... instead of when it doesn't fail. Looks like 'someone' mixed up the mbedtls return style (0 means success) with the openvpn internal return style (true means success).
Signed-off-by: Steffan Karger <steffan.kar...@fox-it.com> --- src/openvpn/ssl_mbedtls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index 8e31980..ef83e65 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -853,7 +853,7 @@ tls_ctx_personalise_random(struct tls_root_ctx *ctx) const md_kt_t *sha256_kt = md_kt_get("SHA256"); mbedtls_x509_crt *cert = ctx->crt_chain; - if (0 != md_full(sha256_kt, cert->tbs.p, cert->tbs.len, sha256_hash)) + if (!md_full(sha256_kt, cert->tbs.p, cert->tbs.len, sha256_hash)) { msg(M_WARN, "WARNING: failed to personalise random"); } -- 2.7.4 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel