From patchwork Wed Feb 16 03:04:57 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maximilian Fillinger X-Patchwork-Id: 2295 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.31.255.6]) by backend41.mail.ord1d.rsapps.net with LMTP id uOE6IWsIDWIjPQAAqwncew (envelope-from ) for ; Wed, 16 Feb 2022 09:21:31 -0500 Received: from proxy4.mail.iad3b.rsapps.net ([172.31.255.6]) by director9.mail.ord1d.rsapps.net with LMTP id UCfEN2sIDWJ7ZQAAalYnBA (envelope-from ) for ; Wed, 16 Feb 2022 09:21:31 -0500 Received: from smtp25.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy4.mail.iad3b.rsapps.net with LMTPS id sAp8MmsIDWK9JAAA9crAow (envelope-from ) for ; Wed, 16 Feb 2022 09:21:31 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp25.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (key not found in DNS) header.d=foxcrypto.com; dmarc=fail (p=none; dis=none) header.from=foxcrypto.com X-Suspicious-Flag: YES X-Classification-ID: bc4b68e8-8f33-11ec-be4f-52540030a522-1-1 Received: from [216.105.38.7] ([216.105.38.7:60484] helo=lists.sourceforge.net) by smtp25.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 08/78-17465-B680D026; Wed, 16 Feb 2022 09:21:31 -0500 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nKLAa-0001MZ-Fh; Wed, 16 Feb 2022 14:20:35 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nKLAY-0001MH-P2 for openvpn-devel@lists.sourceforge.net; Wed, 16 Feb 2022 14:20:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Date:Subject:CC:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=vSPI/QQg1qgoNReVjAyWqj87LXk0UHqmPdQUzBZ5H8g=; b=lVgXd5OzvZt9cppJhJgF1KxFEc bf1QTtJrm18MRWsVdyvSF8riQri7usBnPB+1Nks7Y6Lil+oi4RgytdB/8aeRX4gRULz4Q6FOAiP84 HHI0m4/XsHrypdktmYHsw0ITeVOFvZzEPdwwpUodKN4eJW8iOrvtUbljdpJTD0uCMDUs=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Date: Subject:CC:To:From:Sender:Reply-To:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=vSPI/QQg1qgoNReVjAyWqj87LXk0UHqmPdQUzBZ5H8g=; b=B NuifsnxQ8qp1fVQIK8QbHp6Y9opAxhMHfDYToWVWKDd3lTDigrRDSZiRrb2FKoMDX/k4JmNf1gT0p Bohvps/a+1OMPm1DoBOZXCL4ckcybnekwIsfjQqQxUOGqS/gR4x20Qi/06MPH5NliKNQo93H6BxWz jlLYVuN+Sdyjxxz8=; Received: from nl-dft-mx-01.fox-it.com ([178.250.144.135]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1nKLAR-0003hV-8E for openvpn-devel@lists.sourceforge.net; Wed, 16 Feb 2022 14:20:33 +0000 From: Max Fillinger To: Date: Wed, 16 Feb 2022 15:04:57 +0100 Message-ID: <20220216140457.6651-1-maximilian.fillinger@foxcrypto.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-ClientProxiedBy: FOXDFT1EX01.FOX.local (10.0.0.129) To FOXDFT1EX01.FOX.local (10.0.0.129) X-FE-Policy-ID: 13:3:2:SYSTEM DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=foxcrypto.com; s=NL-DFT-MX-01; c=relaxed/relaxed; h=from:to:cc:subject:date:message-id:mime-version:content-type; bh=vSPI/QQg1qgoNReVjAyWqj87LXk0UHqmPdQUzBZ5H8g=; b=iJobuBioMI/Lusi2QVAUVuYgCcYActW94jvjIqYt7kizs6Tx5B16RO+uURu+jH/2StfJ8cpgOZkB IZZZWxneQppB4gKPRecF4rUox6iCuASmqLoCVvmtoGYjRzkjFtgMTGwoQf6lLDIoOCJHFx+W0rjq /2vH0MEcSzCcjd6HnKxVlHQuTLasHiwJe8kaCLNqphFduHscauXYKLaBeD48m1PD7NhAbAKdb7AM WKMlODseVpWgjniwQXKNLoS9QEhsQrHfRAcsTGQ8mUKhkFc3xIpCzSMi1Fdlehy6annuY7RX/q8F MquDvVzG0zwFoekPh+mXwQ1RtOG1XM9+cjGTSg== X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Max Fillinger --- README.mbedtls | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/README.mbedtls b/README.mbedtls index 4875822d..062ae470 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -11,6 +11,23 @@ This version depends on mbed TLS 2.0 (and requires at least 2. [...] Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid X-Headers-End: 1nKLAR-0003hV-8E Subject: [Openvpn-devel] [Patch v2] Add warning about mbed TLS licensing problem X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Signed-off-by: Max Fillinger --- README.mbedtls | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/README.mbedtls b/README.mbedtls index 4875822d..062ae470 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -11,6 +11,23 @@ This version depends on mbed TLS 2.0 (and requires at least 2.0.0). ************************************************************************* +Warning: + +As of version 2.17, mbed TLS can be licensed *only* under the Apache v2.0 +license. That license is incompatible with OpenVPN's GPLv2. + +If you wish to distribute OpenVPN linked with mbed TLS, there are two options: + + * Ensure that your case falls under the system library exception in GPLv2, or + + * Use an earlier version of mbed TLS. Version 2.16.12 is the last release + that may be licensed under GPLv2. Unfortunately, this version is + unsupported and won't receive any more updates. + +Support for mbed TLS is likely to be removed in OpenVPN 2.7. + +************************************************************************* + Due to limitations in the mbed TLS library, the following features are missing in the mbed TLS version of OpenVPN: