Hi,
On 05/06/18 11:29, Antonio Quartulli wrote:
> In preparation to having tls-auth/crypt keys per connection
> block, it is important to ensure that such material is always
> reload upon SIGUSR1, no matter is persist-key was specified or
> not.
>
> This is required because when moving from one r
Different VPN servers may use different tls-auth keys. For this
reason it is convenient to make tls-auth a per-connection-block
option so that the user is allowed to specify one key per remote.
If no tls-auth option is specified in a given connection block,
the global one, if any, is used.
If per
In preparation to having tls-auth/crypt keys per connection
block, it is important to ensure that such material is always
reload upon SIGUSR1, no matter is persist-key was specified or
not.
This is required because when moving from one remote to the
other the key may change and thus the key contex
Similarly to tls-auth, different remotes may use different
tls-crypt keys.
Allow the user to define a different key in each connection
block.
If no tls-crypt option is specified in a given connection block,
the global one, if any, is used.
If persist-key is specified, tls-crypt keys are pre-load
Hi,
On Mon, Jun 4, 2018 at 2:23 PM, wrote:
> On 5/31/18 10:33 PM, Selva Nair wrote:
> > OpenVPN still supports openssl 1.0 and you can't build with api
> > restricted to 1.1. At least not yet. So it will build only if you use
> > the "default build" of OpenSSL 1.1. And should build with 1.1
> >
On 5/31/18 10:33 PM, Selva Nair wrote:
> OpenVPN still supports openssl 1.0 and you can't build with api
> restricted to 1.1. At least not yet. So it will build only if you use
> the "default build" of OpenSSL 1.1. And should build with 1.1
> lib/headers in major distributions -- if not, there is a
On 03/06/18 12:11, Steffan Karger wrote:
> Can be suppressed by adding a "nowarn" flag to the compress options, for
> those that are really sure that compression is fine for their use case.
>
> Signed-off-by: Steffan Karger
> ---
> This patch is also meant to discuss how far we want to go in warn
Hi,
On 04/06/18 09:15, Gert Doering wrote:
On Mon, Jun 04, 2018 at 09:10:23AM +0200, Jan Just Keijser wrote:
What's the particular use case for putting tls-auth files in connection
blocks?
"I have one existing server that is not using tls-auth yet, and a new one
that has tls-auth, and I want b
Hi,
Gert has been faster to reply :-)
On 04/06/18 15:15, Gert Doering wrote:
> Hi,
>
> On Mon, Jun 04, 2018 at 09:10:23AM +0200, Jan Just Keijser wrote:
>> What's the particular use case for putting tls-auth files in connection
>> blocks?
>
> "I have one existing server that is not using tls
Hi,
On Mon, Jun 04, 2018 at 09:10:23AM +0200, Jan Just Keijser wrote:
> What's the particular use case for putting tls-auth files in connection
> blocks?
"I have one existing server that is not using tls-auth yet, and a new one
that has tls-auth, and I want both in the same config file"
Plus,
Hi Antonio,
On 04/06/18 04:15, Antonio Quartulli wrote:
Hi all,
On 02/06/18 11:42, Antonio Quartulli wrote:
Different VPN servers may use different tls-auth keys. For this
reason it is convenient to make tls-auth a per-connection-block
option so that the user is allowed to specify one key per
11 matches
Mail list logo
