Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-20 Thread Christian Hesse
Christian Hesse on Mon, 2017/02/20 16:02: > Emmanuel Deloget on Mon, 2017/02/20 15:52: > > On Mon, Feb 20, 2017 at 2:53 PM, Emmanuel Deloget > > wrote: > > > Hi again, > > > > > > On Mon, Feb 20, 2017 at 2:33 PM, Emmanuel Deloget > > > wrote: > > >> Hi Christian, > > >> > > >> On Mon, Feb

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-20 Thread Christian Hesse
Emmanuel Deloget on Mon, 2017/02/20 15:52: > On Mon, Feb 20, 2017 at 2:53 PM, Emmanuel Deloget wrote: > > Hi again, > > > > On Mon, Feb 20, 2017 at 2:33 PM, Emmanuel Deloget > > wrote: > >> Hi Christian, > >> > >> On Mon, Feb 20, 2017 at 1:29 PM, Christian Hesse wrote: > >>> That matches my

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-20 Thread Emmanuel Deloget
On Mon, Feb 20, 2017 at 2:53 PM, Emmanuel Deloget wrote: > Hi again, > > On Mon, Feb 20, 2017 at 2:33 PM, Emmanuel Deloget wrote: >> Hi Christian, >> >> On Mon, Feb 20, 2017 at 1:29 PM, Christian Hesse wrote: >>> That matches my findings. Built against openssl 1.1.0e (Arch Linux package >>> open

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-20 Thread Emmanuel Deloget
Hi again, On Mon, Feb 20, 2017 at 2:33 PM, Emmanuel Deloget wrote: > Hi Christian, > > On Mon, Feb 20, 2017 at 1:29 PM, Christian Hesse wrote: >> That matches my findings. Built against openssl 1.1.0e (Arch Linux package >> openssl 1.1.0.e-1 [0]) the build itself succeeds, but 'make check' repor

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-20 Thread Emmanuel Deloget
Hi, On Mon, Feb 20, 2017 at 1:37 PM, Gert Doering wrote: > > Interesting. Anything useful in openvpn's logs? > Mon Feb 20 11:57:56 2017 us=371715 OpenSSL: error:0607B083:digital envelope routines:EVP_CipherInit_ex:no cipher set Mon Feb 20 11:57:56 2017 us=371746 EVP cipher init #2 I found the

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-20 Thread Emmanuel Deloget
Hi Christian, On Mon, Feb 20, 2017 at 1:29 PM, Christian Hesse wrote: > That matches my findings. Built against openssl 1.1.0e (Arch Linux package > openssl 1.1.0.e-1 [0]) the build itself succeeds, but 'make check' reports > lots of cipher failures. > > Are your patches available from a public g

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-20 Thread Gert Doering
Hi, On Mon, Feb 20, 2017 at 12:45:24PM +0100, Emmanuel Deloget wrote: > * 0.9.8zh --> EVP_PKEY_id() is not defined. I'm adding this to > openssl_compat.h and will provide a v2 patch with the change. Once > added, OpenVPN compiled successfully and was able to connect to my > /2.3 server. If possib

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-20 Thread Christian Hesse
Emmanuel Deloget on Mon, 2017/02/20 12:45: > Hello, > > On Sun, Feb 19, 2017 at 6:49 PM, Gert Doering wrote: > > Hi, > > > > On Sun, Feb 19, 2017 at 01:03:45PM +0100, Steffan Karger wrote: > >> Thank you very much. You approach looks good to me, and quite closely > >> matches what I had in mi

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-20 Thread Emmanuel Deloget
Hello, On Sun, Feb 19, 2017 at 6:49 PM, Gert Doering wrote: > Hi, > > On Sun, Feb 19, 2017 at 01:03:45PM +0100, Steffan Karger wrote: >> Thank you very much. You approach looks good to me, and quite closely >> matches what I had in mind for when I would find the time to tackle >> this. (Which m

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-19 Thread Gert Doering
Hi, On Sun, Feb 19, 2017 at 01:03:45PM +0100, Steffan Karger wrote: > Thank you very much. You approach looks good to me, and quite closely > matches what I had in mind for when I would find the time to tackle > this. (Which might have taken me a while, so really happy to see these > patches!) [

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-19 Thread Steffan Karger
On 19-02-17 15:58, David Sommerseth wrote: > On 19/02/17 13:03, Steffan Karger wrote: > >> As discussed in other threads, we do want to support building on RHEL6, >> which is why we would prefer to be compatible with (patched) OpenSSL >> 0.9.8. I haven't tested anything yet, but looking at the p

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-19 Thread Emmanuel Deloget
Hello, On Sun, Feb 19, 2017 at 1:03 PM, Steffan Karger wrote: > > Hi Emmanuel, > > Thank you very much. You approach looks good to me, and quite closely > matches what I had in mind for when I would find the time to tackle > this. (Which might have taken me a while, so really happy to see these

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-19 Thread David Sommerseth
On 19/02/17 13:03, Steffan Karger wrote: > As discussed in other threads, we do want to support building on RHEL6, > which is why we would prefer to be compatible with (patched) OpenSSL > 0.9.8. I haven't tested anything yet, but looking at the patches this > might very well just work, or otherwi

Re: [Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-19 Thread Steffan Karger
Hi Emmanuel, On 17-02-17 23:00, log...@free.fr wrote: > From: Emmanuel Deloget > > The purpose of this RFC series is to make the latest master of OpenVPN > (2.5-git) linkable with OpenSSL v1.1.x. It may not be complete (I may > have missed something due to my work environment, but any missing pi

[Openvpn-devel] [RFC PATCH v1 00/15] Add support for OpenSSL 1.1.x

2017-02-17 Thread logout
From: Emmanuel Deloget The purpose of this RFC series is to make the latest master of OpenVPN (2.5-git) linkable with OpenSSL v1.1.x. It may not be complete (I may have missed something due to my work environment, but any missing pieces will be added next week) so be a bit cautious with this. The