Sure. There's two options here: remove it from 1/5 and 'break' BF-CBC between 1/5 and 4/5 (although BF wasn't supported by polar before 1.2 anyway), or revert these changes in 4/5. I'd go for first option, since it delivers cleaner patches. If no one objects, I'll send an updated patch this afternoon.
-Steffan -----Original Message----- From: Heiko Hund [mailto:heiko.h...@sophos.com] Sent: dinsdag 19 maart 2013 11:27 To: openvpn-devel@lists.sourceforge.net Cc: Steffan Karger Subject: Re: [Openvpn-devel] [PATCH 1/5] PolarSSL-1.2 support On Monday 18 March 2013 17:37:28 steffan.kar...@fox-it.com wrote: > diff --git a/src/openvpn/options.c b/src/openvpn/options.c index > 8592955..9766742 100644 > --- a/src/openvpn/options.c > +++ b/src/openvpn/options.c > @@ -827,7 +827,11 @@ init_options (struct options *o, const bool init_gc) > o->server_poll_timeout = 0; > #endif > #ifdef ENABLE_CRYPTO > +#ifdef ENABLE_CRYPTO_POLARSSL > + o->ciphername = "BLOWFISH-CBC"; > +#else > o->ciphername = "BF-CBC"; > +#endif > o->ciphername_defined = true; > o->authname = "SHA1"; > o->authname_defined = true; Couldn't this be done better with the functionality in 4/5? Heiko -- Heiko Hund | Sr. Software Engineer | Tel +49-721-25516-237 | Fax -200 SOPHOS NSG | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany
