Attention is currently required from: flichtenheld, plaisthos.
Hello plaisthos, flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/733?usp=email
to review the following change.
Change subject: dco-win: factor out getting dco version info own
Attention is currently required from: plaisthos, selvanair.
flichtenheld has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/730?usp=email )
Change subject: Add a test for loading certificate and key using file: URI
From: Selva Nair
The test certificate used in test_ssl.c is updated to use 2048 bit
RSA and the matching key is added.
Tests include loading certificate and key as inlined pem as well as
from files. Note that loading the key also checks that it matches
the certificate, providing an indirect test
From: Selva Nair
OpenSSL 3 has providers which can load keys and certificates
from various key stores and HSMs using a provider-specific URI.
While certificates are generally exportable, and some providers
support a PEM file that acts as a proxy for non-exportable private
keys, not all providers
From: Selva Nair
We do not load any providers, so only file: URI internally supported by
OpenSSL 3+ is tested. On non-OpenSSL 3 builds the test prints "SKIPPED".
v2: avoid dead code; rebase to current master
Change-Id: I7615116b5251319aa1f13d671bab7013f3a043ea
Signed-off-by: Selva Nair
Acked-b
Attention is currently required from: cron2, plaisthos, selvanair.
flichtenheld has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/728?usp=email )
Change subject: Protect cached username, password and token on client
..
Attention is currently required from: flichtenheld, plaisthos.
Hello plaisthos, flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/734?usp=email
to review the following change.
Change subject: dco-win: add SET_MODE ioctl call
...
From: Selva Nair
Keep the memory segment containing username and password in
"struct user_pass" encrypted. Works only on Windows.
Username and auth-token cached by the server are not covered
here.
v2: Encrypt username and password separately as it looks more
robust. We continue to depend on the
Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/735?usp=email
to review the following change.
Change subject: crypto_openssl: Suppress deprecation warnings with OpenSSL 3
for GCC as wel
Attention is currently required from: flichtenheld, plaisthos.
uddr has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/722?usp=email )
Change subject: GHA: Configure Renovate
..
Patch Set 1: Code-Revie
Attention is currently required from: flichtenheld, plaisthos.
uddr has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/671?usp=email )
Change subject: configure: Try to use pkg-config to detect mbedTLS
.
Attention is currently required from: flichtenheld, plaisthos.
uddr has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/675?usp=email )
Change subject: configure: Allow to detect git checkout if .git is not a
directory
Attention is currently required from: flichtenheld.
plaisthos has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/675?usp=email )
Change subject: configure: Allow to detect git checkout if .git is not a
directory
..
Attention is currently required from: flichtenheld.
plaisthos has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/380?usp=email )
Change subject: tun: use is_tun_p2p more consistently
..
Patch Set 7: Co
From: Gianmarco De Gregori
In UDP case the dco_set_peer() is currently perfomed at the wrong time
since the mssfix param is calculated later on in
tls_session_update_crypto_params_do_work().
By moving the dco_set_peer() inside the
tls_session_update_crypto_params_do_work() and removing
the p2p_se
From: OpenVPN Renovate
Maintain GitHub actions and other version references
in GHA.
Switch some GHA references from branch versions to
tag version so the pinning works correctly.
Change-Id: I06253be7ed783e3bf30e7df1d6da8ca888016711
Signed-off-by: Frank Lichtenheld
Acked-by: Yuriy Darnobyt
---
Attention is currently required from: flichtenheld, plaisthos.
Hello plaisthos, flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/736?usp=email
to review the following change.
Change subject: Minor fix on ifconfig parameter warning
Attention is currently required from: plaisthos, ralf_lici.
flichtenheld has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/736?usp=email )
Change subject: Minor fix on ifconfig parameter warning
..
Pa
mbedTLS does not seem to have pkg-config support on e.g.
Debian/Ubuntu, so we definitely need to keep the
fallback check as well.
Change-Id: I5d0da76018e874cda5dbab9202a2b817ad5e4692
Signed-off-by: Frank Lichtenheld
Acked-by: Yuriy Darnobyt
---
This change was reviewed on Gerrit and approved by
Using "tun" as the variable name for the return of
is_tun_p2p is probably a historical accident. But
it has actual consequences in that the other code
often seems to assume that it does less checks
than it actually does.
Use "tun_p2p" as the variable name and remove checks
that are not required. A
E.g. if you use openvpn as a git submodule, it can be a
file that points to the parent's git directory.
The changes to Makefile.am are not strictly required, they
still work with that case, but I wanted to keep the usage
consistent.
Change-Id: I9b7a3df012e7606ddb04a944e3fa33247180e8dd
Signed-off-
Have done a bit of testing with "in-tree build, git", "out of tree build,
git" and "in-tree build, tarball" and it seems to always do the right
thing. Haven't a need for git submodules, so I have not tested that.
Your patch has been applied to the master branch.
commit dac076fe406adace826766f6cc
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/675?usp=email )
Change subject: configure: Allow to detect git checkout if .git is not a
directory
..
configure: Allow to detect git checkout if .git is n
cron2 has uploaded a new patch set (#4) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/675?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by plaisthos, Code-Review+2 by uddr
Change subject: configure: Allow to detect g
24 matches
Mail list logo
