Your patch has been applied to the master branch.
commit dd8d32e1e1da90b441fb25e62a8aa0e68428f601
Author: Steffan Karger
List-Post: openvpn-devel@lists.sourceforge.net
Date: Wed Jan 6 21:03:59 2016 +0100
polarssl: optimize polar_ok() for non-errors
Signed-off-by: Steffan Karger
Hi,
On Thu, Jan 07, 2016 at 09:13:02AM +0100, Gert Doering wrote:
> Your patch has been applied to the master branch.
>
> commit dd8d32e1e1da90b441fb25e62a8aa0e68428f601
> Author: Steffan Karger
> Date: Wed Jan 6 21:03:59 2016 +0100
>
> polarssl: optimize polar_ok() for non-errors
Actual
ACK. Tested, does what it says on the tin.
Your patch has been applied to the master branch (and I expect it to show
up in 2.3 as part of the "polarssl logging improvements 1/2 v2").
commit aa416be9500441313c703ad7cb848c289378bbd3 (master)
Author: Steffan Karger
List-Post: openvpn-devel@lists.s
From: Steffan Karger
Adding polar_ok() was a good plan for improving error reporting, but also
added two function calls (one to polar_log_func_line() and one to
polar_log_err()) for each function call wrapped with polar_ok().
Especially in the critical path, this is a waste of time.
To avoid thi
ACK. It made sense for master, got quite a bit of testing by now, and
trac #646 clearly demonstrates we want it in 2.3 as well.
Your patch has been applied to the release/2.3 branch.
commit 8e95e2091397283d3fa64507a0e444fdc4359d57
Author: Steffan Karger
List-Post: openvpn-devel@lists.sourceforge
ACK. Slightly more work for the compiler, but supposedly they are smarter
these days :-) - and actually slightly easier to read than v1.
Your patch has been applied to the master branch.
commit 3a39bf7dfe5a57fe8bc43c073b2a009bb6994e78
Author: Steffan Karger
List-Post: openvpn-devel@lists.sourcef
From: Steffan Karger
Add the functions polar_log_err(), polar_log_func_line() and a macro
polar_ok(), to easily log human-readable PolarSSL errors from
polarssl-specific code.
This does not provide the full logging interface as msg(), because I
would have to add a lot more of macro-magic to achi
ACK, same arguments as for the openssl patch.
Thanks for working all these patches into one big one for 2.3 - less work,
and the history makes still clear where the stuff is coming from and who
originally accepted it.
Your patch has been applied to the release/2.3 branch.
commit a9226fbdd90ac378
As reported in trac ticket #646, OpenSSL might also need /dev/urandom to
be available in the chroot. This depends on OS, OS version and ssl library
configuration. Update the manpage to better explain this.
Signed-off-by: Steffan Karger
---
doc/openvpn.8 | 13 +
1 file changed, 5 in
The md_info_t will become an opaque struct in mbed TLS 2.x, start using
the wrapper function in preparation to a future upgrade to 2.x.
Signed-off-by: Steffan Karger
---
src/openvpn/crypto_polarssl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/openvpn/crypto_pol
As of 1.3.0, polarssl/mbedtls now by default uses a 128 bit key for the
blowfish cipher (as opposed to the 32-bit (!) default they had previously).
Since we require polar 1.3+, we no longer need this fixup code.
Signed-off-by: Steffan Karger
---
src/openvpn/crypto_polarssl.c | 2 --
1 file chang
Hello,
I believe I have successfully compiled openvpn on debian , using static openssl
library containing the FIPS compliance module.
However, I have followed this instruction found online:
"Now you should have a FIPS capable OpenSSL (NOTE: OpenSSL itself is not FIPS
validated, only FIPS cap
12 matches
Mail list logo
