Patch has been applied to the master and release/2.3 branches.
commit 70f1864188ad00451683cabf51e56b7730250c40 (master)
commit 45f5a0a87870809ee453695ff0167b3754f0431e (release/2.3)
Author: Gert Doering
List-Post: openvpn-devel@lists.sourceforge.net
Date: Fri Jun 6 20:43:55 2014 +0200
Dro
Hi,
OFB and CFB cipher modes have been broken for a long time, see trac ticket #89
(https://community.openvpn.net/openvpn/ticket/89). Commit be46a2c enables
support for OFB and CFB again, but leaves some minor problems around. The
following patches resolve the remaining issues.
Patches 1-3 fix so
Makes OFB/CFB compile time configurable, and fixes output of --show-ciphers
to also show OFB/CFB ciphers along the way (becasue crypto.h was not
included from crypto_openssl.c).
Signed-off-by: Steffan Karger
---
configure.ac | 8
src/openvpn/crypto.c | 2 +-
src/
OpenSSL has added AEAD-CBC mode ciphers like AES-128-CBC-HMAC-SHA1, which
have mode EVP_CIPH_CBC_MODE, but require a different API (the AEAD API).
So, add extra checks to filter out those AEAD-mode ciphers.
Adding these made the crypto library agnostic function cfb_ofb_mode()
superfuous, so remove
Also remove the bulky warning from init_key_type() and add the information
to the --show-ciphers output.
Signed-off-by: Steffan Karger
---
src/openvpn/crypto.c | 4
src/openvpn/crypto_openssl.c | 19 +--
2 files changed, 13 insertions(+), 10 deletions(-)
diff --git
... instead of just BF-CBC. Should catch more mistakes.
Signed-off-by: Steffan Karger
---
tests/t_lpback.sh | 30 ++
1 file changed, 26 insertions(+), 4 deletions(-)
diff --git a/tests/t_lpback.sh b/tests/t_lpback.sh
index 40767a1..c224797 100755
--- a/tests/t_lpback
