Am 16.08.19 um 16:14 schrieb Juliusz Sosinowicz:
> This patch adds the option to use wolfSSL as the ssl backend. To build
> this patch:
>
That is great and it is also a very big patch. I skimmed only through
the patch.
+#ifdef ENABLE_CRYPTO_WOLFSSL
+ o->ciphername = "AES-256-CBC";
+#else
o->ciphername = "BF-CBC";
+#endif
Such silent changes that OpenVPN behaves different, is something we
would like to avoid. Better to error out in this case than to behave
diffently.
Overall the WolfSSL feels to be a bit similar to OpenSSL. Is there any
compatibility you are aiming at?
Also it would be nice to have a summary for people on the OpenVPN
perspective
- Why WolfSSL in OpenVPN instead of mbed or OpenSSL
- What features does WolfSSL offer in OpenVPN that mbed/OpenSSL don't have
- What is missing with WolfSSL?
That should also good to have in the patch like README.mbedtls.
And one of the important question is:
What are your future plans in terms of involvement in OpenVPN
development and maintaince? I think since you are first time contributer
and this a big patch, that is something resonable to ask.
Arne
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
