Emmanuel Deloget <log...@free.fr> on Thu, 2017/02/23 15:35: > This is v3 of the remaining patches for the "Add support for OpenSSL > 1.1.x" series. This series is partial: only the modified patches are > sent to the ML -- the other have not changed. The stats are a bit off > so I don't include them in this mail. > > They have been generated after a rebase from the master tree. Individual > commits can be viewed at > > https://github.com/emmanuel-deloget/openvpn/commits/openssl-1.1-v3 > > (This time, the branch name is correct :)) > > Changes v2 --> v3: > > * RSA_METHOD (04/15): rsa_meth->name is now a dup of the name parameter; > it's freed in RSA_meth_free(). > > * RSA (07/15): calling RSA_set_method() in rsa_finish() is both a Bad > Idea and not required so it has been removed. > > Changes v1 --> v2: > > * EVP_PKEY (06/15): add missing function EVP_PKEY_id() for 0.9.8. > > * replace patch 15/15 with a new patch to use EVP_CipherInit_ex() > instead of EVP_CipherInit() when a full init is not needed. > > > Emmanuel Deloget (15): > [commited] OpenSSL: don't use direct access to the internal of SSL_CTX > [commited] OpenSSL: don't use direct access to the internal of X509_STORE > [commited] OpenSSL: don't use direct access to the internal of X509_OBJECT > OpenSSL: don't use direct access to the internal of RSA_METHOD > OpenSSL: don't use direct access to the internal of X509 > OpenSSL: don't use direct access to the internal of EVP_PKEY > OpenSSL: don't use direct access to the internal of RSA > OpenSSL: don't use direct access to the internal of DSA > [commited] OpenSSL: don't use direct access to the internal of > X509_STORE_CTX OpenSSL: don't use direct access to the internal of > EVP_MD_CTX OpenSSL: don't use direct access to the internal of > EVP_CIPHER_CTX OpenSSL: don't use direct access to the internal of HMAC_CTX > OpenSSL: SSLeay symbols are no longer available in OpenSSL 1.1 > OpenSSL: constify getbio() parameters > OpenSSL: use EVP_CipherInit_ex() instead of EVP_CipherInit()
Built v3 against openssl 1.0.2k without issues, tests succeed and two
instanced successfully established vpn connection (with server version 2.3.12
and 2.4.0).
Built against openssl 1.1.0e without issues, tests succeed. Did not test with
real world connectivity, though.
--
main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];)
putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);}
pgp9Qdgpj9PV2.pgp
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
