Opened 4 years ago
Closed 3 years ago
#1334 closed Feature Wish (notabug)
Command line option to extract TLS-Crypt-v2 metadata from client key
| Reported by: | tct | Owned by: | tct |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | Generic / unclassified | Version: | OpenVPN 2.5.0 (Community Ed) |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | tls-crypt-v2 metadata |
| Cc: | tct |
Description
Unless the metadata is saved in plain text in another file, there is no way to verify the client metadata except via connecting to a live server.
EasyTLS currently saves the metadata in plain text to a file.
Change History (6)
comment:1 Changed 4 years ago by
| Cc: | tct added |
|---|
comment:2 Changed 4 years ago by
| Version: | → OpenVPN 2.5.0 (Community Ed) |
|---|
comment:3 Changed 3 years ago by
comment:4 Changed 3 years ago by
| Owner: | set to Steffan Karger |
|---|---|
| Status: | new → assigned |
I leave that to you and syzzer to discuss...
comment:5 Changed 3 years ago by
| Owner: | changed from Steffan Karger to tct |
|---|---|
| Status: | assigned → accepted |
I thought this through and changed my mind.
A command line option would make it too easy to try to brute-force a client key. (Not that I doubt syzzer's skill but why open that door?)
Closing but feel free to comment.
comment:6 Changed 3 years ago by
| Resolution: | → notabug |
|---|---|
| Status: | accepted → closed |
Note: See
TracTickets for help on using
tickets.
EasyTLS: https://github.com/TinCanTech/easy-tls