git.ipfire.org Git - thirdparty/openvpn.git/commit

author	David Sommerseth <davids@openvpn.net>
	Thu, 4 May 2017 20:42:01 +0000 (22:42 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 18 May 2017 11:25:28 +0000 (13:25 +0200)
commit	5d5437710c282b1a60a892d1910160027a81db92
tree	f34f04857a680fb356eb7d384f98879ae76b3fd1	tree \| snapshot
parent	37b3409681ee04b7cb7c246a7fd701a883e582e2	commit \| diff

crypto: Enable SHA256 fingerprint checking in --verify-hash

This enhances --verify-hash with an optional algorithm flag. If not
provided, it defaults to SHA1 to preserve backwards compatbilitity with
existing configurations. The only valid flags are SHA1 and SHA256.

In addition enhance the layout of the --verify-hash section in the man
page.

Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20170504204201.1257-1-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14538.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 2193d7c08484d56ed07ba2e649abc2d08adcb245)

Changes.rst		diff \| blob \| blame \| history
doc/openvpn.8		diff \| blob \| blame \| history
src/openvpn/crypto_backend.h		diff \| blob \| blame \| history
src/openvpn/init.c		diff \| blob \| blame \| history
src/openvpn/options.c		diff \| blob \| blame \| history
src/openvpn/options.h		diff \| blob \| blame \| history
src/openvpn/ssl_common.h		diff \| blob \| blame \| history
src/openvpn/ssl_verify.c		diff \| blob \| blame \| history