This is version 7 of the OpenSSL 1.1 patch series. It has been rebased on top of the latest git revision.
It builds upon the previous version and adds the following: * fix a memory leak when playing with internal ASN1 strings * introduce RSA_bits() and DSA_bits() * add a few comments to explain that, yes, we are allowed to do weird const-to-non-const cast because of OpenSSL API. Of course, it would be better if we could have avoided them. This version fixes all the problems that Steffan spotted on the previous version (to the best of my knowledge). Please tell me if there is anything wrong (or not good enough). [PATCH 1/8] OpenSSL: don't use direct access to the internal of X509 [PATCH 2/8] OpenSSL: don't use direct access to the internal of EVP_PKEY [PATCH 3/8] OpenSSL: don't use direct access to the internal of RSA [PATCH 4/8] OpenSSL: don't use direct access to the internal of DSA [PATCH 5/8] OpenSSL: don't use direct access to the internal of EVP_MD_CTX [PATCH 6/8] OpenSSL: don't use direct access to the internal of EVP_CIPHER_CTX [PATCH 7/8] OpenSSL: don't use direct access to the internal of HMAC_CTX [PATCH 8/8] OpenSSL: force meth->name as non-const when we free() it Diffstat is here: configure.ac | 19 +++ src/openvpn/crypto.c | 8 +- src/openvpn/crypto_backend.h | 42 +++++ src/openvpn/crypto_mbedtls.c | 40 +++++ src/openvpn/crypto_openssl.c | 50 +++++- src/openvpn/httpdigest.c | 78 ++++----- src/openvpn/misc.c | 14 +- src/openvpn/ntlm.c | 12 +- src/openvpn/openssl_compat.h | 351 ++++++++++++++++++++++++++++++++++++++- src/openvpn/openvpn.h | 2 +- src/openvpn/push.c | 11 +- src/openvpn/ssl.c | 38 +++-- src/openvpn/ssl_openssl.c | 35 ++-- src/openvpn/ssl_verify_backend.h | 2 +- src/openvpn/ssl_verify_mbedtls.c | 2 +- src/openvpn/ssl_verify_openssl.c | 68 ++++++-- 16 files changed, 660 insertions(+), 112 deletions(-) The series can be checked on github at https://github.com/emmanuel-deloget/openvpn/commits/openssl-1.1-v7 Best regards, -- Emmanuel Deloget ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
