Add a section about wolfSSL GPLv3 and point out missing TLS PRF support

Change-Id: I4f9a6baf2bdb45e5b79bf13c9f6fce3b7a2e982c
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1416
Message-Id: <20251204124221.15206-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34840.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/README.wolfssl b/README.wolfssl
index 3918d0fcd93bd6445542b30a28262448f5d522e8..3e531aece05cfd7d6d8a0bfe115a076484dd3c93 100644 (file)
--- a/README.wolfssl
+++ b/README.wolfssl
@@ -28,7 +28,17 @@ following features are missing
  * blowfish support (BF-CBC), you must use something like
    cipher AES-128-CBC to avoid trying to use BF-CBC
  * Windows CryptoAPI support
+ * No TLS1.0 PRF support (No compaitbility with OpenVPN 2.5 or older or
+   other build that do not support TLS EKM)
 
+
+*************************************************************************
+Newer wolfSSL versions (5.8.2 and newer) are GPLv3 licensed and this license is not
+compatible with OpenVPN's GPLv2 license.
+
+However wolfSSL Inc has granted an exception to combine the wolfSSL library
+with OpenVPN and OpenVPN-NL (https://github.com/wolfSSL/wolfssl/blob/master/LICENSING)
+with version 5.8.4 and later.
 *************************************************************************
 To build WolfSSL with post-quantum KEMs built in, the following command is used: