Difference between revisions of "OpenVPN/IRC meetings/Topics-2010-03-18"

From Secure Computing Wiki
Jump to: navigation, search
(Initial discussion topics)
 
m
Line 3: Line 3:
 
##* "WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page)."
 
##* "WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page)."
 
##* "NOTE: the current --script-security setting may allow this configuration to call user-defined scripts"
 
##* "NOTE: the current --script-security setting may allow this configuration to call user-defined scripts"
## Suggestion: Introduce a new configure option to allow filtering of different start-up warnings. <br /><br />
+
## Suggestion: Introduce a new configure option to allow filtering of different start-up warnings.
 +
##* Do not remove all messages by one entry, but add a possibility to filter each message separately. This way newer warnings will be shown and needs to be disabled explicitly.<br /><br />
 
# '''sf.net trackers'''
 
# '''sf.net trackers'''
 
## bug? wrong CN in client-disconnect with username-as-common-name
 
## bug? wrong CN in client-disconnect with username-as-common-name

Revision as of 05:01, 12 March 2010

  1. Community comments
    1. Implement a solution for deprecating warnings like:
      • "WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page)."
      • "NOTE: the current --script-security setting may allow this configuration to call user-defined scripts"
    2. Suggestion: Introduce a new configure option to allow filtering of different start-up warnings.
      • Do not remove all messages by one entry, but add a possibility to filter each message separately. This way newer warnings will be shown and needs to be disabled explicitly.

  2. sf.net trackers
    1. bug? wrong CN in client-disconnect with username-as-common-name
    2. --win-sys env
    3. Should multiple usages of options result in warnings?
    4. buffer.{h,c} isn't defensively programmed (SECURITY?)
    5. OpenVPN will not connect through certain HTTP proxies
    6. [tiny] typo in HOWTO on http://www.openvpn.net/ - 'mimimal'