Menu
▾
▴
openvpn-commits — Version control commits list
You can subscribe to this list here.
| 2010 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(21) |
Nov
(30) |
Dec
(9) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2011 |
Jan
(9) |
Feb
(11) |
Mar
(18) |
Apr
(75) |
May
(28) |
Jun
(9) |
Jul
(8) |
Aug
(21) |
Sep
(8) |
Oct
(12) |
Nov
(21) |
Dec
(15) |
| 2012 |
Jan
(24) |
Feb
(35) |
Mar
(18) |
Apr
(9) |
May
(22) |
Jun
(60) |
Jul
(22) |
Aug
(3) |
Sep
(21) |
Oct
(29) |
Nov
(18) |
Dec
(18) |
| 2013 |
Jan
(11) |
Feb
(21) |
Mar
|
Apr
(2) |
May
(5) |
Jun
(7) |
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2014 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(8) |
Oct
(4) |
Nov
|
Dec
(13) |
| 2015 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(9) |
Nov
|
Dec
|
| 2016 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(24) |
Jun
(2) |
Jul
(4) |
Aug
(54) |
Sep
(18) |
Oct
(22) |
Nov
(29) |
Dec
(65) |
| 2017 |
Jan
(26) |
Feb
(2) |
Mar
(2) |
Apr
(4) |
May
(25) |
Jun
(6) |
Jul
(6) |
Aug
(18) |
Sep
(14) |
Oct
|
Nov
|
Dec
(4) |
| 2018 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(4) |
Nov
|
Dec
|
| 2019 |
Jan
(1) |
Feb
(10) |
Mar
(8) |
Apr
(8) |
May
(7) |
Jun
(15) |
Jul
(15) |
Aug
(11) |
Sep
(10) |
Oct
(21) |
Nov
(25) |
Dec
(10) |
| 2020 |
Jan
(9) |
Feb
(10) |
Mar
(21) |
Apr
(38) |
May
(21) |
Jun
(28) |
Jul
(65) |
Aug
(53) |
Sep
(76) |
Oct
(37) |
Nov
(14) |
Dec
(18) |
| 2021 |
Jan
(26) |
Feb
(14) |
Mar
(33) |
Apr
(59) |
May
(23) |
Jun
(36) |
Jul
(14) |
Aug
(15) |
Sep
(20) |
Oct
(34) |
Nov
(35) |
Dec
(40) |
| 2022 |
Jan
(30) |
Feb
(46) |
Mar
(57) |
Apr
(38) |
May
(49) |
Jun
(27) |
Jul
(34) |
Aug
(83) |
Sep
(29) |
Oct
(28) |
Nov
(66) |
Dec
(116) |
| 2023 |
Jan
(95) |
Feb
(64) |
Mar
(116) |
Apr
(29) |
May
(58) |
Jun
(30) |
Jul
(162) |
Aug
(117) |
Sep
(222) |
Oct
(197) |
Nov
(272) |
Dec
(174) |
| 2024 |
Jan
(156) |
Feb
(182) |
Mar
(220) |
Apr
(150) |
May
(165) |
Jun
(207) |
Jul
(157) |
Aug
(94) |
Sep
(226) |
Oct
(363) |
Nov
(333) |
Dec
(286) |
| 2025 |
Jan
(331) |
Feb
(265) |
Mar
(273) |
Apr
(250) |
May
(277) |
Jun
(504) |
Jul
(394) |
Aug
(497) |
Sep
(552) |
Oct
(601) |
Nov
(500) |
Dec
(227) |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, allmerged has been updated
via b9735ac9fa06c8b275d06614021161fa1bd690e4 (commit)
via f20c2f0d6b42f652f39c0082237c3f8d69752ec9 (commit)
via d0f3b6eb2e27b48d41a517dd21b252d3f1f75996 (commit)
via e98124dfbabfa78e9bf6e841ffcc8e04868df331 (commit)
via 2d12eb12cf2a49adbc2e89e20990415947519900 (commit)
via b2dee7d568d4f31e2c2c8aba5de5ac02147c6b6b (commit)
from 3aae9991835867fa3bf95e38042615926c359354 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b9735ac9fa06c8b275d06614021161fa1bd690e4
Merge: d0f3b6eb2e27b48d41a517dd21b252d3f1f75996 f20c2f0d6b42f652f39c0082237c3f8d69752ec9
Author: David Sommerseth <da...@us...>
Date: Thu Nov 18 19:02:37 2010 +0100
Merge branch 'bugfix2.1' into allmerged
commit d0f3b6eb2e27b48d41a517dd21b252d3f1f75996
Merge: 3aae9991835867fa3bf95e38042615926c359354 e98124dfbabfa78e9bf6e841ffcc8e04868df331
Author: David Sommerseth <da...@us...>
Date: Thu Nov 18 18:47:36 2010 +0100
Merge branch 'bugfix2.1' into allmerged
-----------------------------------------------------------------------
Summary of changes:
ssl.c | 4 +-
version.m4 | 2 +-
win/build_all.py | 71 ++++++++++++++++++++++++++++++++++++++++++-----------
3 files changed, 59 insertions(+), 18 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, bugfix2.1 has been updated
via 423d68b0ede7f10c02fa753cba8d60d2218d2dc7 (commit)
from 3adf2f558e157ef5087ca44f13e097a394ef7c78 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
base64.c | 6 +-----
options.c | 1 +
2 files changed, 2 insertions(+), 5 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, beta2.2 has been updated
via 4b519cf51d02daacb388eb90bd0c5930145d7a0d (commit)
via 423d68b0ede7f10c02fa753cba8d60d2218d2dc7 (commit)
via 3adf2f558e157ef5087ca44f13e097a394ef7c78 (commit)
from 513a53284158c6fe3b4c89b59eb10029639407b5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4b519cf51d02daacb388eb90bd0c5930145d7a0d
Merge: 513a53284158c6fe3b4c89b59eb10029639407b5 423d68b0ede7f10c02fa753cba8d60d2218d2dc7
Author: David Sommerseth <da...@us...>
Date: Sun Nov 14 23:48:49 2010 +0100
Merge branch 'bugfix2.1' into beta2.2
Conflicts:
options.c
- Disagreements about a new included file (forward.h)
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
base64.c | 6 +-----
contrib/pull-resolv-conf/client.down | 5 +++--
contrib/pull-resolv-conf/client.up | 5 +++--
options.c | 1 +
4 files changed, 8 insertions(+), 9 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, allmerged has been updated
via 3aae9991835867fa3bf95e38042615926c359354 (commit)
via 423d68b0ede7f10c02fa753cba8d60d2218d2dc7 (commit)
via 3adf2f558e157ef5087ca44f13e097a394ef7c78 (commit)
from c4e07d47251d5a2965918dd8337de9a57a083afa (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3aae9991835867fa3bf95e38042615926c359354
Merge: c4e07d47251d5a2965918dd8337de9a57a083afa 423d68b0ede7f10c02fa753cba8d60d2218d2dc7
Author: David Sommerseth <da...@us...>
Date: Sun Nov 14 23:47:38 2010 +0100
Merge branch 'bugfix2.1' into allmerged
Conflicts:
options.c
- Disagreements about a new include file (forward.h)
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
base64.c | 6 +-----
contrib/pull-resolv-conf/client.down | 5 +++--
contrib/pull-resolv-conf/client.up | 5 +++--
options.c | 1 +
4 files changed, 8 insertions(+), 9 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, bugfix2.1 has been updated
via 3adf2f558e157ef5087ca44f13e097a394ef7c78 (commit)
from 22178d05f7912fd51a21a32387982394447d90f6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3adf2f558e157ef5087ca44f13e097a394ef7c78
Author: Jesse Young <jes...@gm...>
Date: Mon Nov 1 11:33:26 2010 -0500
Remove hardcoded path to resolvconf
Signed-off-by: Jesse Young <jes...@gm...>
Acked-by: David Sommerseth <da...@us...>
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
contrib/pull-resolv-conf/client.down | 5 +++--
contrib/pull-resolv-conf/client.up | 5 +++--
2 files changed, 6 insertions(+), 4 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, feat_misc has been updated
via 6af422162fbc1c505526157ecf630e37694dbc7b (commit)
via cc88a2695f4a54e27143efeae62de24fec8e26a1 (commit)
via 7aa6c12a4424d00ea0add0a849f8a5b31a2de6a1 (commit)
from 5682d3394204c788988b3cf67b3443a717704d2c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6af422162fbc1c505526157ecf630e37694dbc7b
Author: David Sommerseth <da...@us...>
Date: Sat Aug 28 20:52:19 2010 +0200
Clean-up: Removing useless code - hash related functions
Removed even more function which where practically empty and took away
some function arguments which were not used.
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: James Yonan <ja...@op...>
commit cc88a2695f4a54e27143efeae62de24fec8e26a1
Author: David Sommerseth <da...@us...>
Date: Sat Aug 28 20:44:07 2010 +0200
Clean-up: Remove more dead and inactive code paths
These code paths was practically not needed with no locking mechanisms
enabled and was just bloating the source code.
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: James Yonan <ja...@op...>
commit 7aa6c12a4424d00ea0add0a849f8a5b31a2de6a1
Author: David Sommerseth <da...@us...>
Date: Sat Aug 28 20:14:36 2010 +0200
Clean-up: Remove pthread and mutex locking code
This code was not activated at all, and hard coded as disabled in syshead.h
with this code snippet:
/*
* Pthread support is currently experimental (and quite unfinished).
*/
#if 1 /* JYFIXME -- if defined, disable pthread */
#undef USE_PTHREAD
#endif
So no matter if --enable-pthread when running ./configure or not, this feature
was never enabled in reality. Further, by removing the blocker code above made
OpenVPN uncompilable in the current state.
As the threading part needs to be completely rewritten and pthreading will not be
supported in OpenVPN 2.x, removing this code seems most reasonable.
In addition, a lot of mutex locking code was also removed, as they were practically
NOP functions, due to pthreading being forcefully disabled
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: James Yonan <ja...@op...>
-----------------------------------------------------------------------
Summary of changes:
Makefile.am | 1 -
acinclude.m4 | 224 --------------------------------------------------
buffer.c | 5 -
buffer.h | 1 -
config-win32.h.in | 5 -
configure.ac | 38 +---------
crypto.c | 3 -
error.c | 39 ---------
error.h | 17 ----
forward.c | 10 ---
init.c | 50 -----------
list.c | 24 +-----
list.h | 33 +-------
mbuf.c | 16 +---
mbuf.h | 3 +-
misc.c | 23 -----
mroute.c | 6 --
mroute.h | 13 ---
mtcp.c | 5 +-
mudp.c | 3 -
multi.c | 32 +++-----
multi.h | 2 -
openvpn.h | 3 -
options.c | 36 --------
options.h | 5 -
otime.c | 2 -
otime.h | 1 -
perf.c | 4 -
pf.c | 2 +-
plugin.c | 4 -
pool.h | 1 -
schedule.c | 4 -
schedule.h | 8 --
socket.c | 7 --
ssl.c | 5 -
ssl.h | 4 -
syshead.h | 18 ----
thread.c | 156 -----------------------------------
thread.h | 235 -----------------------------------------------------
39 files changed, 26 insertions(+), 1022 deletions(-)
delete mode 100644 thread.c
delete mode 100644 thread.h
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, beta2.2 has been updated
via 513a53284158c6fe3b4c89b59eb10029639407b5 (commit)
via 5682d3394204c788988b3cf67b3443a717704d2c (commit)
from 1aa664cef51e4b4ed4b35e569925acb4fd7b9b52 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 513a53284158c6fe3b4c89b59eb10029639407b5
Merge: 1aa664cef51e4b4ed4b35e569925acb4fd7b9b52 5682d3394204c788988b3cf67b3443a717704d2c
Author: David Sommerseth <da...@us...>
Date: Sun Nov 14 12:42:38 2010 +0100
Merge branch 'feat_misc' into beta2.2
-----------------------------------------------------------------------
Summary of changes:
options.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, feat_misc has been updated
via 5682d3394204c788988b3cf67b3443a717704d2c (commit)
from f0eac1a5979096c671b3674f9d80871f496d1da8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5682d3394204c788988b3cf67b3443a717704d2c
Author: Samuli Seppänen <sa...@op...>
Date: Fri Nov 12 17:30:07 2010 +0200
Added check for variable CONFIGURE_DEFINES into options.c
The file containing CONFIGURE_DEFINES variable, configure.h, is not present if
openvpn is built using the Python + Visual C -based buildsystem. This causes the
build to fail. This patch adds a check to see if variable exists before trying
to use it.
Signed-off-by: Samuli Seppänen <sa...@op...>
Acked-by: Peter Stuge <pe...@st...>
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
options.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, beta2.2 has been updated
via 1aa664cef51e4b4ed4b35e569925acb4fd7b9b52 (commit)
via 61c40649de994c8f2ce713389294134aeb6cc8a7 (commit)
via 8367889e8467ce73b051aa8db64b0336aea8ed4b (commit)
via 22178d05f7912fd51a21a32387982394447d90f6 (commit)
via bbea5bb30f8148546bee0a72e409c6089b84b757 (commit)
via a4bd825b7e6b4d62bfbbadf1b3dbd71fd3f70c25 (commit)
via 58f8d948acf3e9d35a9326b5b4996b55eed75a02 (commit)
via f0eac1a5979096c671b3674f9d80871f496d1da8 (commit)
via 121755c2cb4891f8963ebcab5d61bc09dadf457c (commit)
via fc1fa9ffc7e3356458ec38d43816e5ddeb0c580a (commit)
via 20a4c12783144d798c6b7446bae8920fdfea7adc (commit)
via d053e36df93aabcdb23e9971c48f990aa77bda4e (commit)
via 3cf9dd88fd84108eccfcce0ebf44e00f9481cd82 (commit)
via c68e0cddf024ae5b18f89062bf7164da77f1cf06 (commit)
via 031d18fcb8a2a552aecabb41f1afdfe3f51bdd58 (commit)
via 935c62be9c0c8a256112df818bfb8470586a23b6 (commit)
via c5b7923a2b0a94d702e1dad59438f7ee75971d3b (commit)
via 339f2a4d4b487afa53fa99d72c35b16f31e417d3 (commit)
via 8dd2672d72508e9edec3d24b75e698b2669d7623 (commit)
via ef12b6f57b32cc1e79c87741666d1850d6f25bd9 (commit)
via 63c367398a57c98ab56f8532e3ff3ea8b89ab92e (commit)
via f27bf509315a48b0070294c3993a718df0c2626c (commit)
via 9f4725e86be9700c5894e360e09496d9ee1cfb85 (commit)
via 87afefff8fe7b43b2c5cbba7a03a887fd9c02336 (commit)
via a3982181e284f8c5c8fc15bbbd670da4d91a2ba9 (commit)
via 9bd1cd1b0014041ebff2c2bc9d5614d0bec5f6db (commit)
via 1ed4098663cc0fc5457bd2f6e67b44c0b24e6f6c (commit)
via 6233a9f1ac39a56187f6cf34c4996cbfda5eb588 (commit)
via 63976e0f09c51f3001e487584863f8f3e930a824 (commit)
via d2b0636c491f44bb33b62893f2d3875d54f88fda (commit)
via 228c8b0f1e843e799251adb744f7066d983b2385 (commit)
via 22b055eb0888cefa86e0a6d4a34da6066873be45 (commit)
via 4880739c17b502d00a9ec45c6f6dd3e8bbff057f (commit)
via 30b492a60107d0e28b425239afca2524ac67b9d5 (commit)
from 0bb41e58782ae9834a61491c5964bc9816b76bc8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1aa664cef51e4b4ed4b35e569925acb4fd7b9b52
Merge: 61c40649de994c8f2ce713389294134aeb6cc8a7 f0eac1a5979096c671b3674f9d80871f496d1da8
Author: David Sommerseth <da...@us...>
Date: Sat Nov 13 00:55:02 2010 +0100
Merge branch 'feat_misc' into beta2.2
Conflicts:
Makefile.am
openvpn.8
options.c
socket.c
ssl.c
- feat_misc is missing a lot of bugfix2.1 changes
Signed-off-by: David Sommerseth <da...@us...>
commit 61c40649de994c8f2ce713389294134aeb6cc8a7
Merge: 8367889e8467ce73b051aa8db64b0336aea8ed4b 22178d05f7912fd51a21a32387982394447d90f6
Author: David Sommerseth <da...@us...>
Date: Sat Nov 13 00:49:05 2010 +0100
Merge branch 'bugfix2.1' into beta2.2
commit 8367889e8467ce73b051aa8db64b0336aea8ed4b
Merge: 0bb41e58782ae9834a61491c5964bc9816b76bc8 20a4c12783144d798c6b7446bae8920fdfea7adc
Author: David Sommerseth <da...@us...>
Date: Sat Nov 13 00:48:28 2010 +0100
Merge branch 'svn-BETA21' into beta2.2
Conflicts:
version.m4
- Reset version.m4 to a more neutral version number
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
base64.c | 2 +-
base64.h | 2 +-
init.c | 1 +
misc.c | 158 +++++++++++++++++++++++++++++++++++++++++++++++++++++-------
misc.h | 38 +++++++++++++--
openvpn.8 | 9 ++--
options.c | 8 ++-
options.h | 1 +
proxy.c | 4 ++
push.c | 12 ++++-
route.c | 8 +--
socks.c | 138 ++++++++++++++++++++++++++++++++++++++++++++++++----
socks.h | 2 +
ssl.c | 27 ++++++++++
ssl.h | 11 ++++
syshead.h | 5 ++
tun.c | 147 +++++++++++++++++++++++++++++++++++++++++++++++--------
version.m4 | 2 +-
18 files changed, 506 insertions(+), 69 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, bugfix2.1 has been updated
via 22178d05f7912fd51a21a32387982394447d90f6 (commit)
via 20a4c12783144d798c6b7446bae8920fdfea7adc (commit)
via d053e36df93aabcdb23e9971c48f990aa77bda4e (commit)
via 3cf9dd88fd84108eccfcce0ebf44e00f9481cd82 (commit)
via c68e0cddf024ae5b18f89062bf7164da77f1cf06 (commit)
from bbea5bb30f8148546bee0a72e409c6089b84b757 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
base64.c | 2 +-
base64.h | 2 +-
misc.c | 158 +++++++++++++++++++++++++++++++++++++++++++++++++++++-------
misc.h | 38 +++++++++++++--
push.c | 12 ++++-
ssl.c | 27 ++++++++++
ssl.h | 11 ++++
syshead.h | 5 ++
version.m4 | 2 +-
9 files changed, 231 insertions(+), 26 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, allmerged has been updated
via c4e07d47251d5a2965918dd8337de9a57a083afa (commit)
via 22178d05f7912fd51a21a32387982394447d90f6 (commit)
via 20a4c12783144d798c6b7446bae8920fdfea7adc (commit)
via d053e36df93aabcdb23e9971c48f990aa77bda4e (commit)
via 3cf9dd88fd84108eccfcce0ebf44e00f9481cd82 (commit)
via c68e0cddf024ae5b18f89062bf7164da77f1cf06 (commit)
from ad38eb992625427a8424e50b42e482bc5fcb7d46 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c4e07d47251d5a2965918dd8337de9a57a083afa
Merge: ad38eb992625427a8424e50b42e482bc5fcb7d46 22178d05f7912fd51a21a32387982394447d90f6
Author: David Sommerseth <da...@us...>
Date: Sat Nov 13 00:46:26 2010 +0100
Merge branch 'bugfix2.1' into allmerged
-----------------------------------------------------------------------
Summary of changes:
base64.c | 2 +-
base64.h | 2 +-
misc.c | 158 +++++++++++++++++++++++++++++++++++++++++++++++++++++-------
misc.h | 38 +++++++++++++--
push.c | 12 ++++-
ssl.c | 27 ++++++++++
ssl.h | 11 ++++
syshead.h | 5 ++
version.m4 | 2 +-
9 files changed, 231 insertions(+), 26 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, allmerged has been updated
via ad38eb992625427a8424e50b42e482bc5fcb7d46 (commit)
via bbea5bb30f8148546bee0a72e409c6089b84b757 (commit)
via a4bd825b7e6b4d62bfbbadf1b3dbd71fd3f70c25 (commit)
via 58f8d948acf3e9d35a9326b5b4996b55eed75a02 (commit)
from 7695ad84e29e1c23fb3e9d9c7c84cf6f13783b68 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ad38eb992625427a8424e50b42e482bc5fcb7d46
Merge: 7695ad84e29e1c23fb3e9d9c7c84cf6f13783b68 bbea5bb30f8148546bee0a72e409c6089b84b757
Author: David Sommerseth <da...@us...>
Date: Sat Nov 13 00:25:04 2010 +0100
Merge branch 'bugfix2.1' into allmerged
-----------------------------------------------------------------------
Summary of changes:
openvpn.8 | 9 +++++----
proxy.c | 4 ++++
2 files changed, 9 insertions(+), 4 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, bugfix2.1 has been updated
via bbea5bb30f8148546bee0a72e409c6089b84b757 (commit)
from a4bd825b7e6b4d62bfbbadf1b3dbd71fd3f70c25 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bbea5bb30f8148546bee0a72e409c6089b84b757
Author: David Sommerseth <da...@us...>
Date: Fri Nov 12 23:10:32 2010 +0100
Clarified --explicit-exit-notify man page entry
Reformulated parts of this entry to clarify that the OpenVPN
will not attempt notifying the server unless this option is used.
This misunderstanding was reported anonymously to the old SF.net
tracker.
Signed-off-by: David Sommerseth <da...@us...>
Trac-ticket: 40
-----------------------------------------------------------------------
Summary of changes:
openvpn.8 | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, bugfix2.1 has been updated
via a4bd825b7e6b4d62bfbbadf1b3dbd71fd3f70c25 (commit)
from 58f8d948acf3e9d35a9326b5b4996b55eed75a02 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a4bd825b7e6b4d62bfbbadf1b3dbd71fd3f70c25
Author: Gert Doering <ge...@gr...>
Date: Thu Oct 21 13:13:21 2010 +0200
Improved man page entry for script_type
Signed-off-by: Gert Doering <ge...@gr...>
Acked-by: krzee <je...@do...>
Acked-by: David Sommerseth <da...@us...>
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
openvpn.8 | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, bugfix2.1 has been updated
via 58f8d948acf3e9d35a9326b5b4996b55eed75a02 (commit)
from 59afc4a5f72e22b850cfa2845385172623a38e77 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 58f8d948acf3e9d35a9326b5b4996b55eed75a02
Author: Lars Hupel <hu...@in...>
Date: Thu Sep 30 01:27:36 2010 +0100
Add HTTP/1.1 Host header
OpenVPN should send a Host: header to comply with the HTTP/1.1
specification.
Full discussion of this patch can be found here:
<http://thread.gmane.org/gmane.network.openvpn.devel/4039>
Signed-off-by: Lars Hupel <hu...@in...>
Acked-by: Peter Stuge <pe...@st...>
Acked-by: Gert Doering <ge...@gr...>
Signed-off-by: David Sommerseth <da...@us...>
Trac-ticket: 63
-----------------------------------------------------------------------
Summary of changes:
proxy.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, feat_misc has been updated
via f0eac1a5979096c671b3674f9d80871f496d1da8 (commit)
via 121755c2cb4891f8963ebcab5d61bc09dadf457c (commit)
from fc1fa9ffc7e3356458ec38d43816e5ddeb0c580a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f0eac1a5979096c671b3674f9d80871f496d1da8
Author: Gert Doering <ge...@gr...>
Date: Sat Oct 30 21:03:16 2010 +0200
Make "topology subnet" work on Solaris (ifconfig + route metric changes by Kazuyoshi Aizawa, adding of local "connected subnet" route by me)
Tested on OpenSolaris/i386, no impact for other TARGETs.
Signed-off-by: Gert Doering <ge...@gr...>
Acked-by: Kazuyoshi Aizawa <ad...@wh...>
Signed-off-by: David Sommerseth <da...@us...>
commit 121755c2cb4891f8963ebcab5d61bc09dadf457c
Author: Gert Doering <ge...@gr...>
Date: Fri Oct 29 17:41:53 2010 +0200
Integrate support for TAP mode on Solaris, written by Kazuyoshi Aizawa <ad...@wh...>.
See also http://www.whiteboard.ne.jp/~admin2/tuntap/
Signed-off-by: Gert Doering <ge...@gr...>
Acked-by: Kazuyoshi Aizawa <ad...@wh...>
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
route.c | 8 +--
tun.c | 147 +++++++++++++++++++++++++++++++++++++++++++++++++++++---------
2 files changed, 128 insertions(+), 27 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, feat_misc has been updated
via fc1fa9ffc7e3356458ec38d43816e5ddeb0c580a (commit)
from 031d18fcb8a2a552aecabb41f1afdfe3f51bdd58 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit fc1fa9ffc7e3356458ec38d43816e5ddeb0c580a
Author: Pierre Bourdon <de...@gm...>
Date: Mon Oct 11 00:56:04 2010 +0200
Adding support for SOCKS plain text authentication
This patch adds support for SOCKS plain text (username/password)
authentication as described in RFC 1929. It adds an optional third
parameter to the socks-proxy option, which is a file containing the
login credentials.
I've been using this patch for two weeks now and it does not seem to
cause any problem. The only modifications are in the SOCKS handshake
handling and the options parser.
Signed-Off-By: Pierre Bourdon <de...@gm...>
Acked-by: Gert Doering <ge...@gr...>
Acked-by: David Sommerseth <da...@us...>
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
init.c | 1 +
options.c | 8 +++-
options.h | 1 +
socks.c | 138 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++----
socks.h | 2 +
5 files changed, 138 insertions(+), 12 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
|
From: <ope...@li...> - 2010-11-09 20:25:16
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The annotated tag, v2.1.4 has been created
at 79ee8037bd3d32f0156369777910d0f90e920473 (tag)
tagging 4eb21d226313e81627d589c704ec9fbbeef6d7c4 (commit)
tagged by David Sommerseth
on Sat Nov 6 16:28:45 2010 +0100
- Log -----------------------------------------------------------------
2010.11.04 -- Version 2.1.4
* Fix problem with special case route targets ('remote_host')
The init_route() function will leave &netlist untouched for
get_special_addr() routes ("remote_host" being one of them).
netlist is on stack, contains random garbage, and
netlist.len will not be 0 - thus, random stack data is copied from
netlist.data[] until the route_list is full.
Thanks to Teodo MICU and Gert Doering for finding and fixing this issue.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEABECAAYFAkzVdGcACgkQDC186MBRfrqqMQCfcqUBKjL41gILZfHvorHfEixP
9okAnj8k0W1UcdMXQzZze5fpI5kZOCVN
=StqT
-----END PGP SIGNATURE-----
David Sommerseth (1):
Prepared for a OpenVPN v2.1.4 release
Gert Doering (1):
Fix problem with special case route targets ('remote_host')
James Yonan (31):
Fixed an issue in the Management Interface that could cause
Fixed an issue where if reneg-sec was set to 0 on the client,
Trivial fix to proxy.c -- #define proxy auth type as UP_TYPE_PROXY.
Added stub directive "remote-ip-hint".
Modified ">PASSWORD:Verification Failed" management interface
Version 2.1.1c
Set socket buffers (SO_SNDBUF and SO_RCVBUF) immediately after
Updated MSVC build scripts to Visual Studio 2008:
Management interface performance optimizations:
Minor change to doclean script:
Added Python-based build system for Windows in
Updated copyright date to 2010.
Fixed issue on Windows with MSVC compiler, where TCP_NODELAY support
Proxy improvements:
Minor fixes to recent HTTP proxy changes:
Implemented http-proxy-override and http-proxy-fallback directives to make it
Implemented a key/value auth channel from client to server.
Fixed issue where bad creds provided by the management interface
Added support for MSVC debugging of openvpn.exe in settings.in:
Fixed bug in proxy fallback capability where openvpn.exe could
Version 2.1.1k
Implemented multi-address DNS expansion on the network field of route
Added --register-dns option for Windows.
Added win/build_exe.py script, which is similar to
Fixed typo: missing comment close.
Fixed an issue where application payload transmissions on the
Added "net stop dnscache" and "net start dnscache" in front
Distribute win directory (Python/MSVC-based build system)
Added warning about tls-remote in man page.
Windows security issue:
Attempt to fix issue where domake-win build system was not properly
james (428):
This is the start of the BETA21 branch.
version 2.1_beta1
Added scripting code to Makefile.am to ignore .svn
svn merge -r 582:585 $SO/trunk/openvpn
Renamed sample-keys/tmp-ca.crt to ca.crt.
version 2.1_beta1
Fixed an oops -- compression debugging output was turned on.
Fixed version oops in ChangeLog.
Added support for openvpn_plugin_select_initialization_point_v1
svn merge -r 585:599 https://svn.openvpn.net/projects/openvpn/trunk
version 2.1_beta2
Makefile.am needs to do a rm -rf on .svn directories
Renamed plugin to plugins to work around
Merged PKCS#11 patch.
added *.orig to .svnignore
Minor PKCS#11 changes.
added *.rej to .svnignore
Enable the use of --ca together with --pkcs12. If --ca is
Merged --capath patch (Thomas Noel).
svn merge -r 618:619 $SO/patches/openvpn-2-0_rc16-mh/openvpn
svn merge -r 614:615 $SO/patches/openvpn-2-1_alpha3a-tcpbind
Minor style cleanup for --enable-pedantic.
Changed tap-win32 version number in
Fixed some minor build issues with PKCS11 patch:
VERSION 2.1_beta3
Fixed bug introduced in 2.1-beta3 where management
ChangeLog edit
Reverted plugin directory location.
VERSION 2.1_beta4
VERSION 2.1_beta4 (re-released)
Brought up-to-date with Alon's PKCS11 patch at
Brought up-to-date with Alon's PKCS11 patch at
Fixed double fork bug.
Merged with Alon's tree @ r660
svn merge -r 670:672 $SO/trunk/openvpn
Allow OPT_P_SOCKFLAGS to be specified in
Moved socket setting log info to --verb 3 from 4.
Make sure that install-win32/prebuild gets
Merged with Alon's r688.
Addition of M_NOLF to error.h means that we need
Modified get_default_gateway code for Windows
Modified get_default_gateway code for Linux
ChangeLog edit
Some changes to GET_USER_PASS_NEED_OK flag to
Added actual remote address used to the ">STATE" alert
ChangeLog edit
Merge with https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21@712
Removed #warn from ssl.c
Merge with https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21@719
Merge with https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21@726
svn merge -r 672:731 $SO/trunk/openvpn
Changes to Windows build configuration to
Windows reliability changes:
svn merge -r 734:737 $SO/trunk/openvpn
ChangeLog edit
VERSION 2.1_beta5
Merged 2.0.4 changes.
More PKCS#11 changes.
VERSION 2.1_beta6
Moved easy-rsa 2.0 scripts to easy-rsa/2.0 to
Edited prebuild to properly get the easy-rsa/1.0
ChangeLog edit
svn merge -r 760:764 $SO/trunk/openvpn
Documented --route-nopull.
Documented --ip-win32 adaptive.
Changelog note about Windows build
svn merge -r 770:771 $SO/trunk/openvpn
Allow blank passwords to be passed via the management interface.
svn merge -r 771:780 $SO/trunk/openvpn
Merged /contrib/alon/BETA21@778
Added ENABLE_INLINE_FILES feature.
Removed annoying 'i' variable from add_option.
Merged (with some changes) Alon's
updated version number to 2.1_beta7
Fixed update_time to use a better algorithm for
Backed out change to update_time to handle time
Merged --remote-cert-ku, --remote-cert-eku, and
Fixed minor typos in --remote-cert-* documentation.
Reduce sensitivity to system clock instability
PKCS#11 fixes to interact with new backtrack-hardened
For Windows, set ip-win32 default back to dynamic.
Version 2.1_beta7 released
Merged PKCS11 changes from Alon:
Fixed minor man page formatting issue.
--remap-usr1 will now also remap signals thrown during initialization.
Added --connect-timeout option to control the timeout
Modified nonblocking connect code so that this works as it should:
svn merge -r 823:825 $SO/contrib/alon/BETA21/openvpn .
svn merge -r 780:820 $SO/trunk/openvpn .
Patch to support --topology subnet on Mac OS X (Mathias Sundman).
Fixed segfault that occurred if remote_cert_eku is undefined and no
Fixed some gcc 4 warnings in misc.c.
Inline file capability now works for
First attempt at automatic proxy detection,
Added --auto-proxy directive to auto-detect HTTP or SOCKS
Don't warn user if he uses user/group/chroot and
svn merge -r 845:854 $SO/trunk/openvpn .
Fixed bug in automatic Win32 PATH setting code.
--ip-win32 adaptive is now the default.
Added new option --route-method adaptive (Win32)
Man page and usage message changes to reflect
Some PKCS11-related code wasn't properly #ifdefed.
Minor ChangeLog edit.
Added OPENVPN_PLUGIN_TLS_FINAL plugin callback.
svn merge -r 854:863 $SO/trunk/openvpn
Fixed bug with tls-auth and key-direction parameter
Added patch to modify openvpn.nsi for building
incremented version number to 2.1_beta7b
Version 2.1_beta8 released
Small fixes:
pkcs11 fixes.
Added --management-client option to connect as a client to
Added feature to --management-client to confirm connection
Added "bytecount" command to management interface.
Added --port-share option for allowing OpenVPN and HTTPS
svn merge -r 888:889 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 21
Version 2.1_beta9 released
Version 2.1_beta10 released
Added comments to ps.c (port share proxy code).
ps.c debug code
Port share proxy bug fixes.
Version 2.1_beta11 released
Minor fixes for gcc (GCC) 4.0.2 warnings.
Security Vulnerability -- An OpenVPN client connecting to a
"topology subnet" fix for FreeBSD (Benoit Bourdin).
Added man page entry for --setenv-safe.
I've recently worked on a better version of pkcs11-helper. I've also merged
svn merge -r 886:987 $SO/trunk/openvpn .
Version 2.1_beta12 released
Added credit and CVE number to security vulnerability fix in 2.0.6.
svn merge -r 999:1000 $SO/trunk/openvpn .
Version 2.1_beta13 released
Temporarily backed out time backtrack handling code
Merged PKCS#11 extensions to easy-rsa/2.0 (Alon Bar-Lev).
Re-added backtrack handling code.
ChangeLog edits.
Version number increment.
Added --route-metric option to set a default route metric
Added --lladdr option to specify the link layer (MAC) address
Version 2.1_beta14 released
Added credit for CAN-2005-2532.
A few more updates:
Added optional minimum-number-of-bytes
-r 1026:1032
Eliminated gcc 3.3.3 warnings on NetBSD
Modified --port-share code to remove the assumption that
Removed spurious executable propset from
Removed 'keywords' propset from everything
Minor syshead.h change for NetBSD to allow
Added two new management states:
pkcs11 changes:
Fixed bug introduced with the --port-share directive
Comment about assertion being hit.
Version 2.1_beta15 released
TAP-Win32 fixes to run on Windows Vista.
Fixed bug in loopback self-test introduced
ChangeLog edits for r1229 and r1230.
Documented --socket-flags and the TCP_NODELAY flag.
For Windows build, updated OpenSSL to 0.9.7l.
Version 2.1_beta16 released
Merged Alon's branch:
auth-pam change: link with -lpam rather
Prevent SIGUSR1 or SIGHUP from causing program
SO_REUSEADDR should not be set on Windows TCP sockets because
Fixed typo in tapdrvr.c -- the fix is functionally cosmetic
PROTO_TCPv4 is never used as an index into
Added #ifdefed out AUTO_USERID feature.
Added time_ascii, time_duration, and time_unix
Interim snapshot 2.1_rc1a
Fixed issue where OpenVPN does not apply the --txqueuelen option
Backed out AUTO_USERID feature introduced in r1436.
Attempt at rational signal handling when in the
New try at AUTO_USERID.
Revert TAP-Win64 binaries to tapbin64-0801
Interim snapshot 2.1_rc1b
Fixed issue where struct env_set methods that
updated valgrind-suppress for OpenSSL 0.9.8
Interim snapshot 2.1_rc1c
--reneg-sec clarification in man page.
Renamed TAP-Win32 driver from tap0801.sys to tap0901.sys
The Windows version will now use a default route-delay
Worked around an incompatibility in the Windows Vista
On Windows, revert to "ip-win32 dynamic" as the default.
Version 2.1_rc2 released
Include tap.cat (TAP driver catalog file) in Windows
TAP driver fix for Vista x64 BSOD.
Allow installation of TAP-Win64
Changes to Windows build environment, to allow straightforward building
Added service configuration to install-win32/winconfig
Added maketap and signtap scripts.
Added maketapinstall.
./domake-win will now do a full build of the installer
Forgot to svn add buildinstaller before last commit.
Cleaned up Windows build scripts.
Windows TAP driver license text changes.
Don't build special x64 version of tapinstall.exe
Revert r1773
Added options to version.nsi that allow prebuilt
Updated build system and tap driver to work with
Use Server 2003 rather than Vista as x64 target for tap/tapinstall.
Clean up configure on FreeBSD for recent autotool versions that
The easy-rsa directory installed by the windows installer comes with the
Added OpenVPN GUI (Mathias Sundman version) as install
Added a Windows README file to the installer than
Moved OpenVPN version number from configure.ac
Version is now specified in version.m4 for both
Version 2.1_rc3
Forgot to add changelog item about OpenVPN GUI being
TAP driver now passes signing tests on Vista x64.
misc Windows build system changes
Fixed 64-bit portability bug in time_string function (Thomas Habets).
Version 2.1_rc4
script comment changes
Fixed a variable declaration that wasn't at the start
updated icon
config-win32.h and install-win32/openvpn.nsi are no longer generated
AUTO_USERID feature -- if the auth-user-pass option is used
Add "forget-passwords" command to the management interface (Alon Bar-Lev).
Added --management-signal option to signal SIGUSR1 when the management
Modified command line and config file parser to allow
Use pkcs11-helper as external library, can be downloaded
PKCS-11 fixups (Alon Bar-Lev).
Added note about alternative version of easy-rsa
Fixed interim memory growth issue in TCP connect loop where
epoll driver in event.c should be prepared to handle an
Simple fix where options->ca_file was used without
Define ALLOW_NON_CBC_CIPHERS for people who don't
Added PLUGIN_LIBDIR preprocessor string to prepend a default plugin
Rewrote extract_x509_field and modified COMMON_NAME_CHAR_CLASS
Allow OpenVPN to run completely unprivileged under Linux
Fixed --disable-iproute2 in ./configure to actually disable
Changed ASSERT(0) to a more descriptive fatal error in tun.c
Incremented version number to 2.1_rc4a.
Upgraded TAP build scripts to use WDK 6001.17121
Added --management-forget-disconnect option -- forget
Incremented TAP version number to 9.4.
Squashed Win2K TAP bug that was introduced by Vista fixes.
Forgot to put struct WIN2K_NDIS_MINIPORT_BLOCK outside
VERSION 2.1_rc5
Fixed pkcs11_private_mode undef.
VERSION 2.1_rc6
Added a few extra files that exist in the svn repo
Fixup null interface on close, don't use ip addr flush
Version 2.1_rc7
Changes to Windows build system to make it easier to do
Changes to Windows build system: added GENOUT_PREBUILT mode
Cleanup IP address for persistence interfaces for tap and also using
The new function extract_x509_field_ssl tends to break
Clarified tcp-queue-limit man page entry
Version 2.1_rc7a.
Added new OpenVPN icon and installer graphic.
First working version of XGUI inclusion.
Set tool defaults in pkitool.
Misc XGUI fixes.
Moved branch into official BETA21 position.
Modified .svnignore to only ignore files generated
Did:
Support asynchronous/deferred authentication in
Fixed a bug in plugin.c that caused openvpn_plugin_client_destructor_v1
Incremented version to 2.1_rc7d.
In auth-pam authentication module, even when in debug mode,
Fixed an issue in extract_x509_field_ssl where the extraction
Fixed unbounded memory growth bug in
Added support for building and linking with
Updated version to 2.1_rc7e.
Merged connection profiles from
Updated version & changelog.
Updated copyright notice to 2008.
Version 2.1_rc8
Copyright change OpenVPN Solutions LLC -> Telethra, Inc.
Added likely() and unlikely() branch prediction hint macros
Used unlikely() macro to tell compiler that msg() will
In the Windows version of tun_finalize, on errors that would
Added SOCKET_SND_RCV_BUF_MAX constant (set to 1000000) to limit the
Fixed issue in read_key_file, where the return value of
Fixed a potential information leak in the new NTLM phase 3 code,
Support wraparound of reliable.[ch] packet IDs. In
Removed old version of extract_x509_field.
Check for multiplication overflow on ALLOC_ARRAY* functions.
Added warning when using chroot without specifying user and group.
Call prng_init after fork in background process
gen_path now rejects filenames that match Windows
Previously, OpenVPN might log a client's auth-user-pass
Modified create_temp_filename to create unpredictable
Fixed code inclusion bug that was erroneously testing
gen_path will no longer silently truncate the generated
status_printf function will now set error flag on
Fixed format string issue in read_inline_file,
Reverted some recent buffer.[ch] changes, including r3058 (except for
Added a warning when plugins are specified without
Replace leading dash ('-') characters in an X509 name with underbars ('_')
Modified extract_x509_field_ssl to return a status value indicating
buf_printf will now return false on errors, such as truncation
Added argv_x functions to buffer.[ch] to be used to safely build
Completely revamped the system for calling external programs and scripts:
Fixed compiler warnings in Windows build (MinGW).
Perform additional input validation on options pulled
Added a warning message when passwords are cached in memory.
Added additional defensive programming to buffer.[ch] functions.
Added additional warnings for:
Updated ChangeLog and version number.
In Windows build, package a statically linked openssl.exe to work around
Version 2.1_rc9
Added "--server-bridge" (without parameters) to enable
Fixed minor issue with --redirect-gateway bypass-dhcp or bypass-dns
Added additional warnings to flag common gotchas:
Workaround for MinGW autoconf issue where HAVE_SETSOCKOPT,
Reverted r3181, accomplish the same thing via a special case
Updated openvpn/t_cltsrv.sh (used by "make check") to conform to new
Tagged security fix in 2.1-rc9 as CVE-2008-3459.
Fixed build issue with ./configure --disable-socks --disable-http.
Workaround bug in OpenSSL 0.9.6b ASN1_STRING_to_UTF8, which
LZO compression buffer overflow errors will now invalidate
Fixed minor compile issue in ntlm.c (mid-block declaration).
Added --allow-pull-fqdn option which allows client to pull DNS names
2.1_rc8 and earlier did implicit shell expansion on script
Modified ip_or_dns_addr_safe, which validates pulled DNS names,
Fixed bug in intra-session TLS key rollover that was introduced with
Version 2.1_rc9b
Version 2.1_rc10
Version 2.1_rc11
Patched Makefile.am so that the new t_cltsrv-down.sh script becomes
Fixed --lladdr bug introduced in 2.1-rc9 where input validation code
Version 2.1_rc12
Management interface can now listen on a unix
Copyright notice changed to reflect change in name of
Version 2.1_rc13
Added AC_GNU_SOURCE to configure.ac to enable struct ucred,
Added additional warning messages about --script-security 2
Modified Windows domake-win build system to write all openvpn.nsi
Added optional files SAMPCONF_CONF2 (second sample configuration
Extended Management Interface "bytecount" command
Fixed informational message in ssl.c to properly indicate
Save X509 Subject fields to environment, using the naming convention:
Change to pkitool/openssl.cnf so that calling scripts can
Added server-side --auth-user-pass-optional directive, to allow
Added man page entry for new environmental variable set
Modified pkitool to allow flexibility in separating
Added --status-version 3 which is the same as version 2
Added --no-name-remapping option to allow Common Name, X509 Subject,
Updated docs to reflect the addition of
Fixed some ifconfig-pool issues that precluded
Fixed revoke-full to deal with issue arising from addition
Added config file option "setenv FORWARD_COMPATIBLE 1" to relax
Minor fix to previous commit (r3476).
Interim release.
* Added additional method parameter to --script-security to preserve
Version 2.1_rc14
Added --prng option to control PRNG (pseudo-random
Added server-side --opt-verify option: clients that connect
Minor options check fix: --no-name-remapping is a
Cleaned up man page synopsis.
Added --tcp-nodelay option: Macro that sets TCP_NODELAY socket
Fixed issue introduced in 2.1_rc14 that may cause a
Version 2.1_rc15
Added optional "nogw" (no gateway) flag to --server-bridge
Added new management interface command "pid" to show the
Added ExtractAuxFile capability to Windows Installer.
Added MultiFileExtract capability to Windows Installer.
Added "nclients" command to management interface to
Added n_clients environmental variable to information passed
Version 2.1_rc15b
Fixed issue where SIGUSR1 restarts would fail if private
Added daemon_start_time and daemon_pid environmental variables.
In Windows installer generator, don't sign the installer .exe
Version 2.1_rc15e
Fixed some issues with C++ style comments that leaked into the code.
Fixed some compile-time warnings.
Updated configure.ac to work on MinGW.
Updated common.h types for _WIN64.
Fixed issue involving an #ifdef in a macro reference that breaks early gcc
install-win32/buildinstaller will now always sign executable
Added the ability to read the configuration file
Allow "management-client" directive to be used
Added errors-to-stderr option. When enabled, fatal errors
Updated Windows build scripts to package openssl-0.9.8k,
Version 2.1_rc16
Reduce the debug level (--verb) at which received management interface
Fixed race condition in management interface recv code on
Added "redirect-private" option which allows private subnets
Added new 'autolocal' redirect-gateway flag. When enabled, the OpenVPN
Fixed issue of symbol conflicts interfering with Windows CryptoAPI
Fixed bug where the remote_X environmental variables were not being
Update copyright to 2009.
Version 2.1_rc17
Fixed compile error on ./configure --enable-small
Fixed issue introduced in r4475 (2.1-rc17) where cryptoapi.c change
Version 2.1_rc18
In configure.ac, use datadir instead of datarootdir for compatibility
Rename generated tapdrvr.cod to a unique name to avoid the issue where
In Windows TAP driver, refactor DHCP/ARP packet injection code to
OpenVPN version 2.1_rc19 released
Fixed build problem when ./configure --disable-server is used.
Fixed ifconfig command for "topology subnet" on FreeBSD (Stefan Bethke).
Added --remote-random-hostname option.
Added "load-stats" management interface command to get global
Added PLATFORM-SPECIFIC comment tag to platform-specific functions
Added new ./configure flags:
Added "setcon" directive for interoperability with SELinux
Updated version number to 2.1_rc19c.
Modified client to send a PUSH_REQUEST message to server 1 second
The maximum number of "route" directives (specified in the config
Eliminated the limitation on the number of options that can be pushed
Added --server-poll-timeout option : when polling possible remote
Fixed a bug introduced in r4436 (2.1_rc17) where using the
Added the ability for the server to provide a custom reason string
Minor fix: management interface shouldn't echo 'load-stats' commands to
client-kill management interface command, when issued on server, will
Version 2.1_rc20
Fixed issue where some .svn directories were being inadvertently
Added "setenv GENERIC_CONFIG" directive, for generic configs
On server, lock session username against changes in mid-session TLS
Change to doval valgrind script. The openvpn command parameter is now
On server, lock client-provided certs against mid-session TLS
Version 2.1_rc20a
Version 2.1_rc21
Increase MAX_CERT_DEPTH to 16 (from 8), and when exceeded,
Fixed a client-side bug that occurred when the "dhcp-pre-release"
Version 2.1_rc22
Fixed a couple issues in sample plugins auth-pam.c and down-root.c:
Documented --multihome in the man page.
Clarified that TAP-Win32 driver is licensed under GPL 2.
Version 2.1.0
Fixed some breakage in openvpn.spec (which is required to build an
When aborting in a non-graceful way, try to execute do_close_tun in
Fixed an issue where AUTH_FAILED was not being properly delivered
Don't advance the connection list on AUTH_FAILED errors.
Version 2.1.1b
-----------------------------------------------------------------------
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, released-2.1 has been created
at 4eb21d226313e81627d589c704ec9fbbeef6d7c4 (commit)
- Log -----------------------------------------------------------------
commit 4eb21d226313e81627d589c704ec9fbbeef6d7c4
Author: David Sommerseth <da...@us...>
Date: Thu Nov 4 20:35:24 2010 +0100
Prepared for a OpenVPN v2.1.4 release
Also added a missing changelog for 2.1.3.
Signed-off-by: David Sommerseth <da...@us...>
commit b5da875c06d7ea028d32f369873eb700c82d93d4
Author: Gert Doering <ge...@gr...>
Date: Thu Oct 21 10:35:29 2010 +0200
Fix problem with special case route targets ('remote_host')
The init_route() function will leave &netlist untouched for
get_special_addr() routes ("remote_host" being one of them).
netlist is on stack, contains random garbage, and netlist.len
will not be 0 - thus, random stack data is copied from
netlist.data[] until the route_list is full.
This issue has been reported several places lately:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600166
http://thread.gmane.org/gmane.network.openvpn.devel/4083
https://forums.openvpn.net/viewtopic.php?f=1&t=7201&p=8168
Signed-off-by: Gert Doering <ge...@gr...>
Acked-by: David Sommerseth <da...@us...>
Acked-by: James Yonan <ja...@op...>
Signed-off-by: David Sommerseth <da...@us...>
(cherry picked from commit 59afc4a5f72e22b850cfa2845385172623a38e77)
-----------------------------------------------------------------------
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, svn-BETA21 has been updated
via 20a4c12783144d798c6b7446bae8920fdfea7adc (commit)
via d053e36df93aabcdb23e9971c48f990aa77bda4e (commit)
via 3cf9dd88fd84108eccfcce0ebf44e00f9481cd82 (commit)
via c68e0cddf024ae5b18f89062bf7164da77f1cf06 (commit)
from 51e6e5b0f14db8bf5a6b6ebee26678fe8b623ad4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 20a4c12783144d798c6b7446bae8920fdfea7adc
Author: James Yonan <ja...@op...>
Date: Thu Oct 28 05:01:24 2010 +0000
Version 2.1.3b
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6585 e7ae566f-a301-0410-adde-c780ea21d3b5
commit d053e36df93aabcdb23e9971c48f990aa77bda4e
Author: James Yonan <ja...@op...>
Date: Sun Oct 24 09:17:24 2010 +0000
Make base64.h have the same conditional compilation expression as
base64.c.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6569 e7ae566f-a301-0410-adde-c780ea21d3b5
commit 3cf9dd88fd84108eccfcce0ebf44e00f9481cd82
Author: James Yonan <ja...@op...>
Date: Sun Oct 24 09:12:47 2010 +0000
Implement challenge/response authentication support in client mode,
where credentials are entered from stdin. This capability is
compiled when ENABLE_CLIENT_CR is defined in syshead.h (enabled
by default).
Challenge/response support was previously implemented for creds
that are queried via the management interface. In this case,
the challenge message will be returned as a custom
client-reason-text string (see management-notes.txt for more
info) on auth failure.
Also, see the comments in misc.c above get_auth_challenge()
for info on the OpenVPN challenge/response protocol.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6568 e7ae566f-a301-0410-adde-c780ea21d3b5
commit c68e0cddf024ae5b18f89062bf7164da77f1cf06
Author: James Yonan <ja...@op...>
Date: Sat Oct 23 22:32:00 2010 +0000
Fixed initialization bug in route_list_add_default_gateway
(Gert Doering).
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@6566 e7ae566f-a301-0410-adde-c780ea21d3b5
-----------------------------------------------------------------------
Summary of changes:
base64.c | 2 +-
base64.h | 2 +-
misc.c | 158 +++++++++++++++++++++++++++++++++++++++++++++++++++++-------
misc.h | 38 +++++++++++++--
push.c | 12 ++++-
route.c | 2 +
ssl.c | 27 ++++++++++
ssl.h | 11 ++++
syshead.h | 5 ++
version.m4 | 2 +-
10 files changed, 233 insertions(+), 26 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, allmerged has been updated
via 7695ad84e29e1c23fb3e9d9c7c84cf6f13783b68 (commit)
from bd948f27a9aba46db03a7312be5fd035ca859401 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7695ad84e29e1c23fb3e9d9c7c84cf6f13783b68
Author: David Sommerseth <da...@us...>
Date: Thu Apr 22 23:29:34 2010 +0200
Solved hidden merge conflict between feat_misc and bugfix2.1
The OCSP patch (commit a3982181e284f8c5c8f, feat_misc) introduced
a new function which was calling create_temp_filename(). When merging
in bugfix2.1 into allmerged, create_temp_filename() got renamed to
create_temp_file() in commit 5d30273a8741d2c141.
This patch only changes create_temp_filename() to create_temp_file()
in the new function introduced by commit a3982181e284f8c5c8f.
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
ssl.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, allmerged has been updated
via bd948f27a9aba46db03a7312be5fd035ca859401 (commit)
from 1fac0dbc2d8029366bf26ef21def502279b54e3c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bd948f27a9aba46db03a7312be5fd035ca859401
Author: David Sommerseth <da...@us...>
Date: Thu Oct 21 21:47:04 2010 +0200
Use a version which is more understandable by OpenVPN-GUI
OpenVPN-GUI gets grumpy if it don't get some kind of version information
after the 'openvpn-' string.
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
Summary of changes:
bootstrap.sh | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, bugfix2.1 has been updated
via 59afc4a5f72e22b850cfa2845385172623a38e77 (commit)
from d6b783a8ec505c8e158bd0304c5e195cff5bb8c3 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
route.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, allmerged has been updated
via 1fac0dbc2d8029366bf26ef21def502279b54e3c (commit)
via 59afc4a5f72e22b850cfa2845385172623a38e77 (commit)
from a87d5d8ae8bb7b820b90cf5d6c4c99169b29b340 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1fac0dbc2d8029366bf26ef21def502279b54e3c
Merge: a87d5d8ae8bb7b820b90cf5d6c4c99169b29b340 59afc4a5f72e22b850cfa2845385172623a38e77
Author: David Sommerseth <da...@us...>
Date: Thu Oct 21 21:35:54 2010 +0200
Merge branch 'bugfix2.1' into allmerged
-----------------------------------------------------------------------
Summary of changes:
route.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenVPN with experimental and new features - which requires a lot of testing".
The branch, beta2.2 has been created
at 0bb41e58782ae9834a61491c5964bc9816b76bc8 (commit)
- Log -----------------------------------------------------------------
commit 0bb41e58782ae9834a61491c5964bc9816b76bc8
Author: David Sommerseth <da...@us...>
Date: Sat Aug 21 23:46:30 2010 +0200
Preparing for v2.2-beta3
Signed-off-by: David Sommerseth <da...@us...>
commit 4bf989571a74f90bb5d783072919862d2b64034e
Author: David Sommerseth <da...@us...>
Date: Mon Aug 16 20:23:49 2010 +0200
Fixed compiler warning in ssl.c
James Yonan noticed a couple of compiler warnings when compiling with
--enable-strict configured. This patch was sent directly to him
for review and got accepted.
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: James Yonan <ja...@op...>
commit 6cc43bf573700b2391ae462651190a3b209da2c8
Author: David Sommerseth <da...@us...>
Date: Thu Apr 22 23:29:34 2010 +0200
Solved hidden merge conflict between feat_misc and bugfix2.1
The OCSP patch (commit a3982181e284f8c5c8f, feat_misc) introduced
a new function which was calling create_temp_filename(). When merging
in bugfix2.1 into allmerged, create_temp_filename() got renamed to
create_temp_file() in commit 5d30273a8741d2c141.
This patch only changes create_temp_filename() to create_temp_file()
in the new function introduced by commit a3982181e284f8c5c8f.
Signed-off-by: David Sommerseth <da...@us...>
(cherry picked from commit 926d1662e4d9e14b50eddec993b2f4e0209c0646)
commit 238f81b9097c6ec70be3080b23cce46ad635e54c
Author: Emilien Mantel <emi...@bu...>
Date: Sat Jun 26 13:56:48 2010 +0200
Fixed static defined length check to use sizeof()
This comes in addition to commit 935c62be9c0c8a256112d after some
additional review comments.
Signed-off-by: Emilien Mantel <emi...@bu...>
Acked-by: Peter Stuge <pe...@st...>
Signed-off-by: David Sommerseth <da...@us...>
commit 2e8337de248ef0b5b48cbb2964da0d5c3f28b15b
Author: Emilien Mantel <emi...@bu...>
Date: Thu Jun 17 21:38:59 2010 +0200
Choose a different field in X509 to be username
For my company, we use a PKI (linked to a LDAP) with OpenVPN. We can't use "CN" to be
username (few people can have the same "CN"). In our case, we only use the UID.
With my patch, you can choose another field to be username with a new option called
--x509-username-field, the default value is "CN".
Signed-off-by: Emilien Mantel <emi...@bu...>
Acked-by: David Sommerseth <da...@us...>
Signed-off-by: David Sommerseth <da...@us...>
commit 8bebb729a53ae423d0867648f0c12868a96cafde
Author: Fabian Knittel <fab...@av...>
Date: Tue May 4 16:21:47 2010 +0200
ssl.c: fix use of openvpn_run_script()'s return value
This patch fixes two bugs introduced in
commit 339f2a4d4b487afa53fa99d72c35b16f31e417d3
Author: David Sommerseth <da...@us...>
Date: Thu Apr 29 23:35:45 2010 +0200
David's patch replaced openvpn_execve() with openvpn_run_script() in two places,
but didn't adjust the return value handling. openvpn_run_script() returns true
or false, while openvpn_execve() returns the program's exit code.
Without the fix, the --tls-verify script and the --auth-user-pass-verify
script fail to run. (I noticed the latter, but haven't actually tested the
former.)
The return value handling is fine for the other places where
openvpn_run_script() is used, because those places previously used
openvpn_execve_check() (notice the "_check" suffix).
Signed-off-by: Fabian Knittel <fab...@av...>
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: David Sommerseth <da...@us...>
commit c2533d18ce6da1bd43502f9f2923541c578864e9
Author: David Sommerseth <da...@us...>
Date: Thu Apr 29 23:35:45 2010 +0200
Revamped the script-security warning logging (version 2)
The main task of this patch is to avoid reporting the SCRIPT_SECURITY_WARNING
over and over again, in addition to not show this warning when it should not
be a problem. This general warning should now only appear once, and only when
--script-security is not set, 0 or 1. In all other cases this warning should
not appear.
In addition, this warning will come close to the script-hook which most probably
will fail. It will also give a little bit more concrete hint on which script-hook
which failed. If --script-security is 2 or 3, only the execve failure itself will
be shown. This message will on the other hand be shown repeatedly.
This is a new rewritten version which simplifies the implementaion of the new
openvpn_run_script() function. It was considered to remove it completely, but
due to code clearity and easy of use it was decided to make this function a static
inline function instead. Anyhow, this function will enforce openvpn_execve_check()
to be called with the S_SCRIPT flag.
Patch ACKed on the developers meeting 2009-04-29.
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: James Yonan <ja...@op...>
commit aa6e58ae0e110eb92775aa1982f5f363057bcd43
Author: David Sommerseth <da...@us...>
Date: Thu Apr 22 23:05:00 2010 +0200
Don't add compile time information if --enable-small is used
This is to satisfy those wanting to build openvpn for embedded devices
where every bytes matters.
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: Gert Doering <ge...@gr...>
commit 3ee62caf112c1e8c9a79079b0cb0648446915caa
Author: David Sommerseth <da...@us...>
Date: Tue Apr 13 15:12:27 2010 +0200
Make use of automake CLEANFILES variable instead of clean-local rule
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: Gert Doering <ge...@gr...>
commit 043b61b2a5a30d5d45b15e9f8de7b72052225727
Author: David Sommerseth <da...@us...>
Date: Thu Apr 22 23:01:31 2010 +0200
Fix dependency checking for configure.h (v2)
Alon Bar-Lev indicated commit f27bf509315a48b0070294c3993a718df0c2626c
was missing proper dependency checking. This patch corrects this and
fixes an issue when creating configure.h via make distcheck.
This is an enhanced version of the one sent to the openvpn-devel mailing
list April 13, 2010 [1], after having received some feedback from Gert
Doering, cleaning up configure_log.awk further.
[1] <http://thread.gmane.org/gmane.network.openvpn.devel/3410/focus=3491>
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: Gert Doering <ge...@gr...>
commit d94049b8284cdddd90fc17cc171fbf20fcc12780
Author: David Sommerseth <da...@us...>
Date: Thu Apr 8 20:31:01 2010 +0200
Add comile time information/settings from ./configure to --version
This patch will create ./configure.h which will contain two new #define
strings. CONFIGURE_DEFINES will contain all USE, ENABLED, DISABLED and
DEPRECATED defines from ./config.h. CONFIGURE_CALL will contain the
complete ./configure line which was used when configuring the package
for building.
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: James Yonan <ja...@op...>
commit 6dc60191ddf8673db7d156e6b90fb794e4fa350a
Author: Wil Cooley <wc...@us...>
Date: Tue Mar 2 21:54:15 2010 +0100
pkitool lacks expected option "--help"
The pkitool script lacks the "--help" parameter to actually display the
usage statement; most people are conditioned to try that before running the
command without options. This patch adds that and "--version" to display
just the program name and version.
sf.net tracker:
<https://sourceforge.net/tracker/?func=detail&atid=454721&aid=1705407&group_id=48978>
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: Jan Just Keijser <ja...@ni...>
commit d04b8582a8d9cda4e886019c81f24712663e97b4
Author: Karl O. Pinc <ko...@mo...>
Date: Tue Mar 2 21:41:06 2010 +0100
Several updates to openvpn.8 (man page updates)
This is a collection of 4 patches sent to the -devel mailing list:
* [PATCH] Frob the openvpn(8) man page tls-verify section to clarify
* [PATCH] More improvments to openvpn(8) --tls-verify
* [PATCH] Yet another tweak of openvpn(8) --tls-verify
* [PATCH] Final frobbing of openvpn(8) --tls-verify
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: David Sommerseth <da...@us...>
commit 39238d1b173d8b7f08e061dd51e30605ce722e92
Author: Mathieu GIANNECCHINI <mat...@fr...>
Date: Tue Mar 2 00:26:57 2010 +0100
enhance tls-verify possibility
It should be nice to enhance tls-verify check possibilities against peer
cert during a pending TLS connection like :
- OCSP verification
- check any X509 extensions of the peer certificate
- delta CRL verification
- ...
This patch add a new "tls-export-cert" option which allow to get peer
certificate in PEM format and to store it in an openvpn temporary file.
Peer certificate is stored before tls-script execution and deleted after.
The name of the related temporary file is available under tls-verify
script by an environment variable "peer_cert".
The patch was made from OpenVPN svn Beta21 branches.
Here is a very simple exemple of Tls-verify script which provide OCSP
support to OpenVPN (with tls-export-cert option) without any OpenVPN
"core" modification :
X509=$2
openssl ocsp \
-issuer /etc/openvpn/ssl.crt/RootCA.pem \
-CAfile /etc/openvpn/ssl.capath/OpenVPNServeur-cafile.pem \
-cert $peer_cert \
-url http://your-ocsp-url
if [ $? -ne 0 ]
then
echo "error : OCSP check failed for ${X509}" | logger -t
"tls-verify"
exit 1
fi
This has been discussed here:
<http://thread.gmane.org/gmane.network.openvpn.devel/2492>
<http://thread.gmane.org/gmane.network.openvpn.devel/3150>
<http://thread.gmane.org/gmane.network.openvpn.devel/3217>
This patch has been modified by David Sommerseth, by fixing a few issues
which came up to during the code review process. The man page has been
updated and tmp_file in ssl.c is checked for not being NULL before calling
delete_file().
Signed-off-by: David Sommerseth <da...@us...>
Acked-by: Gert Doering <ge...@gr...>
commit 0c1f7ad5e84e7a79bd3f982cba5dad3cc12dbebb
Author: David Sommerseth <da...@us...>
Date: Mon Feb 15 23:15:44 2010 +0100
Reworked the eurephia patch for inclusion to the openvpn-testing tree
Addedd configure option (--disable-eurephia) to disable the code which the
eurephia plug-in depends on.
It was chosen to use --disable-eurephia, as this patch is not much intrusive. It
just enables a SHA1 fingerprint environment variable for each certificate being
used for the connection.
Signed-off-by: David Sommerseth <da...@us...>
commit 59afc4a5f72e22b850cfa2845385172623a38e77
Author: Gert Doering <ge...@gr...>
Date: Thu Oct 21 10:35:29 2010 +0200
Fix problem with special case route targets ('remote_host')
The init_route() function will leave &netlist untouched for
get_special_addr() routes ("remote_host" being one of them).
netlist is on stack, contains random garbage, and netlist.len
will not be 0 - thus, random stack data is copied from
netlist.data[] until the route_list is full.
This issue has been reported several places lately:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600166
http://thread.gmane.org/gmane.network.openvpn.devel/4083
https://forums.openvpn.net/viewtopic.php?f=1&t=7201&p=8168
Signed-off-by: Gert Doering <ge...@gr...>
Acked-by: David Sommerseth <da...@us...>
Acked-by: James Yonan <ja...@op...>
Signed-off-by: David Sommerseth <da...@us...>
-----------------------------------------------------------------------
hooks/post-receive
--
OpenVPN with experimental and new features - which requires a lot of testing
|
