From f38819b7e42ea99f6ae218be6e6345c397c1af4c Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Fri, 17 Apr 2020 09:43:45 +0200 Subject: [PATCH] Add README.wolfssl documentating the state of WolfSSL in OpenVPN Acked-by: Gert Doering Message-Id: <20200417074345.5694-1-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19758.html Signed-off-by: Gert Doering --- README.wolfssl | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 README.wolfssl diff --git a/README.wolfssl b/README.wolfssl new file mode 100644 index 000000000..d417807b1 --- /dev/null +++ b/README.wolfssl @@ -0,0 +1,29 @@ +Support for WolfSSL is implemented and maintained by WolfSSL Inc. The support is +implemented using WolfSSL's compatiblity layer. The WolfSSL support in OpenVPN +receives very limited testing/support from the OpenVPN community itself. + +If bugs in OpenVPN when using WolfSSL are encountered, the user should try to +also compile OpenVPN with OpenSSL to determinate if these are bugs in the +WolfSSL TLS implemenation or OpenVPN itself. + +To Build and Install, + + ./configure --with-crypto-library=wolfssl + make + make install + + +The wolfSSL library will include the installed options.h file by default. +To include a custom user_settings.h file for wolfSSL, + +./configure --with-crypto-library=wolfssl --disable-wolfssl-options-h +make +make install + +************************************************************************* +Due to limitations in the wolfSSL TLS library or its compability layer, the +following features are missing + + * blowfish support (BF-CBC), you must use something like + cipher AES-128-CBC to avoid trying to use BF-CBC + * Windows CryptoAPI support -- 2.47.2