Hi, On Wed, Apr 21, 2021 at 11:44:25PM +0200, Magnus Kroken wrote: > On 13.04.2021 07:57, Gert Doering wrote: > > Your patch has been applied to the master branch. > > > > commit e4bd17c86e01aaf6f809d9ea355419c86c4defdc > > Author: Max Fillinger > > Date: Mon Apr 12 19:46:17 2021 +0200 > > > > Fix build with mbedtls w/o SSL renegotiation support > > Please backport this to release/2.5 as well. 2.5.2 is affected by this > and does not compile with an mbed TLS library built in this manner.
Took me a while, but here we go...
commit ad4f8e37617f3f020154bd224f9b693714c6370a (release/2.5)
Author: Max Fillinger <maximilian.fillin...@foxcrypto.com>
Date: Mon Apr 12 19:46:17 2021 +0200
Fix build with mbedtls w/o SSL renegotiation support
Signed-off-by: Gert Doering <g...@greenie.muc.de>
(cherry picked from commit e4bd17c86e01aaf6f809d9ea355419c86c4defdc)
and yes, this obviously makes sense as 2.5 has the offending
mbedtls_ssl_conf_renegotiation() call...
I do think that mbedTLS is being fairly unfriendly here - they should
always provide the function, and just return an error if the application
requests to *enable* SSL_RENEGOTIATION, but it wasn't compiled in...
*disabling* is a no-op in that case, so shouldn't require conditional
code in the caller. But this is not a fairy tale, so I get to live with
the #ifdef...
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
