diff options
author | Adriaan de Jong <dejong@fox-it.com> | 2011-10-16 15:56:31 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2011-10-22 18:21:13 +0200 |
commit | eaacf8d8f289fefa9a64b85e72552f949d4c28c6 (patch) | |
tree | 9a3a077f7f955ac35040796313ae0df2530c6784 | |
parent | 0e282134d58b15c8fd21defb22c963e96b0d5372 (diff) | |
download | openvpn-eaacf8d8f289fefa9a64b85e72552f949d4c28c6.tar.gz openvpn-eaacf8d8f289fefa9a64b85e72552f949d4c28c6.tar.xz openvpn-eaacf8d8f289fefa9a64b85e72552f949d4c28c6.zip |
Moved to PolarSSL 1.0.0:
- Reversed des_key_check_weak output check, as the library changed this
- Changed POLARSSL_MODE_CFB to POLARSSL_MODE_CFB128
- Changed the bio write function to accept const input
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
-rw-r--r-- | crypto_polarssl.c | 2 | ||||
-rw-r--r-- | crypto_polarssl.h | 2 | ||||
-rw-r--r-- | ssl_polarssl.c | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/crypto_polarssl.c b/crypto_polarssl.c index e4b9099..7ae8973 100644 --- a/crypto_polarssl.c +++ b/crypto_polarssl.c @@ -216,7 +216,7 @@ key_des_check (uint8_t *key, int key_len, int ndc) msg (D_CRYPT_ERRORS, "CRYPTO INFO: check_key_DES: insufficient key material"); goto err; } - if (0 == des_key_check_weak(key)) + if (0 != des_key_check_weak(key)) { msg (D_CRYPT_ERRORS, "CRYPTO INFO: check_key_DES: weak key detected"); goto err; diff --git a/crypto_polarssl.h b/crypto_polarssl.h index 0224917..3ac2c96 100644 --- a/crypto_polarssl.h +++ b/crypto_polarssl.h @@ -58,7 +58,7 @@ typedef md_context_t hmac_ctx_t; #define OPENVPN_MODE_OFB POLARSSL_MODE_OFB /** Cipher is in CFB mode */ -#define OPENVPN_MODE_CFB POLARSSL_MODE_CFB +#define OPENVPN_MODE_CFB POLARSSL_MODE_CFB128 /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT POLARSSL_ENCRYPT diff --git a/ssl_polarssl.c b/ssl_polarssl.c index e6a966a..c95c0c0 100644 --- a/ssl_polarssl.c +++ b/ssl_polarssl.c @@ -453,7 +453,7 @@ static int endless_buf_read( void * ctx, unsigned char * out, size_t out_len ) return read_len; } -static int endless_buf_write( void *ctx, unsigned char *in, size_t len ) +static int endless_buf_write( void *ctx, const unsigned char *in, size_t len ) { endless_buffer *out = (endless_buffer *) ctx; buffer_entry *new_block = malloc(sizeof(buffer_entry)); |