= Patches to review = * [https://github.com/jamesyonan/openvpn/commits/2.3.2-mods James set of patches] based on 2.3 * [https://github.com/jamesyonan/openvpn/commit/037690df22a4604a556c9b470d1f5e891991834b Added "setenv opt" directive prefix. If present, and if the...] * [https://github.com/jamesyonan/openvpn/commit/6ee8faade224cc346d67a7f1716df4012782999a Updated the TLS negotiation logic to adaptively try to connect using...] * [https://github.com/jamesyonan/openvpn/commit/0a081bc3e0dfecde9464bddec8d775d1dbb8b9cd Minor fix to process_ipv4_header so that any combination of options...] * Arne Schwabe [http://thread.gmane.org/gmane.network.openvpn.devel/7527/focus=7534 objected] and provided another patch for this code (See Fix client nat .... below) * Arne Schwabe * [PATCH] [http://news.gmane.org/find-root.php?message_id=%3C1364762609-30320-1-git-send-email-arne@rfc2549.org%3E Add support of utun devices under Mac OS X] * native tun, no need for extra tun.kext * Supported for all OS X >= 10.6.8 (latest PPC version) * Unfortunately requires root * Real question: Drop tun.kext support and support only utun or "try utun first, fall back to tun.kext if it fails" * What about Peter Sagerson's [http://thread.gmane.org/gmane.network.openvpn.devel/7689 alternative OS X/utun patch]? * 2.3.3 or 2.4-only? * [PATCH] [http://news.gmane.org/find-root.php?message_id=%3c1366452267%2d15838%2d1%2dgit%2dsend%2demail%2darne%40rfc2549.org%3e Fix client-nat only working is also mss-fix is specified.] * [PATCH] [http://news.gmane.org/find-root.php?message_id=%3c1366059999%2d31731%2d1%2dgit%2dsend%2demail%2darne%40rfc2549.org%3e PATCHv3 Remove unused variables or put them to the defines they are being used in] * ACK by cron2, committed and pushed to master * Heikki Hannikainen * [PATCH] [http://thread.gmane.org/gmane.network.openvpn.devel/7721 Always load intermediate certificates from a PKCS#12 file] * David Sommerseth * [PATCH] [http://article.gmane.org/gmane.network.openvpn.devel/7677 plugin: Extend the plug-in v3 API to identify the SSL implementation used] * NAK by cron2 (feature-ACK, but code needs a v3) * [PATCH] [http://article.gmane.org/gmane.network.openvpn.devel/7659 man page: Update man page about the tls_digest_{n} environment variable] (easy) * ACK by cron2 * [PATCH] [http://article.gmane.org/gmane.network.openvpn.devel/7658 autoconf: Fix typo] (easy) * ACK by cron2 * [PATCH] [http://article.gmane.org/gmane.network.openvpn.devel/7660 Remove the --disable-eurephia configure option] * ACK by cron2 * Kenny Root * [http://thread.gmane.org/gmane.network.openvpn.devel/7653 : Adding support for AEAD cipher modes (AES-GCM, et al.)] = Development discussion = * shall we have an in-person hackfest in Munich end of this year (November) instead of going to Brussels? * Discuss [http://thread.gmane.org/gmane.network.openvpn.devel/7678 James' OpenVPN versioning proposals] and decide what to do