Since WolfSSL seems to be the library of choice at the moment, can we add an OpenVPN-WolfSSL package? This will avoid having two seperate ssl libraries on the same the device (saving memory).
Possibly other packages can use the OpenSSL compatible API from WolfSSL as well.
Have we some news on this since we now are in 21.02-rc2 with wolfssl as primary ssl base package for OpenWRT and we now run OpenVPN with OpenSSL?
Hi, I was also looking into this
It turns out, OpenVPN and wolfSSL are not yet compatible, but it is in active development.
In other words, OpenVPN supports wolfSSL now, but only on their master branch, no official release, and there is still problems between them.
It's very likely that when OpenVPN 2.6 is released, it will fully support wolfSSL by then, in the meantime we wait
06:11PM - 17 Mar 21 UTC
This patch adds support for wolfSSL in OpenVPN. Support is added by using
an open PR to fix issues:
02:50PM - 12 Mar 21 UTC
- OpenVPN requires all TLS versions to be enabled because it uses `SSL_CTX_set_m
I have noticed this and the answer seems to be from what side you asked the question.
WolfSSL are happily anouncing their working with OpenVPN on their homepage.
OpenVPN on their side has really not any official on this at all, more then it is OpenSSL that is the only supported SSL add-on for OpenVPN.
OpenVPN is happy to add what is necessary to use wolfSSL in terms of
wolfSSL has to do the work in order to accommodate OpenVPN. This means they have to keep track of changes in OpenVPN and adapt to them accordingly, not the other way around.
That's not strange though, it just means it will take more time for them to work together well, and I imagine the same idea applies to OpenSSL, but the work to make them compatible was already done a very long time ago.
And then we have the OpenVPN-easyrsa 3 that WoulfSSL need to adapt for also.