Hi Gert, Steffan and David !
There is Sample HTTP (SSO) OpenVPN Plugin with http.client.py and
http-server.py scripts based on OpenVPN's RFC-5705 support.
OpenVPN plugin examples.Daniel Kubec
Examples provided:
sso.c -- HTTP (SSO) Example based on TLS Keying Mater
Hi Gert, Steffan and David
I fixed following:
a) doc/keying-material-exporter.txt ( "straightforward" spelling )
b) used spaces instead of tabs in
ssl_openssl.c:key_state_export_keying_material() + some minor code
cleanups
Gert
I understand your valid questions and still thinking about some real
Hi,
On Mon, Mar 09, 2015 at 08:46:10PM +0100, daniel kubec wrote:
> It is nothing more then generating same keying material for client and
> server plugins (OPENVPN_PLUGIN_TLS_FINAL callback)
> without the need of transfer that key throught (D)TLS channel and/or app
> layer.
Why is it so hard to
Hi,
I wanted to discuess (IRC) what exactly I should add to documentation.
It's like adding standard, secure and well defined hash-function for
use by plugins and then there are (N) different use-cases.
"\-keying-material-exporter label len
Save Exported Keying Material [RFC5705] of len bytes us
Hi,
On Mon, Mar 09, 2015 at 07:26:28PM +0100, daniel kubec wrote:
> It is actually well defines mechanism for "crypto/authentication"
> plugin developers and they should know what they are doing.
>
> Maybe Let's try to discuss that using IRC.
IRC explanation isn't going to help someone who comes
Hi Gert,
There are alot of different use-cases for this standard mechanism and
I really thinkin about better explanation in general.
I think that some real example will help alot but it requires alot of
client+server code of different protocols (so many of do this and
that).
When you got authenti
Hi Steffan, David and Gert,
I fixed bug related to format_hex_ex() for size > 20, removed bracers
arround "-keying-material-exporter label len" and added upper bound
to the check in options.c.
king regards
Daniel
On 6 March 2015 at 20:44, David Sommerseth
wrote:
> -BEGIN PGP SIGNED MESSAG
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/03/15 01:03, daniel kubec wrote:
> Greetings Steffan, David and Gert
>
> Thank you very much for your comments.
>
> 1) log level switched to D_TLS_DEBUG_MED 2) ekm_size removed,
> ekm_size != 0 condition is used instead. 3) changed to:
> export
Hi,
On Mon, Mar 02, 2015 at 01:03:38AM +0100, daniel kubec wrote:
> Added 2 patches related to [RFC-5705] (code + docs).
Thanks. TBH, this is all very nice and dandy, but it still doesn't
make much sense to me...
Some more real-worldish specific examples ("do *this* and *that*, and then
this me
On 02-03-15 01:03, daniel kubec wrote:
Greetings Steffan, David and Gert
Thank you very much for your comments.
1) log level switched to D_TLS_DEBUG_MED
2) ekm_size removed, ekm_size != 0 condition is used instead.
3) changed to: exported_keying_material
4) minimum set to 16 bytes and maximum
Greetings Steffan, David and Gert
Thank you very much for your comments.
1) log level switched to D_TLS_DEBUG_MED
2) ekm_size removed, ekm_size != 0 condition is used instead.
3) changed to: exported_keying_material
4) minimum set to 16 bytes and maximum set to 4095 bytes.
Added 2 patches relate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 23-02-15 17:28, David Sommerseth wrote:
> On 23/02/15 17:18, Gert Doering wrote:
>> On Mon, Feb 23, 2015 at 04:51:34PM +0100, Daniel Kubec wrote:
>>> Keying Material Exporter [RFC 5705] Patch rebased to actual
>>> master branch.
>
>> There definite
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 23/02/15 17:18, Gert Doering wrote:
> Hi,
>
> On Mon, Feb 23, 2015 at 04:51:34PM +0100, Daniel Kubec wrote:
>> Keying Material Exporter [RFC 5705] Patch rebased to actual master
>> branch.
>
> There definitely needs to be much(!) more documentatio
Hi,
On Mon, Feb 23, 2015 at 04:51:34PM +0100, Daniel Kubec wrote:
> Keying Material Exporter [RFC 5705] Patch rebased to actual master
> branch.
There definitely needs to be much(!) more documentation about this, maybe
an extra .txt file under doc/ - I still(!) have *no* idea what this is
usefu
Hi David,
Keying Material Exporter [RFC 5705] Patch rebased to actual master
branch.
Daniel
>From aec0e05d02392bca61eca9ea41e10f9a2dec5d07 Mon Sep 17 00:00:00 2001
From: Daniel Kubec
List-Post: openvpn-devel@lists.sourceforge.net
Date: Mon, 23 Feb 2015 16:04:48 +0100
Subject: [PATCH 1/1] Added
15 matches
Mail list logo
