Hi, On Mon, Jan 29, 2018 at 3:25 AM, Gert Doering <g...@greenie.muc.de> wrote: > Hi, > > On Thu, Jan 25, 2018 at 02:41:01PM -0500, selva.n...@gmail.com wrote: >> From: Selva Nair <selva.n...@gmail.com> >> >> - Increase the management version from 1 to 2 >> - If the client announces support for management version > 1 >> prompt for signature using >PK_SIGN to which the client >> responds using 'pk-sig' >> Older (current) clients will be continued to be prompted >> by '>RSA_SIGN' and can respond using 'rsa-sig' >> - Remove an unused rsa_sig buffer-list variable >> >> This facilitates a transparent transition to PK_SIG and future deprecation >> of RSA_SIGN > > I'm a bit confused about the sequence of patches here. Is this one dependent > on one of the other PK_SIGN related patches? Or standalone and could be > applied to master "as is"?
Yes this two-patch set is standalone. Here is a gist: A: change RSA_SIGN to PK_SIGN if client supports it (2 patches) - [Openvpn-devel,1/2] Add management client version - [Openvpn-devel,2/2] Prompt for signature using '>PK_SIGN' if the client supports it B: ecdsa signature via management (one patch) - [Openvpn-devel,v3,2/3] Allow external EC key through --management-external-key (patch 1 of this series already applied, patch 3 abandoned) A is standalone, B needs A. In retrospect, I should have just started a new series. The presence of similar patches for cryptoapicert adds even more to the confusion. Also getting patchwork to correctly identify v2 of a series would help a bit. Its failing likely because of the [Openvpn-devel] in our subject line; if so it could be fixed by a simple patch to patchwork. Selva ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
