Hi, On Thu, Jan 25, 2018 at 1:36 PM, Jonathan K. Bullard <[email protected]> wrote: > Hi. > > On Mon, Jan 22, 2018 at 12:31 PM, Selva Nair <[email protected]> wrote: >> What about extending the current "version" command with an argument >> where the client states the version of "management-speak" that it >> supports. Current management version is 1, we increase it to 1.1 and >> unless the client says "version 1.1" or more we do not send PK_SIGN. >> The client could do that when it gets the version message or any time >> later. The response to version command (current management version and >> openvpn daemon's version stays the same). No full-fledged cap >> negotiation, but good enough. > > That sounds reasonable; easy to implement in Tunnelblick > > >> The UX would be much better that way. > > Absolutely. >
Encouraged by Jonathan's reply I have made a patch to rename RSA_SIGN to PK_SIGN if client announces a version > 1. Will send it and a modified EC key patch soon. Selva ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
