I did not test this, and when reviewing, felt it's above my paygrade - but
since Arne is happy, and he really understands that code, perfect :-)
BB is happy as well!
(I *do* have tested this on the t_server testbed which has tls-crypt[-v2]
using instances, and it still works, so confidence level is high ;-)).
Your patch has been applied to the master branch.
commit 9f71f906ea95331fd9b269502e92c42d1812dd9e
Author: Max Fillinger
Date: Fri Oct 31 11:08:04 2025 +0100
Zeroize tls-crypt-v2 client keys
Signed-off-by: Max Fillinger <[email protected]>
Acked-by: Arne Schwabe <[email protected]>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1315
Message-Id: <[email protected]>
URL:
https://www.mail-archive.com/[email protected]/msg34103.html
Signed-off-by: Gert Doering <[email protected]>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
