Opened 6 months ago

Closed 4 months ago

#1334 closed Feature Wish (notabug)

Command line option to extract TLS-Crypt-v2 metadata from client key

Reported by: tincantech Owned by: tincantech
Priority: minor Milestone:
Component: Generic / unclassified Version: OpenVPN 2.5.0 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords: tls-crypt-v2 metadata
Cc: tincantech

Description

Unless the metadata is saved in plain text in another file, there is no way to verify the client metadata except via connecting to a live server.

EasyTLS currently saves the metadata in plain text to a file.

Change History (6)

comment:1 Changed 6 months ago by tincantech

Cc: tincantech added

comment:2 Changed 6 months ago by tincantech

Version: OpenVPN 2.5.0 (Community Ed)

comment:4 Changed 5 months ago by Gert Döring

Owner: set to Steffan Karger
Status: newassigned

I leave that to you and syzzer to discuss...

comment:5 Changed 4 months ago by tincantech

Owner: changed from Steffan Karger to tincantech
Status: assignedaccepted

I thought this through and changed my mind.

A command line option would make it too easy to try to brute-force a client key. (Not that I doubt syzzer's skill but why open that door?)

Closing but feel free to comment.

comment:6 Changed 4 months ago by tincantech

Resolution: notabug
Status: acceptedclosed
Note: See TracTickets for help on using tickets.