Attention is currently required from: plaisthos.
flichtenheld has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/1038?usp=email )
Change subject: t_server_null: Test different permutations of --dh
..
P
From: Max Fillinger
Mbed TLS now has an implementation of the TLS-Exporter feature (though
not yet in a released version). Use it if it's available.
v2: Rebased, changed feature detection in configure.ac
Change-Id: I1204bc2ff85952160a86f0b9d1caae90e5065bc4
Signed-off-by: Max Fillinger
Acked-by
Attention is currently required from: MaxF.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/1042?usp=email )
Change subject: mbedtls: Allow TLS 1.3 if available
..
Patch Set 3: Code-Review+2
From: Max Fillinger
We need mbedtls_ssl_export_keying_material() to support TLS 1.3. The
workaround we use for TLS 1.2 does not work for TLS 1.3.
Change-Id: If5e832866b312a2f8a1ce6b4e00d40e3dcf63681
Signed-off-by: Max Fillinger
Acked-by: Gert Doering
Acked-by: Frank Lichtenheld
---
This chan
Attention is currently required from: MaxF, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/1041?usp=email )
Change subject: Use mbedtls_ssl_export_keying_material()
..
Patch Set 3:
I could not test this myself, and neither did the buildbots (as far as
I know) because we all have older mbedTLS versions - so the patch does
not break anything there, at least :-)
Arne has tested this with an mbedTLS development build, and it works
as it says on the lid - the new function is used
cron2 has uploaded a new patch set (#4) to the change originally created by
MaxF. ( http://gerrit.openvpn.net/c/openvpn/+/1041?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by flichtenheld
Change subject: Use mbedtls_ssl_export_keying_material()
..
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/1041?usp=email )
Change subject: Use mbedtls_ssl_export_keying_material()
..
Use mbedtls_ssl_export_keying_material()
Mbed TLS now has an implementation o
Attention is currently required from: MaxF, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/1042?usp=email )
Change subject: mbedtls: Allow TLS 1.3 if available
..
Patch Set 3:
(1
A twisty nightmare of passages, all alike... (but ignoring the eye sore,
these particular #ifdef are not actually that complex, well described,
and well contained).
I have removed my Acked-By: from the commit - this was more a gerrit
artefact due to -1'ing and then +2'ing the patch again. Frank
cron2 has uploaded a new patch set (#4) to the change originally created by
MaxF. ( http://gerrit.openvpn.net/c/openvpn/+/1042?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by cron2, Code-Review+2 by flichtenheld
Change subject: mbedtls: Allow TLS 1.3 if avail
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/1042?usp=email )
Change subject: mbedtls: Allow TLS 1.3 if available
..
mbedtls: Allow TLS 1.3 if available
We need mbedtls_ssl_export_keying_material() t
Attention is currently required from: flichtenheld, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/1038?usp=email )
Change subject: t_server_null: Test different permutations of --dh
...
From: Frank Lichtenheld
Do not include --dh by default, since we do not actually
need it. Use the different servers for different ways
of specifying it.
Change-Id: I480442a55025bfcce7cb68ec7564ff33b0b780e2
Signed-off-by: Frank Lichtenheld
Acked-by: Gert Doering
---
This change was reviewed on
Thanks, this is a very welcome addition to catch future oversights around
--dh variants.
The buildbots have tested this, and found it to their liking :-) - I have
just stared at it and liked it as well.
Your patch has been applied to the master branch.
commit 4d104a3857a21cf22774ba50b66fe575a682
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/1038?usp=email )
Change subject: t_server_null: Test different permutations of --dh
..
t_server_null: Test different permutations of --dh
Do not include -
cron2 has uploaded a new patch set (#3) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/1038?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by cron2
Change subject: t_server_null: Test different permutations of --dh
...
From: Frank Lichtenheld
Change-Id: I83831060fdf5588a0ada8d6abbedc7ce3ded4182
Signed-off-by: Frank Lichtenheld
Acked-by: Gert Doering
---
This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.
Gerrit URL: https://gerrit.openvpn.net/c/openvpn
cron2 has uploaded a new patch set (#2) to the change originally created by
flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/1030?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by cron2
Change subject: Fix various badly placed comments in preparation for r
Attention is currently required from: flichtenheld, plaisthos.
cron2 has posted comments on this change. (
http://gerrit.openvpn.net/c/openvpn/+/1030?usp=email )
Change subject: Fix various badly placed comments in preparation for reformat
Only whitespace changes, but beyond what automatic tools will do
(without making them reformat everything). One comment bugfix.
Your patch has been applied to the master branch.
commit 9cc7c68bd8d42b9e1c02fd3f069d404b5c056b57
Author: Frank Lichtenheld
Date: Tue Jun 3 18:30:34 2025 +0200
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/1030?usp=email )
Change subject: Fix various badly placed comments in preparation for reformat
..
Fix various badly placed comments in preparation for refo
22 matches
Mail list logo
