upstream/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2026-02-03 20:39:40 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
openvpn/sample/sample-plugins
History
Gert Doering 2d73540316 Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file 
Since commit bd9aa06feb (Jan 2015) OpenVPN has allowed to use
'--dh none' to disable traditional Diffie Hellman, since more secure
ECDH algorithms are available that do not use explicit DH parameters.

If configured with a suffiently high securelevel (3+), or if running in
FIPS mode, OpenSSL 3.5 will refuse 2048 bit DH files, making our tests
fail.

Thus, remove all the DH2048 stuff from our sample configs.

Github: triggered by OpenVPN/openvpn#819

Change-Id: If66438662bd862a195b2a69c4fa45f63838982b7
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250820175459.11227-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32632.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-08-20 23:11:33 +02:00
..
client-connect clang-format: Switch to ColumnLimit 0 2025-08-05 15:32:53 +02:00
defer Reformat the whole project with clang-format 2025-08-04 21:40:22 +02:00
keying-material-exporter-demo Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file 2025-08-20 23:11:33 +02:00
log clang-format: Switch to ColumnLimit 0 2025-08-05 15:32:53 +02:00
simple clang-format: Switch to ColumnLimit 0 2025-08-05 15:32:53 +02:00
Makefile.am Update copyright statements to 2025 2025-05-31 22:38:38 +02:00
Makefile.plugins Update copyright statements to 2025 2025-05-31 22:38:38 +02:00
README plugins: Remove defer/simple.c sample plugin 2022-03-15 16:38:16 +01:00

README 

OpenVPN plug-in examples.

Examples provided:

* authentication and logging
simple/simple.c -- using the --auth-user-pass-verify callback, verify
                   that the username/password is "foo"/"bar".
defer/multi-auth.c
                -- using the --auth-user-pass-verify callback,
                   test deferred authentication. Can be used to test multiple
                   authentication plugins in the same server config.
log/log.c       -- Extended variant of simple/simple.c which adds more
                   logging of what is happening inside the plug-in
log/log_v3.c    -- A variant of log/log.c, which makes use of the
                   OpenVPN plug-in v3 API.  This will also log even more
                   information related to certificates in use.

* client-connect (and logging)
client-connect/sample-client-connect -- demonstrate how to use the
                   CLIENT_CONNECT and CLIENT_CONNECT_V2 hooks to achieve
                   "per client configuration / logging / ..." actions,
                   both in synchronous and async/deferred mode

* cryptography related
simple/base64.c -- Example using the OpenVPN exported base64 encode/decode
                   functions
keying-material-exporter-demo/keyingmaterialexporter.c
                -- Example based on TLS Keying Material Exporters over HTTP [RFC-5705]
                   (openvpn/doc/keying-material-exporter.txt).  For more details, see
                   keying-material-exporter-demo/README


To build on *BSD/Linux platforms (requires GNU Make):

   gmake                   (builds a default set of plug-ins)
   gmake simple/simple.so

To build on Windows platform (MinGW):

   cd simple; ./winbuild simple.so

To use in OpenVPN, add to config file:

  plugin simple.so (Linux/BSD/etc.)
  plugin simple.dll