[Openvpn-devel] [PATCH applied] Re: Fix build with LibreSSL

Thanks. Tested on OpenBSD 6.0, fixes compilation again. Your patch has been applied to the master and release/2.4 branch. commit 88a827f25cb4a79f06597ca438f8f04d37a03d4e (master) commit eac1e08923a161d81e0222d461c8b580a776 (release/2.4) Author: Jeremie Courreges-Anglas Date: Sun Nov 19 22:

Re: [Openvpn-devel] [PATCH applied] Re: Add --tls-cert-profile option for mbedtls builds

Hi, On 19-11-17 23:01, Jeremie Courreges-Anglas wrote: > Here's a diff, master builds and seems to run fine as a client on > OpenBSD-current. > > > From: Jeremie Courreges-Anglas > Date: Sun, 19 Nov 2017 22:57:56 +0100 > Subject: [PATCH] Fix build with LibreSSL > > Detect the presence of SSL_CTX

Re: [Openvpn-devel] OpenVPN + OpenSSL FIPS Object Module v2.0 causes OpenVPN to SIGSEGV

Hi, On Wed, Nov 22, 2017 at 01:53:50PM -0500, Jim Carroll wrote: > Question -- We'd like to submit a patch. Is the correct procedure still to > submit patches via email as described > https://community.openvpn.net/openvpn/wiki/DeveloperDocumentation#Dailydevel > opment. Or is appropriate for us to

Re: [Openvpn-devel] OpenVPN + OpenSSL FIPS Object Module v2.0 causes OpenVPN to SIGSEGV

Gert, You're tip lead me to the "secret" switch that allows MD5 in FIPS mode. And your completely right -- MD5 for non-HASH is a legal use in FIPS mode. I can't thank you enough. Question -- We'd like to submit a patch. Is the correct procedure still to submit patches via email as described http

[Openvpn-devel] Add --up-pre with the same functionality as --down-pre

Hi, In our situation we have the requirement to run scripts before tun/tap is opened, not after. While this could be hacked into the init script, the proper way seems to add it to openvpn as --up-pre option. That's independent from any init scripts / systemd service file and works the same way as

Re: [Openvpn-devel] OpenVPN + OpenSSL FIPS Object Module v2.0 causes OpenVPN to SIGSEGV

Hi, On Wed, Nov 22, 2017 at 09:49:47AM -0500, Jim Carroll wrote: > I'm not sure how to resolve this issue. tls1_PRF() is building data channel > keys exchanged between the client and server. It would appear to me that MD5 > is "baked into" the OpenVPN key negotiation in away that cannot be simply

[Openvpn-devel] OpenVPN + OpenSSL FIPS Object Module v2.0 causes OpenVPN to SIGSEGV

We are trying to get OpenVPN to work with the OpenSSL FIP Object Module v2.0, but each client connection causes our OpenVPN server to SIGSEGV. We know the line of code that is causing the problem (which I'll show below) -- but we're not sure how to convince the OpenVPN server to correctly establish