[Openvpn-devel] A proposal to add management client version

From: Selva Nair RFC: only compile-tested - Allow "version" command from client to management to set the version of management interface supported by the client by specifying an optional parameter. If no parameter is specified the current the version of OpenVPN

Re: [Openvpn-devel] [PATCH 2/3] Allow external EC key through --management-external-key

> The client could do that when it gets the version message or any time > later. Sorry for the type: read that as The client could do that when it gets the welcome message or any time later. Selva -- Check out the

Re: [Openvpn-devel] On testing with openssl 0.9.8

On 22/01/18 17:05, Steffan Karger wrote: > Hi, > > Didn't we have this discussion before? Gert basically NAK'd removing > support for a library version in a dot-release, which I think is valid > reasoning (even though I really would like to drop 0.9.8). > > Anyway, to fill in the facts:

Re: [Openvpn-devel] [PATCH 2/3] Allow external EC key through --management-external-key

Hi, On Mon, Jan 22, 2018 at 12:18 PM, David Sommerseth wrote: > On 22/01/18 16:27, Selva Nair wrote: >> - Present patch: connection process appears stuck (but UI is still >> responsive) and logs show the daemon is waiting for signature >> >> - This proposal:

Re: [Openvpn-devel] [PATCH 2/3] Allow external EC key through --management-external-key

On 22/01/18 16:27, Selva Nair wrote: > - Present patch: connection process appears stuck (but UI is still > responsive) and logs show the daemon is waiting for signature > > - This proposal: connection fails with: "External EC cert/key not > supported in this config. Try using

[Openvpn-devel] reg. TLS 1.2 with cryptoapicert

Hi, If there is any chance of the cryptoapi patch getting into 2.4.5, please note that it needs this patch first: https://patchwork.openvpn.net/patch/205/ (the same as #201 merged into master, but with ifdefs for openssl-0.9.8 and 1.0.0) Thanks, Selva

Re: [Openvpn-devel] On testing with openssl 0.9.8

Hi, On Mon, Jan 22, 2018 at 11:21 AM, Gert Doering wrote: > Hi, > > On Mon, Jan 22, 2018 at 05:05:35PM +0100, Steffan Karger wrote: >> > So if we don't have really strong arguments keeping support for >> > this old version, we should carefully consider our options. >> >> We

Re: [Openvpn-devel] On testing with openssl 0.9.8

On 23/01/18 00:21, Gert Doering wrote: > Hi, > > On Mon, Jan 22, 2018 at 05:05:35PM +0100, Steffan Karger wrote: >>> So if we don't have really strong arguments keeping support for >>> this old version, we should carefully consider our options. >> >> We already removed support for < 1.0.1 in

Re: [Openvpn-devel] On testing with openssl 0.9.8

Hi, On Mon, Jan 22, 2018 at 05:05:35PM +0100, Steffan Karger wrote: > > So if we don't have really strong arguments keeping support for > > this old version, we should carefully consider our options. > > We already removed support for < 1.0.1 in the master branch. Maybe > just make sure we can

Re: [Openvpn-devel] On testing with openssl 0.9.8

Hi, Didn't we have this discussion before? Gert basically NAK'd removing support for a library version in a dot-release, which I think is valid reasoning (even though I really would like to drop 0.9.8). Anyway, to fill in the facts: On 22-01-18 15:55, David Sommerseth wrote: > On 22/01/18

Re: [Openvpn-devel] [PATCH 2/3] Allow external EC key through --management-external-key

On Mon, Jan 22, 2018 at 8:21 AM, David Sommerseth wrote: > > On 18/01/18 16:49, Selva Nair wrote: > > Hi > > > > On Wed, Jan 17, 2018 at 3:53 AM, Steffan Karger > > wrote: > > > > Hi, > > > >

Re: [Openvpn-devel] On testing with openssl 0.9.8

Hi, On Mon, Jan 22, 2018 at 7:33 AM, David Sommerseth wrote: > Let me rather twist this question around ... Do we want to support OpenSSL > 0.9.8? Are there any Linux distributions or other OSes out there in the wild > which is still supported which are also

Re: [Openvpn-devel] On testing with openssl 0.9.8

On 22/01/18 15:12, Simon Matter wrote: >> On 20/01/18 18:22, Selva Nair wrote: >>> Hi, >>> >>> Does openvpn-vagrant include any VM provisioning with openssl-0.9.8? >>> Until recently I had access to a few old debian boxes but now all >>> updated and 0.9.8 testing is getting harder. >> >> Let me

Re: [Openvpn-devel] On testing with openssl 0.9.8

> On 20/01/18 18:22, Selva Nair wrote: >> Hi, >> >> Does openvpn-vagrant include any VM provisioning with openssl-0.9.8? >> Until recently I had access to a few old debian boxes but now all >> updated and 0.9.8 testing is getting harder. > > Let me rather twist this question around ... Do we want

Re: [Openvpn-devel] [PATCH 2/3] Allow external EC key through --management-external-key

On 18/01/18 16:49, Selva Nair wrote: > Hi > > On Wed, Jan 17, 2018 at 3:53 AM, Steffan Karger > wrote: > > Hi, > > On 17-01-18 05:24, Selva Nair wrote: > > Also I'm toying with the idea of renaming ecdsa-sig/ECDSA-SIGN

Re: [Openvpn-devel] On testing with openssl 0.9.8

On 20/01/18 18:22, Selva Nair wrote: > Hi, > > Does openvpn-vagrant include any VM provisioning with openssl-0.9.8? > Until recently I had access to a few old debian boxes but now all > updated and 0.9.8 testing is getting harder. Let me rather twist this question around ... Do we want to

Re: [Openvpn-devel] On testing with openssl 0.9.8

Hi, Il 20/01/2018 19:22, Selva Nair ha scritto: > Hi, > > Does openvpn-vagrant include any VM provisioning with openssl-0.9.8? > Until recently I had access to a few old debian boxes but now all > updated and 0.9.8 testing is getting harder. > > Selva Right now openvpn-vagrant[*] contains only