I think Polar even supports 8-bit architectures, but don't quote me on that :).
Adriaan > -----Original Message----- > From: Tiran Kaskas [mailto:tiran.kas...@telit.com] > Sent: woensdag 14 december 2011 9:54 > To: David Sommerseth > Cc: Adriaan de Jong; Gert Doering; openvpn-devel@lists.sourceforge.net > Subject: RE: [Openvpn-devel] Problem with alloc_buf_gc function > > Thanks. > Already done the ssl part, only polarssl. It is working perfect and > does support 16bit with no change. > > -----Original Message----- > From: David Sommerseth [mailto:openvpn.l...@topphemmelig.net] > Sent: Wednesday, December 14, 2011 10:52 AM > To: Tiran Kaskas > Cc: Adriaan de Jong; Gert Doering; openvpn-devel@lists.sourceforge.net > Subject: Re: [Openvpn-devel] Problem with alloc_buf_gc function > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 13/12/11 21:22, Tiran Kaskas wrote: > > The problem is that the nl package was built with 2.1 version, and I > > have used this. > > > > On a different topic: I found an issue, you probably want to fix > > that: In reliable_pid_in_range1() function, the third > > parameter(extent) is an unsigned int. However, this function is being > > called by reliable_pid_min(), passing 0x80000000u as the value to > > extent. On a 16 bit machine (int is 16 bit) this will never work. The > > type of extent need to change to unsigned long and not int. > > As Gert already said, OpenVPN is written for minimum 32bit > architectures. > The first OpenVPN release was in 2002, long after 16bit computers were > quite irrelevant for most consumer users. So at the moment I'm > sceptical if we should also support 16bit. As the int and also long > integers will be a rats nest to review. You probably got more data > types which needs to be reviewed as well. > > On the 32bit platform both int and long are 4 bytes (32bit), while on > 64bit int is 4 bytes and long is 8 bytes. And I'm not sure how long's > are tackled on 16bit platforms, and if this is consistent the whole way > through. > > If we manage to fix OpenVPN to be 16bit safe as well, there are no > guarantee that the SSL libraries will be 16bit safe. You also got > potentially the LZO library as well - which may be skipped. The > PKCS#11 support I guess is out of question on this kind of hardware. I > would say it's better to get started "in the other end", with the SSL > libraries first, to be sure the SSL layer is fine and 16bit safe before > starting modifying OpenVPN. > > > kind regards, > > David Sommerseth > > > > -----Original Message----- From: Adriaan de Jong > > [mailto:dej...@fox-it.com] Sent: Tuesday, December 13, 2011 11:31 AM > > To: Gert Doering; Tiran Kaskas Cc: > > openvpn-devel@lists.sourceforge.net Subject: RE: [Openvpn-devel] > > Problem with alloc_buf_gc function > > > >> -----Original Message----- From: Gert Doering > >> [mailto:g...@greenie.muc.de] > >> > >> On Mon, Dec 12, 2011 at 09:32:51AM +0000, Tiran Kaskas wrote: > >>> Is there a problem connecting a client running 2.1.4 (the one with > >> polarssl) to a server running 2.0.9? > >> > >> Well, the default crypto algorithms are not compatible between > >> polarssl and openssl-using openvpn. So you'd need to change the > >> crypto settings on the openssl-openvpn [--cipher] - and upgrade to > >> 2.2, while at it. > > > > To be a little more specific: PolarSSL doesn't support blowfish > > (BF-CBC), a good option would be AES (AES-xxx-CBC). You can see the > > supported ciphers using --list-ciphers. > > > > Adriaan > > > > --------------------------------------------------------------------- > - > > -------- > > > > > Systems Optimization Self Assessment > > Improve efficiency and utilization of IT resources. Drive out cost > and > > improve service delivery. Take 5 minutes to use this Systems > > Optimization Self Assessment. > > http://www.accelacomm.com/jaw/sdnl/114/51450054/ > > _______________________________________________ Openvpn-devel mailing > > list Openvpn-devel@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/openvpn-devel > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk7oY6AACgkQDC186MBRfrouQwCgklEb0qpSEvD/edsRAqWP6Jni > BHcAmwWP1qIVzttpJco+N+P63DC8qi4i > =v09z > -----END PGP SIGNATURE-----
