From patchwork Fri Nov 11 10:20:31 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kristof Provost <kprovost@netgate.com>
X-Patchwork-Id: 2846
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director12.mail.ord1d.rsapps.net ([172.30.191.6])
	by backend30.mail.ord1d.rsapps.net with LMTP
	id QF7eNzwpbmNCOwAAIUCqbw
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Fri, 11 Nov 2022 05:51:40 -0500
Received: from proxy13.mail.ord1d.rsapps.net ([172.30.191.6])
	by director12.mail.ord1d.rsapps.net with LMTP
	id GN3DNzwpbmPXXQAAIasKDg
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Fri, 11 Nov 2022 05:51:40 -0500
Received: from smtp5.gate.ord1d ([172.30.191.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy13.mail.ord1d.rsapps.net with LMTPS
	id EB2CNzwpbmMKJAAAgjf6aA
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Fri, 11 Nov 2022 05:51:40 -0500
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp5.gate.ord1d.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net;
 dkim=fail (signature verification failed) header.d=netgate.com;
 dmarc=pass (p=none; dis=none) header.from=lists.sourceforge.net
X-Suspicious-Flag: YES
X-Classification-ID: d25cdfec-61ae-11ed-a537-525400d73c44-1-1
Received: from [216.105.38.7] ([216.105.38.7:59450]
 helo=lists.sourceforge.net)
	by smtp5.gate.ord1d.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id 4D/43-29857-C392E636; Fri, 11 Nov 2022 05:51:40 -0500
Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com)
	by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1otRcc-0003gy-OC;
	Fri, 11 Nov 2022 10:50:54 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <kprovost@netgate.com>) id 1otRca-0003gi-RW
 for openvpn-devel@lists.sourceforge.net;
 Fri, 11 Nov 2022 10:50:52 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=0u2ofRwf7jeNRIauRtQftPfDyFxM0m5vUaYKRTIH1Ug=; b=OMrlGZGTFaJWy29UDGueMir99Z
 3GHwS0+ciV3lOflhKQDSGYEZ26GbdaQhm30z4lSy9OlIopjBOJ1xCumaclC3trH7HNh9P+5X1Z8Ub
 cSRtkYqMPEKiRNa4mNhAwNNE97lsOvajdQV65Cluoa3pjoE6mibxOnVaDrAhT81mmk3k=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id:
 Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=0u2ofRwf7jeNRIauRtQftPfDyFxM0m5vUaYKRTIH1Ug=; b=GSIM9R5fXe//3Dx0/pbl1yeAiD
 GwM2e8evb91Nai2Xd439v3bfZnuUIJt05VvRCIRKdGc4dHCapsYjjvke8YaFCixXKSytoQF9IpYcN
 EVbwKdedvBpFBbOx/i2i6dHEMP0qgNcMcIst0zyGdB0zRYHFyHTYuGmLsVqrrrFPl0IE=;
Received: from mail-ej1-f41.google.com ([209.85.218.41])
 by sfi-mx-1.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
 id 1otRca-004HIQ-9E for openvpn-devel@lists.sourceforge.net;
 Fri, 11 Nov 2022 10:50:52 +0000
Received: by mail-ej1-f41.google.com with SMTP id m22so11658793eji.10
 for <openvpn-devel@lists.sourceforge.net>;
 Fri, 11 Nov 2022 02:50:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netgate.com; s=google;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
 :reply-to; bh=0u2ofRwf7jeNRIauRtQftPfDyFxM0m5vUaYKRTIH1Ug=;
 b=TPI3FOV6N33dR5afMqrnHR0ZKR3R/hzQ3aD8OYKqr6Odrke3ZrTl3syhizfhXEG3Tx
 ntJKpVBvXUbQypi6WxYAafRC9qsTMGcNAG5wulsTwLhgyJT+YiSIEN/ZTt2+xCursWJF
 T5TAetPWHgemd8oVSqhsrxyYWamoASebhyc78=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=0u2ofRwf7jeNRIauRtQftPfDyFxM0m5vUaYKRTIH1Ug=;
 b=7pRbcFslU5T7ny3SljUId87mD+mJq3RJOV9PgJ2HvSbDGqY1O75QqQwITEXPTPS0V2
 LyEXUoxsgNlLSdjrzZMFP8RKQXkG2UhfSRcMLTGJKToVlVrwyC0Zm0LPtvPG71vPm1hV
 pdb1RA+t3TMekLotb9yplaJfd4qCLMqB97ouRrEv58pHhj6jppXPz9A97q4e2v/RvTZB
 15iBbiXCn6dQr6EjcjyQtO8koWY1iQyKYKVX0GxaL8WlkshyrTX6AMmKSzpujvDbclxm
 3HAYvtFcqGyp2416mdLVgxTWlvar0yhRzaxU7J169LpLk2FlB8H/wXFELAKWYJ6JsCmy
 43lA==
X-Gm-Message-State: ANoB5pk9a6UNaCT9MaNf0R1d4iLDVAYoWP1El5xPEr5qhSAmHeuTl02y
 JPZlKvGNcjfOWsRNwiuAP7gLWdPBCn+Iiw==
X-Google-Smtp-Source: 
 AA0mqf7a2WycOdi7DDDRzcU4c4tY0enycNAXMpNJklaAn+dc56o7HcGkqhKlVTeioqPzODDrVvsLTw==
X-Received: by 2002:a50:9512:0:b0:457:1323:1b7e with SMTP id
 u18-20020a509512000000b0045713231b7emr822265eda.311.1668162036415;
 Fri, 11 Nov 2022 02:20:36 -0800 (PST)
Received: from nut.jupiter.sigsegv.be
 (ptr-8rfalzsse26o3oo9imw.18120a2.ip6.access.telenet.be.
 [2a02:1811:2402:bf00:f602:70ff:feae:6e98])
 by smtp.googlemail.com with ESMTPSA id
 sg43-20020a170907a42b00b0078db5bddd9csm738499ejc.22.2022.11.11.02.20.35
 for <openvpn-devel@lists.sourceforge.net>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 11 Nov 2022 02:20:36 -0800 (PST)
To: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Date: Fri, 11 Nov 2022 11:20:31 +0100
Message-Id: <20221111102031.8402-2-kprovost@netgate.com>
X-Mailer: git-send-email 2.38.1
In-Reply-To: <20221111102031.8402-1-kprovost@netgate.com>
References: <20221111102031.8402-1-kprovost@netgate.com>
MIME-Version: 1.0
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-2.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: From: Kristof Provost <kp@FreeBSD.org> As of
 2c58d0cb3bb3e3a5b714ffac940500efbe5303ca
 FreeBSD also allows AES-192-GCM in DCO. Announce this support. Signed-off-by:
 Kristof Provost <kprovost@netgate.com> --- src/openvpn/dco_freebsd.c | 2
 +- 1 file changed, 1 insertion(+), 1 deletion(-)
 Content analysis details:   (-0.2 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.218.41 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [209.85.218.41 listed in wl.mailspike.net]
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
X-Headers-End: 1otRca-004HIQ-9E
Subject: [Openvpn-devel] [PATCH] FreeBSD DCO: support AES-192-GCM
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
X-Patchwork-Original-From: Kristof Provost via Openvpn-devel
 <openvpn-devel@lists.sourceforge.net>
From: Kristof Provost <kprovost@netgate.com>
Reply-To: Kristof Provost <kprovost@netgate.com>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

From: Kristof Provost <kp@FreeBSD.org>

As of 2c58d0cb3bb3e3a5b714ffac940500efbe5303ca FreeBSD also allows
AES-192-GCM in DCO. Announce this support.

Signed-off-by: Kristof Provost <kprovost@netgate.com>
Acked-By: Arne Schwabe <arne@rfc2549.org>
---
 src/openvpn/dco_freebsd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c
index c8361028..8e5ee436 100644
--- a/src/openvpn/dco_freebsd.c
+++ b/src/openvpn/dco_freebsd.c
@@ -667,7 +667,7 @@ dco_event_set(dco_context_t *dco, struct event_set *es, void *arg)
 const char *
 dco_get_supported_ciphers()
 {
-    return "none:AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305";
+    return "none:AES-256-GCM:AES-192-GCM:AES-128-GCM:CHACHA20-POLY1305";
 }
 
 #endif /* defined(ENABLE_DCO) && defined(TARGET_FREEBSD) */