I have not reviewied this in full depth, trusting Frank here.
I *have* tested this on the server side testbed with "plain", "tls-auth"
and "tls-crypt" instances - and besides the fact that tls-crypt breaks
the 2.3 client (no support ;-) ) it all works nicely.
All the comments and whitespace bits have been fixed-on-the-fly
as instructed. I have also fixed the "Return *true* if this packet..."
comment before do_pre_decrypt_check() and rewrapped the very long
comment lines in mudp.c (why did uncrustify not find this?).
I have stared a bit at the code and I think I understand what the code
does, and it seems to make sense. Plus, it has unit tests :-)
Your patch has been applied to the master branch.
commit b364711486dc6371ad2659a5aa190941136f4f04
Author: Arne Schwabe
Date: Mon May 2 17:43:10 2022 +0200
Implement stateless HMAC-based sesssion-id three-way-handshake
Signed-off-by: Arne Schwabe <a...@rfc2549.org>
Acked-by: Frank Lichtenheld <fr...@lichtenheld.com>
Message-Id: <20220502154310.836947-1-a...@rfc2549.org>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24262.html
Signed-off-by: Gert Doering <g...@greenie.muc.de>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
