I've been investigating adding SSL support to the community firmware and
have built two versions of openvpn for the touch using mbedtls and
openssl.
Unfortunately, mbedtls doesn't support many ciphers or digests, nor TLS
1.3. Which is too bad as it's much lighter than openssl. I had already
built openvpn with it before I realized those limitations.
The touch can handle moderate traffic with openvpn-openssl without
taxing the CPU. Here's a few top snapshots playing 16bit, 44.1Khz ALAC
files over a remote DSL connection. I choose ALAC instead of FLAC since
jive uses more CPU decoding ALAC. I didn't try any higher resolution
files.
ALAC Track start.
Code:
--------------------
PID PPID USER STAT VSZ %MEM %CPU COMMAND
12253 1 root R 5660 4% 25% /media/sda1/openvpn-openssl
--config /media/sda1/touch.ovpn --daemon
16819 1 root S 28968 23% 17% /usr/bin/jive
16828 16819 root S 8528 7% 4% jive_alsa -v -d default -c default
-b 20000 -p 2 -s 24 -f 1
16827 16819 root S 8608 7% 3% jive_alsa -v -d plughw:2,0 -b 20000
-p 2 -s 16 -f 2
--------------------
Plackback after 1 minute.
Code:
--------------------
PID PPID USER STAT VSZ %MEM %CPU COMMAND
12253 1 root S 5660 4% 6% /media/sda1/openvpn-openssl
--config /media/sda1/touch.ovpn --daemon
16819 1 root R 29100 23% 14% /usr/bin/jive
16828 16819 root S 8528 7% 3% jive_alsa -v -d default -c default
-b 20000 -p 2 -s 24 -f 1
16827 16819 root S 8608 7% 4% jive_alsa -v -d plughw:2,0 -b 20000
-p 2 -s 16 -f 2
--------------------
Playback after 3 minutes.
Code:
--------------------
PID PPID USER STAT VSZ %MEM %CPU COMMAND
12253 1 root R 5660 4% 9% /media/sda1/openvpn-openssl
--config /media/sda1/touch.ovpn --daemon
16819 1 root S 29100 23% 20% /usr/bin/jive
16828 16819 root S 8528 7% 4% jive_alsa -v -d default -c default
-b 20000 -p 2 -s 24 -f 1
16827 16819 root S 8608 7% 4% jive_alsa -v -d plughw:2,0 -b 20000
-p 2 -s 16 -f 2
--------------------
5 seconds before the Next ALAC Track start.
Code:
--------------------
PID PPID USER STAT VSZ %MEM %CPU COMMAND
12253 1 root R 5660 4% 30% /media/sda1/openvpn-openssl
--config /media/sda1/touch.ovpn --daemon
16819 1 root S 29232 23% 20% /usr/bin/jive
16828 16819 root S 8528 7% 5% jive_alsa -v -d default -c default
-b 20000 -p 2 -s 24 -f 1
16827 16819 root S 8608 7% 5% jive_alsa -v -d plughw:2,0 -b 20000
-p 2 -s 16 -f 2
--------------------
Both openvpn versions and the kernel tun.ko driver are 'available on
sourceforge'
(https://sourceforge.net/projects/lmsclients/files/squeezeos/fab4-openvpn-2.4.10.tar.gz/download).
This is only for the Touch it won't run on the Radio or Controller.
You need to load the tun kernel driver using *insmod tun.ko* before
running openssl or the commands can be added to /etc/init.d/rcS.local if
you wanted openvpn to start at boot.
Ralphy
*1*-Touch, *5*-Classics, *3*-Booms, *2*-UE Radio
'Squeezebox client builds'
(https://sourceforge.net/projects/lmsclients/files/) 'donations'
(https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=LL5P6365KQEXN&lc=CA&item_name=Squeezebox%20client%20builds¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted)
always appreciated.
------------------------------------------------------------------------
ralphy's Profile: http://forums.slimdevices.com/member.php?userid=3484
View this thread: http://forums.slimdevices.com/showthread.php?t=114055
_______________________________________________
Squeezecenter mailing list
[email protected]
http://lists.slimdevices.com/mailman/listinfo/squeezecenter
