crypt v2 is more complicated to implement a proper stateless
handshake. To allow state handshake this commit does
- introduce a new packet CONTROL_WKC_V1 that repeats the wrapped
client key.
- introduce a way to negotiate the support for
> Arne Schwabe hat am 05.05.2022 15:03 geschrieben:
>
[...]
> diff --git a/src/openvpn/ssl_pkt.c b/src/openvpn/ssl_pkt.c
> index 810b189e9..dad65e26a 100644
> --- a/src/openvpn/ssl_pkt.c
> +++ b/src/openvpn/ssl_pkt.c
[...]
> @@ -434,8 +443,17 @@ tls_reset_standalone(struct tls_auth_standalone *ta
Acked-by: Gert Doering
Not sure what this all does, but github likes it and builds nice things.
I should point out that vcpkg.json will not be contained in the
"make dist" tarball (not mentioned in "Makefile.am"), so this is only
benefiting people that build from git today.
Your patch has bee
Acked-by: Gert Doering
"Again, I have no idea, but it looks reasonable and github builds nice
things from it..."
Your patch has been applied to the master branch.
commit f6d80493a965d08c6b9beb67e25e2762b8aa94d9
Author: Lev Stipakov
Date: Thu May 5 15:14:49 2022 +0300
vcpkg: switch to ma
Acked-by: Gert Doering
%zu is now a first class citizen even in MSVC, so we're safe to use it.
Says Lev, and The Internet.
https://stackoverflow.com/questions/15610053/correct-printf-format-specifier-for-size-t-zu-or-iu
Only minimally tested ("does it compile on amd64 linux with no warning")
Acked-by: Gert Doering
I have not actually investigated this in more detail - but this is
something the Android GUI controls, so if you say "it will never send
this message anymore" we can remove the code from openvpn core.
I did wonder (on IRC) if we can get rid of ANDROID_OPEN_BEFORE_CLOSE at
Re: Remove workaround for Android 4.4
On Thu, 5 May 2022, 21:11 Gert Doering, wrote:
> Acked-by: Gert Doering
>
> I have not actually investigated this in more detail - but this is
> something the Android GUI controls, so if you say "it will never send
> this message anymore" we can remove the
17 matches
Mail list logo
