[Openvpn-devel] [PATCH applied] Re: Add support for mbedtls 3.X.Y

Sun, 29 Oct 2023 14:51:45 -0700 

Tested against mbedtls 3.5.0 locally installed.  Without this patch,
it complains about "2.x.x required", and with the patch it configures
and builds mostly fine.

crypto_mbedtls.c throws a warning here:

    crypto_mbedtls.c:568:1: warning: conflicting types for 'cipher_ctx_init' 
due to enum/integer mismatch; have 'void(mbedtls_cipher_context_t *, const 
uint8_t *, const char *, const mbedtls_operation_t)' {aka 
'void(mbedtls_cipher_context_t *, const unsigned char *, const char *, const 
mbedtls_operation_t)'} [-Wenum-int-mismatch]
      568 | cipher_ctx_init(mbedtls_cipher_context_t *ctx, const uint8_t *key,
          | ^~~~~~~~~~~~~~~
    In file included from crypto.h:125,
                     from crypto_mbedtls.c:40:
    crypto_backend.h:352:6: note: previous declaration of 'cipher_ctx_init' 
with type 'void(cipher_ctx_t *, const uint8_t *, const char *, int)' {aka 
'void(mbedtls_cipher_context_t *, const unsigned char *, const char *, int)'}
      352 | void cipher_ctx_init(cipher_ctx_t *ctx, const uint8_t *key,
          |      ^~~~~~~~~~~~~~~

but the compilation succeeds...

    OpenVPN 2.7_git [git:vw/master/b096ce2b931347f4] x86_64-pc-linux-gnu [SSL 
(mbed TLS)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] [DCO] built on Oct 29 2023
    library versions: mbed TLS 3.5.0, LZO 2.10

as does "make check" with an exhaustive set of t_client stanzas.

All tests that require BF-CBC to succeed ("compatibility with 2.2 servers")
did fail, but the messages are clear enough

    2023-10-29 20:19:49 Unsupported cipher in --data-ciphers: BF-CBC

Building with older mbedTLS versions in GHA also succeeded.


Your patch has been applied to the master branch.

commit ace7a4f1c271550bb8ad276663e045ab97a46f16
Author: Max Fillinger
Date:   Wed Oct 25 14:18:30 2023 +0200

     Add support for mbedtls 3.X.Y

     Signed-off-by: Max Fillinger <m...@max-fillinger.net>
     Acked-by: Frank Lichtenheld <fr...@lichtenheld.com>
     Message-Id: <20231025121830.1030959-1-fr...@lichtenheld.com>
     URL: 
     Signed-off-by: Gert Doering <g...@greenie.muc.de>


--
kind regards,

Gert Doering



_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to