Hi, On Thu, Jan 17, 2013 at 09:23:29AM +0100, steffan.kar...@fox-it.com wrote: > /** Cipher is in CFB mode */ > +#if POLARSSL_VERSION_NUMBER < 0x01020000 > #define OPENVPN_MODE_CFB POLARSSL_MODE_CFB128 > +#else > +#define OPENVPN_MODE_CFB POLARSSL_MODE_CFB > +#endif
I don't like this approach - we have way too many #ifdef's already.
Is there any benefit in keeping support for PolarSSL 1.1, given that
it's not interoperable with OpenVPN's default crypto settings (blowfish)?
So unless there are strong reasons to support both 1.1 and 1.2, I'd
just move over to 1.2, document the requirement "anything before 1.2.3
is not supported, period" and declare 1.1 historic...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpSIOzf7HkFG.pgp
Description: PGP signature
