Contributions to OpenVPN

[smittals2]

This is a local PR to gather internal feedback before we contribute these changes to OpenVPN.

Thank you for your contribution

You are welcome to open PR, but they are used for discussion only. All
patches must eventually go to the openvpn-devel mailing list for review:

• https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Please send your patch using git-send-email. For example to send your latest commit to the list:

$ git send-email [email protected] HEAD~1

For details, see these Wiki articles:

• https://community.openvpn.net/openvpn/wiki/DeveloperDocumentation
• https://community.openvpn.net/openvpn/wiki/Contributing

[andrewhop]

Do they use specific versions or ubuntu-latest in other builds?

[smittals2]

Using ubuntu 22.04. Copied most of the boilerplate from other tests. Changed all the build steps tho

[andrewhop]

For their other libcryptos do they use a specific release or follow main?

[smittals2]

mbedtls and libressl use a tagged release, but I think we should be following main to have two way compatibility checks. I guess we're testing mainline LC in our CI with OpenVPN anyway so we don't need to. I don't have a preference, thoughts?

[andrewhop]

Good point, if we're building their main and not running into any breaking changes then this is probably fine. I just don't want to create noise in their CI if something subtle changes.

[andrewhop]

Does this effect OpenVPN customers? Can you use OpenVPN through the Windows CryptoAPI? Or does OpenVPN use Windows CryptoAPI to do something that doesn't work with AWS-LC now?

[smittals2]

Looks like OpenVPN has some support for the Windows CryptoAPI. OpenSSL has some APIs that seem to work with CryptoAPI but we don't support these like wolfssl and mbedtls