| Message ID | d6de0d7a5b6606bbf335bf10d157a5a55fed910c-HTML@gerrit.openvpn.net |
|---|---|
| State | Superseded |
| Headers | show
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7300:b412:b0:f2:62eb:61c1 with SMTP id dj18csp937586dyb;
Sat, 7 Oct 2023 03:26:02 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IEIiOf1flGjwCDNCLJTM8QjwbnE2GQxMofwxCiL+4gIQGEvquJdPdgMJ/MkvpXw3XzWmEEd
X-Received: by 2002:a05:6a20:7d85:b0:163:57ba:2ad4 with SMTP id
v5-20020a056a207d8500b0016357ba2ad4mr12053367pzj.2.1696674362442;
Sat, 07 Oct 2023 03:26:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1696674362; cv=none;
d=google.com; s=arc-20160816;
b=AylpcNPGrFG0QZZdbJonv3FrfjcR9oA0MI4MIxe5ZmpA+Nguoxy727d65v1WC0hHIP
FV2SZBr0VSDR5eyiHdcSHL/gjtKvkk37fgnb85j/fGOTqCSGgiXa3d4T++mp7T07c3TV
npSn3pchHjGw9KW42NCQ/AjtjL2UM/QBuneO//REYh2voKCXh4X6iv94HBiNjmd6TsF7
Gjia9VNRb/HBzQZBXLbzbGfHCTpj6UShVXBQuN/OAG36nEmLTg3SakpaLOGCJxsVKKga
2d9/orkdVHvLnpht6kCaVPqKhRy6VzEOxn+KMKHl5RGzsleWwMweq6QQFWvPoBzEVn+F
2hYQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=errors-to:cc:reply-to:list-subscribe:list-help:list-post
:list-archive:list-unsubscribe:list-id:precedence:subject:user-agent
:mime-version:message-id:references:auto-submitted:to:date:from
:dkim-signature:dkim-signature:dkim-signature;
bh=pjRnRqo0T2RA7VnICRe5Y/ztAb7XLIwvHEbPsuMftZA=;
fh=lm0MLPW7DntlrDqRECIiC9JlE1uPxhepE0URYHIf+eE=;
b=mxrmu96FjTxpo8wM1Pwd7YGB0r8UubHTCjmugLGO/uubB40xdoyIag5ff7Wku7KNYd
HkMWn/lyT7QXabWlkrsYazGnlci5yt8N6B9d/RK8X2xzXbY/sdQsM2OvFAMKvmyOfRre
1eHLtG7CxiJNkfrsPdAnKKPJoQq+mlr+y/t5TT08pBiJ6ewR5eD2D81NN8iDfWTy47ji
sIEqZcylUOaunF1wifMD78UVU6WiK4nDhP16uGSHVGoZKDUCV0Psl/ok+6wMPsMfXcss
y1Or68X2e5NCab5BaDx9Ms17u8WWNVKDPT4RRjb2LVTW1l6pPRvpfQGelhovgsOtafeT
+Zwg==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b="R/fafG7Y";
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=HJihW5Sz;
dkim=neutral (body hash did not verify) header.i=@openvpn.net
header.s=google header.b="ao1baV/D";
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
m68-20020a632647000000b00578bb707e70si5535909pgm.799.2023.10.07.03.26.02
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Sat, 07 Oct 2023 03:26:02 -0700 (PDT)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b="R/fafG7Y";
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=HJihW5Sz;
dkim=neutral (body hash did not verify) header.i=@openvpn.net
header.s=google header.b="ao1baV/D";
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1qp4VE-0008S5-10;
Sat, 07 Oct 2023 10:25:44 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <gerrit@openvpn.net>) id 1qp4VA-0008Ru-SI
for openvpn-devel@lists.sourceforge.net;
Sat, 07 Oct 2023 10:25:40 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version
:Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:
From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=UhOU77cAw2VZ8FZY1smjrW60dBdCV+dgVonXq1nPU4s=; b=R/fafG7YHOQbLVUe784IXYTSTB
RlyL6ne5caz3gcjuM4/UGjcMJpyT83LA2R4dkrVvHBJnP0i+3xf+iMH7gUSIFF5GLln6myXQvgRv+
zSMKoodLo9kXpCsvI5L7IeRuJDALRHAd0RCL8QYUriVArIup+yb0q6+kUawXHE/Cwdcw=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To:
References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID
:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:
Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post:
List-Owner:List-Archive; bh=UhOU77cAw2VZ8FZY1smjrW60dBdCV+dgVonXq1nPU4s=; b=H
JihW5Sz/ro03AjDhi1sWTMNzNRQjkCSHInfiamu5CC82/2eXzy0vrmR0abw/SqrBMDTF4GWN62Jrm
qKxdpHE0r8MOqlfMa8agCMB6w8ZpfM086VhCCmosqUevYDeC8Hb8akZzZRhvLH39hmoobTxIUswMU
RMmbA7cqT/5Va8/M=;
Received: from mail-wm1-f41.google.com ([209.85.128.41])
by sfi-mx-1.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
id 1qp4V9-005Exw-WB for openvpn-devel@lists.sourceforge.net;
Sat, 07 Oct 2023 10:25:40 +0000
Received: by mail-wm1-f41.google.com with SMTP id
5b1f17b1804b1-4066241289bso26824885e9.0
for <openvpn-devel@lists.sourceforge.net>;
Sat, 07 Oct 2023 03:25:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=openvpn.net; s=google; t=1696674332; x=1697279132;
darn=lists.sourceforge.net;
h=user-agent:content-disposition:content-transfer-encoding
:mime-version:message-id:reply-to:references:subject
:list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc
:subject:date:message-id:reply-to;
bh=UhOU77cAw2VZ8FZY1smjrW60dBdCV+dgVonXq1nPU4s=;
b=ao1baV/DDeuHxiv9aiJjVJHigCtrVZsbKl4e4fm96IaUqbD+X3I/TVlQ6zoUoRsU/9
ONgiqWytZw3Ar9hZI48jDMNurjkfWGMzwM3/DXI2P70Wob6XwKBwwmlD9KQdPweNUsXn
oA0FNUNmeubL28t/Kdv1op7kpDmkujVmNtc0igTdhFiqOkfIK9L9uAfgsP/yP+XU0gHQ
BT1PBFNOS5aKLbNceuAlHymx8rSkT8ZzWRtuOHmgugT+KyxiqjWHeOunlOHfk4rB8+XV
Vbr8DK1oPz6yhwHgsRuGAdm3bkv3ogLguFiSQteBJU59k0rLoLirxXo+nAgP9NPmCX/V
HBmg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1696674332; x=1697279132;
h=user-agent:content-disposition:content-transfer-encoding
:mime-version:message-id:reply-to:references:subject
:list-unsubscribe:list-id:auto-submitted:cc:to:date:from
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=UhOU77cAw2VZ8FZY1smjrW60dBdCV+dgVonXq1nPU4s=;
b=j4I1eJu+fbbwtRCGL+jtEJzXPcq52p1oanvcsxVr21Gw0Z5IprIISqLgx4San6qkiY
fPDtZoDA/Jiyo73XXh22sUy+P824m8kdX/W0lx7C/iFG86Vgfevcau7QGgyKUVPwX9Rj
jlIp5xq5OsSlhZLKmxAde/xgoh7BGDb0eTfhj38IPF9/G54dBKm7VQGRgPKN9lNs6P6k
Fk1yJKs2kg+w6KCvJhoK8mB1P1QtH7Wc18FXR2Z4mSLTURjc9i3uQ0XfL2oYx5fUH0Kr
X9EmsxD/hgTCkVSAT/mW8AVKmpWKQ4YAzogCFpGswxnvlPsbqGFbdpa83TjJpcs6toF0
EHWA==
X-Gm-Message-State: AOJu0Yx/6faHX78SC8c0r+HlcaU3OJ8k3EnWWl3nhDdGmGLHOOUh/U2C
hN80iR+EM0wr9QBQtzmsFeJQdzS2DRhwsvfXSF0=
X-Received: by 2002:a05:600c:3b89:b0:406:478e:9e2d with SMTP id
n9-20020a05600c3b8900b00406478e9e2dmr8861493wms.26.1696674332349;
Sat, 07 Oct 2023 03:25:32 -0700 (PDT)
Received: from gerrit.openvpn.in
(ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78])
by smtp.gmail.com with ESMTPSA id
w21-20020a05600c015500b0040652e8ca13sm8057528wmm.43.2023.10.07.03.25.31
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sat, 07 Oct 2023 03:25:31 -0700 (PDT)
From: "plaisthos (Code Review)" <gerrit@openvpn.net>
X-Google-Original-From: "plaisthos (Code Review)" <gerrit@gerrit.openvpn.in>
X-Gerrit-PatchSet: 1
Date: Sat, 7 Oct 2023 10:25:31 +0000
To: flichtenheld <frank@lichtenheld.com>
Auto-Submitted: auto-generated
X-Gerrit-MessageType: newchange
X-Gerrit-Change-Id: I86641bf60d62a50e9b2719e809d2429d65c00097
X-Gerrit-Change-Number: 366
X-Gerrit-Project: openvpn
X-Gerrit-ChangeURL: <http://gerrit.openvpn.net/c/openvpn/+/366?usp=email>
X-Gerrit-Commit: ae7ac0f6430a361236ae0e228197134075281be4
References:
<gerrit.1696674325000.I86641bf60d62a50e9b2719e809d2429d65c00097@gerrit.openvpn.net>
Message-ID: <d6de0d7a5b6606bbf335bf10d157a5a55fed910c-HTML@gerrit.openvpn.net>
MIME-Version: 1.0
User-Agent: Gerrit/3.8.2
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam detection software,
running on the system "util-spamd-2.v13.lw.sourceforge.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Attention is currently required from: flichtenheld. Hello
flichtenheld, I'd like you to do a code review. Please visit
Content analysis details: (-0.6 points, 6.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
no trust [209.85.128.41 listed in list.dnswl.org]
-0.4 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.128.41 listed in wl.mailspike.net]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted
Colors in HTML
X-Headers-End: 1qp4V9-005Exw-WB
Subject: [Openvpn-devel] [XS] Change in openvpn[master]: Add warning for the
--show-groups command that some groups are missing
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Reply-To: arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net,
frank@lichtenheld.com
Cc: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Content-Type: multipart/mixed; boundary="===============2339279539057128642=="
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1779092016641271001?=
X-GMAIL-MSGID: =?utf-8?q?1779092016641271001?=
X-getmail-filter-classifier: gerrit message type newchange
|
| Series |
[Openvpn-devel,XS] Change in openvpn[master]: Add warning for the --show-groups command that some groups are missing
|
expand
|
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 683d76a..a14eb59 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -2357,8 +2357,10 @@ void show_available_curves(void) { - printf("Consider using openssl 'ecparam -list_curves' as\n" - "alternative to running this command.\n"); + printf("Consider using 'openssl ecparam -list_curves' as alternative to running\n" + "this command.\n" + "Note this output does only list curves/group that OpenSSL considers as\n" + "builtin EC curves. It does not list additional curves nor X448 or X25519\n"); #ifndef OPENSSL_NO_EC EC_builtin_curve *curves = NULL; size_t crv_len = 0;
Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/366?usp=email to review the following change. Change subject: Add warning for the --show-groups command that some groups are missing ...................................................................... Add warning for the --show-groups command that some groups are missing OpenSSL has a weird way of only reporting EC curves that are implemented in a certain way in the list of all EC cruves. Note this fact and point out that also the very important curves X448 and X25519 are affected. Change-Id: I86641bf60d62a50e9b2719e809d2429d65c00097 --- M src/openvpn/ssl_openssl.c 1 file changed, 4 insertions(+), 2 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/66/366/1