Re: [Openvpn-devel] [PATCH 1/3] Improve PolarSSL key_state_read_{cipher, plain}text messages

Hi, On Mon, Jan 21, 2013 at 02:13:25PM +0100, steffan.kar...@fox-it.com wrote: > +#ifdef POLARSSL_ERROR_C > + char error_message[1024]; > +#endif What condition does that #ifdef depend on? Will this function not always be available in Polar 1.2.3 and up? "We're trying to get rid of #ifdefs,

Re: [Openvpn-devel] [PATCH 3/3] PolarSSL-1.2 support

Am 21.01.2013 14:23, schrieb Gert Doering: > Hi, > > just for the sake of those not following the discussion on IRC... > > On Mon, Jan 21, 2013 at 11:23:17AM +0100, Gert Doering wrote: >> I'm more concernced about maintainability of the OpenVPN code base, and >> having more #ifdef in there is

[Openvpn-devel] [PATCH 2/3] PolarSSL-1.2 support

From: Steffan Karger Add support for PolarSSL-1.2, which has changed the API in several places. This is a minimal port: PolarSSL-1.2 works, but the new features have not been enabled. Everything before 1.2 is no longer supported. PolarSSL-1.2.[0-2] are blacklisted for

[Openvpn-devel] [PATCH 1/3] Improve PolarSSL key_state_read_{cipher, plain}text messages

From: Steffan Karger Instead of logging the fact that an error occured, log the error string or (if the PolarSSL build does not include this feature) the error code. Signed-off-by: Joachim Schipper --- src/openvpn/ssl_polarssl.c | 20

[Openvpn-devel] [PATCH 3/3] Improve verify_callback messages

From: Steffan Karger Print the *flags argument, which - for PolarSSL-1.2 - contains the reasons that the certificate failed (pre-)verification. Signed-off-by: Joachim Schipper --- src/openvpn/ssl_verify_polarssl.c |6 +++--- 1 file

Re: [Openvpn-devel] [PATCH 3/3] PolarSSL-1.2 support

> -Original Message- > From: steffan.kar...@fox-it.com [mailto:steffan.kar...@fox-it.com] > Sent: donderdag 17 januari 2013 9:23 > To: openvpn-devel@lists.sourceforge.net > Subject: [Openvpn-devel] [PATCH 3/3] PolarSSL-1.2 support > > From: Steffan Karger > >

Re: [Openvpn-devel] [PATCH 1/3] Improve PolarSSL key_state_read_{cipher, plain}text messages

Hi, On Thu, Jan 17, 2013 at 09:23:27AM +0100, steffan.kar...@fox-it.com wrote: > From: Steffan Karger > > Instead of logging the fact that an error occured, log the error string or (if > the PolarSSL build does not include this feature) the error code. > >

Re: [Openvpn-devel] [PATCH 3/3] PolarSSL-1.2 support

Hi, On Mon, Jan 21, 2013 at 10:54:26AM +0100, Adriaan de Jong wrote: > > Barring that, I'd suggest to add stuff to fail the build with older > > PolarSSL versions and kill the PolarSSL < 1.2.3 code. It would seem > > from the changelogs that PolarSSL 1.2.N (with N highest available) does > >

Re: [Openvpn-devel] [PATCH 3/3] PolarSSL-1.2 support

> -Original Message- > From: Matthias Andree [mailto:matthias.and...@gmx.de] > Sent: zondag 20 januari 2013 14:09 > To: openvpn-devel@lists.sourceforge.net > Subject: Re: [Openvpn-devel] [PATCH 3/3] PolarSSL-1.2 support > > Is there any important system where requiring PolarSSL >= 1.2.3