OpenVPN 2.5 - digest invalid with 'auth sha512'

Weekly dev snapshots are available for testing.
We talk about them here. Testing features in the dev snapshot helps the features make it to stable.
Forum rules
Please report your experience with testing branch. Include what you were using and how
If there is a problem, the more info the better!
Post Reply
Clodo
OpenVPN User
Posts: 35
Joined: Mon Oct 10, 2011 11:25 pm

OpenVPN 2.5 - digest invalid with 'auth sha512'

Post by Clodo » Wed May 08, 2019 4:36 pm

We detected an issue breaking backward-compatibility.
If I use in a config "auth sha512", OpenVPN 2.4 accepts it, OpenVPN 3 accepts it, OpenVPN 2.5 does not.
I understand the syntax must be uppercase ("auth SHA512"), but
OVPN files around the world, if using the lowercase syntax, will stop working (digest invalid)
and I think a force uppercase in options parsing in OpenVPN codebase will be a clean solution to avoid troubles.

Can someone fill a bug report to understand at least if this will be considered? Thanks.

Clodo
OpenVPN User
Posts: 35
Joined: Mon Oct 10, 2011 11:25 pm

Re: OpenVPN 2.5 - digest invalid with 'auth sha512'

Post by Clodo » Thu May 09, 2019 10:09 am

Note: Oracle here:
https://www.ibm.com/support/knowledgece ... names.html
explicit write "Algorithm names are not case-sensitive".

Also, https://www.ietf.org/rfc/rfc3230.txt
All digest-algorithm values are case-insensitive.
so i think this issue can be classified as bug.

Post Reply