HI,
On Thu, Aug 11, 2022 at 12:03:45PM +0200, Gert Doering wrote:
> I have not tested this myself, but if I had, the test setup would have
> been very similar to what Frank did (so, big thanks) - run a DCO
> environment with "owner nobody", and see if things still work.
>
> I will add this to my
On 15/08/2022 11:54, Gert Doering wrote:
HI,
On Thu, Aug 11, 2022 at 12:03:45PM +0200, Gert Doering wrote:
I have not tested this myself, but if I had, the test setup would have
been very similar to what Frank did (so, big thanks) - run a DCO
environment with "owner nobody", and see if things s
Hi,
On Mon, Aug 15, 2022 at 12:14:23PM +0200, Timo Rothenpieler wrote:
> > Unfortunately, it seems that our approach to "if SITNL is used, we hard
> > require that setting CAP_NET_ADMIN succeeds" is too strong for the twisted
> > ways that people use openvpn.
>
> That's not how the patch operates
On 15/08/2022 12:29, Gert Doering wrote:
Hi,
On Mon, Aug 15, 2022 at 12:14:23PM +0200, Timo Rothenpieler wrote:
Unfortunately, it seems that our approach to "if SITNL is used, we hard
require that setting CAP_NET_ADMIN succeeds" is too strong for the twisted
ways that people use openvpn.
T
Hi,
On Mon, Aug 15, 2022 at 12:40:55PM +0200, Timo Rothenpieler wrote:
> Add checks for ifconfig-noexec + route-noexec being set, and either only
> warn in that case,
... this is what I suggested two mails upthread :-)
> or don't even try to retain capabilities, since
> they're not needed eit
On Dienstag, 18. Mai 2021 14:26:35 CEST Arne Schwabe wrote:
> This is allows scripts and pluginsto parse/react to a CR_RESPONSE message
This commit message needs a makeover, I think.
> - If ``method`` is set to :code:`via-env`, OpenVPN will call ``script``
> + If ``method`` is set to :code:`via
From: Lev Stipakov
Device interface is a path which is used by userspace
to access device. A driver can create one or more device
interfaces and specify "reference string", so that userspace
could enumerate all device interfaces in the list and pick
the corrct one which ends with reference string
Hi,
On 14/08/2022 23:53, Lev Stipakov wrote:
From: Lev Stipakov
Device interface is a path which is used by userspace
to access device. A driver can create one or more device
interfaces and specify "reference string", so that userspace
could enumerate all device interfaces in the list and pick
When adding a peer to a P2P interface, the VPN IPs are not really used by DCO as
there is no routing happening in this mode.
For this reason don't pass any VPN IP when adding a new peer in p2p mode.
Signed-off-by: Antonio Quartulli
---
src/openvpn/dco.c | 51 ++--
Did a bit of "staring at the code", all looks quite reasonable.
My Ubuntu 18/mingw test rig exploded after commit 2e359a088226a (for
the "make dist" part, it requires libpcap-ng-dev, but apt refuses to
install that...) so I could not compile-test.
Commit message extended with "use gc_malloc()..."
10 matches
Mail list logo
