diff options
author | Steffan Karger <steffan.karger@fox-it.com> | 2014-02-04 13:57:15 +0100 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2014-04-21 10:50:04 +0200 |
commit | 03df3a990f71b3d02653eba364ac89f8400611c3 (patch) | |
tree | 16dc51e3e6a862db12be622eafdc414f32757fd6 /src/openvpn/crypto_polarssl.c | |
parent | 1ec984b154aa3247ef58c9d44e7e477880b632b1 (diff) | |
download | openvpn-03df3a990f71b3d02653eba364ac89f8400611c3.tar.gz openvpn-03df3a990f71b3d02653eba364ac89f8400611c3.tar.xz openvpn-03df3a990f71b3d02653eba364ac89f8400611c3.zip |
Upgrade to PolarSSL 1.3
This removes support for PolarSSL 1.2. The mimimum version of PolarSSL
required is now 1.3.3. The upgrade brings OpenVPN-with-PolarSSL:
* Support for EC-crypto in TLS (but not yet for external
pkcs11/management keys)
* Support for AES-NI (if PolarSSL is compiled with AES-NI support)
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Message-Id: <53528943.3090205@fox-it.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8555
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/crypto_polarssl.c')
-rw-r--r-- | src/openvpn/crypto_polarssl.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/openvpn/crypto_polarssl.c b/src/openvpn/crypto_polarssl.c index 1f27d6c..7dc8aa5 100644 --- a/src/openvpn/crypto_polarssl.c +++ b/src/openvpn/crypto_polarssl.c @@ -466,7 +466,12 @@ int cipher_ctx_mode (const cipher_context_t *ctx) int cipher_ctx_reset (cipher_context_t *ctx, uint8_t *iv_buf) { - return 0 == cipher_reset(ctx, iv_buf); + int retval = cipher_reset(ctx); + + if (0 == retval) + retval = cipher_set_iv(ctx, iv_buf, ctx->cipher_info->iv_size); + + return 0 == retval; } int cipher_ctx_update (cipher_context_t *ctx, uint8_t *dst, int *dst_len, |