openvpn

upstream/openvpn

Fork 0

mirror of https://github.com/OpenVPN/openvpn.git synced 2026-04-28 01:29:01 -04:00

Commit graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Gert Doering	2d73540316	Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file Since commit `bd9aa06feb` (Jan 2015) OpenVPN has allowed to use '--dh none' to disable traditional Diffie Hellman, since more secure ECDH algorithms are available that do not use explicit DH parameters. If configured with a suffiently high securelevel (3+), or if running in FIPS mode, OpenSSL 3.5 will refuse 2048 bit DH files, making our tests fail. Thus, remove all the DH2048 stuff from our sample configs. Github: triggered by OpenVPN/openvpn#819 Change-Id: If66438662bd862a195b2a69c4fa45f63838982b7 Signed-off-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20250820175459.11227-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32632.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2025-08-20 23:11:33 +02:00
David Sommerseth	79a111c7e1	sample-plugin: New plugin for testing multiple auth plugins This plugin allows setting username/passwords as well as configure deferred authentication behaviour as part of the runtime initialization. With this plug-in it is easier to test various scenarios where multiple authentication plug-ins are active on the server side. A test documentation was also added to describe various test cases and the expected results. Signed-off-by: David Sommerseth <davids@openvpn.net> Acked-by: Antonio Quartulli <antonio@openvpn.net> Message-Id: <20220313193154.9350-2-openvpn@sf.lists.topphemmelig.net> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23932.html Signed-off-by: Gert Doering <gert@greenie.muc.de>	2022-03-15 16:29:22 +01:00

Gert Doering

2d73540316

Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file

Since commit bd9aa06feb (Jan 2015) OpenVPN has allowed to use
'--dh none' to disable traditional Diffie Hellman, since more secure
ECDH algorithms are available that do not use explicit DH parameters.

If configured with a suffiently high securelevel (3+), or if running in
FIPS mode, OpenSSL 3.5 will refuse 2048 bit DH files, making our tests
fail.

Thus, remove all the DH2048 stuff from our sample configs.

Github: triggered by OpenVPN/openvpn#819

Change-Id: If66438662bd862a195b2a69c4fa45f63838982b7
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250820175459.11227-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32632.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

2025-08-20 23:11:33 +02:00

David Sommerseth

79a111c7e1

sample-plugin: New plugin for testing multiple auth plugins

This plugin allows setting username/passwords as well as configure
deferred authentication behaviour as part of the runtime initialization.

With this plug-in it is easier to test various scenarios where multiple
authentication plug-ins are active on the server side.

A test documentation was also added to describe various test cases and
the expected results.

Signed-off-by: David Sommerseth <davids@openvpn.net>

Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20220313193154.9350-2-openvpn@sf.lists.topphemmelig.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23932.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

2022-03-15 16:29:22 +01:00

2 commits