ralphy wrote: > I've been investigating adding SSL support to the community firmware and > have built two versions of openvpn for the touch using mbedtls and > openssl. > > Unfortunately, mbedtls doesn't support many ciphers or digests, nor TLS > 1.3. Which is too bad as it's much lighter than openssl. I had already > built openvpn with it before I realized those limitations. > > The touch can handle moderate traffic with openvpn-openssl without > taxing the CPU. Here's a few top snapshots playing 16bit, 44.1Khz ALAC > files over a remote DSL connection. I choose ALAC instead of FLAC since > jive uses more CPU decoding ALAC. I didn't try any higher resolution > files. > > ALAC Track start. > > Code: -------------------- > > > PID PPID USER STAT VSZ %MEM %CPU COMMAND > 12253 1 root R 5660 4% 25% /media/sda1/openvpn-openssl --config /media/sda1/touch.ovpn --daemon > 16819 1 root S 28968 23% 17% /usr/bin/jive > 16828 16819 root S 8528 7% 4% jive_alsa -v -d default -c default -b 20000 -p 2 -s 24 -f 1 > 16827 16819 root S 8608 7% 3% jive_alsa -v -d plughw:2,0 -b 20000 -p 2 -s 16 -f 2 > -------------------- > > > > Plackback after 1 minute. > > Code: -------------------- > > > PID PPID USER STAT VSZ %MEM %CPU COMMAND > 12253 1 root S 5660 4% 6% /media/sda1/openvpn-openssl --config /media/sda1/touch.ovpn --daemon > 16819 1 root R 29100 23% 14% /usr/bin/jive > 16828 16819 root S 8528 7% 3% jive_alsa -v -d default -c default -b 20000 -p 2 -s 24 -f 1 > 16827 16819 root S 8608 7% 4% jive_alsa -v -d plughw:2,0 -b 20000 -p 2 -s 16 -f 2 > -------------------- > > > > Playback after 3 minutes. > > Code: -------------------- > > > PID PPID USER STAT VSZ %MEM %CPU COMMAND > 12253 1 root R 5660 4% 9% /media/sda1/openvpn-openssl --config /media/sda1/touch.ovpn --daemon > 16819 1 root S 29100 23% 20% /usr/bin/jive > 16828 16819 root S 8528 7% 4% jive_alsa -v -d default -c default -b 20000 -p 2 -s 24 -f 1 > 16827 16819 root S 8608 7% 4% jive_alsa -v -d plughw:2,0 -b 20000 -p 2 -s 16 -f 2 > -------------------- > > > > 5 seconds before the Next ALAC Track start. > > Code: -------------------- > > > PID PPID USER STAT VSZ %MEM %CPU COMMAND > 12253 1 root R 5660 4% 30% /media/sda1/openvpn-openssl --config /media/sda1/touch.ovpn --daemon > 16819 1 root S 29232 23% 20% /usr/bin/jive > 16828 16819 root S 8528 7% 5% jive_alsa -v -d default -c default -b 20000 -p 2 -s 24 -f 1 > 16827 16819 root S 8608 7% 5% jive_alsa -v -d plughw:2,0 -b 20000 -p 2 -s 16 -f 2 > -------------------- > > > > Both openvpn versions and the kernel tun.ko driver are 'available on > sourceforge' > (https://sourceforge.net/projects/lmsclients/files/squeezeos/fab4-openvpn-2.4.10.tar.gz/download). > This is only for the Touch it won't run on the Radio or Controller. > > You need to load the tun kernel driver using *insmod tun.ko* before > running openssl or the commands can be added to /etc/init.d/rcS.local > if you wanted openvpn to start at boot.
I have the latest custom firmware on touch, i downloaded fab4-openvpn-2.4.10.tar.gz, i can ssh into touch and modify /etc/init.d/rcS.local, but in which folder would i put the fab4-openvpn-2.4.10.tar.gz, do i need to unzip it first? And where would i put the .openvpn, and do i need to put the ca , key or crt or anything else in some specific folder? And where do i put the user and password. I know, a lot of questions but I hope i can get the answers here, i really would like to try this:-) some hints, please? and maybe i can find out the rest via google... Thanks, regards Pommes The Earth Has Music For Those Who Listen ------------------------------------------------------------------------ Pommes's Profile: http://forums.slimdevices.com/member.php?userid=67682 View this thread: http://forums.slimdevices.com/showthread.php?t=114055 _______________________________________________ Squeezecenter mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/squeezecenter
