Re: [Openvpn-devel] [PATCH v2] BUILD: enable CFG and Spectre mitigation for MSVC

Built and smoke-tested locally. Acked-by: Lev Stipakov ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

Hi, > from the management interface. But I haven't found the right Signature >> method from java yet to actually sign it correctly: >> >> sig = Signature.getInstance(SHA256withRSA/PSS); >> > SHA256withRSA/PSS may be trying to first do Sha256 digest of the data and then pad and sign. Instead try t

Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

On Thu, Sep 23, 2021 at 4:21 PM Arne Schwabe wrote: > Am 22.09.21 um 23:12 schrieb selva.n...@gmail.com: > > From: Selva Nair > > > > The following series of patches implement a built-in > > provider for interfacing OpenSSL 3.0 when external > > keys are in use. > > > > Essentially, to intercept

Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

Am 22.09.21 um 23:12 schrieb selva.n...@gmail.com: > From: Selva Nair > > The following series of patches implement a built-in > provider for interfacing OpenSSL 3.0 when external > keys are in use. > > Essentially, to intercept the sign operation, the SSL_CTX > object has to be created with pr

Re: [Openvpn-devel] [PATCH 2/9] Initialize the xkey provider and use it in SSL context

> #include > #include > @@ -75,6 +76,8 @@ static bool engine_initialized = false; /* GLOBAL */ > > static ENGINE *engine_persist = NULL; /* GLOBAL */ > > +static void *xkey_prov; > + This is under HAVE_OPENSSL_ENGINE instead have HAVE_XKEY_PROVIDER > /* Try to load an engine in a s

Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

Hi On Thu, Sep 23, 2021 at 11:27 AM Arne Schwabe wrote: > Am 23.09.21 um 16:02 schrieb Selva Nair: > > > > Hi Arne, > > > > > > So I have two options here: > > > > a) I finish my own implementation of the provider for OpenVPN3 to > not be > > influenced by this implementation and rev

Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

Am 23.09.21 um 16:02 schrieb Selva Nair: > > Hi Arne, > > > So I have two options here: > > a) I finish my own implementation of the provider for OpenVPN3 to not be > influenced by this implementation and review this implementation > after that > > b) you agree that I can t

Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

Hi Arne, > So I have two options here: > > a) I finish my own implementation of the provider for OpenVPN3 to not be > influenced by this implementation and review this implementation after that > > b) you agree that I can take parts of your code for the OpenVPN3 > implementation, then I go direct

Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

> So I have two options here: > > a) I finish my own implementation of the provider for OpenVPN3 to not be > influenced by this implementation and review this implementation after that > > b) you agree that I can take parts of your code for the OpenVPN3 > implementation, then I go directly into

Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

Am 22.09.21 um 23:12 schrieb selva.n...@gmail.com: > From: Selva Nair > > The following series of patches implement a built-in > provider for interfacing OpenSSL 3.0 when external > keys are in use. > > Essentially, to intercept the sign operation, the SSL_CTX > object has to be created with pr

[Openvpn-devel] Summary of the community meeting (22nd September 2021)

Hi, Here's the summary of the IRC meeting. --- COMMUNITY MEETING Place: #openvpn-meeting on libera.chat Date: Wed 22nd September 2021 Time: 14:00 CET (12:00 UTC) Planned meeting topics for this meeting were here: Your local meet