cron2 has uploaded a new patch set (#2) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/860?usp=email )
The following approvals got outdated and were removed: Code-Review+2 by cron2 Change subject: ssl_openssl: Clean up unused functions and add missing "static" ...................................................................... ssl_openssl: Clean up unused functions and add missing "static" Just some misc cleanups found while looking at the code. Change-Id: Ifa06a3cb843dbf6a9639164d12aabe572aab162c Signed-off-by: Frank Lichtenheld <fr...@lichtenheld.com> Acked-by: Gert Doering <g...@greenie.muc.de> Message-Id: <20250114164938.12828-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg30453.html Signed-off-by: Gert Doering <g...@greenie.muc.de> --- M src/openvpn/ssl_backend.h M src/openvpn/ssl_mbedtls.c M src/openvpn/ssl_openssl.c 3 files changed, 5 insertions(+), 50 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/60/860/2 diff --git a/src/openvpn/ssl_backend.h b/src/openvpn/ssl_backend.h index a6a9695..e25727f 100644 --- a/src/openvpn/ssl_backend.h +++ b/src/openvpn/ssl_backend.h @@ -529,12 +529,12 @@ * ***************************************/ -/* +/** * Print a one line summary of SSL/TLS session handshake. */ void print_details(struct key_state_ssl *ks_ssl, const char *prefix); -/* +/** * Show the TLS ciphers that are available for us to use in the * library depending on the TLS version. This function prints * a list of ciphers without headers/footers. @@ -549,17 +549,11 @@ const char *tls_cert_profile, bool tls13); -/* +/** * Show the available elliptic curves in the crypto library */ void show_available_curves(void); -/* - * The OpenSSL library has a notion of preference in TLS ciphers. Higher - * preference == more secure. Return the highest preference cipher. - */ -void get_highest_preference_tls_cipher(char *buf, int size); - /** * return a pointer to a static memory area containing the * name and version number of the SSL library in use diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index 56eef36..92b52fe 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -1585,20 +1585,6 @@ } } -void -get_highest_preference_tls_cipher(char *buf, int size) -{ - const char *cipher_name; - const int *ciphers = mbedtls_ssl_list_ciphersuites(); - if (*ciphers == 0) - { - msg(M_FATAL, "Cannot retrieve list of supported SSL ciphers."); - } - - cipher_name = mbedtls_ssl_get_ciphersuite_name(*ciphers); - strncpynt(buf, cipher_name, size); -} - const char * get_ssl_library_version(void) { diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 98eba9d..89d0328 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -354,7 +354,7 @@ return true; } -void +static void convert_tls_list_to_openssl(char *openssl_ciphers, size_t len, const char *ciphers) { /* Parse supplied cipher list and pass on to OpenSSL */ @@ -461,7 +461,7 @@ } } -void +static void convert_tls13_list_to_openssl(char *openssl_ciphers, size_t len, const char *ciphers) { @@ -2638,31 +2638,6 @@ #endif /* ifndef OPENSSL_NO_EC */ } -void -get_highest_preference_tls_cipher(char *buf, int size) -{ - SSL_CTX *ctx; - SSL *ssl; - const char *cipher_name; - - ctx = SSL_CTX_new(SSLv23_method()); - if (!ctx) - { - crypto_msg(M_FATAL, "Cannot create SSL_CTX object"); - } - ssl = SSL_new(ctx); - if (!ssl) - { - crypto_msg(M_FATAL, "Cannot create SSL object"); - } - - cipher_name = SSL_get_cipher_list(ssl, 0); - strncpynt(buf, cipher_name, size); - - SSL_free(ssl); - SSL_CTX_free(ctx); -} - const char * get_ssl_library_version(void) { -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/860?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ifa06a3cb843dbf6a9639164d12aabe572aab162c Gerrit-Change-Number: 860 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@lichtenheld.com> Gerrit-Reviewer: cron2 <g...@greenie.muc.de> Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org> Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net> Gerrit-MessageType: newpatchset
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
