From patchwork Thu Dec 4 12:42:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4654 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:6c3:b0:7b1:439f:bdf with SMTP id j3csp9243054maw; Thu, 4 Dec 2025 04:42:39 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCWHk7m66sK3HFiDNXk7tf3wmLkrOjZB3cvkc6NTVqNI9Lw1VS7//ZbOg4CbAAAV4UCpNdjt3TLbHYs=@openvpn.net X-Google-Smtp-Source: AGHT+IGqvjFHHXq8Ijv9vKNPgLmCIyOOly2Xt1ffpbpS42ZOluJJh19ERoP/QChTE4mRJEF83zQB X-Received: by 2002:a05:6808:6f87:b0:450:bab2:4ae9 with SMTP id 5614622812f47-45379dad181mr1432589b6e.36.1764852159643; Thu, 04 Dec 2025 04:42:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1764852159; cv=none; d=google.com; s=arc-20240605; b=BSUNkQh1MnUpusNOPB+JFeVzgWvQBheVk3lP0o8pSQ/fuCAO5mTyfKGhS4Z6cI2JDj ah6ABa/x2hldNWWYt0mB0cigXKi4huwjgcGSjicqSP8WkftvTRkX6z/n/b5yssMF4oAv k8tvIpRexAyPKzKWXsAkd6ScvPasP+tgBOMQgZOibQAJ5UHR7O6n0Mok4e6cT/H57zAa HUD+1Hq7i2MeGNItpCgN8KwF2uWxssIj9kcraPywTPT9FqEJMK2/DfUo+RdOvZKxPXvL OZhKfqntc1hCHViePCYygOWjQhg0qaCfo90YMBursjY3Rawu3CR4ESH+U8zLrOe6kake EcdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=ittefqk2xVNSyzIZ4ERb0oOp+3M2udedz0XJtTSWI2M=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=YopRrxGRPA03tZkrRGK+Y+6Ra/AzZbIprmDwEr2TsaX5ffqDUbriuyYczaneTX/bB5 E6mNI9ISXFb3aj1zaVmFtQp9f4OtjufRJPk00PLqDRMN0RwCHEPznvjHAw9kFfraJuho eFB1oQpyfSZMkzQQN0DCTR7GfyJoZXYJK4pmatBvN6ydLyEGW50uHVNeRIQNsJyWkQoX oU5oel+olm052J7ujAHfWS40n59tI4RbHnQarAY0TID0quX9JxntNqZq4Oulir5zhIJn wxC+EDtKqrBXX1eDM+j+F6q9dH3ZD+T7CG0Y26vYxMS/LWdpd+5nbVkY+/ArWI1WOOZc NwKA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=ffYLmPCY; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="Wq/Chy5v"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=gq1cFviS; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-4537f8d96a5si863741b6e.27.2025.12.04.04.42.39 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 04 Dec 2025 04:42:39 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=ffYLmPCY; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="Wq/Chy5v"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=gq1cFviS; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ittefqk2xVNSyzIZ4ERb0oOp+3M2udedz0XJtTSWI2M=; b=ffYLmPCYVkzn/JrQxaD2y6p/7y TYssAYKrhMjfszpekp/tbHxBTjqlrlh9zs3mZY4t+oxhi+iLjfMwAWIMC7ME40O05LdhGMiXzaGxX Le+J9I2cMclv+N+UBPYVDEdFUDAPNZnekKWcijmISVhMQ7Yg+L0584th8B8qtl2t30ec=; Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vR8fM-0007rC-9R; Thu, 04 Dec 2025 12:42:37 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vR8fK-0007qx-Oi for openvpn-devel@lists.sourceforge.net; Thu, 04 Dec 2025 12:42:35 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=4N0GJynHedx+Z8BMlimqa/efF1ng2G6HPZm1lGh4YvY=; b=Wq/Chy5veQa3RfNgP+bfLdUQUE l8+WATJ4YRrN9hppFJs9IXR4qo35zC20hrcuJDT0QrQqYzZxFqjGhniGnYClw2NwUyFmzJeonFcl9 z6xfXeIdZ6xq/mf36OPlAfw7GCjqBTwplc5bkmRnGgi1YrVVOgRjMthU91O5iW/MaZLo=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=4N0GJynHedx+Z8BMlimqa/efF1ng2G6HPZm1lGh4YvY=; b=gq1cFviSDCIcD+R0SZxP04gA9Z wELSK0pAdlQ09B9YXZTx2Ov050CdfAppTaCzgm7YfRdIHZQbYSR9OzhJ+I9eLiW/90Dm5PtSrs49k LoN6ojBwDDnfAYJO+eBg6vSB1pu9sdI6DT7u3Ud1SWeHMMOGFXiWN5XNZs0KoZ98ScmQ=; Received: from [193.149.48.134] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vR8fK-0005jO-9u for openvpn-devel@lists.sourceforge.net; Thu, 04 Dec 2025 12:42:35 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 5B4CgMrW015221 for ; Thu, 4 Dec 2025 13:42:22 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 5B4CgMLl015220 for openvpn-devel@lists.sourceforge.net; Thu, 4 Dec 2025 13:42:22 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Thu, 4 Dec 2025 13:42:16 +0100 Message-ID: <20251204124221.15206-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.51.2 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Arne Schwabe Change-Id: I4f9a6baf2bdb45e5b79bf13c9f6fce3b7a2e982c Signed-off-by: Arne Schwabe Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1416 [...] Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vR8fK-0005jO-9u Subject: [Openvpn-devel] [PATCH v1] Add a section about wolfSSL GPLv3 and point out missing TLS PRF support X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1850581618225071801?= X-GMAIL-MSGID: =?utf-8?q?1850581618225071801?= From: Arne Schwabe Change-Id: I4f9a6baf2bdb45e5b79bf13c9f6fce3b7a2e982c Signed-off-by: Arne Schwabe Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1416 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1416 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/README.wolfssl b/README.wolfssl index 3918d0f..3e531ae 100644 --- a/README.wolfssl +++ b/README.wolfssl @@ -28,7 +28,17 @@ * blowfish support (BF-CBC), you must use something like cipher AES-128-CBC to avoid trying to use BF-CBC * Windows CryptoAPI support + * No TLS1.0 PRF support (No compaitbility with OpenVPN 2.5 or older or + other build that do not support TLS EKM) + +************************************************************************* +Newer wolfSSL versions (5.8.2 and newer) are GPLv3 licensed and this license is not +compatible with OpenVPN's GPLv2 license. + +However wolfSSL Inc has granted an exception to combine the wolfSSL library +with OpenVPN and OpenVPN-NL (https://github.com/wolfSSL/wolfssl/blob/master/LICENSING) +with version 5.8.4 and later. ************************************************************************* To build WolfSSL with post-quantum KEMs built in, the following command is used: