On 19/10/2021 20:31, Arne Schwabe wrote:
The old API is deprecated in OpenSSL 3.0 and the new API does not yet
exist in OpenSSL 1.1. Emulating the new API would be more complex than
just having two implementations. So this switches to a new hmac
implementation for OpenSSL 3.0.
Unfortunately the new API does not have an easy to reset an HMAC, so we need
to keep the key around to emulate a reset functionality.
Signed-off-by: Arne Schwabe <[email protected]>
Acked-by: Max Fillinger <[email protected]>
Looked at the code, compiled with OpenSSL 3.1.0 and 1.1.1, and ran
--test-crypto for both.
Small typo in commit message: "does not have an easy to reset", probably
should be "easy way to reset".
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
