I don't love the code style in terms of indentation, line length, alignment and bracket placing but IMO at least it doesn't look childish / reckless.<p>I think there could be bug in he_internal_send_auth_userpass when it copies the strings because when calculating the string lengths it uses the size of he_conn->username and he_conn->password which are "HE_CONFIG_TEXT_FIELD_LENGTH +1" whereas the sizes of the destination fields in he_msg_auth_t are "HE_CONFIG_TEXT_FIELD_LENGTH" so .<p>Take it with a grain of salt, I just took a very quick look mostly to see if I liked the coding style and it's far too early for my brain to be functional but it seemed that way to me. Other than that I didn't hate the code which is cool!<p>Thanks for opening it!
Seems to miss a very important part: comparison to other VPN protocols.<p>In particular, I wonder why they made all new protocol instead of adding a nice wrapper over Wireguard.
[Off topic] What are available options are best practices for CTO/VP Engg leaders to build efficient and secure developer access ? We use OpenVPN but it's not most easiest one to build fine grained controls