Hi,
On 20-01-17 23:01, David Sommerseth wrote:
> This actually tries to revert commit ec4dff3bbdcc9fedf7844 ... which is
> quite surprising.
>
> [...snip...]
>
> And this too is also a revert of the same commit as above.
>
> Had it been just a simple rebase, I'd be willing to tackle that
> on-t
On 18/12/16 17:40, Steffan Karger wrote:
> Our internal options digest uses MD5 hashes to store the state, instead of
> storing the full options string. There's nothing wrong with that, but it
> would still be better to use SHA256 because:
> * That makes it easier to make OpenVPN "FIPS-compliant"
On 26/12/16 00:20, Steffan Karger wrote:
> Hi,
>
> On 18-12-16 22:26, Gert Doering wrote:
>> On Sun, Dec 18, 2016 at 05:40:55PM +0100, Steffan Karger wrote:
>>> Our internal options digest uses MD5 hashes to store the state, instead of
>>> storing the full options string. There's nothing wrong wi
Am 26.12.16 um 08:05 schrieb Gert Doering:
> Hi,
>
> On Mon, Dec 26, 2016 at 12:20:53AM +0100, Steffan Karger wrote:
>> The oldest OpenSSL we support in release/2.4 and master is 0.9.8, and
>> has SHA256 support (was introduced in 2004). Also, the --tls-crypt
>> feature already unconditionally re
Am 26.12.16 um 09:14 schrieb Steffan Karger:
> openssl dgst -sha256
works for me
[9:37]{SIGINT}arne@styx:~% openssl version
OpenSSL 0.9.8zh 14 Jan 2016
[9:37]arne@styx:~% openssl dgst -sha256
abcd^D
fc4b5fd6816f75a7c81fc8eaa9499d6a299bd803397166e8c4cf9280b801d62c
[9:37]arne@styx:~%
But anyway. I
On 26 December 2016 at 04:18, Jonathan K. Bullard wrote:
> The OpenSSL included in macOS (was OS X) 10.11 and 10.12 (the two
> most recent versions) is 0.9.8zh (an Apple-patched version) and as far
> as I can tell, it does not seem to include SHA256 (i.e., "openssl sha1
> foo" works but "openssl
Hi,
On Mon, Dec 26, 2016 at 12:20:53AM +0100, Steffan Karger wrote:
> The oldest OpenSSL we support in release/2.4 and master is 0.9.8, and
> has SHA256 support (was introduced in 2004). Also, the --tls-crypt
> feature already unconditionally requires SHA256 to be available.
Good enough for me.
On Sun, Dec 25, 2016 at 6:20 PM, Steffan Karger wrote:
> Hi,
>
> On 18-12-16 22:26, Gert Doering wrote:
>> On Sun, Dec 18, 2016 at 05:40:55PM +0100, Steffan Karger wrote:
>>> Our internal options digest uses MD5 hashes to store the state, instead of
>>> storing the full options string. There's no
Hi,
On 18-12-16 22:26, Gert Doering wrote:
> On Sun, Dec 18, 2016 at 05:40:55PM +0100, Steffan Karger wrote:
>> Our internal options digest uses MD5 hashes to store the state, instead of
>> storing the full options string. There's nothing wrong with that, but it
>> would still be better to use SH
Hi,
On Sun, Dec 18, 2016 at 05:40:55PM +0100, Steffan Karger wrote:
> Our internal options digest uses MD5 hashes to store the state, instead of
> storing the full options string. There's nothing wrong with that, but it
> would still be better to use SHA256 because:
> * That makes it easier to m
10 matches
Mail list logo
