Arne,
the type casting warning was fixed in
https://github.com/wolfSSL/wolfssl/pull/5571. OpenVPN should now compile
without any warnings.
Juliusz
On 02/09/2022 11:50, Juliusz Sosinowicz wrote:
I'll try to propose a solution to avoid this warning.
Juliusz
On 01/09/2022 14:39, Arne
I'll try to propose a solution to avoid this warning.
Juliusz
On 01/09/2022 14:39, Arne Schwabe wrote:
(*)(const X509_NAME * const*, const X509_NAME * const*) {aka int
(*)(const struct WOLFSSL_X509_NAME * const*, const struct
WOLFSSL_X509_NAME * const*)}
In file included from
(*)(const X509_NAME * const*, const X509_NAME * const*) {aka int
(*)(const struct WOLFSSL_X509_NAME * const*, const struct
WOLFSSL_X509_NAME * const*)}
In file included from /usr/local/include/wolfssl/openssl/ssl.h:35,
from ssl_openssl.h:32,
from
Am 17.03.21 um 19:11 schrieb Juliusz Sosinowicz:
> This patch adds support for wolfSSL in OpenVPN. Support is added by using
> wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
> instead the OpenSSL includes point to wolfSSL headers and OpenVPN is linked
> against the
This patch adds support for wolfSSL in OpenVPN. Support is added by using
wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
instead the OpenSSL includes point to wolfSSL headers and OpenVPN is linked
against the wolfSSL library. The wolfSSL installation directory is
My apologies. I didn't notice your reply Gert. I will submit an updated
patch.
Sincerely
Juliusz
On 17/03/2021 18:22, Gert Doering wrote:
Hi,
On Wed, Mar 17, 2021 at 06:13:04PM +0100, Arne Schwabe wrote:
I would consider this an ACK. @Gert do you want a new version with the
configure.ac
Hi Arne,
wolfSSL does not support Ed25519 certificates in the compatibility layer.
I added the EKM signaling locally. I can submit the patch with this
modification if you would like me to.
Sincerely
Juliusz
On 17/03/2021 18:13, Arne Schwabe wrote:
Am 12.03.21 um 16:12 schrieb Juliusz
Hi,
On Wed, Mar 17, 2021 at 06:13:04PM +0100, Arne Schwabe wrote:
> I would consider this an ACK. @Gert do you want a new version with the
> configure.ac fixed?
Since this is a real code change, I'd prefer to have an updated patch
with that change included.
gert
--
"If was one thing all
Am 12.03.21 um 16:12 schrieb Juliusz Sosinowicz:
> Hi Arne,
>
> I found that the connecting issue is that
> wolfSSL_CTX_set_min_proto_version will fail when the user (in this case
> OpenVPN) tries to set a protocol version that was not compiled in. I
> modified our configure.ac script when
Hi Arne,
I found that the connecting issue is that
wolfSSL_CTX_set_min_proto_version will fail when the user (in this case
OpenVPN) tries to set a protocol version that was not compiled in. I
modified our configure.ac script when building for OpenVPN along with
some additional fixes in this
Am 22.02.21 um 16:28 schrieb Juliusz Sosinowicz:
> Hi Arne,
>
> have you had any success in compiling OpenVPN with wolfSSL?
>
Yes, sorry for taking so long. However the client does not work with my
test config (those are on my mac):
2021-03-03 13:19:11 library versions: wolfSSL 4.7.1
Hi Arne,
have you had any success in compiling OpenVPN with wolfSSL?
Sincerely
Juliusz
On 15/02/2021 13:13, Juliusz Sosinowicz wrote:
Hi Arne,
the pull request has been merged to the wolfSSL master branch and will
be included in the next wolfSSL release. Your issue has been resolved.
Are
Hi Arne,
the pull request has been merged to the wolfSSL master branch and will
be included in the next wolfSSL release. Your issue has been resolved.
Are able to try compiling again?
Sincerely
Juliusz
On 27/01/2021 20:07, Arne Schwabe wrote:
Am 27.01.21 um 18:25 schrieb Juliusz
Hi Arne,
our CI tests caught that as well. I was able to fix it quickly but it
looks like you were even quicker :D The latest version of the PR should
be free from the implicit conversion errors.
Sincerely
Juliusz
On 27/01/2021 20:07, Arne Schwabe wrote:
Am 27.01.21 um 18:25 schrieb
Am 27.01.21 um 18:25 schrieb Juliusz Sosinowicz:
> Hi Arne,
>
> I believe I fixed the issues that you mentioned in your review of the
> patch for wolfSSL. I have sent a new patch tested on the latest master
> branch on OpenVPN along with the version of wolfSSL found in this pull
> request:
This patch adds support for wolfSSL in OpenVPN. Support is added by using
wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
instead the OpenSSL includes point to wolfSSL headers and OpenVPN is linked
against the wolfSSL library. The wolfSSL installation directory is
Am 03.12.20 um 14:32 schrieb Juliusz Sosinowicz:
> Hi Arne,
>
> I didn't send a new patch yet because I only wanted to provide an update
> that progress is being made. I'm attaching an updated patch if you are
> interested.
>
> I didn't get that error when compiling wolfSSL with the compile
Hi Arne,
I didn't send a new patch yet because I only wanted to provide an update
that progress is being made. I'm attaching an updated patch if you are
interested.
I didn't get that error when compiling wolfSSL with the compile options
you provided. Is it possible that you didn't run
Am 19.11.20 um 13:23 schrieb Juliusz Sosinowicz:
> Hi Arne,
>
> some time has passed and I was able to address most of your comments in
> my branch
> https://github.com/julek-wolfssl/wolfssl/tree/openvpn-2.5-missing-stuff
>
> To summarize what has been done regarding your comments:
>
> * SHA1
Hi Arne,
some time has passed and I was able to address most of your comments in
my branch
https://github.com/julek-wolfssl/wolfssl/tree/openvpn-2.5-missing-stuff
To summarize what has been done regarding your comments:
* SHA1 was indeed being called SHA in wolfSSL. I changed this in favor
Hi Arne,
thank you for your extensive review of OpenVPN with wolfSSL.
On 17/09/2020 00:05, Arne Schwabe wrote:
...
I am still seeing this warning:
2020-09-16 23:20:14 WARNING: 'auth' is used inconsistently, local='auth
SHA', remote='auth SHA1'
Are you internally calling SHA1 just SHA and
Am 17.09.20 um 17:50 schrieb Juliusz Sosinowicz:
> Could you describe how you generated this warning? Looking into our
> sources, we do call SHA1 just SHA in wolfSSL. Other variants have names
> in the format of SHA.
Just connecting to a server.
Arne
signature.asc
Description: OpenPGP digital
On 17/09/2020 00:05, Arne Schwabe wrote:
> This snippet in the configure.ac looks strange:
>
> if test -n "${WOLFSSL_DIR}"; then
> wolfssldir="${WOLFSSL_DIR}"
> else
> wolfssldir="/usr/local/include/wolfssl"
> fi
>
> I am not sure hardcoding a
Am 16.09.20 um 11:45 schrieb Juliusz Sosinowicz:
> Hi Arne,
>
> a quick update. A PR is now open in wolfSSL with fixes for OpenVPN master.
This is the version that I could actually take a deeper look at, so here
are my results. It generally works but there seems some loose ends:
I am still
Hi Arne,
a quick update. A PR is now open in wolfSSL with fixes for OpenVPN master.
Sincerely
Juliusz
On 10/09/2020 14:16, Arne Schwabe wrote:
Am 10.09.20 um 14:11 schrieb Juliusz Sosinowicz:
Hi Arne,
I understand your concern and apologize for the delay. We have been busy
with the release
On 10/09/2020 14:16, Arne Schwabe wrote:
> Am 10.09.20 um 14:11 schrieb Juliusz Sosinowicz:
>> Hi Arne,
>>
>> I understand your concern and apologize for the delay. We have been busy
>> with the release of wolfSSL 4.5.0. I will make sure that the fixes
>> necessary for OpenVPN support will be
Hi Arne,
I understand your concern and apologize for the delay. We have been busy
with the release of wolfSSL 4.5.0. I will make sure that the fixes
necessary for OpenVPN support will be prioritized.
Sincerely
Juliusz
On 10/09/2020 12:18, Arne Schwabe wrote:
Am 22.07.20 um 16:02 schrieb
Am 10.09.20 um 14:11 schrieb Juliusz Sosinowicz:
> Hi Arne,
>
> I understand your concern and apologize for the delay. We have been busy
> with the release of wolfSSL 4.5.0. I will make sure that the fixes
> necessary for OpenVPN support will be prioritized.
>
> Sincerely
> Juliusz
I think the
Am 22.07.20 um 16:02 schrieb Juliusz Sosinowicz:
> Hi Arne,
>
> thank you for your feedback. I tested the patch on the latest master
> version at the time of writing and it looks like these requirements were
> added in the last week which is why I wasn't able to address them
> before.I will look
Hi Arne,
thank you for your feedback. I tested the patch on the latest master
version at the time of writing and it looks like these requirements were
added in the last week which is why I wasn't able to address them
before.I will look into the new issues and get back to you when they are
Am 15.07.20 um 10:26 schrieb Juliusz Sosinowicz:
> Hi Everyone,
>
> do you have an update on the latest patch I sent? There have been
> updates to wolfSSL to fix the remaining issues brought up last time.
>
Yes. I looked at this today in the expectation that I just compile test,
do a few quick
Hi Everyone,
do you have an update on the latest patch I sent? There have been
updates to wolfSSL to fix the remaining issues brought up last time.
Thanks
Juliusz
On 16/06/2020 20:00, Juliusz Sosinowicz wrote:
This patch adds support for wolfSSL in OpenVPN. Support is added by using
This patch adds support for wolfSSL in OpenVPN. Support is added by using
wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
instead the OpenSSL includes point to wolfSSL headers and OpenVPN is linked
against the wolfSSL library.
As requested by OpenVPN maintainers,
Hi Antonio,
thank you for reviewing and testing OpenVPN with wolfSSL. Let me explain
the warnings:
On 07/05/2020 12:28, Antonio Quartulli wrote:
Hi Juliusz,
There are some warnings when compiling with wolfssl v4.0.0-stable:
In file included from crypto_openssl.c:44:
openssl_compat.h:93:
Hi Arne,
currently it is macro'ed to wolfSSL_lib_version which only returns the
version string. I will add our library name to the front of the
OpenSSL_version return string.
Thanks,
Juliusz
On 07/05/2020 12:35, Arne Schwabe wrote:
Am 07.05.20 um 12:28 schrieb Antonio Quartulli:
Thu May
Am 07.05.20 um 12:28 schrieb Antonio Quartulli:
> Thu May 7 12:16:12 2020 library versions: 4.4.0, LZO 2.10
Additionally it seems the OpenSSL_version(OPENSSL_VERSION) function does
not include the library name. OpenSSL reports itself here:
library versions: OpenSSL 1.1.1g 21 Apr 2020
also
Hi Juliusz,
There are some warnings when compiling with wolfssl v4.0.0-stable:
In file included from crypto_openssl.c:44:
openssl_compat.h:93: warning: "EVP_CIPHER_CTX_reset" redefined
93 | #define EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_init
|
In file included from crypto_openssl.h:32,
Am 29.04.20 um 16:51 schrieb Juliusz Sosinowicz:
> This patch adds support for wolfSSL in OpenVPN. Support is added by using
> wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
> instead the OpenSSL includes point to wolfSSL headers and OpenVPN is linked
> against the
This patch adds support for wolfSSL in OpenVPN. Support is added by using
wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
instead the OpenSSL includes point to wolfSSL headers and OpenVPN is linked
against the wolfSSL library.
As requested by OpenVPN maintainers,
The Readme looks good. Just one suggestion.
On 16/04/2020 13:11, Arne Schwabe wrote:
Am 16.04.20 um 12:42 schrieb Juliusz Sosinowicz:
Hi Arne,
On 15/04/2020 11:31, Arne Schwabe wrote:
Am 14.04.20 um 20:52 schrieb Juliusz Sosinowicz:
This patch adds support for wolfSSL in OpenVPN. Support is
Am 16.04.20 um 12:42 schrieb Juliusz Sosinowicz:
> Hi Arne,
>
> On 15/04/2020 11:31, Arne Schwabe wrote:
>> Am 14.04.20 um 20:52 schrieb Juliusz Sosinowicz:
>>> This patch adds support for wolfSSL in OpenVPN. Support is added by
>>> using wolfSSL's OpenSSL compatibility layer. Function calls are
Hi Arne,
On 15/04/2020 11:31, Arne Schwabe wrote:
Am 14.04.20 um 20:52 schrieb Juliusz Sosinowicz:
This patch adds support for wolfSSL in OpenVPN. Support is added by using
wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
instead the OpenSSL includes point to
Hi Gert,
thanks for the suggestion. I will change this in the next patch after
looking into the issue that Arne brought up.
On 15/04/2020 11:48, Gert Doering wrote:
Hi,
as Arne said, this is much better.
On Tue, Apr 14, 2020 at 08:52:14PM +0200, Juliusz Sosinowicz wrote:
This patch adds
On 14/04/2020 20:52, Juliusz Sosinowicz wrote:
> diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c
> index 30eba7b2..a82c52ad 100644
> --- a/src/openvpn/cryptoapi.c
> +++ b/src/openvpn/cryptoapi.c
> @@ -39,6 +39,10 @@
>
> #ifdef ENABLE_CRYPTOAPI
>
> +#ifdef ENABLE_CRYPTO_WOLFSSL
Hi,
as Arne said, this is much better.
On Tue, Apr 14, 2020 at 08:52:14PM +0200, Juliusz Sosinowicz wrote:
> This patch adds support for wolfSSL in OpenVPN. Support is added by using
> wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
> instead the OpenSSL includes
Am 14.04.20 um 20:52 schrieb Juliusz Sosinowicz:
> This patch adds support for wolfSSL in OpenVPN. Support is added by using
> wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
> instead the OpenSSL includes point to wolfSSL headers and OpenVPN is linked
> against the
This patch adds support for wolfSSL in OpenVPN. Support is added by using
wolfSSL's OpenSSL compatibility layer. Function calls are left unchanged and
instead the OpenSSL includes point to wolfSSL headers and OpenVPN is linked
against the wolfSSL library.
As requested by OpenVPN maintainers,
Am 09.02.20 um 12:08 schrieb Juliusz Sosinowicz:
> Hi Antonio,
>
> Gert is correct, our compatibility layer is a set of functions in
> wolfSSL which emulate the OpenSSL API. These functions are then macro
> defined to have the same names as the OpenSSL functions. The configure
> script needs to
: Re: [Openvpn-devel] [PATCH] Support for wolfSSL with OpenVPN master
branch Hi,On 09/02/2020 10:50, Gert Doering wrote:> Hi,> > On Sun, Feb 09,
2020 at 10:44:48AM +0100, Antonio Quartulli wrote:>> if wolfssl support is
being introduced by means of the openssl>> compatibility
Hi Juliusz,
if wolfssl support is being introduced by means of the openssl
compatibility layer, why do people need to configure OpenVPN with
"./configure --with-crypto-library=wolfssl", rather than just using
openssl and specifying a different path for headers/libraries?
Isn't the compat layer
Hi,
On 09/02/2020 10:50, Gert Doering wrote:
> Hi,
>
> On Sun, Feb 09, 2020 at 10:44:48AM +0100, Antonio Quartulli wrote:
>> if wolfssl support is being introduced by means of the openssl
>> compatibility layer, why do people need to configure OpenVPN with
>> "./configure
Hi,
On Sun, Feb 09, 2020 at 10:44:48AM +0100, Antonio Quartulli wrote:
> if wolfssl support is being introduced by means of the openssl
> compatibility layer, why do people need to configure OpenVPN with
> "./configure --with-crypto-library=wolfssl", rather than just using
> openssl and
Hi Gert,
thank you for your comments. My intention was not to add a second cipher
line in the sample config file. I added "cipher AES-256-CBC" to an
earlier version of OpenVPN when there was no cipher specified in the
loopback-client and loopback-server files. After rebasing my commit onto
Hi Juliusz,
please send patches out of a git tree, coming from a git commit with
"git commit -s", and having a somewhat relevant commit message.
Besides this, please do not
> --- a/sample/sample-config-files/loopback-client
> +++ b/sample/sample-config-files/loopback-client
> @@ -25,3 +25,4 @@
wolfSSL:
Support added in: https://github.com/wolfSSL/wolfssl/pull/2503
```
git clone https://github.com/wolfSSL/wolfssl.git
cd wolfssl
./autogen.sh
./configure --enable-openvpn
make
sudo make install
```
OpenVPN:
```
autoreconf -i -v -f
./configure --with-crypto-library=wolfssl
make
make check
Hi David,
I apologize for the delayed response. I will rebase our OpenVPN work off
of the master branch this week in anticipation for a possible inclusion
in version 2.5.
Regarding your question "What kind of commitment will we see from the
WolfSSL organization?":
We have a large customer
On 14/11/2019 11:22, Juliusz Sosinowicz wrote:
> From: David Garske
>
> wolfSSL:
>
> Support added in: https://github.com/wolfSSL/wolfssl/pull/2503
>
> ```sh
> git clone https://github.com/wolfSSL/wolfssl.git
> cd wolfssl
> ./autogen.sh
> ./configure --enable-opensslall --enable-des3
From: David Garske
wolfSSL:
Support added in: https://github.com/wolfSSL/wolfssl/pull/2503
```sh
git clone https://github.com/wolfSSL/wolfssl.git
cd wolfssl
./autogen.sh
./configure --enable-opensslall --enable-des3 --enable-crl --enable-certgen
--enable-certext --enable-aesctr
58 matches
Mail list logo
