Re: [Openvpn-devel] [PATCH] PolarSSL 1.3

2014-04-21 Thread Steffan Karger
Hi, On 21-04-14 11:04, Gert Doering wrote: > When test-building, it seems that there is a patch missing to the plugin > API bits... Ah, right, I usually compile polar builds without the plugin api. Attached a patch that should fix this. It compiles and passes client_t tests, but I don't have plu

Re: [Openvpn-devel] [PATCH] PolarSSL 1.3

2014-04-21 Thread Gert Doering
Hi, On Sat, Apr 19, 2014 at 04:33:39PM +0200, Steffan Karger wrote: > Ouch, James was totally right. This would always be true, but should > always be *false* for reasonable input; the check has to be the other > way around. Attached the same two patches, except for that single > character... Mer

Re: [Openvpn-devel] [PATCH] PolarSSL 1.3

2014-04-21 Thread James Yonan
On 19/04/2014 08:33, Steffan Karger wrote: Hi, On 04/18/2014 02:49 PM, Steffan Karger wrote: On 04/17/2014 09:41 PM, James Yonan wrote: I'm not sure I understand the (SIZE_MAX - hashlen) > asn_len part. Wouldn't this always be true for reasonable values of hashlen and asn_len? This should in

Re: [Openvpn-devel] [PATCH] PolarSSL 1.3

2014-04-19 Thread Steffan Karger
Hi, On 04/18/2014 02:49 PM, Steffan Karger wrote: > On 04/17/2014 09:41 PM, James Yonan wrote: >> I'm not sure I understand the (SIZE_MAX - hashlen) > asn_len part. >> Wouldn't this always be true for reasonable values of hashlen and asn_len? > > This should indeed always be true for reasonable

Re: [Openvpn-devel] [PATCH] PolarSSL 1.3

2014-04-18 Thread Steffan Karger
Hi James, On 04/17/2014 09:41 PM, James Yonan wrote: > On 27/02/2014 12:40, steffan.kar...@fox-it.com wrote: >> The attached patches add support for PolarSSL 1.3. These patches are for >> master only, as they drop support for PolarSSL 1.2. Supporting both versions >> would require a lot of #ifdef'

Re: [Openvpn-devel] [PATCH] PolarSSL 1.3

2014-04-17 Thread James Yonan
On 27/02/2014 12:40, steffan.kar...@fox-it.com wrote: Hi, The attached patches add support for PolarSSL 1.3. These patches are for master only, as they drop support for PolarSSL 1.2. Supporting both versions would require a lot of #ifdef's, so I opted for dropping 1.2. Along with PolarSSL 1.3 c

[Openvpn-devel] [PATCH] PolarSSL 1.3

2014-02-27 Thread steffan.karger
Hi, The attached patches add support for PolarSSL 1.3. These patches are for master only, as they drop support for PolarSSL 1.2. Supporting both versions would require a lot of #ifdef's, so I opted for dropping 1.2. Along with PolarSSL 1.3 comes support for AES-NI and elliptic curve crypto. Polar