> Antonio Quartulli <a...@unstable.cc> hat am 02.04.2022 09:09 geschrieben:
[...]
> diff --git a/README.dco.md b/README.dco.md
> index 27c166b9..d3599727 100644
> --- a/README.dco.md
> +++ b/README.dco.md
> @@ -109,6 +116,8 @@ Limitations by design
> - topology subnet is the only supported `--topology` for servers
> - iroute directives install routes on the host operating system, see also
> routing with ovpn-dco
> +- (ovpn-dco-win) client and p2p mode only
> +- (ovpn-dco-win) only AES-GCM-128/192/256 cipher support
This seems to be out-of-sync with the code. The code seems to add
CHACHA20-POLY1305 support
on Windows 11.
As seen here:
> +
> +const char *
> +dco_get_supported_ciphers()
> +{
> + /*
> + * this API can be called either from user mode or kernel mode,
> + * which enables us to probe driver's chachapoly support
> + * (available starting from Windows 11)
> + */
> +
> + BCRYPT_ALG_HANDLE h;
> + NTSTATUS status = BCryptOpenAlgorithmProvider(&h, L"CHACHA20_POLY1305",
> NULL, 0);
> + if (BCRYPT_SUCCESS(status))
> + {
> + BCryptCloseAlgorithmProvider(h, 0);
> + return "AES-128-GCM:AES-256-GCM:AES-192-GCM:CHACHA20-POLY1305";
> + }
> + else
> + {
> + return "AES-128-GCM:AES-256-GCM:AES-192-GCM";
> + }
> +}
> +
Regards,
--
Frank Lichtenheld
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel