Re: [Openvpn-devel] [ovpn-dco] Is cbc-hmac supported?

Hi Arne, openssl speed -evp aes-128-cbc type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 20035.60k 123261.54k 267081.60k 1094764.09k 9181370.18k openssl speed -evp aes-128-gcm type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-gcm 18738.76k 19284.91k 19524.44k 19606.8

[Openvpn-devel] OpenVPN 3 Linux client - v12 beta released

Hi, The OpenVPN 3 Linux v12 beta is now ready. The highlights of this release includes: * Feature: Web-based authentication For servers allowing web based authentication, OpenVPN 3 Linux will now pick up this authentication type request and handle it. If the openvpn2 or openvpn3 user-fron

[Openvpn-devel] [PATCH applied] Re: Fix auth-token not being updated if auth-nocache is set

Acked-by: Gert Doering Thanks for digging into this - this was an annoying and hard to diagnose "sometimes, TLS reconnects fail for users where it *should* succeed due to tokens being used" problem (that openvpn considers tokens sensitive and never logs them didn't help pinpointing the issue :

[Openvpn-devel] [PATCH] Fix auth-token not being updated if auth-nocache is set

This fixes the auth-token not being updated if auth-nocache is set. Our set_auth_token method ensures that the auth-token always has a username but is a little bit too strict in the check. Also add doxygen documentation and remove null checks. We use this function only with non-null pointers and i

[Openvpn-devel] [PATCH v2] Fix port-share option with TLS-Crypt v2

The port-share option assumed that all openvpn initial reset packets are between 14 and 255 bytes long. This is not true for tls-crypt-v2. Patch V2: use correct length for TLS-Crypt v2, use length variable non-tlscryptv2 test Signed-off-by: Arne Schwabe --- src/openvpn/ps.c | 34 +