From patchwork Fri Jan 5 14:24:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 3552 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7301:2791:b0:100:d2e5:60d with SMTP id hm17csp3796284dyb; Fri, 5 Jan 2024 06:25:00 -0800 (PST) X-Google-Smtp-Source: AGHT+IFJ5AQR4Gnka+wUJAs/A1YpmQZsLEi85bUxTbuPw9tQ/K1Yir9WrGtbaBBobjaQV9OF7JBV X-Received: by 2002:a05:6a20:f3af:b0:197:3a34:2889 with SMTP id qr47-20020a056a20f3af00b001973a342889mr3836525pzb.3.1704464699475; Fri, 05 Jan 2024 06:24:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704464699; cv=none; d=google.com; s=arc-20160816; b=MEf6Dg+DgSEeczL5AS7YbKvOatVMVVD3Dnb9P9s53iNkHhiMVqgCQuYJeDsix3fxHd UCDHxCIy9/jU662m6dXhss/3kTMBEmFT+eKL9xKidWigTs1wlemFGgyyqC5gPcFAWASO flhNFgiQ1MjliDifOWNvXvTnDc4fFBhGyPLBJLPjQ3jlRQgR5+Sci+Aw4Jkl8TuxNvPj kBwHNhkt6tITZ3ahhluHQjeYBwjIGo0QXSszc69QslpJ5oMFUVqrkwTaZFs3307ITz7W N5YUR+Z4AMph2yv0A6UmaziAWPJnWcuXkoxSB8RDqjXz9wuFnnmwdw1h15mJgwmj6Lrd JKxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=lLkLHBBCYugAdAr9R+LTHd4tGNj8ucv/SALmdbt2KDY=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=CbeMG1z7F9a9GZAX6VoS60en5YiHKlPMhCZAhoYcixsnPTT1/RmuhUtitr2KV8pMvK cywaxvCiivfEJjTS+r92+VrTTdeVzDHKw2E/jJn/cxbK8Dah9i95Jm7aGeRWZRFmGjtm tPN7dQHjNtDI041W671HiU+kb1ufvssmBzXrHavnKs8UnNevTnTOQ3jkdgZrQGtvNT0q W8hhgW27VKJnJzy+ME2WwsznYEa8M4WbstytyTXfJTfQTN67Z6EPMyXQhh8LbjpjSuH4 o60WWnMhUTJwUL40Hzzh3eJ6d4gP2f21SeZ1u7azG8U1dw9EMl4acg682BO9MmkGruHV k4qg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=hSSzC1gb; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=kZYqpu+e; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id c16-20020a656750000000b005c65aafd65fsi1474987pgu.93.2024.01.05.06.24.59 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 05 Jan 2024 06:24:59 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=hSSzC1gb; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=kZYqpu+e; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1rLl7r-0002kh-IS; Fri, 05 Jan 2024 14:24:43 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1rLl7o-0002kR-S7 for openvpn-devel@lists.sourceforge.net; Fri, 05 Jan 2024 14:24:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=gtly2Xxdyn6tsxSilC0eG9uHIqxoPpUXiy5wsNu2Bbs=; b=hSSzC1gblaaq0TgPoBYx0+vUiB uZ/RLX7qqWBIQQtCEK4cbF8rXW1BitbK+dPTGItJctKYY0diISC1Y3dCtooDjKzavaETT0l4uOVE1 fd0BHGOi2+tl9qa7ToCx1uTqzpHifLw3kiLDsH1HwTanfQLK8I7QuuwzEc1Lml7NiXbc=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=gtly2Xxdyn6tsxSilC0eG9uHIqxoPpUXiy5wsNu2Bbs=; b=kZYqpu+ewoig9wp470+ktV0HvG 1hzwA/GbHALoglwyERq/sm250XxYSEFyfqKqF461wLFSW6zKyL6MY4iRmYC/p5xQi/cKAhT+/9qn8 169PY2TsRdYXY53F8jhzqgEPL/AAsYdKVMQGR2WNTz48RLRuU+xRG+p85srqOawifd7k=; Received: from dhcp-174.greenie.muc.de ([193.149.48.174] helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1rLl7n-00033v-V1 for openvpn-devel@lists.sourceforge.net; Fri, 05 Jan 2024 14:24:40 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.17.1.9/8.17.1.9) with ESMTP id 405EOXX5026352 for ; Fri, 5 Jan 2024 15:24:33 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.17.1.9/8.17.1.9/Submit) id 405EOXot026351 for openvpn-devel@lists.sourceforge.net; Fri, 5 Jan 2024 15:24:33 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Fri, 5 Jan 2024 15:24:32 +0100 Message-ID: <20240105142432.26298-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: -0.0 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Arne Schwabe Change-Id: Ida4d22455c51773b6713caf94a4b4fbe136a6ded Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1rLl7n-00033v-V1 Subject: [Openvpn-devel] [PATCH v2] Clarify that the tls-crypt-v2-verify has a very limited env set X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1787260776917168769?= X-GMAIL-MSGID: =?utf-8?q?1787260776917168769?= From: Arne Schwabe Change-Id: Ida4d22455c51773b6713caf94a4b4fbe136a6ded Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/488 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/doc/man-sections/tls-options.rst b/doc/man-sections/tls-options.rst index 4c45b10..460cecf 100644 --- a/doc/man-sections/tls-options.rst +++ b/doc/man-sections/tls-options.rst @@ -538,7 +538,9 @@ stack (including the notoriously dangerous X.509 and ASN.1 stacks) to the connecting client. - OpenVPN supplies the following environment variables to the command: + OpenVPN supplies the following environment variables to the command (and + only these variables. The normal environment variables available for + other scripts are NOT present): * :code:`script_type` is set to :code:`tls-crypt-v2-verify`