From patchwork Wed Feb 16 02:57:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maximilian Fillinger X-Patchwork-Id: 2294 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.27.255.52]) by backend41.mail.ord1d.rsapps.net with LMTP id 6B0fCKYGDWJJMAAAqwncew (envelope-from ) for ; Wed, 16 Feb 2022 09:13:58 -0500 Received: from proxy15.mail.iad3a.rsapps.net ([172.27.255.52]) by director14.mail.ord1d.rsapps.net with LMTP id KKOWG6YGDWKCMAAAeJ7fFg (envelope-from ) for ; Wed, 16 Feb 2022 09:13:58 -0500 Received: from smtp8.gate.iad3a ([172.27.255.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy15.mail.iad3a.rsapps.net with LMTPS id sD3pFKYGDWJwNAAAHi9b9g (envelope-from ) for ; Wed, 16 Feb 2022 09:13:58 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp8.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (key not found in DNS) header.d=foxcrypto.com; dmarc=fail (p=none; dis=none) header.from=foxcrypto.com X-Suspicious-Flag: YES X-Classification-ID: adfed3ca-8f32-11ec-a5d0-525400b8fe03-1-1 Received: from [216.105.38.7] ([216.105.38.7:37046] helo=lists.sourceforge.net) by smtp8.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id F2/0F-12344-5A60D026; Wed, 16 Feb 2022 09:13:58 -0500 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nKL3S-0000Ca-Fn; Wed, 16 Feb 2022 14:13:13 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nKL3P-0000C6-CY for openvpn-devel@lists.sourceforge.net; Wed, 16 Feb 2022 14:13:09 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Date:Subject:CC:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=xRNgBfjF3ZOi3SaCxsOwx9ybFiFFFCtoOyGEB2y9l+I=; b=XTVzreDh1P9dUuBGvqkVL12i3e 5Dk5S3G5lpjW9F/ghiMNoCXReBasGws7P+gzTy9cO8ZnQwIw6o/Z7UtVdLpn8vlWmn8/nKTi38Vlj kQaVO/OZg0FnAdJKQ5lcy8bwWqe0PuqCVVjOKi+k0ApXHR42ho/VI2VP/Blg6VyzVPvo=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Date: Subject:CC:To:From:Sender:Reply-To:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=xRNgBfjF3ZOi3SaCxsOwx9ybFiFFFCtoOyGEB2y9l+I=; b=l vP/cOIzEFC7ErJiolFt7leXug1vINP8XXleFSwQeWO7FSbSmR7hYLywh5UBb6yl8N6x2NVrgoqGkQ oT9choyL1z3hJd3/xrjIUuD1e5bH8ft9sR5qyA2Aq84MY5i/UWUuvcIZKu5VpK2Re+E3+SmEmFg5J 8vYgRprow4MzUOmY=; Received: from [178.250.144.135] (helo=NL-DFT-MX-01.fox-it.com) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1nKL3I-003o8l-1r for openvpn-devel@lists.sourceforge.net; Wed, 16 Feb 2022 14:13:09 +0000 From: Max Fillinger To: Date: Wed, 16 Feb 2022 14:57:16 +0100 Message-ID: <20220216135716.6541-1-maximilian.fillinger@foxcrypto.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-ClientProxiedBy: FOXDFT1EX01.FOX.local (10.0.0.129) To FOXDFT1EX01.FOX.local (10.0.0.129) X-FE-Policy-ID: 13:3:2:SYSTEM DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=foxcrypto.com; s=NL-DFT-MX-01; c=relaxed/relaxed; h=from:to:cc:subject:date:message-id:mime-version:content-type; bh=xRNgBfjF3ZOi3SaCxsOwx9ybFiFFFCtoOyGEB2y9l+I=; b=QvTD8EHHhzMt70S0nL1BrgFW3YKOep/K4uP1HwF5BE3WYB9muQ6zA704uamQlGOm1xos9RSIUv4Y mRbm6bF6Nf/lg2aTWYBbvWs/QxiKbBpleufL2EH3+lrsNu6UAK8D9BD6LFzR3VGCfC1IOjlRctFl 4Vzb70BEFFxtqROCL2/bnz4yM5Dtft0bHX5MQIqCamrzW7uNiuAo2+rYd9avJee+kkEJMuUS/ZGB cWng661FfUxxMpu33CEYFkfALjci4dh9gVdUDFozJyz4PxPO3XYoujweEnRKxB4RoHLvopu3w8so kHqEAUo7lP2zLLfYlTYFQGXl8TCkhbfFANE2Lw== X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Max Fillinger --- README.mbedtls | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/README.mbedtls b/README.mbedtls index 4875822d..b5604bb8 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -11,6 +11,23 @@ This version depends on mbed TLS 2.0 (and requires at least 2. [...] Content analysis details: (1.5 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1nKL3I-003o8l-1r Subject: [Openvpn-devel] [PATCH] Add warning about mbed TLS licensing problem X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Signed-off-by: Max Fillinger --- README.mbedtls | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/README.mbedtls b/README.mbedtls index 4875822d..b5604bb8 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -11,6 +11,23 @@ This version depends on mbed TLS 2.0 (and requires at least 2.0.0). ************************************************************************* +Warning: + +As of version 2.17, mbed TLS can be licensed *only* under the Apache v2.0 +license. That license is incompatible with OpenVPN's GPLv2. + +If you wish to distribute OpenVPN linked with mbed TLS, there are two options: + + * Ensure that your case falls under the system library exception in GPLv2, or + + * Use an earlier version of mbed TLS. Version 2.16.12 is the last release + that may be licensed under GPLv2. Unfortunately, this version is + unsupported and won't receive any more updates. + +Support for mbed TLS is likely to be removed in OpenVPN 2.17. + +************************************************************************* + Due to limitations in the mbed TLS library, the following features are missing in the mbed TLS version of OpenVPN: