[Openvpn-devel,v2,04/20,OSSL,3.0] Remove DES check with OpenSSL 3.0

From: Arne Schwabe <arne@rfc2549.org>
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 19 Oct 2021 20:23:10 +0200
Message-Id: <20211019182332.613155-6-arne@rfc2549.org>
In-Reply-To: <20211019182332.613155-1-arne@rfc2549.org>
References: <20211019182332.613155-1-arne@rfc2549.org>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH v2 04/20] [OSSL 3.0] Remove DES check with
 OpenSSL 3.0
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Message ID	20211019182332.613155-6-arne@rfc2549.org
State	Superseded
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> From: Arne Schwabe <arne@rfc2549.org> To: openvpn-devel@lists.sourceforge.net Date: Tue, 19 Oct 2021 20:23:10 +0200 Message-Id: <20211019182332.613155-6-arne@rfc2549.org> In-Reply-To: <20211019182332.613155-1-arne@rfc2549.org> References: <20211019182332.613155-1-arne@rfc2549.org> MIME-Version: 1.0 preview: DES is very deprecated and accidently getting on the of the 16 insecure keys that OpenSSL checks is extremely unlikely so we no longer use the deprecated functions without replacement in OpenSSL 3.0. Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record Subject: [Openvpn-devel] [PATCH v2 04/20] [OSSL 3.0] Remove DES check with OpenSSL 3.0 Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	OpenSSL 3.0 improvements for OpenVPN \| expand [Openvpn-devel,v2,00/20] OpenSSL 3.0 improvements for OpenVPN [Openvpn-devel,v2,01/20,OSSL,3.0] Use new EVP_MAC API for HMAC implementation [Openvpn-devel,v2,02/20,OSSL,3.0] Add --with-openssl-engine autoconf option (auto\|yes\|no) [Openvpn-devel,v2,03/20,OSSL,3.0] Implement DES ECB encrypt via EVP_CIPHER api [Openvpn-devel,v2,04/20,OSSL,3.0] Remove DES check with OpenSSL 3.0 [Openvpn-devel,v2,05/20,OSSL,3.0] Use EVP_PKEY based API for loading DH keys [Openvpn-devel,v2,06/20,OSSL,3.0] Deprecate --ecdh-curve with OpenSSL 3.0 and adjust mbed TLS messa… [Openvpn-devel,v2,07/20,OSSL,3.0] Remove DES key fixup code [Openvpn-devel,v2,08/20,OSSL,3.0] Use EVP_PKEY_get_group_name to query group name [Openvpn-devel,v2,09/20] Refactor early initialisation and uninitialisation into methods [Openvpn-devel,v2,10/20,OSSL,3.0] Replace EVP_get_cipherbyname with EVP_CIPHER_fetch [Openvpn-devel,v2,11/20,OSSL,3.0] USe EVP_MD_get0_name instead EV_MD_name [Openvpn-devel,v2,12/16,OSSL,3.0] Remove dependency on BF-CBC existance from test_ncp [Openvpn-devel,v2,13/16] Add message when decoding PKCS12 file fails. [Openvpn-devel,v2,14/16] Add small unit test for testing HMAC [Openvpn-devel,v2,15/16] Fix error when BF-CBC is not available [Openvpn-devel,v2,16/16] Add insecure tls-cert-profile options [Openvpn-devel,v2,17/20] Add small unit test for testing HMAC [Openvpn-devel,v2,18/20] Fix error when BF-CBC is not available [Openvpn-devel,v2,19/20] Add insecure tls-cert-profile options [Openvpn-devel,v2,20/20] Add macos OpenSSL 3.0 and ASAN builds

[Openvpn-devel,v2,04/20,OSSL,3.0] Remove DES check with OpenSSL 3.0

Commit Message

Patch