From patchwork Fri Dec 8 01:07:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steffan Karger X-Patchwork-Id: 150 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director6.mail.ord1d.rsapps.net ([172.28.255.1]) by backend31.mail.ord1d.rsapps.net (Dovecot) with LMTP id POwSEg6BKlrGPgAAgoeIoA for ; Fri, 08 Dec 2017 07:09:50 -0500 Received: from proxy2.mail.ord1c.rsapps.net ([172.28.255.1]) by director6.mail.ord1d.rsapps.net (Dovecot) with LMTP id reFzDA6BKlqlIgAAhgvE6Q ; Fri, 08 Dec 2017 07:09:50 -0500 Received: from smtp54.gate.ord1a ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy2.mail.ord1c.rsapps.net (Dovecot) with LMTP id 3u0RAA6BKlpwVgAA311kuQ ; Fri, 08 Dec 2017 07:09:50 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.34.181.88] Authentication-Results: smtp54.gate.ord1a.rsapps.net; iprev=pass policy.iprev="216.34.181.88"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=fox-it.com X-Classification-ID: 90ab6ede-dc10-11e7-a53e-842b2b414110-1-1 Received: from [216.34.181.88] ([216.34.181.88:54752] helo=lists.sourceforge.net) by smtp54.gate.ord1a.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 9C/BC-04321-8D08A2A5; Fri, 08 Dec 2017 07:08:56 -0500 Received: from localhost ([127.0.0.1] helo=sfs-ml-4.v29.ch3.sourceforge.com) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.89) (envelope-from ) id 1eNHRx-0007BB-2E; Fri, 08 Dec 2017 12:08:17 +0000 Received: from sfi-mx-1.v28.ch3.sourceforge.com ([172.29.28.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1eNHRv-0007Aw-BP for openvpn-devel@lists.sourceforge.net; Fri, 08 Dec 2017 12:08:15 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:MIME-Version:Message-ID:Date:Subject: To:From:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=UYIIyRuVUIO0F77arFEg8cA7OCUgYhz0b+nz3oJoLQc=; b=MO5a6Pi5yFemkM4E83lNz/S2lx uC/5zjXW9fKls/jI7kR04NRIi/Lx/a7KwGAzEs8xNhPpHP2D50sjcR0FqJV+atAJAaSQzzI9dsRd9 ZzY8hMJXjwPMa+/C5pv6xwm5lyR6r8anM5i2zUZuiy6pMvop9gmJY6Mq5irCRc17NuTo=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:MIME-Version:Message-ID:Date:Subject:To:From:Sender:Reply-To :Cc:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=UYIIyRuVUIO0F77arFEg8cA7OCUgYhz0b+nz3oJoLQc=; b=K tt98INrknNfzalyL88EnxgOr//GKlyVVig8iu8/DvaexJDncvPLLaYHuIzRpmEb1GhBPoOKevvfvU puNI2nJ7WNHjb7t2WQFAYmeRBnRHzBrgUXVOutLFimZfM/g6fP6BWlqCBhNDbStKXaOdw9veQqRUw CZSH82pok/TlFNzE=; Received: from ns2.fox-it.com ([178.250.144.131]) by sfi-mx-1.v28.ch3.sourceforge.com with esmtps (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.89) id 1eNHRs-0005Ca-MM for openvpn-devel@lists.sourceforge.net; Fri, 08 Dec 2017 12:08:15 +0000 Received: from FOXDFT52.FOX.local (unknown [10.0.0.129]) by ns2.fox-it.com (Postfix) with ESMTPS id 583761C5236 for ; Fri, 8 Dec 2017 13:08:06 +0100 (CET) Received: from steffan-fox.fox.local (172.16.5.166) by FOXDFT52.FOX.local (10.0.0.129) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Fri, 8 Dec 2017 13:08:06 +0100 From: Steffan Karger To: Date: Fri, 8 Dec 2017 13:07:40 +0100 Message-ID: <1512734870-17133-1-git-send-email-steffan.karger@fox-it.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 X-ClientProxiedBy: FOXDFT52.FOX.local (10.0.0.129) To FOXDFT52.FOX.local (10.0.0.129) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1eNHRs-0005Ca-MM Subject: [Openvpn-devel] [PATCH 00/10] Client-specific tls-crypt keys (--tls-crypt-v2) X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Hi, The following patch set adds support for client-specific tls-crypt keys. For a rationale, description and specification see patch 2/10, which adds all that to doc/tls-crypt-v2.txt. This set is also available as a branch in my github fork: https://github.com/syzzer/openvpn/tree/tls-crypt-v2-preview4 -Steffan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot