From: Kristof Provost
If IP_RECVDSTADDR exists we'll define ENABLE_IP_PKTINFO, but that
doesn't actually mean we have struct in_pktinfo. We need to check
HAVE_IN_PKTINFO for that.
This fixes DCO builds on FreeBSD.
Signed-off-by: Kristof Provost
---
src/openvpn/dco.c | 2 +-
1 file
From: Kristof Provost
It seems clear that the intent here is to special case the EEXIST error,
not the consider anything else (i.e. 0) to also be an error.
Signed-off-by: Kristof Provost
---
src/openvpn/tun.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/openvpn
From: Kristof Provost
Fix typo in variable name.
Signed-off-by: Kristof Provost
---
src/openvpn/dco_linux.c | 6 +++---
src/openvpn/dco_linux.h | 2 +-
src/openvpn/multi.c | 6 +++---
3 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/openvpn/dco_linux.c b/src/openvpn
From: Kristof Provost
It seems clear that the intent here is to special case the EEXIST error,
not the consider anything else (i.e. 0) to also be an error.
Signed-off-by: Kristof Provost
---
src/openvpn/tun.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/openvpn
From: Kristof Provost
If IP_RECVDSTADDR exists we'll define ENABLE_IP_PKTINFO, but that
doesn't actually mean we have struct in_pktinfo. We need to check
HAVE_IN_PKTINFO for that.
This fixes DCO builds on FreeBSD.
Signed-off-by: Kristof Provost
---
src/openvpn/dco.c | 2 +-
1 file
Hi,
As said in my e-mail (from k...@freebsd.org, Feb 17th), I'm working on
adding DCO support for FreeBSD.
I ran into a few minor issues that are not directly related, but should
be addressed anyway.
These patches are all against https://github.com/OpenVPN/ovpn-dco
Best regards,
Kr
From: Kristof Provost
Fix typo in variable name.
Signed-off-by: Kristof Provost
---
src/openvpn/dco_linux.c | 6 +++---
src/openvpn/dco_linux.h | 2 +-
src/openvpn/multi.c | 6 +++---
3 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/openvpn/dco_linux.c b/src/openvpn
to
provide them, if only as stubs. I've not done that here.
For those interested in testing, the kernel side of things is under
review here: https://reviews.freebsd.org/D34340
Best,
Kristof
___________
Openvpn-devel mailing list
Openvpn-devel@lists.source
other
platforms will not.
Signed-off-by: Kristof Provost
---
src/openvpn/forward.c | 8
1 file changed, 8 insertions(+)
diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index cd956cb3..c16f32fc 100644
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -1104,8 +11
From: Kristof Provost
Implement data-channel offload for FreeBSD. The implementation and flow
is very similar to that of the Linux DCO support.
Signed-off-by: Kristof Provost
---
configure.ac | 15 +-
src/openvpn/Makefile.am| 1 +
src/openvpn/dco_freebsd.c | 559
On 8 Mar 2022, at 15:16, Antonio Quartulli wrote:
> Hi Kristof,
>
> A quick question for you, see below
>
> On 24/02/2022 17:55, Kristof Provost via Openvpn-devel wrote:
>> --- a/configure.ac
>> +++ b/configure.ac
>> @@ -787,7 +787,20 @@ dnl
>>
On 8 Mar 2022, at 15:23, Antonio Quartulli wrote:
> On 24/02/2022 17:55, Kristof Provost via Openvpn-devel wrote:
>> I've had to add a lot of '|| defined(TARGET_FREEBSD)', and I think the
>> code could be a bit cleaner if we'd make these calls conditional
hat. Do you have a rough list of what’s wrong?
>> https://community.openvpn.net/openvpn/wiki/CodeStyle is the authoritative
>> style guide, right?
>
> Correct. Not everything might be there, so feel free to ask for any
> clarification on IRC. Your code is already pretty clea
From: Kristof Provost
Implement data-channel offload for FreeBSD. The implementation and flow
is very similar to that of the Linux DCO support.
Signed-off-by: Kristof Provost
---
configure.ac | 6 +-
src/openvpn/Makefile.am| 1 +
src/openvpn/dco_freebsd.c
Hi,
Here's an updated version of the FreeBSD DCO patch. It addresses a few
code style issues, moves the if_ovpn.h header into the tree and is
rebased on top of the latest DCO branch version.
Best regards,
Kristof
___
Openvpn-devel mailing
From: Kristof Provost
Implement data-channel offload for FreeBSD. The implementation and flow
is very similar to that of the Linux DCO support.
Signed-off-by: Kristof Provost
---
configure.ac | 6 +-
src/openvpn/Makefile.am| 1 +
src/openvpn/dco_freebsd.c
istof
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Trying to find information on how OpenVPN uses the keys generated for the
client and server to encrypt traffic and not having any success (maybe I'm not
searching for the right terms). Can someone explain or point me to a URL
explaining how OpenVPN encrypts traffic once authenticati
s,
Kristof
_______
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
From: Kristof Provost
---
src/openvpn/dco_freebsd.c | 11 +++
1 file changed, 11 insertions(+)
diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c
index 3f8b39e0..8c300639 100644
--- a/src/openvpn/dco_freebsd.c
+++ b/src/openvpn/dco_freebsd.c
@@ -91,6 +91,17
From: Kristof Provost
Implement data-channel offload for FreeBSD. The implementation and flow
is very similar to that of the Linux DCO support.
Signed-off-by: Kristof Provost
---
configure.ac | 6 +-
src/openvpn/Makefile.am| 1 +
src/openvpn/dco_freebsd.c
server mode support, which required this information.
This requires the FreeBSD driver in https://reviews.freebsd.org/D34340
Best regards,
Kristof
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists
100% sure this patch does the correct thing, but we do need to
do something at the point it changes.
Br,
Kristof
_______
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
From: Kristof Provost
Handle the DCO driver telling us that the peer went away, even if we're
not running in multi-instance mode.
Signed-off-by: Kristof Provost
---
src/openvpn/forward.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/src/openvpn/forward.c b/src/openvpn/forw
Updated version of the timeout fix for client mode.
This time with trigger_ping_timeout_signal() as suggested by Arne.
Best regards,
Kristof
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists
From: Kristof Provost
Handle the DCO driver telling us that the peer went away, even if we're
not running in multi-instance mode.
Signed-off-by: Kristof Provost
---
src/openvpn/forward.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/src/openvpn/forward.c b/src/openvpn/forw
On 27 Apr 2022, at 9:55, Antonio Quartulli wrote:
> Hi Kristof,
>
> On 27/04/2022 09:48, Kristof Provost via Openvpn-devel wrote:
>> From: Kristof Provost
>>
>> Handle the DCO driver telling us that the peer went away, even if we're
>> not running in multi-
From: Kristof Provost
Handle the DCO driver telling us that the peer went away, even if we're
not running in multi-instance mode.
Signed-off-by: Kristof Provost
---
src/openvpn/forward.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/src/openvpn/forward.c b/src/openvpn/forw
finish_options(). Call any DCO configuration operations (i.e.
dco_set_peer()/dco_new_key()) after we've created the peer (i.e.
dco_new_peer()).
Signed-off-by: Kristof Provost
---
src/openvpn/init.c | 112 +---
src/openvpn/init.h | 2 +
src/openvpn/multi.c
From: Kristof Provost
It's always used for open_tun_dco(), so we must ensure it's populated,
even if 'dev_node' is set.
Signed-off-by: Kristof Provost
---
src/openvpn/tun.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
inde
Hi,
Here's the latest revision of the FreeBSD DCO patch, as well as three
DCO-related fixes.
Best regards,
Kristof
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
From: Kristof Provost
Implement data-channel offload for FreeBSD. The implementation and flow
is very similar to that of the Linux DCO support.
Signed-off-by: Kristof Provost
---
configure.ac | 6 +-
src/openvpn/Makefile.am| 1 +
src/openvpn/dco_freebsd.c
do_deferred_options() in do_deferred_options() and
finish_options(). Call any DCO configuration operations (i.e.
dco_set_peer()/dco_new_key()) after we've created the peer (i.e.
dco_new_peer()).
Signed-off-by: Kristof Provost
---
src/openvpn/init.c
the call to multi_assign_peer_id() after the mi NULL check.
Signed-off-by: Kristof Provost
---
src/openvpn/mtcp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/mtcp.c b/src/openvpn/mtcp.c
index b4445dbe..414a5676 100644
--- a/src/openvpn/mtcp.c
+++ b/src/openvpn
From: Kristof Provost
Implement data-channel offload for FreeBSD. The implementation and flow
is very similar to that of the Linux DCO support.
Signed-off-by: Kristof Provost
---
configure.ac | 6 +-
src/openvpn/Makefile.am| 1 +
src/openvpn/dco_freebsd.c
Hi,
Here's an updated version for the FreeBSD DCO support, as well as a few
generic bugfixes.
Best regards,
Kristof
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
finish_options(). Call any DCO configuration operations (i.e.
dco_set_peer()/dco_new_key()) after we've created the peer (i.e.
dco_new_peer()).
Signed-off-by: Kristof Provost
---
src/openvpn/init.c | 112 +---
src/openvpn/init.h | 2 +
src/openvpn/multi.c
From: Kristof Provost
Signed-off-by: Kristof Provost
---
src/openvpn/init.c | 15 +++
1 file changed, 15 insertions(+)
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 0d991ba4..701749cd 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -2232,6 +2232,21
On 17 May 2022, at 15:28, Antonio Quartulli wrote:
> On 16/05/2022 20:56, Kristof Provost via Openvpn-devel wrote:
>> From: Kristof Provost
>>
>> We must create the peer before we can dco_set_peer or dco_new_key.
>> On the other hand, we must first process options, beca
On 17 May 2022, at 15:25, Antonio Quartulli wrote:
> Hi,
>
> On 16/05/2022 20:56, Kristof Provost via Openvpn-devel wrote:
>> From: Kristof Provost
>>
>> Signed-off-by: Kristof Provost
>> ---
>> src/openvpn/init.c | 15 +++
>> 1 file
Nair
> Message-Id: <20240606103441.26598-1-g...@greenie.muc.de>
> URL:
>https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28726.html
> Signed-off-by: Gert Doering
Thanks for pushing this to master.
I wonder if it would be
OpenVPN 3 Linux v22_dev (Limited Release)
This is a limited release primarily targeting Fedora 39 and newer plus
Ubuntu 24.04. Other Linux distributions shipping glib2 version 2.76
or newer will also benefit from this release.
This release contains a massive re-factoring of the D-Bus
a elliptic curve (`secp384`), which allows
+Note: This example use a elliptic curve (`ed25519`), which allows
``--dh`` to be set to ``none``.
Example 3: A tunnel with full PKI and TLS-based security
--
2.45.2
_______
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
OpenVPN 3 Linux v23 (Stable release)
The v23 release is stable release which expands the distribution target
since v22_dev was released. The goal for this step was to stabilize the
codebase which was migrated to GDBus++ and the new Meson building
system. The next release (v24) will also be a
ly.
I've seen your patch, and it makes total sense. It's in my pipe to get
merged as soon as I have cleaned up a bunch of other changes as well.
Again, sorry for the slow response.
--
kind regards,
David Sommerseth
OpenVPN Inc
___
Op
this is too strict as some
distros (namely NixOS) may have the 'include' directory with
a differently named parent. Thus this change minimizes the
hardcoded part of the path to make it more flexible.
Signed-off-by: Petr Portnov
Thanks a lot
doesn't
go to openvpn-builds@ ML anymore./
/Instead we could create a openvpn3-builds@ ML. djpig will look into
that./
* *Updated: t_server_null improvements*
/The tests against latest git master server against older openvpn
client versions are almost done./
As always y
On 24/09/2024 15:26, Petr Portnov wrote:
Hi there!
Continuing the packaging of the latest OpenVPN-linux for NixOS, I would
like to propose the following addition to the build system.
What it does is it allows you to customize the installation paths for
DBus and systemd services and adds the
ation work patches are acked and waiting merge process./
/Patchset v5 will be sent in soon./
* *New: where next community meeting*
/Italy or Spain have been mentioned./
/Beer: yes./
/T-shirts: yes./
As always you're welcome to join at #openvpn-meeting on Libera IRC
network every Wed
From 67100f57634b1b59c2ec8c294fccabda8fb7d893 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20Farault?=
Date: Tue, 29 Oct 2024 12:06:35 +0100
Subject: [PATCH v1] Add calls to nvlist_destroy to avoid leaks
---
src/openvpn/dco_freebsd.c | 31 +++
1 file changed
data keys*
/plaisthos has written a new draft for new key handling for the data
channel based on discussions in Karlsruhe./
/Seehttps://github.com/OpenVPN/openvpn-rfc/pull/5
<https://github.com/OpenVPN/openvpn-rfc/pull/5>./
/The current state is that the work for it is done
From c2df7d0e66987e0e7d2c17e1550c40a5f30a265c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20Farault?=
Date: Tue, 29 Oct 2024 12:06:35 +0100
Subject: [PATCH v2] Add calls to nvlist_destroy to avoid leaks
---
src/openvpn/dco_freebsd.c | 31 +++
1 file changed
Meeting summary for 23 October 2024:
* *Updated: data format v3 / epoch data keys*
/plaisthos has written a new draft for new key handling for the data
channel based on discussions in Karlsruhe./
/Seehttps://github.com/OpenVPN/openvpn-rfc/pull/5
<https://github.com/OpenVPN/open
On 13/11/2024 14:59, נתי שטרן wrote:
-- Forwarded message -
מאת: *נתי שטרן* mailto:nsh...@gmail.com>>
Date: יום ד׳, 13 בנוב׳ 2024, 15:52
Subject: Re: [Openvpn-devel] Inquiry About Potential Vulnerabilities in
OpenVPN for Remote Code Execution (RCE)
To: Gert Doering ma
On 13/11/2024 15:24, נתי שטרן wrote:
In which programming languages openvpn has written?
Python , C or etc.?
We do expect you to do some research on your own. But here is a
starting point: https://github.com/OpenVPN/
--
kind regards,
David Sommerseth
OpenVPN Inc
comments addressed, waiting for another
review./
* *Updated: data format v3 / epoch data keys*
/Some comments from syzzer came in and were addressed on the RFC
addition for epoch keys:/
/Seehttps://github.com/OpenVPN/openvpn-rfc/pull/5
<https://github.com/OpenVPN/openvpn-rfc/pul
earlier plugin
succeeds - such as sending a Multi-factor authentication challenge only
if a previous username/password verification succeeds - as the OpenVPN
admin has no way of configuring a dependency between plugins, and
plugins have no visibility of the current authentication state, so an
MFA
The interesting lines are these:
2024-11-18T20:53:01+1100 [stdout#info] [OVPN 0]
OUT: '2024-11-18 09:53:01 152.32.247.23:55730
Non-OpenVPN client protocol detected'
These lines indicates the server seems to be configured with
--port-share. And those packets are forwar
traffic to the server causing it to stop responding.
Or that one VPN clients misbehaviour (not due to misconfiguration,
though) results in no other clients being able to connect.
What you have described so far is that you cannot reach the server. And
OpenVPN tries to reconnect regularly. This is
On 19/11/2024 09:25, נתי שטרן wrote:
have something to fix configuration?
I already answered that:
> Since you seem to run OpenVPN Access Server, just log into the web
> portal and download a new configuration profile.
Otherwise, read the fine manual we have for OpenVPN. You a
it a patch
using the git tools. Then the patch is reviewed and discussed, and if
it is approved (ACKed) it is applied to the appropriate git branches in
the official git repositories.
More details here:
<https://community.openvpn.net/openvpn/wiki/DeveloperDocumentation>
--
kind reg
OpenVPN 3 Linux v24 (Stable release)
The v24 release is another stable release. This resolves issues
reported in several earlier releases and improves OpenVPN 3 Linux
in several areas.
* Improvement: Add --dns option support
DNS resolver settings has been troublesome for many years, since
coded `openvpn` user in meson files. The build system
allows to replace the default `openvpn` user with some other name.
This works for most services, but during refactoring, 3 hard coded
references were omitted.
This popped up while packaging for Debian since the system users
Dec 9 14:34:24 2024 +0100
spelling: Fix various spelling mistakes
Most of these was reported by Marc Leeman during Debian packaging.
Reported-by: Marc Leeman
Signed-off-by: David Sommerseth
<https://codeberg.org/OpenVPN/openvpn3-linux/commit/6b16d119810b0cec66fab1afa79c33e
URL: https://github.com/OpenVPN/openvpn/pull/673
Acked-by: Arne Schwabe
Signed-off-by: Shubham Mittal
---
.github/workflows/build.yaml | 62
1 file changed, 62 insertions(+)
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index
on was added in commit
f3bc7fdc7bf47193a9f8618a7d22a6ceec2df6f7) since 2011, released with
systemd v25. I think we can assume anything using a modern openvpn is
also using something newer than this as well.
--Ben
___
Openvpn-devel mailing list
Openvpn
On 31/12/2024 21:46, Ben Boeckel via Openvpn-devel wrote:
Without this, the password request will expire after 90 seconds leaving
no way to provide the password without OpenVPN asking for it again.
Given that interactive use will wait for input without a timeout, it
makes sense to have non
e setter and stack size check modify cert_names. Therefore, the logical
outcome should remain the same - and this would also handle the subtle
behavioral difference in AWS-LC.
URL: https://github.com/OpenVPN/openvpn/pull/672
Acked-by: Arne Schwabe
Signed-off-by: Shubham Mittal
---
READ
URL: https://github.com/OpenVPN/openvpn/pull/673
Acked-by: Arne Schwabe
Signed-off-by: Shubham Mittal
---
.github/workflows/build.yaml | 61
1 file changed, 61 insertions(+)
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index
tter and stack size check modify cert_names. Therefore, the logical
outcome should remain the same - and this would also handle the subtle
behavioral difference in AWS-LC.
URL: https://github.com/OpenVPN/openvpn/pull/672
Acked-by: Arne Schwabe
Signed-off-by: Shubham Mittal
---
READ
URL: https://github.com/OpenVPN/openvpn/pull/673
Acked-by: Arne Schwabe
Signed-off-by: Shubham Mittal
---
.github/workflows/build.yaml | 62
1 file changed, 62 insertions(+)
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index
On 31/12/2024 21:46, Ben Boeckel via Openvpn-devel wrote:
Without this, the password request will expire after 90 seconds leaving
no way to provide the password without OpenVPN asking for it again.
Given that interactive use will wait for input without a timeout, it
makes sense to have non
ther it's a bugfix or a feature).
Looking forward to it :) .
--Ben
_______
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Without this, the password request will expire after 90 seconds leaving
no way to provide the password without OpenVPN asking for it again.
Given that interactive use will wait for input without a timeout, it
makes sense to have non-interactive usage also wait until the user is
ready instead of
PR: https://github.com/OpenVPN/openvpn/pull/649
Thanks,
--Ben
Ben Boeckel (1):
console_systemd: remove the timeout when using `systemd-ask-password`
src/openvpn/console_systemd.c | 1 +
1 file changed, 1 insertion(+)
base-commit: cb878882388bfe9dc49b116190c5c6ae8918322d
--
2.47.1
rds,
David Sommerseth
OpenVPN Inc
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
gering the issue is even more
> perplexing.
Well. If it was expected, we wouldn't be here investigating ;)
Can I assist you with some test or extra log line?
Cheers,
Walter
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
SecondVPN, at 3.3.3.1, which I'd like to
connect to.
From the perspective of SecondVPN, CorporateVPN is connecting to it:
- 2.2.2.10 -> 3.3.3.1 - openvpn UDP stuff, all works
But, in fact, this is tunneled traffic. There is also:
- 1.1.1.10 -> 2.2.2.1 - here traffic is doubly enc
> On 24-04-2025 10:26, Arne Schwabe wrote:
>> You are also saying that there is a difference in OpenVPN 2.5 vs OPneVPN
>> 2.6. If that is indeed the case, a git bisect would be helpful to point
>> to the commit that is breaking this.
Well. This was my least worst bisect
source IP switches right
after connect:
the client source IP switches, from
- the first-VPN-exit-IP, to the
- regular-ISP-exit-IP
In openvpn 2.5 and below, this worked fine. Since openvpn 2.6,
specifially b364711486, this triggers the "Disallow float to an address
taken by another client&qu
OpenVPN 3 Linux v24 (Bugfix/security release)
The v24.1 release is a small security and bugfix release.
* Security: CVE-2025-3908 - openvpn3-admin init-config follows symlink
Wolfgang Frisch from the SUSE security team reach out and
notified us of a potential issue with the openvpn3-admin
"do_pre_decrypt_check: verdict %d (%d)", verdict,
ret);
return ret;
}
This is the code that has the changed behaviour.
In the before situation, we had this:
--- a/src/openvpn/mudp.c
+++ b/src/openvpn/mudp.c
@@ -55,8 +55,10 @@ do_pre_decrypt_check(struct m
> The thing is that I do not really understand your scenario and how it
> exactly breaks for you to the extend that I cannot reproduce the issue.
I thought I explained things sufficiently in:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31502.html
Apparently not.
or of the second VPN wants to avoid that, by pushing its IP
> as net_gateway, this means that the client's source IP switches right
> after connect:
>
> the client source IP switches, from
> - the first-VPN-exit-IP, to the
> - regular-ISP-exit-IP
>
> In openvpn 2
changed, 147 insertions(+), 66 deletions(-)
diff --git a/doc/management-notes.txt b/doc/management-notes.txt
index 96470d0..174b3bf 100644
--- a/doc/management-notes.txt
+++ b/doc/management-notes.txt
@@ -12,7 +12,8 @@ as a client or server.
The management interface is implemented using a client/
command:
> >
> > - the management interface client can issue this command:
>
> Same here -- clarify that a response must be provided?
Same here : ) -- other examples use "should", which I like better.
I'll send a v2 incorporating your other comments soon.
-notes.txt
@@ -12,7 +12,8 @@ as a client or server.
The management interface is implemented using a client/server TCP
connection or unix domain socket where OpenVPN will listen on a
-provided IP address and port for incoming management client connections.
+provided IP address and port for incomi
{
dup2(fd, 2);
--
2.32.0 (Apple Git-132)
___________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
e sent in
> commit a480eaae1d32a6, which was only applied to one of the plugins in
> question (plugins/down-root) and not plugins/auth-pam.
>
> Your patch has been applied to the master branch.
>
> commit d5c1ec2913620cec5b453c35d5c851f8c79a7ae1
> Author: Saifur Rahman Mohsin via O
From: Alexander von Gluck IV
---
configure.ac| 5 +
src/openvpn/route.c | 15 +++
src/openvpn/tun.c | 17 +
3 files changed, 37 insertions(+)
diff --git a/configure.ac b/configure.ac
index 0876a6a5..7f6e43dd 100644
--- a/configure.ac
+++ b
---
src/openvpn/route.c | 109 +++-
1 file changed, 107 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index fa20d08f..8d319123 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -54,6 +54,12 @@
#include
On Tuesday, November 26th, 2024 at 8:32 AM, Gert Doering
wrote:
>
> this is great, but alas...
> On Tue, Nov 26, 2024 at 02:26:52PM +, Alexander von Gluck via
> Openvpn-devel wrote:
>
> > +#el
> > if defined(TARGET_HAIKU)
>
> ...
>
> > +#
In RHEL 7 /etc/sysconfig/network is no longer used (still there but
empty). This results in the following error when openvpn starts:
Dec 20 09:01:25 localhost openvpn: /etc/rc.d/init.d/openvpn: line 94: [:
=: unary operator expected
---
distro/rpm/openvpn.init.d.rhel | 2 +-
1 file changed
Hello guys,
A couple years ago I submitted this patch which allows the user to set the
'client-ip' as a convenient way to use the leased IP address received from
OpenVPN server in NAT configuration. For example:
client-nat snat client-ip 255.255.255.255 172.20.1.15
, where 'cl
301 - 394 of 394 matches
Mail list logo
