summaryrefslogtreecommitdiffstats
path: root/src/openvpn/crypto_polarssl.c
diff options
context:
space:
mode:
authorSteffan Karger <steffan.karger@fox-it.com>2014-02-04 13:57:15 +0100
committerGert Doering <gert@greenie.muc.de>2014-04-21 10:50:04 +0200
commit03df3a990f71b3d02653eba364ac89f8400611c3 (patch)
tree16dc51e3e6a862db12be622eafdc414f32757fd6 /src/openvpn/crypto_polarssl.c
parent1ec984b154aa3247ef58c9d44e7e477880b632b1 (diff)
downloadopenvpn-03df3a990f71b3d02653eba364ac89f8400611c3.tar.gz
openvpn-03df3a990f71b3d02653eba364ac89f8400611c3.tar.xz
openvpn-03df3a990f71b3d02653eba364ac89f8400611c3.zip
Upgrade to PolarSSL 1.3
This removes support for PolarSSL 1.2. The mimimum version of PolarSSL required is now 1.3.3. The upgrade brings OpenVPN-with-PolarSSL: * Support for EC-crypto in TLS (but not yet for external pkcs11/management keys) * Support for AES-NI (if PolarSSL is compiled with AES-NI support) Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: James Yonan <james@openvpn.net> Message-Id: <53528943.3090205@fox-it.com> URL: http://article.gmane.org/gmane.network.openvpn.devel/8555 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/crypto_polarssl.c')
-rw-r--r--src/openvpn/crypto_polarssl.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/openvpn/crypto_polarssl.c b/src/openvpn/crypto_polarssl.c
index 1f27d6c..7dc8aa5 100644
--- a/src/openvpn/crypto_polarssl.c
+++ b/src/openvpn/crypto_polarssl.c
@@ -466,7 +466,12 @@ int cipher_ctx_mode (const cipher_context_t *ctx)
int cipher_ctx_reset (cipher_context_t *ctx, uint8_t *iv_buf)
{
- return 0 == cipher_reset(ctx, iv_buf);
+ int retval = cipher_reset(ctx);
+
+ if (0 == retval)
+ retval = cipher_set_iv(ctx, iv_buf, ctx->cipher_info->iv_size);
+
+ return 0 == retval;
}
int cipher_ctx_update (cipher_context_t *ctx, uint8_t *dst, int *dst_len,
generated by cgit (git 2.34.1) at 2024-09-21 00:56:55 +0000