From: Steffan Karger
Added translation table and functions to translate between TLS OpenSSL
and IANA (IETF) cipher suite names. The previously used OpenSSL names
are still accepted, but a deprecation warning is issued.
Signed-off-by: Steffan Karger
From: Steffan Karger
Added translate_cipher name to crypto_openssl.c and crypto_polarssl.c
to translate between OpenVPN(/OpenSSL) and PolarSSL data channel
cipher algorithm names. OpenSSL does not require any translating,
PolarSSL does for a small number of algorithms.
From: Steffan Karger
Add support for PolarSSL-1.2, which has changed the API in several places.
This is a minimal port, new features have not been enabled. Only PolarSSL
1.2.5 and newer are accepted, as earlier versions contain unresolved
(security) issues.
Hi Everyone,
The attached patches add PolarSSL 1.2 support to OpenVPN 2.3, while maintaining
OpenVPN configuration file compatibility between the OpenSSL and PolarSSL
builds.
Patches 1-3 upgrade the supported PolarSSL versions to 1.2.5 or newer.
Patch 4 adds data channel cipher name
From: Steffan Karger
Instead of logging the fact that an error occured, log the error code and
description (when available in the PolarSSL build).
Signed-off-by: Joachim Schipper
---
src/openvpn/ssl_polarssl.c |8 ++--
1 file
From: Steffan Karger
Print the *flags argument, which - for PolarSSL-1.2 - contains the reasons that
the certificate failed (pre-)verification.
Signed-off-by: Joachim Schipper
---
src/openvpn/ssl_verify_polarssl.c |6 +++---
1 file