Hi, On Mon, May 25, 2020 at 07:36:11AM -0700, James Bottomley wrote: > > > configure.ac | 5 + > > > src/openvpn/crypto_openssl.c | 1 + > > > > These two hunks should go to the first patch. > > The configure.ac one adds the test Makefile ... it can't move. The > other pieces figure out what the dynamic extension is, which is only > used by the test, so I think everything in the configure.ac change is > in the right place.
Yeah, I misread the part about
+AM_CONDITIONAL([OPENSSL_ENGINE], [test "${have_openssl_engine}" = "yes"])
and assumed it's needed for the #ifdef in the openvpn code.
> The second is a bit more problematic: Right at the moment openvpn is
> blind to local openssl configuration files. To make the test work, it
> needs to be able to add an engine, which requires a local file, so it's
> only function is to enable the test, but it does add to openvpn
> capabilities, I suppose.
I think it should go to the first patch - so "all changes to openvpn
behaviour" are caused by this patch, and the test patch will only add
testing, not change behaviour.
On the actual patch itself, I do not understand enough of the engine
stuff to fully ACK it. Arne or Steffan understand OpenSSL better.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
