mirror of
https://github.com/OpenVPN/openvpn.git
synced 2026-02-03 20:39:40 -05:00
59e7e9fce8
After the security audits performed by Cryptography Engineering the spring of 2017 [1], there were several concerns about the contrib code for the macOS keychain support. After more careful review of this code base, it was considered to be in such a bad shape that it will need a massive overhaul. There were more issues than what the security audit revealed. It was attempted several times to get in touch with the contributor of this code; with no response at all [2]. There has however been some discussions with the Tunnelblick project [3]. There is one person there willing to go through this and improve the situation. The main Tunnelblick maintainer is also willing to include the improved code to their project instead of having this as a contrib code in the upstream OpenVPN project. So this patch just removes the code which we will no longer ship as part of OpenVPN - and the Tunnelblick project will take over the responsibility for this code base on their own. And since this code base is purely macOS specific, this seems to be a far better place for this code to reside. Signed-off-by: David Sommerseth <davids@openvpn.net> [1] <http://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineer Audits#OVPN-04-1:PossibleNULLpointerderefenceincontribkeychain-mcdcert_data .c> [2] <https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14559. html> [3] <https://github.com/Tunnelblick/Tunnelblick/pull/369> Acked-by: Jonathan K. Bullard <jkbullard@gmail.com> Message-Id: <20170725130314.12919-1-davids@openvpn.net> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15130.html Signed-off-by: David Sommerseth <davids@openvpn.net> |
||
|---|---|---|
| .. | ||
| OCSP_check | ||
| openvpn-fwmarkroute-1.00 | ||
| pull-resolv-conf | ||
| multilevel-init.patch | ||
| README | ||
This directory contains scripts and patches contributed by users.