From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH v2] CRL updater: Update script for OpenVPNs CRL Date: Thu, 15 Feb 2018 11:05:34 +0000 Message-ID: <1518692734.15001.45.camel@ipfire.org> In-Reply-To: <1518675512.19288.53.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8462493333374249639==" List-Id: --===============8462493333374249639== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Thu, 2018-02-15 at 07:18 +0100, ummeegge wrote: > Hello, >=20 >=20 > Am Mittwoch, den 14.02.2018, 20:27 +0000 schrieb Michael Tremer: > > Hi, > >=20 > > On Wed, 2018-02-14 at 14:24 +0100, ummeegge wrote: > > >=20 > > > Hi Michael, > > >=20 > > > Am Mittwoch, den 14.02.2018, 12:22 +0000 schrieb Michael Tremer: > > >=20 > > > >=20 > > > > >=20 > > > > > >=20 > > > > > > What other steps are urgently necessary that we can roll out > > > > > > OpenVPN > > > > > > 2.4? Are the CGI changes necessary or new features? > > > > >=20 > > > > > there is the need to make the changes for '--script-security' > > > > > and > > > > > to > > > > > add '--ncp-disable' in ovpnmain.cgi.=20 > > > >=20 > > > > Okay. I will wait with merging OpenSSL until we have this sorted. > > >=20 > > > Have send the forgotten AES-GCM patch --> https://lists.ipfire.org/ > > > pipe > > > rmail/development/2018-February/004063.html would you merge it to > > > openssl-11 if the review is OK, i would pull the chnages then and > > > prepare/send the last ovpnmain.cgi patch ? > >=20 > > You can work on the other patches independently from this one. >=20 > If we leave the AES-GCM patch for the first behind there is not much more to > do in ovpnmain.cgi .=20 > This directives https://lists.ipfire.org/pipermail/development/2018-Februar= y/0 > 04085.html should bring=20 > OpenVPN-2.4 to life again. >=20 > >=20 > > >=20 > > > >=20 > > > >=20 > > > > >=20 > > > > >=20 > > > > > Also the integration of the directives via update.sh for the > > > > > core > > > > > update needs to be made since a server stop|start do not > > > > > includes > > > > > the > > > > > changes into server.conf. > > > >=20 > > > > And this, too. > > >=20 > > > Since there is currently no > > > config/rootfiles/core/config/rootfiles/core > > > directory for openssl-11 should i make one for core 119 (or 120 ?) > > > and > > > add there the commands in update.sh ? > >=20 > > Please provide that in an extra script. I do not know when this will > > land in a > > Core Update. >=20 > OK, where is a good place for this until then ? Just by email for now as you did. This isn't too great for many of these things, but I cannot think of an easier way for this one time. -Michael >=20 > Greetings, >=20 > Erik >=20 >=20 >=20 --===============8462493333374249639==--