Attention is currently required from: flichtenheld, plaisthos.
MaxF has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/920?usp=email )
Change subject: Fix mbed TLS key exporter functionality in 3.6.x and cmake
.
Looking at this with "git show --color-moved=zebra -U20" makes clear
that it's just moving around the call that could fail, and if it fails,
do not modify anything else that might then become inconsistent. As
far as I can see, nothing of this has side effects where order would
be important (except
cron2 has uploaded a new patch set (#2) to the change originally created by
plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/921?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by MaxF
Change subject: Do not leave half-initialised key wrap struct when dynamic
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/921?usp=email )
Change subject: Do not leave half-initialised key wrap struct when dynamic
tls-crypt fails
..
Do not leave half-initialised key wrap struc
Attention is currently required from: flichtenheld, plaisthos.
MaxF has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/921?usp=email )
Change subject: Do not leave half-initialised key wrap struct when dynamic
tls-crypt fails
Tests are good :-) - I have not really looked into it in more detail,
but this is what the infra is there for, and Samuli knows it best.
Your patch has been applied to the master branch.
commit 5ad560a9237dedde83b8797aac457fd1e6832b54
Author: Frank Lichtenheld
Date: Thu Mar 27 10:47:00 2025 +01
cron2 has uploaded a new patch set (#3) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/847?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by mattock
Change subject: t_server_null_default.rc: Add some tests with --data-
Attention is currently required from: d12fk, flichtenheld, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/904?usp=email
to look at the new patch set (#9).
The following approvals got outdated and were removed
Attention is currently required from: flichtenheld, plaisthos.
ordex has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/912?usp=email )
Change subject: Fix incorrect condition for checking password related check
...
Trying to verify some of the negotiation parts.
Change-Id: I47d95eee8a00b9878331fd6cd6a7db12665f5537
Signed-off-by: Frank Lichtenheld
Acked-by: Samuli Seppänen
---
This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.
Gerrit URL: https://ge
Attention is currently required from: flichtenheld, plaisthos.
flichtenheld has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/918?usp=email )
Change subject: Fix compatibility with mbedTLS 2.28.10+ and 3.6.3+
.
Attention is currently required from: d12fk, plaisthos.
stipa has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/837?usp=email )
Change subject: win: implement --dns option support with NRPT
..
Patch S
Attention is currently required from: flichtenheld, plaisthos.
Hello plaisthos, flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/922?usp=email
to review the following change.
Change subject: manpage: fix HTML format for --local
...
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/847?usp=email )
Change subject: t_server_null_default.rc: Add some tests with --data-ciphers
..
t_server_null_default.rc: Add some tests with --data-cipher
Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/829?usp=email
to review the following change.
Change subject: Disable clang-format for some code parts
...
From: Arne Schwabe
In case when key_state_export_keying_material fails we left a
half-initialised tls_wrap_reneg structure in the tls_session.
Later calls to try to free this structure causes freeing of
invalid memory locations.
To test: make key_state_export_keying_material return false even t
Attention is currently required from: flichtenheld, its_Giaan, plaisthos.
mattock has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/922?usp=email )
Change subject: manpage: fix HTML format for --local
.
Attention is currently required from: flichtenheld, plaisthos.
MaxF has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/920?usp=email )
Change subject: Fix mbed TLS key exporter functionality in 3.6.x and cmake
.
Attention is currently required from: flichtenheld.
Hello plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/918?usp=email
to look at the new patch set (#2).
Change subject: Fix compatibility with mbedTLS 2.28.10+ and 3.6.3+
.
Attention is currently required from: flichtenheld.
Hello plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/918?usp=email
to look at the new patch set (#3).
Change subject: Fix compatibility with mbedTLS 2.28.10+ and 3.6.3+
.
cron2 has uploaded a new patch set (#4) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/918?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by MaxF
Change subject: Fix compatibility with mbedTLS 2.28.10+ and 3.6.3+
.
Attention is currently required from: flichtenheld, plaisthos.
MaxF has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/918?usp=email )
Change subject: Fix compatibility with mbedTLS 2.28.10+ and 3.6.3+
.
From: Frank Lichtenheld
>From release notes:
In TLS clients, if mbedtls_ssl_set_hostname() has not been called,
mbedtls_ssl_handshake() now fails with
MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
if certificate-based authentication of the server is attempted.
This is because authenti
Attention is currently required from: flichtenheld, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/919?usp=email
to look at the new patch set (#2).
Change subject: t_server_null: add multi-socket testing
...
24 matches
Mail list logo