Hello,
On 18 Mar 2024, at 11:27, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Erik,
On 18/03/2024 08:49, ummeegge wrote:
Good morning Adolf, if i know in what chunks you would like to split the diff i can may help you to sort things a little. Am currently not sure what should be in and what not so i can offer you some explanations according to the already written code and you can amend the wanted changes?! So you can write me a PM and include the topics which are not clear and i can try to give an explanation of the already written code.
Thanks very much. I think that could be useful.
However I will wait first as Michael is looking at doing an update related negotiation as it looks like the latest Mac OS client is failing to connect for a similar reason as some forum members using windows have been reporting.
Tunnelblick has been updated to 4.0.0 recently and disables a couple of backwards-compatible things in OpenSSL (i.e. the legacy provider). It also ships OpenVPN 2.6.9 and there seem to be problems if users have created a specific configuration.
Once Michael has merged his changes then I can look again at what is still left as a delta and will then come back to you with my questions.
My time is a little less but if needed we can try it.
I realise that, so thank you very much and I will try and focus my questions to you.
Regards, Adolf.
Best, Erik Am Sonntag, dem 17.03.2024 um 12:35 +0100 schrieb Adolf Belka:
Hi Michael,
I am afraid I don't have a patch set. It is just a single diff change.
I took Erik's original patch set and applied it to the latest ovpnmain.cgi version at that time and then removed some of the items that I decided could wait till later or were not needed.
This created a single diff file, which I was able to apply and test out to confirm it did what I expected it to do, which it seemed to do.
The next step I then had intended to do was to break that single diff into multiple patches but I found this very difficult to do as I could not easily figure out which bits needed to go together in different patches. Trying to understand all the changes and what each were related to I struggled to make sense of.
My next step was therefore going to be to go back to an unmodified ovpnmain.cgi file and make the changes a step at a time, to match what I had previously done and therefore end up with a patch set of small self consistent changes.
However to do this I had to go back to the start and figure out which of Erik's changes to apply and what parts of those changes and every time I did something else in IPFire for a week or so I was having to go back to square one in trying to remember what I had been going to do next.
The diff patch file I created is at
https://git.ipfire.org/?p=people/bonnietwin/ipfire-2.x.git;a=commit;h=4fbf17...
Hopefully you can use this as a basis to extract just the bits needed for the cipher negotiation.
I will also go back and start again to work on it but focus on it without diverting to anything else, after I have dealt with the wsdd patch modification.
Regards,
Adolf.
-- Sent from my laptop