Acked-by: Gert Doering
As discussed on IRC, and checked with the OpenSSL documentation and
"Internet knowledge". Most important: confirmed that it breaks with
--pkcs12 without that patch, and works with it (IRC, I did not test
myself).
Your patch has been applied to the master and release/2.5
Acked-by: Gert Doering
"Because it makes sense"
Your patch has been applied to the master and release/2.5 branch
(this will not directly effect actual code generation, but if we can see
and fix a warning in 2.5 that way, all the better).
commit 01ce6ca39d1f4bf45dcd49baede0094c4c990d3b
Adding openvpn-devel.
> Does that mean that CFG and Spectre protection are already included?
Those are merged into the "master" branch, but not into "released". We
could probably include those into the next 2.5 release? Otherwise
they'll be part of 2.6.
-Lev
Hi,
On Wed, Oct 06, 2021 at 03:40:55PM +0300, Lev Stipakov wrote:
> > Does that mean that CFG and Spectre protection are already included?
>
> Those are merged into the "master" branch, but not into "released". We
> could probably include those into the next 2.5 release? Otherwise
> they'll be
When we try to make a configuration compatible to a version earlier
than 2.4.0 we probably need to have a --cipher configured since NCP
is not available. In configuration where --cipher is not specified
we default to BF-CBC to support these old clients.
Note that with OpenSSL 3.0 you will also
From: Lev Stipakov
Starting from 2.5.4 we have switched to MSVC builds,
including dependencies such as OpenSSL.
When we link with natively-built OpenSSL .DLLs
(not cross compiled with MinGW), we are expected to include
applink.c, which provides glue between OpenSSL BIO layer
and compiler