[Openvpn-devel] [PATCH 5/5] Switch to IANA names for TLS ciphers.

From: Steffan Karger Added translation table and functions to translate between TLS OpenSSL and IANA (IETF) cipher suite names. The previously used OpenSSL names are still accepted, but a deprecation warning is issued. Signed-off-by: Steffan Karger

[Openvpn-devel] [PATCH 4/5] Config compatibility patch. Added translate_cipher_name.

From: Steffan Karger Added translate_cipher name to crypto_openssl.c and crypto_polarssl.c to translate between OpenVPN(/OpenSSL) and PolarSSL data channel cipher algorithm names. OpenSSL does not require any translating, PolarSSL does for a small number of algorithms.

[Openvpn-devel] [PATCH 1/5] PolarSSL-1.2 support

From: Steffan Karger Add support for PolarSSL-1.2, which has changed the API in several places. This is a minimal port, new features have not been enabled. Only PolarSSL 1.2.5 and newer are accepted, as earlier versions contain unresolved (security) issues.

[Openvpn-devel] PolarSSL 1.2 support, while keeping config file compatibility

Hi Everyone, The attached patches add PolarSSL 1.2 support to OpenVPN 2.3, while maintaining OpenVPN configuration file compatibility between the OpenSSL and PolarSSL builds. Patches 1-3 upgrade the supported PolarSSL versions to 1.2.5 or newer. Patch 4 adds data channel cipher name

[Openvpn-devel] [PATCH 2/5] Improve PolarSSL key_state_read_{cipher, plain}text messages

From: Steffan Karger Instead of logging the fact that an error occured, log the error code and description (when available in the PolarSSL build). Signed-off-by: Joachim Schipper --- src/openvpn/ssl_polarssl.c |8 ++-- 1 file

[Openvpn-devel] [PATCH 3/5] Improve verify_callback messages

From: Steffan Karger Print the *flags argument, which - for PolarSSL-1.2 - contains the reasons that the certificate failed (pre-)verification. Signed-off-by: Joachim Schipper --- src/openvpn/ssl_verify_polarssl.c |6 +++--- 1 file