Hi,
On Tue, Nov 12, 2013 at 05:35:45PM +0100, Steffan Karger wrote:
> It would be very nice to get full EC support in OpenVPN! :)
Indeed!
From my point of view, I'd ask for a favour - if at all possible, I'd like
to get a consistent set of patches against a fairly recent "master", that
should g
Hi,
On 11/12/2013 04:12 PM, Jan Just Keijser wrote:
> correct , although you can currently use EC certs with SHA1 signing -
> just not with SHA2 signing.
>
> JJK
Which means adding SHA2 hashing is at least a nice addition. I've taken
a quick peak at the code, applied the patches to master (which
Alon Bar-Lev wrote:
On Tue, Nov 12, 2013 at 3:51 PM, Jan Just Keijser wrote:
Alon Bar-Lev wrote:
On Tue, Nov 12, 2013 at 1:37 PM, Jan Just Keijser wrote:
there was actually a follow-up to this patch, which was sent to the
openvpn-devel list on Feb 7th 2012:
Added support for Elliptic c
On Tue, Nov 12, 2013 at 3:51 PM, Jan Just Keijser wrote:
> Alon Bar-Lev wrote:
>
> On Tue, Nov 12, 2013 at 1:37 PM, Jan Just Keijser wrote:
>
>
> there was actually a follow-up to this patch, which was sent to the
> openvpn-devel list on Feb 7th 2012:
>
>
> Added support for Elliptic curves (ECDS
Alon Bar-Lev wrote:
On Tue, Nov 12, 2013 at 1:37 PM, Jan Just Keijser wrote:
there was actually a follow-up to this patch, which was sent to the
openvpn-devel list on Feb 7th 2012:
Added support for Elliptic curves (ECDSA) + SHA2 family signed
certificates.
Great!
And what is the s
On Tue, Nov 12, 2013 at 1:37 PM, Jan Just Keijser wrote:
> there was actually a follow-up to this patch, which was sent to the
> openvpn-devel list on Feb 7th 2012:
>
>
> Added support for Elliptic curves (ECDSA) + SHA2 family signed
> certificates.
Great!
And what is the status?
there was actually a follow-up to this patch, which was sent to the
openvpn-devel list on Feb 7th 2012:
Added support for Elliptic curves (ECDSA) + SHA2 family signed
certificates.
---
init.c |7
options.c | 15 ++
options.h |6
ssl.c |3 +
Hi,
I re-send this patch as it proved to be somewhat helpful.
It will be great to reach to a level it can be actually used.
I guess configuration option should be added to make it optional and
remove the hard coded curve?
Regards,
Alon Bar-Lev.
On Tue, Nov 12, 2013 at 12:27 AM, Alon Bar-Lev w
From: Jan Just Keijser
Discussion: https://forums.openvpn.net/topic8404-30.html
Tested-By: Sanaullah
---
src/openvpn/ssl_openssl.c | 11 +++
1 file changed, 11 insertions(+)
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index f64177a..665bb5c 100644
--- a/src/openv
