Opened 4 years ago
Closed 3 years ago
#1334 closed Feature Wish (notabug)
Command line option to extract TLS-Crypt-v2 metadata from client key
Reported by: | tct | Owned by: | tct |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | Generic / unclassified | Version: | OpenVPN 2.5.0 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | tls-crypt-v2 metadata |
Cc: | tct |
Description
Unless the metadata is saved in plain text in another file, there is no way to verify the client metadata except via connecting to a live server.
EasyTLS currently saves the metadata in plain text to a file.
Change History (6)
comment:1 Changed 4 years ago by
Cc: | tct added |
---|
comment:2 Changed 4 years ago by
Version: | → OpenVPN 2.5.0 (Community Ed) |
---|
comment:3 Changed 3 years ago by
comment:4 Changed 3 years ago by
Owner: | set to Steffan Karger |
---|---|
Status: | new → assigned |
I leave that to you and syzzer to discuss...
comment:5 Changed 3 years ago by
Owner: | changed from Steffan Karger to tct |
---|---|
Status: | assigned → accepted |
I thought this through and changed my mind.
A command line option would make it too easy to try to brute-force a client key. (Not that I doubt syzzer's skill but why open that door?)
Closing but feel free to comment.
comment:6 Changed 3 years ago by
Resolution: | → notabug |
---|---|
Status: | accepted → closed |
Note: See
TracTickets for help on using
tickets.
EasyTLS: https://github.com/TinCanTech/easy-tls