[Openvpn-devel] [XS] Change in openvpn[master]: Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex
Attention is currently required from: flichtenheld, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/552?usp=email ) Change subject: Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex .. Patch Set 2: Code-Review-1 (1 comment) Patchset: PS2: withdrawing the +2 for the time being - it causes failures in ssl_testdriver (and possibly others) now, on some platforms -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/552?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I911e25949a8647b567fd4178683534d4404ab469 Gerrit-Change-Number: 552 Gerrit-PatchSet: 2 Gerrit-Owner: plaisthos Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Tue, 02 Apr 2024 12:47:19 + Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex
Attention is currently required from: flichtenheld, plaisthos. cron2 has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/552?usp=email ) Change subject: Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex .. Patch Set 2: Code-Review+2 (1 comment) Patchset: PS2: The openssl source is very enlightening and makes it very clear that this is correct. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/552?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I911e25949a8647b567fd4178683534d4404ab469 Gerrit-Change-Number: 552 Gerrit-PatchSet: 2 Gerrit-Owner: plaisthos Gerrit-Reviewer: cron2 Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Tue, 02 Apr 2024 12:21:44 + Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex
Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/552?usp=email to look at the new patch set (#2). Change subject: Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex .. Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex EVP_CipherInit basically is the same EVP_CipherInit_ex except that it in some instances it resets/inits the ctx parameter first. We already call EVP_CIPHER_CTX_reset to reset/init the ctx before so this call does not do anything useful. OpenSSL 1.0.2: https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/crypto/evp/evp_enc.c#L94 EVP_CipherInit calls first EVP_CIPHER_CTX_init and then EVP_CipherInit_ex Our openssl_compat.h has for these older OpenSSL versions OpenSSL 3.0: https://github.com/openssl/openssl/blob/openssl-3.2/crypto/evp/evp_enc.c#L450 basically the same as 1.0.2. Just that method names have been changed. Change-Id: I911e25949a8647b567fd4178683534d4404ab469 Signed-off-by: Arne Schwabe --- M src/openvpn/crypto_openssl.c 1 file changed, 0 insertions(+), 4 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/52/552/2 diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index bfc5e37..13dfa8c 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -846,10 +846,6 @@ evp_cipher_type *kt = cipher_get(ciphername); EVP_CIPHER_CTX_reset(ctx); -if (!EVP_CipherInit(ctx, kt, NULL, NULL, enc)) -{ -crypto_msg(M_FATAL, "EVP cipher init #1"); -} if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, enc)) { crypto_msg(M_FATAL, "EVP cipher init #2"); -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/552?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I911e25949a8647b567fd4178683534d4404ab469 Gerrit-Change-Number: 552 Gerrit-PatchSet: 2 Gerrit-Owner: plaisthos Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-Attention: flichtenheld Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex
Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/552?usp=email to review the following change. Change subject: Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex .. Remove redundant call of EVP_CipherInit before EVP_CipherInit_Ex EVP_CipherInit basically is the same EVP_CipherInit_ex except that it in some instances it resets/inits the ctx parameter first. We already call EVP_CIPHER_CTX_reset to reset/init the ctx before so this call does not do anything useful Change-Id: I911e25949a8647b567fd4178683534d4404ab469 Signed-off-by: Arne Schwabe --- M src/openvpn/crypto_openssl.c 1 file changed, 0 insertions(+), 4 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/52/552/1 diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index bfc5e37..13dfa8c 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -846,10 +846,6 @@ evp_cipher_type *kt = cipher_get(ciphername); EVP_CIPHER_CTX_reset(ctx); -if (!EVP_CipherInit(ctx, kt, NULL, NULL, enc)) -{ -crypto_msg(M_FATAL, "EVP cipher init #1"); -} if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, enc)) { crypto_msg(M_FATAL, "EVP cipher init #2"); -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/552?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I911e25949a8647b567fd4178683534d4404ab469 Gerrit-Change-Number: 552 Gerrit-PatchSet: 1 Gerrit-Owner: plaisthos Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-Attention: flichtenheld Gerrit-MessageType: newchange ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel