From: Steffan Karger
Added translation table and functions to translate between TLS OpenSSL
and IANA (IETF) cipher suite names. The previously used OpenSSL names
are still accepted, but a deprecation warning is issued.
Signed-off-by: Steffan Karger
---
src/openvpn/ssl.c | 147 +++
From: Steffan Karger
Added translate_cipher name to crypto_openssl.c and crypto_polarssl.c
to translate between OpenVPN(/OpenSSL) and PolarSSL data channel
cipher algorithm names. OpenSSL does not require any translating,
PolarSSL does for a small number of algorithms. This improves on
config fil
From: Steffan Karger
Add support for PolarSSL-1.2, which has changed the API in several places.
This is a minimal port, new features have not been enabled. Only PolarSSL
1.2.5 and newer are accepted, as earlier versions contain unresolved
(security) issues.
Signed-off-by: Joachim Schipper
Signe
Hi Everyone,
The attached patches add PolarSSL 1.2 support to OpenVPN 2.3, while maintaining
OpenVPN configuration file compatibility between the OpenSSL and PolarSSL
builds.
Patches 1-3 upgrade the supported PolarSSL versions to 1.2.5 or newer.
Patch 4 adds data channel cipher name compatibil
From: Steffan Karger
Instead of logging the fact that an error occured, log the error code and
description (when available in the PolarSSL build).
Signed-off-by: Joachim Schipper
---
src/openvpn/ssl_polarssl.c |8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/o
From: Steffan Karger
Print the *flags argument, which - for PolarSSL-1.2 - contains the reasons that
the certificate failed (pre-)verification.
Signed-off-by: Joachim Schipper
---
src/openvpn/ssl_verify_polarssl.c |6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src
