addr_copy_sa is just a single line and putting that simple assignment
into an extra function does not really improve clarity.
Signed-off-by: Arne Schwabe
---
src/openvpn/socket.h | 18 ++
1 file changed, 2 insertions(+), 16 deletions(-)
diff --git a/src/openvpn/socket.h b/src/op
Previously this would error out with a M_FATAL message about cipher
not known. Align the mbed TLS version to OpenSSL version and also remove
unreachable code. This manifested in key_print2 running into this
M_FATAL message when used with an AEAD cipher and verb 7.
Signed-off-by: Arne Schwabe
---
This adds the the algorithm that is being used. This does not avoid the
empty hmac key output but makes it more obvious, why there is no output.
Master Decrypt (cipher, AES-256-GCM, 256 bits): 705923be f6e44923 a4920a64
434e575c 6ff8d2db d8e74f07 86c010cf 2cf3923e
Master Decrypt (hmac, [null-dige
Acked-by: Gert Doering
Verified that this fixes the (mbedtls-only) crash I was seeing
with --verb 7 - and verified again that it does not happen with
OpenSSL builds:
Master Encrypt (cipher): 6359ae14 b7069ef7 ...
Master Encrypt (hmac):
Master Decrypt (cipher): 5217f7a8 c3f80df5 ...
Acked-by: Gert Doering
"Yes, this is much nicer" :-)
Master Encrypt (cipher, AES-256-GCM, 256 bits): da62213e a3d13f7c ...
Master Encrypt (hmac, [null-digest], 0 bits):
Master Decrypt (cipher, AES-256-GCM, 256 bits): 4aec936c 1eb1c231 ...
Master Decrypt (hmac, [null-digest],
This allows tun-mtu to pushed but only up to the size of the preallocated
buffers. This is not a perfect solution but should allow most of the use
cases where the mtu is close enough to 1500 (or smaller).
Signed-off-by: Arne Schwabe
Patch v4: rebase for check_session_cipher name change
Patch v5:
To maximise compatibility allow to lie our MTU in the default OCC
message.
Patch v2: improve documentation
Patch v3: split changing default MTU into its own patch
Patch v5: remove leftover mentions to default MTU
Signed-off-by: Arne Schwabe
---
Changes.rst | 6
