Am 28.09.16 um 13:08 schrieb Steffan Karger:
> Fixes compiler warnings (undefined behavior) by making the copy explicit
> to comply to strict aliasing rules. With newer GCC the old code could
> actually lead to undefined behaviour.
>
I always considered this to be legal C. But if the spec says o
On 28/09/16 13:08, Steffan Karger wrote:
> Fixes compiler warnings (undefined behavior) by making the copy explicit
> to comply to strict aliasing rules. With newer GCC the old code could
> actually lead to undefined behaviour.
>
> See e.g. http://blog.regehr.org/archives/959.
Hmm ... This is an
Hello OpenVPN community,
this is my first contribution (attempt) to the OpenVPN project.
Please be gentle ;)
With this small patchset I am introducing a simple logic that
reduces the overall client connection time when the CRL file is quite big.
Basically it consists in pre-loading the CRL file
Implement the functions needed by the crl-persist logic and
used by the ssl_verify module.
No special data structure has been used to store the CRL as
mbedtls already provides its own object and helper functions.
Tests have been performed by using a CRL file having size 143MB.
Original delay upon
Right now the CRL file is parsed and loaded in memory upon every client
connection. In case of large CRL files this operation introduces a
non-negligible delay (order of seconds).
Some users may prefer to avoid such delay by storing the CRL file in
memory and have it ready for lookup upon client c
Implement the functions needed by the crl-persist logic when openssl
is enabled. Such functions are used in the ssl_verify module.
Note that the CRL file is stored in an adhoc data structure and no
openssl specific object is used. The data structure being used is a
sorted array or serials that can
