Only fields known to OpenSSL have a NID. OBJ_txt2obj allows specifying
fields by numeric OID.
Signed-off-by: Hristo Venev
---
src/openvpn/ssl_verify_openssl.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/ssl_verify_openssl.c b/src/openvpn/ssl_veri
On 03/05/17 22:15, Steffan Karger wrote:
>> +switch (opt->verify_hash_algo)
>> +{
>> +case MD_SHA1:
>> +ca_hash = x509_get_sha1_fingerprint(cert, &gc);
>> +break;
>> +
>> +case MD_SHA256:
>> +ca_hash = x509_get_sha256_fingerprint(c
On 03-05-17 22:15, Steffan Karger wrote:
> On 26-04-17 18:00, David Sommerseth wrote:
>> In addition it moves the hash verification away from memcmp() to
>> memcmp_constant_time(). And slightly it enhances the layout of the
>> --verify-hash section in the man page.
>
> Hashes are public, so ther
Hi,
On 26-04-17 18:00, David Sommerseth wrote:
> This enhances --verify-hash with an optional algorithm flag. If not
> provided, it defaults to SHA1 to preserve backwards compatbilitity with
> existing configurations. The only valid flags are SHA1 and SHA256.
Feature-ACK.
> In addition it move
Hi,
On 26-04-17 10:13, Ilya Shipitsin wrote:
> Inspired by
> https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13032.html
> build options are taken from regular windows installer builds
>
> Signed-off-by: Ilya Shipitsin
> ---
> v2: moved download/build dependencies into functi
