From patchwork Thu Feb 17 03:27:56 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maximilian Fillinger X-Patchwork-Id: 2299 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.28.255.1]) by backend41.mail.ord1d.rsapps.net with LMTP id 4GTLML1bDmKSagAAqwncew (envelope-from ) for ; Thu, 17 Feb 2022 09:29:17 -0500 Received: from proxy4.mail.ord1c.rsapps.net ([172.28.255.1]) by director14.mail.ord1d.rsapps.net with LMTP id SHmNC75bDmLKSQAAeJ7fFg (envelope-from ) for ; Thu, 17 Feb 2022 09:29:18 -0500 Received: from smtp27.gate.ord1c ([172.28.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy4.mail.ord1c.rsapps.net with LMTPS id WKvKBL1bDmKOSAAAjcXvpA (envelope-from ) for ; Thu, 17 Feb 2022 09:29:17 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp27.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (key not found in DNS) header.d=foxcrypto.com; dmarc=fail (p=none; dis=none) header.from=foxcrypto.com X-Suspicious-Flag: YES X-Classification-ID: fce57388-8ffd-11ec-9e95-b8ca3a655ab8-1-1 Received: from [216.105.38.7] ([216.105.38.7:54896] helo=lists.sourceforge.net) by smtp27.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id F2/CD-23229-DBB5E026; Thu, 17 Feb 2022 09:29:18 -0500 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nKhlo-00050y-Du; Thu, 17 Feb 2022 14:28:31 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nKhln-00050s-4A for openvpn-devel@lists.sourceforge.net; Thu, 17 Feb 2022 14:28:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Date:Subject:CC:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=xDTwqoCyUuAm26ipbXr+rHRdRzBq4eZdYjkmay/e/2I=; b=M9lqD2KTRucN+ziIya29j58lQy /ztLaU35lr25GlagGpzRtbNFVWm8gDg8IUh1q25LkdzGPp+xtAGJvzsjy+ddekM66CUyhwQU6BtB+ wIXB91SRGsnyC2MAhA3Eahh/86LPHTlNsiDVJgh1/XRBYTO7IhI662i8xKkKRcy/TbeI=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Date: Subject:CC:To:From:Sender:Reply-To:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=xDTwqoCyUuAm26ipbXr+rHRdRzBq4eZdYjkmay/e/2I=; b=g n+2wkXKSYtHAvMxiCvL6cfqnNlzt0p0J+umkoJ2Mme963ADb1PCeoHTY1jcDeVGK+o2dn3n7svejh 0Wty7h1t9LBNCAdte+xivd2bc0muJpHYMWclDTwwilhbY3nirFV/A4dmIH1nlFDKrLu3R1ait0Yiy gxuMZ6mGEqtEszV8=; Received: from nl-dft-mx-01.fox-it.com ([178.250.144.135]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1nKhlc-004qal-PB for openvpn-devel@lists.sourceforge.net; Thu, 17 Feb 2022 14:28:29 +0000 From: Max Fillinger To: Date: Thu, 17 Feb 2022 15:27:56 +0100 Message-ID: <20220217142756.6581-1-maximilian.fillinger@foxcrypto.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-ClientProxiedBy: FOXDFT1EX01.FOX.local (10.0.0.129) To FOXDFT1EX01.FOX.local (10.0.0.129) X-FE-Policy-ID: 13:3:2:SYSTEM DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=foxcrypto.com; s=NL-DFT-MX-01; c=relaxed/relaxed; h=from:to:cc:subject:date:message-id:mime-version:content-type; bh=xDTwqoCyUuAm26ipbXr+rHRdRzBq4eZdYjkmay/e/2I=; b=zTe0ecaOQraaEmg6LmK8lrcZ87azbnj+/OXP+DXeKKIvH9ICT76f6XMrwF5ZgAA4zDoBjOgsd/qI cQv02G2VvyKwHT67LLhEimGZ0LgJRLIQQA3JksInhIS3NQXYLOfXppJHDbDBMQtKG+vNcrzYxtDg KlFPp7uzaPXT/Qxb5oG49E3LJckmzD9zCe+WIMZ6QDpHlnDCWIPQ5/e+uSXIuWnmviLbFDJ1xM4H 8Ja0P2md/4BypymFpylf2Zsl29zMie4PbwSmJ8YKggD9Ymlsk+McZdooOQjglJjAI5xdJQH5VHuu GTOYUh8vrePlrg+J+mewub9ljgge9j4eXTu/Hg== X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Max Fillinger --- README.mbedtls | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/README.mbedtls b/README.mbedtls index 4875822d..d3466fa9 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -11,6 +11,24 @@ This version depends on mbed TLS 2.0 (and requires at least 2. [...] Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid X-Headers-End: 1nKhlc-004qal-PB Subject: [Openvpn-devel] [PATCH v3] Add warning about mbed TLS licensing problem X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Signed-off-by: Max Fillinger Acked-by: Gert Doering --- README.mbedtls | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/README.mbedtls b/README.mbedtls index 4875822d..d3466fa9 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -11,6 +11,24 @@ This version depends on mbed TLS 2.0 (and requires at least 2.0.0). ************************************************************************* +Warning: + +As of mbed TLS 2.17, it can be licensed *only* under the Apache v2.0 license. +That license is incompatible with OpenVPN's GPLv2. + +If you wish to distribute OpenVPN linked with mbed TLS, there are two options: + + * Ensure that your case falls under the system library exception in GPLv2, or + + * Use an earlier version of mbed TLS. Version 2.16.12 is the last release + that may be licensed under GPLv2. Unfortunately, this version is + unsupported and won't receive any more updates. + +If nothing changes about the license situation, mbed TLS support may be +deprecated in a future release of OpenVPN. + +************************************************************************* + Due to limitations in the mbed TLS library, the following features are missing in the mbed TLS version of OpenVPN: