From: Arne Schwabe <arne@rfc2549.org>
Date: Fri, 17 Apr 2020 07:43:45 +0000 (+0200)
Subject: Add README.wolfssl documentating the state of WolfSSL in OpenVPN
X-Git-Tag: v2.6_beta1~609
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f38819b7e42ea99f6ae218be6e6345c397c1af4c;p=thirdparty%2Fopenvpn.git

Add README.wolfssl documentating the state of WolfSSL in OpenVPN

Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20200417074345.5694-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19758.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/README.wolfssl b/README.wolfssl
new file mode 100644
index 000000000..d417807b1
--- /dev/null
+++ b/README.wolfssl
@@ -0,0 +1,29 @@
+Support for WolfSSL is implemented and maintained by WolfSSL Inc. The support is
+implemented using WolfSSL's compatiblity layer. The WolfSSL support in OpenVPN
+receives very limited testing/support from the OpenVPN community itself.
+
+If bugs in OpenVPN when using WolfSSL are encountered, the user should try to
+also compile OpenVPN with OpenSSL to determinate if these are bugs in the
+WolfSSL TLS implemenation or OpenVPN itself.
+
+To Build and Install,
+
+	./configure --with-crypto-library=wolfssl
+	make
+	make install
+
+
+The wolfSSL library will include the installed options.h file by default.
+To include a custom user_settings.h file for wolfSSL,
+
+./configure --with-crypto-library=wolfssl --disable-wolfssl-options-h
+make
+make install
+
+*************************************************************************
+Due to limitations in the wolfSSL TLS library or its compability layer, the
+following features are missing
+
+ * blowfish support (BF-CBC), you must use something like
+   cipher AES-128-CBC to avoid trying to use BF-CBC
+ * Windows CryptoAPI support