Re: [Openvpn-devel] [PATCH] mbedtls: print warning if random personalisation fails

2018-08-30 Thread Antonio Quartulli 


On 29/08/18 20:04, Steffan Karger wrote:
> ... instead of when it doesn't fail.  Looks like 'someone' mixed up the
> mbedtls return style (0 means success) with the openvpn internal return
> style (true means success).
> 
> Signed-off-by: Steffan Karger 

Acked-by: Antonio Quartulli 

I guess at some point we should also convert all these functions
returning int to bool, because the latter is the meaning we are giving
to the return value.


Cheers,

-- 
Antonio Quartulli



signature.asc
Description: OpenPGP digital signature
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH] mbedtls: print warning if random personalisation fails

2018-08-29 Thread Steffan Karger 
... instead of when it doesn't fail.  Looks like 'someone' mixed up the
mbedtls return style (0 means success) with the openvpn internal return
style (true means success).

Signed-off-by: Steffan Karger 
---
 src/openvpn/ssl_mbedtls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c
index 8e31980..ef83e65 100644
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -853,7 +853,7 @@ tls_ctx_personalise_random(struct tls_root_ctx *ctx)
 const md_kt_t *sha256_kt = md_kt_get("SHA256");
 mbedtls_x509_crt *cert = ctx->crt_chain;
 
-if (0 != md_full(sha256_kt, cert->tbs.p, cert->tbs.len, sha256_hash))
+if (!md_full(sha256_kt, cert->tbs.p, cert->tbs.len, sha256_hash))
 {
 msg(M_WARN, "WARNING: failed to personalise random");
 }
-- 
2.7.4


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel