Toggle navigation
Patchwork
OpenVPN 2
Patches
Bundles
About this project
Login
Register
Mail settings
Show patches with
: Submitter =
Arne Schwabe
| 1067 patches
Series
Submitter
State
any
Action Required
New
Under Review
Accepted
Rejected
RFC
Not Applicable
Changes Requested
Awaiting Upstream
Superseded
Deferred
Search
Archived
No
Yes
Both
Delegate
------
Nobody
samuli
ordex
dazo
selvanair
syzzer
cron2
arne
flichtenheld
d12fk
Apply
«
1
2
3
4
…
10
11
»
Patch
Series
A/R/T
S/W/F
Date
Submitter
Delegate
State
[Openvpn-devel,2/4] Cleanup receive_auth_failed and simplify method
Implement exit notifcation via control channel and temporary AUTH_FAIL
- - -
-
-
-
2022-05-17
Arne Schwabe
Superseded
[Openvpn-devel,2/4,CMake] Only add -Wno-stringop-truncation on supported compilers
Restore ability to compile on macOS/FreeBSD with Cmake
1 - -
-
-
-
2023-06-29
Arne Schwabe
Accepted
[Openvpn-devel,2/4] Fix unchecked signess conversions reported by MSVC
[Openvpn-devel,1/4] Make buffer related function conversion explicit when narrowing
- - -
-
-
-
2021-03-24
Arne Schwabe
Changes Requested
[Openvpn-devel,2/4] Implement dynamic NCP negotiation
[Openvpn-devel,1/4] Only announce IV_NCP=2 when we are willing to support these ciphers
- - -
-
-
-
2019-11-17
Arne Schwabe
Superseded
[Openvpn-devel,2/4] Implement peer-fingerprint to check fingerprint of peer certificate
Allow setting up OpenVPN in TLS mode without CA
- - -
-
-
-
2020-09-08
Arne Schwabe
ordex
Superseded
[Openvpn-devel,2/4] Remove AUTO_USERID feature
Untitled series #359
1 - -
-
-
-
2018-10-08
Arne Schwabe
Accepted
[Openvpn-devel,2/4] Update the last sections in the man page to a be a bit less outdated
Collections of miscellenaous patches
1 - -
-
-
-
2023-02-10
Arne Schwabe
Accepted
[Openvpn-devel,25/28] Ensure that control channel packet are respecting tls-mtu
Stateless three-way handshake and control channel improvements
- - -
-
-
-
2022-04-22
Arne Schwabe
Superseded
[Openvpn-devel,2/5] Fix unaligned access in macOS/Solaris hwaddr
[Openvpn-devel,1/5] Fix unaligned access in auth-token
1 - -
-
-
-
2023-01-30
Arne Schwabe
Superseded
[Openvpn-devel,2/5] Implement forwarding client CR_RESPONSE messages to management
Implement additional two step authentication methods
- - -
-
-
-
2019-06-13
Arne Schwabe
Superseded
[Openvpn-devel,2/5] Remove checks for uint* types that are part of C99
[Openvpn-devel,1/5] Remove check for socket functions and Win XP compatbility code
1 - -
-
-
-
2021-04-06
Arne Schwabe
Accepted
[Openvpn-devel,2/5] xmit_hold is only required for port_share
[Openvpn-devel,1/5] Inline function tls_get_peer_info
- - -
-
-
-
2020-10-23
Arne Schwabe
ordex
Rejected
[Openvpn-devel,26/28] Allow setting control channel packet size with tls-mtu
Stateless three-way handshake and control channel improvements
- - -
-
-
-
2022-04-22
Arne Schwabe
Superseded
[Openvpn-devel,2/6] Inline frame_add_to_extra_tun function and remove frame_defined
[Openvpn-devel,1/6] Remove leftover frame_set_mtu_dynamic definitions in mtu.h
1 - -
-
-
-
2022-06-21
Arne Schwabe
Accepted
[Openvpn-devel,2/6] Refactor tls_crypt_v2_write_server_key_file into crypto.c
[Openvpn-devel,1/6] Fix loading inline tls-crypt-v2 keys with mbed TLS
1 - -
-
-
-
2019-01-14
Arne Schwabe
Accepted
[Openvpn-devel,27/28] Add unit test for reliable_get_num_output_sequenced_available
Stateless three-way handshake and control channel improvements
1 - -
-
-
-
2022-04-22
Arne Schwabe
Superseded
[Openvpn-devel,2/7] Allow loading of non default providers
Improve OpenSSL 3.0 support in OpenVPN 2.5
1 - -
-
-
-
2022-05-12
Arne Schwabe
Accepted
[Openvpn-devel,2/7] Move direct.h header where it is used
[Openvpn-devel,1/7] Remove --disable-multihome option
- - -
-
-
-
2021-04-21
Arne Schwabe
Changes Requested
[Openvpn-devel,2/7] Use functions to access key_state instead direct member access
[Openvpn-devel,1/7] Move tls_select_primary_key into its own function
1 - -
-
-
-
2021-04-22
Arne Schwabe
Accepted
[Openvpn-devel,28/28] Always include ACKs for the last seen control packets
Stateless three-way handshake and control channel improvements
1 - -
-
-
-
2022-04-22
Arne Schwabe
Superseded
[Openvpn-devel,2/8] Make key_state->authenticated more state machine like
[Openvpn-devel,1/8] Deprecate ncp-disable and add improved ncp to Changes.rst
1 - -
-
-
-
2020-07-09
Arne Schwabe
Accepted
[Openvpn-devel,2/8,OSSL,3.0] Disable engine support for OpenSSL 3.0
[Openvpn-devel,1/8,OSSL,3.0] Use new EVP_MAC API for HMAC implementation
- - -
-
-
-
2021-09-19
Arne Schwabe
Superseded
[Openvpn-devel,2/8] Replace key_scan array of static points with inline function
[Openvpn-devel] Remove --disable-def-auth configure argument
1 - -
-
-
-
2020-10-23
Arne Schwabe
Accepted
[Openvpn-devel,2/8] ssl_verify: Fix memleak if creating deferred auth control files fails
Improvement/fixes based on Trail of Bits audit
1 - -
-
-
-
2022-12-15
Arne Schwabe
Accepted
[Openvpn-devel,29/28] Add workaround for Softether server dropping P_ACK_V1 with >= 5 acks
Stateless three-way handshake and control channel improvements
1 - -
-
-
-
2022-08-31
Arne Schwabe
cron2
Accepted
[Openvpn-devel,2/9] Always start session in TM_INITIAL rather than TM_ACTIVE or TM_INITIAL
Various patches to improve DCO behaviour
1 - -
-
-
-
2022-12-24
Arne Schwabe
Accepted
[Openvpn-devel,2/9] Directly use hardcoed OPENVPN_TAG_LENGTH instead lookup
[Openvpn-devel,1/9] Implement optional cipher in --data-ciphers prefixed with ?
1 - -
-
-
-
2021-12-01
Arne Schwabe
Accepted
[Openvpn-devel,2/9] Remove getpeername, getpid check
Miscellaneous cleanup patches/small fixes
1 - -
-
-
-
2021-05-12
Arne Schwabe
Accepted
[Openvpn-devel,3/3] Add better support for showing TLS 1.3 ciphersuites in --show-tls
[Openvpn-devel,1/3] Factor out convert_tls_list_to_openssl method
- - -
-
-
-
2018-10-05
Arne Schwabe
Superseded
[Openvpn-devel,3/3] Add unit test for cipher name translations
[Openvpn-devel,1/3] Make cipher_kt_name always return normalised cipher name
1 - -
-
-
-
2020-06-05
Arne Schwabe
Accepted
[Openvpn-devel,3/3] Add warning for the --show-groups command that some groups are missing
[Openvpn-devel,1/3] Print server temp key details
- - -
-
-
-
2023-07-01
Arne Schwabe
Superseded
[Openvpn-devel,3/3] Allow all GCM ciphers
[Openvpn-devel,1/3] Always save/restore pull options
- - -
-
-
-
2021-04-08
Arne Schwabe
Changes Requested
[Openvpn-devel,3/3,auth-token] Document reneweal mechanic of auth-token in manual
[Openvpn-devel,1/3,Auth-token] Fix session id and initial timestamp not begin preserved
1 - -
-
-
-
2020-03-26
Arne Schwabe
Accepted
[Openvpn-devel,3/3] Call dco_p2p_add_new_peer again if the peer id changes
[Openvpn-devel,1/3] Move dco_installed from sock->info to sock->info.lsa.actual
- - -
-
-
-
2022-10-12
Arne Schwabe
Superseded
[Openvpn-devel,3/3] Clean up a number of leftover C89 initialisations in ssl.c
[Openvpn-devel,1/3] Refactor/Reformat tls_pre_decrypt
- - -
-
-
-
2020-07-21
Arne Schwabe
Superseded
[Openvpn-devel,3/3] Implement generating data channel keys via EKM/RFC 5705
[Openvpn-devel,1/3] Refactor key_state_export_keying_material functions
- - -
-
-
-
2020-08-11
Arne Schwabe
Superseded
[Openvpn-devel,3/3] Implement tls-groups option to specify eliptic curves/groups
[Openvpn-devel] Fix OpenSSL 1.1.1 not using auto ecliptic curve selection
- - -
-
-
-
2020-03-31
Arne Schwabe
Superseded
[Openvpn-devel,3/3] Introduce dynamic tls-crypt for secure soft_reset/session renegotiation
[Openvpn-devel,1/3] Allows renegotiation only to start if session is fully established
- - -
-
-
-
2022-09-09
Arne Schwabe
d12fk
Superseded
[Openvpn-devel,3/3] Make key_state->authenticated more state machine like
[Openvpn-devel] Add file to ignore reformatting changes
- - -
-
-
-
2020-07-07
Arne Schwabe
Superseded
[Openvpn-devel,3/3] Prefer OpenSSL's SIPHASH implementation when available
[Openvpn-devel,1/3] Add siphash reference implementation
- - -
-
-
-
2023-02-27
Arne Schwabe
New
[Openvpn-devel,3/3] Remove key-method 1
[Openvpn-devel,1/3] Drop support for OpenSSL 1.0.1
- - -
-
-
-
2020-07-12
Arne Schwabe
Superseded
[Openvpn-devel,3/3] Restore also ping related options on a reconnect
[Openvpn-devel,1/3] Move restoring pr pull options to initialising of c2 context
- - -
-
-
-
2020-12-09
Arne Schwabe
Superseded
[Openvpn-devel,3/3] Set DCO_NOT_INSTALLED also for keys not in the get_key_scan range
[Openvpn-devel,1/3] Improve debug logging of DCO swap key message and Linux dco_new_peer
1 - -
-
-
-
2022-12-13
Arne Schwabe
Accepted
[Openvpn-devel,3/3] Support NCP in pure P2P VPN setups
P2P NCP support patch set
- - -
-
-
-
2021-04-08
Arne Schwabe
ordex
Changes Requested
[Openvpn-devel,3/4] Add support for OpenSSL TLS 1.3 when using management-external-key
Untitled series #359
- - -
-
-
-
2018-10-08
Arne Schwabe
Superseded
[Openvpn-devel,3/4] Check if the -wrap argument is actually supported by the platform's ld
Restore ability to compile on macOS/FreeBSD with Cmake
- - -
-
-
-
2023-06-29
Arne Schwabe
Superseded
[Openvpn-devel,3/4] Fix socket related functions using int instead of socket_descriptor_t
[Openvpn-devel,1/4] Make buffer related function conversion explicit when narrowing
1 - -
-
-
-
2021-03-24
Arne Schwabe
Accepted
[Openvpn-devel,3/4] Implement AUTH_FAIL, TEMP message support
Implement exit notifcation via control channel and temporary AUTH_FAIL
- - -
-
-
-
2022-05-17
Arne Schwabe
Superseded
[Openvpn-devel,3/4] Move NCP related function into a seperate file and add unit tests
[Openvpn-devel,1/4] Only announce IV_NCP=2 when we are willing to support these ciphers
- - -
-
-
-
2019-11-17
Arne Schwabe
Superseded
[Openvpn-devel,3/4] Revise the cipher negotiation about OpenVPN3 in the man page
Collections of miscellenaous patches
1 - -
-
-
-
2023-02-10
Arne Schwabe
Accepted
[Openvpn-devel,3/4] Support fingerprint authentication without CA certificate
Allow setting up OpenVPN in TLS mode without CA
- - -
-
-
-
2020-09-08
Arne Schwabe
ordex
Superseded
[Openvpn-devel,3/5] Align reliable_free with other free methods to accept NULL
[Openvpn-devel,1/5] Inline function tls_get_peer_info
1 - -
-
-
-
2020-10-23
Arne Schwabe
Accepted
[Openvpn-devel,3/5] Allow running a default configuration with TLS libraries without BF-CBC
Untitled series #902
- - -
-
-
-
2020-09-07
Arne Schwabe
Superseded
[Openvpn-devel,3/5] Do not run check_engine test when crosscompiling
Build and run unittests with mingw in Github actions
- - -
-
-
-
2023-02-08
Arne Schwabe
Superseded
[Openvpn-devel,3/5] Implement support for signalling IV_SSO to server
Implement additional two step authentication methods
1 - -
-
-
-
2019-06-13
Arne Schwabe
Superseded
[Openvpn-devel,3/5] Remove a number of checks for functions/headers that are always present
[Openvpn-devel,1/5] Remove check for socket functions and Win XP compatbility code
1 - -
-
-
-
2021-04-06
Arne Schwabe
Accepted
[Openvpn-devel,3/5] Update LibreSSL to 3.7.0 in Github actions
[Openvpn-devel,1/5] Fix unaligned access in auth-token
1 - -
-
-
-
2023-01-30
Arne Schwabe
Accepted
[Openvpn-devel,3/6] Add send_control_channel_string_dowork variant
[Openvpn-devel,1/6] Fix loading inline tls-crypt-v2 keys with mbed TLS
1 - -
-
-
-
2019-01-14
Arne Schwabe
Accepted
[Openvpn-devel,3/6] Extract update_session_cipher into standalone function
[Openvpn-devel,1/6] Remove leftover frame_set_mtu_dynamic definitions in mtu.h
1 - -
-
-
-
2022-06-21
Arne Schwabe
Superseded
[Openvpn-devel,3/7] Add ubuntu 22.04 to Github Actions
Improve OpenSSL 3.0 support in OpenVPN 2.5
2 - -
-
-
-
2022-05-12
Arne Schwabe
Accepted
[Openvpn-devel,3/7] Remove always enabled USE_64_BIT_COUNTERS define
[Openvpn-devel,1/7] Remove --disable-multihome option
1 - -
-
-
-
2021-04-21
Arne Schwabe
Accepted
[Openvpn-devel,3/7] Return cached result in tls_authentication_status
[Openvpn-devel,1/7] Move tls_select_primary_key into its own function
- - -
-
-
-
2021-04-22
Arne Schwabe
Changes Requested
[Openvpn-devel,3/8] Add more documentation about our internal TLS functions
[Openvpn-devel] Remove --disable-def-auth configure argument
1 - -
-
-
-
2020-10-23
Arne Schwabe
Accepted
[Openvpn-devel,3/8] Ensure that argument to parse_line has always space for final sentinel
Improvement/fixes based on Trail of Bits audit
1 - -
-
-
-
2022-12-15
Arne Schwabe
Accepted
[Openvpn-devel,3/8] Extract process_incoming_push_reply from process_incoming_push_msg
[Openvpn-devel,1/8] Deprecate ncp-disable and add improved ncp to Changes.rst
1 - -
-
-
-
2020-07-09
Arne Schwabe
Accepted
[Openvpn-devel,3/8,OSSL,3.0] Implement DES ECB encrypt via EVP_CIPHER api
[Openvpn-devel,1/8,OSSL,3.0] Use new EVP_MAC API for HMAC implementation
- - -
-
-
-
2021-09-19
Arne Schwabe
Superseded
[Openvpn-devel,3/9] Inline do_init_auth_token_key
Miscellaneous cleanup patches/small fixes
1 - -
-
-
-
2021-05-12
Arne Schwabe
Accepted
[Openvpn-devel,3/9] Move dco_installed back to link_socket from link_socket.info.actual
Various patches to improve DCO behaviour
1 - -
-
-
-
2022-12-24
Arne Schwabe
Accepted
[Openvpn-devel,3/9] Remove cipher_ctx_get_cipher_kt and replace with direct context calls
[Openvpn-devel,1/9] Implement optional cipher in --data-ciphers prefixed with ?
1 - -
-
-
-
2021-12-01
Arne Schwabe
Accepted
[Openvpn-devel,3/9] Require AEAD support in the crypto library
[Openvpn-devel,1/9] Indicate that a client is in pull mode in IV_PROTO
- - -
-
-
-
2020-07-17
Arne Schwabe
Superseded
[Openvpn-devel,4/4] Allow scripts and plugins to set a custom AUTH_FAILED message
Implement exit notifcation via control channel and temporary AUTH_FAIL
- - -
-
-
-
2022-05-17
Arne Schwabe
Superseded
[Openvpn-devel,4/4] Avoid unused function warning/error on FreeBSD
Restore ability to compile on macOS/FreeBSD with Cmake
- - -
-
-
-
2023-06-29
Arne Schwabe
Superseded
[Openvpn-devel,4/4] Document the simple self-signed certificate setup in examples
Allow setting up OpenVPN in TLS mode without CA
1 - -
-
-
-
2020-09-08
Arne Schwabe
ordex
Accepted
[Openvpn-devel,4/4] Implement deferred auth for scripts
P2P NCP support patch set
- - -
-
-
-
2021-04-08
Arne Schwabe
Not Applicable
[Openvpn-devel,4/4] Implement the nopadding option to management-external-key for mbed TLS
Untitled series #359
- - -
-
-
-
2018-10-08
Arne Schwabe
Superseded
[Openvpn-devel,4/4] Normalise ncp-ciphers option and restrict it to 127 bytes
[Openvpn-devel,1/4] Only announce IV_NCP=2 when we are willing to support these ciphers
- - -
-
-
-
2019-11-17
Arne Schwabe
Superseded
[Openvpn-devel,4/4] Reduce initialisation spam from verb <= 3 and print summary instead
Collections of miscellenaous patches
- - -
-
-
-
2023-02-10
Arne Schwabe
Superseded
[Openvpn-devel,4/4] Use correct types for OpenSSL and Windows APIs
[Openvpn-devel,1/4] Make buffer related function conversion explicit when narrowing
1 - -
-
-
-
2021-03-24
Arne Schwabe
Accepted
[Openvpn-devel,4/5] Add missing stdint.h includes in unit tests files
Build and run unittests with mingw in Github actions
1 - -
-
-
-
2023-02-08
Arne Schwabe
Accepted
[Openvpn-devel,4/5] Add printing USAN stack trace on github actions
[Openvpn-devel,1/5] Fix unaligned access in auth-token
1 - -
-
-
-
2023-01-30
Arne Schwabe
Accepted
[Openvpn-devel,4/5] Check return values in md_ctx_init and hmac_ctx_init
Untitled series #902
- - -
-
-
-
2020-09-07
Arne Schwabe
Superseded
[Openvpn-devel,4/5] Implement sending response to challenge via CR_RESPONSE
Implement additional two step authentication methods
- - -
-
-
-
2019-06-13
Arne Schwabe
Superseded
[Openvpn-devel,4/5] Remove explicit setting of peer_id to false
[Openvpn-devel,1/5] Inline function tls_get_peer_info
1 - -
-
-
-
2020-10-23
Arne Schwabe
Accepted
[Openvpn-devel,4/5] Use EVP_CTRL_AEAD_* instead EVP_CTRL_GCM_*
[Openvpn-devel,1/5] Remove check for socket functions and Win XP compatbility code
1 - -
-
-
-
2021-04-06
Arne Schwabe
Accepted
[Openvpn-devel,4/6] Implement a function to calculate the default MTU
[Openvpn-devel,1/6] Remove leftover frame_set_mtu_dynamic definitions in mtu.h
- - -
-
-
-
2022-06-21
Arne Schwabe
Superseded
[Openvpn-devel,4/6] Rewrite auth-token-gen to be based on HMAC based tokens
[Openvpn-devel,1/6] Fix loading inline tls-crypt-v2 keys with mbed TLS
- - -
-
-
-
2019-01-14
Arne Schwabe
Superseded
[Openvpn-devel,4/7] Add macos OpenSSL 3.0 and ASAN builds
Improve OpenSSL 3.0 support in OpenVPN 2.5
2 - -
-
-
-
2022-05-12
Arne Schwabe
Accepted
[Openvpn-devel,4/7] Fix a number of mingw warnings
[Openvpn-devel,1/7] Remove --disable-multihome option
1 - -
-
-
-
2021-04-21
Arne Schwabe
Accepted
[Openvpn-devel,4/7] Make waiting on auth an explicit state in the context state machine
[Openvpn-devel,1/7] Move tls_select_primary_key into its own function
- - -
-
-
-
2021-04-22
Arne Schwabe
ordex
Superseded
[Openvpn-devel,4/8] Improve documentation on user/password requirement and unicodize function
Improvement/fixes based on Trail of Bits audit
1 - -
-
-
-
2022-12-15
Arne Schwabe
Accepted
[Openvpn-devel,4/8] Improve keys out of sync message
[Openvpn-devel] Remove --disable-def-auth configure argument
1 - -
-
-
-
2020-10-23
Arne Schwabe
Accepted
[Openvpn-devel,4/8] Move protocol option negotiation from push_prepare to new function
[Openvpn-devel,1/8] Deprecate ncp-disable and add improved ncp to Changes.rst
1 - -
-
-
-
2020-07-09
Arne Schwabe
Accepted
[Openvpn-devel,4/8,OSSL,3.0] Remove DES check with OpenSSL 3.0
[Openvpn-devel,1/8,OSSL,3.0] Use new EVP_MAC API for HMAC implementation
- - -
-
-
-
2021-09-19
Arne Schwabe
Superseded
[Openvpn-devel,4/9] Add missing free_key_ctx for auth_token
Miscellaneous cleanup patches/small fixes
1 - -
-
-
-
2021-05-12
Arne Schwabe
Accepted
[Openvpn-devel,4/9] Ensure we do not promote a TA_TIMEOUT to a TA_WRITE/TA_READ event with dco
Various patches to improve DCO behaviour
- - -
-
-
-
2022-12-24
Arne Schwabe
Superseded
[Openvpn-devel,4/9] Remove cipher_kt_var_key_size and remaining --keysize documentation
[Openvpn-devel,1/9] Implement optional cipher in --data-ciphers prefixed with ?
1 - -
-
-
-
2021-12-01
Arne Schwabe
Accepted
[Openvpn-devel,5/4] Add ncp files to Visual studio print
[Openvpn-devel,1/4] Only announce IV_NCP=2 when we are willing to support these ciphers
- - -
-
-
-
2019-11-17
Arne Schwabe
Superseded
[Openvpn-devel,5/5] Add building and running mingw unittests to github actions
Build and run unittests with mingw in Github actions
- - -
-
-
-
2023-02-08
Arne Schwabe
Superseded
[Openvpn-devel,5/5] Add undefined and abort on error to clang sanaitize builds
[Openvpn-devel,1/5] Fix unaligned access in auth-token
- - -
-
-
-
2023-01-30
Arne Schwabe
New
[Openvpn-devel,5/5] Implement sending SSO challenge to clients
Implement additional two step authentication methods
- - -
-
-
-
2019-06-13
Arne Schwabe
Superseded
«
1
2
3
4
…
10
11
»