Hi,
On Sat, Sep 17, 2022 at 11:31:54PM +0200, Antonio Quartulli wrote:
> This patch brings the following improvements:
> * check that ETH proto and version in IP header are consistent;
> * check that length of the packet is enough to store the expected IP
> header (it may be an IPv4 or an IPv6 h
HI,
On Sun, Sep 18, 2022 at 01:10:30AM +0200, Antonio Quartulli wrote:
> From: Dmitry Zelenkovsky
>
> Disconnect clients after session-timeout expires.
> session-timeout can be defined in ccd files in order to limit
> per-user connection time.
I find this implementation needlessly complicated.
Am 18.09.2022 um 03:23 schrieb Ricardo Manriquez:
Author: Ricardo ManrĂquez
To enable the possibility of DNS autoconfiguration the IP address and
hostname of the client are needed to register at the DNS level, this
patch adds this information when using push-peer-info.
The motivation is th
Acked-by: Gert Doering
Thanks for spotting this and sending a patch.
Not sure why this was fixed for add_route*() in commit a11bea18b1c93
(and then made more pretty in 903e2cf5c1), but forgotten in delete_route*()
Tested with a basic t_client test with ipv4 + ipv6 routes.
Your patch has been a
Hi,
On Sat, Sep 17, 2022 at 04:08:18PM +0200, Antonio Quartulli wrote:
> From: Michael Karvan
>
> Signed-off-by: Michael Karvan
> ---
> src/plugins/auth-pam/auth-pam.c | 9 -
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugin
Hi,
we have a long standing open ticket, #1337, about --explicit-exit-notify
together with peer-to-peer mode.
My understanding of --explicit-exit-notify comes from p2mp mode, where
it notifies the other end "I have been SIGINTR'ed, and will go away now",
so the other end can stop sending packets
Acked-by: Gert Doering
Adding my ACK to Heiko's, because the push_option_fmt() thing is sufficiently
different from v3 so I had a very close look.
Testing this is not very easy with the current test framework, as it needs
this patch on both ends to become effective.
This said, I've subjected th
Hi,
On Wed, Sep 14, 2022 at 07:01:34PM +0200, Arne Schwabe wrote:
> src/openvpn/openvpn.vcxproj | 2 +
This file is still gone, so the hunk also needs to go. But I can
ignore this.
> diff --git a/doc/man-sections/script-options.rst
> b/doc/man-sections/script-options.rst
> index 61
On Sat, Sep 17, 2022 at 10:09 AM Antonio Quartulli wrote:
> From: Michael Karvan
>
> Signed-off-by: Michael Karvan
> ---
> src/plugins/auth-pam/auth-pam.c | 9 -
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/src/plugins/auth-pam/auth-pam.c
> b/src/plugins/auth-pam/a
Hi,
On 18/09/2022 12:12, Gert Doering wrote:
Hi,
On Sat, Sep 17, 2022 at 11:31:54PM +0200, Antonio Quartulli wrote:
This patch brings the following improvements:
* check that ETH proto and version in IP header are consistent;
* check that length of the packet is enough to store the expected IP
Hi,
On Sun, Sep 18, 2022 at 09:47:56PM +0200, Antonio Quartulli wrote:
> In the worst case I will only address the second point of the list above
> (as we may later access an IPv6 header that is not fully allocated).
I think everything that actually looks further down the header *does*
check if
Am 18.09.2022 um 18:25 schrieb Gert Doering:
Hi,
On Wed, Sep 14, 2022 at 07:01:34PM +0200, Arne Schwabe wrote:
src/openvpn/openvpn.vcxproj | 2 +
This file is still gone, so the hunk also needs to go. But I can
ignore this.
diff --git a/doc/man-sections/script-options.rst
b/d
Hi,
On 18/09/2022 22:31, Gert Doering wrote:
Hi,
On Sun, Sep 18, 2022 at 09:47:56PM +0200, Antonio Quartulli wrote:
In the worst case I will only address the second point of the list above
(as we may later access an IPv6 header that is not fully allocated).
I think everything that actually l
Hi,
This patch was msising some hunks. To be resent as v2.
Cheers,
On 18/09/2022 01:32, Antonio Quartulli wrote:
From: Mateusz Markowicz
When using "--verify-x509-name [hostname] subject-alt-name" hostname
will now be accepted also when matched against one of the
X509v3 Subject Alternative N
This patch is supposed to implement no function change.
The only change in behaviour that can be observed is the IV_/UV_ variables
being printed in different order compared to before applying this patch.
However, order does not matter, so we don't need to retain it.
What this change really does i
From: Mateusz Markowicz
When using "--verify-x509-name [hostname] subject-alt-name" hostname
will now be accepted also when matched against one of the
X509v3 Subject Alternative Name IP or DNS entries (instead of just
Subject's CN).
While at it, fix a few uncrustify complaints to allow committin
On 18/09/2022 12:37, Gert Doering wrote:
HI,
On Sun, Sep 18, 2022 at 01:10:30AM +0200, Antonio Quartulli wrote:
From: Dmitry Zelenkovsky
Disconnect clients after session-timeout expires.
session-timeout can be defined in ccd files in order to limit
per-user connection time.
I find this i
Am 18.09.2022 um 18:06 schrieb Gert Doering:
Hi,
we have a long standing open ticket, #1337, about --explicit-exit-notify
together with peer-to-peer mode.
My understanding of --explicit-exit-notify comes from p2mp mode, where
it notifies the other end "I have been SIGINTR'ed, and will go away
Hi,
On 19/09/2022 01:17, Arne Schwabe wrote:
In our current state where inetd is no longer supported, this behaviour
to exit makes little sense and we should probably change the behaviour
to SIGUSR1.
I agree with the above.
Alternatively, we should just ignore in P2P mode, but I think SIGUSR1
Hi,
On Mon, Sep 19, 2022 at 01:17:32AM +0200, Arne Schwabe wrote:
> In our current state where inetd is no longer supported, this behaviour
> to exit makes little sense and we should probably change the behaviour
> to SIGUSR1.
What does SIGUSR1 do in p2mp mode on the server end? If it does wha
Hi,
On Mon, Sep 19, 2022 at 12:29:20AM +0200, Antonio Quartulli wrote:
> On 18/09/2022 12:37, Gert Doering wrote:
> > On Sun, Sep 18, 2022 at 01:10:30AM +0200, Antonio Quartulli wrote:
> >> From: Dmitry Zelenkovsky
> >>
> >> Disconnect clients after session-timeout expires.
> >> session-timeout c
21 matches
Mail list logo
