From: "James Yonan" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Copies to: <[EMAIL PROTECTED]> Subject: OpenVPN and OpenSSL 0.9.7 was: Re: Integration of AES algorith to OpenSSL Crypto library Date sent: Fri, 3 May 2002 09:09:01 -0600 Send reply to: [EMAIL PROTECTED]
I know this may sound simplistic, but since you are the author of OpenVPN, why don't you make a simple check for the OpenSSL version and use 0.9.7 the way it was designed to be used. If the check indicates you are using 0.9.6, use the method you currently use. One of the developers commented recently that OpenSSL has a *LOT* of overhead, both in size and complexity, just to try to keep everyone happy. Ken > > So, I need to know the process of integration of new cipher to Crypto > > library. > > I've tried to place the directory with new cipher (aes) inside of the crypto > > directory, > > modified root Makefile.ssl and crypto/Makefile.ssl however it seems that it > > is not enough - > > new codec does not appear in the list of supported codecs of openvpn > > executable. > > Ask the author, James Yonan, he is around on this list. > And with him around asking about EVP-problems I am would guess that > he already nailed down the problem with 0.9.7. OpenVPN uses the cipher-independent EVP layer of OpenSSL as an interface to the symmetric cipher algorithms. In the current 0.9.7 snapshot, the EVP API has been modified so it is incompatible with 0.9.6 -- this is probably the cause of the crash. I had the same result when I tried to test OpenVPN with 0.9.7 and AES-256. I know there's some discussion going on about fixing this, so the EVP API stays compatible. If you need something right now, I have a simple patch for 0.9.7 which will restore the 0.9.6 EVP behavior. When I applied this patch, OpenVPN ran fine with 0.9.7 and the AES-256 cipher. James Yonan OpenVPN developer http://openvpn.sourceforge.net/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl- [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] _ Support InterSoft International, Inc. Voice: 888-823-1541, International 281-398-7060 Fax: 888-823-1542, International 281-560-9170 [EMAIL PROTECTED] http://www.securenetterm.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]