git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Fri, 3 Jun 2022 09:52:19 +0000 (11:52 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 9 Jun 2022 10:03:58 +0000 (12:03 +0200)
commit	cf5864f5922e4f40357d9f75a35cd448e671dddf
tree	41876d4396c59d151881236fe8d3815a6cf28599	tree
parent	400da02714abd36218954c988a2ef81dade0b59d	commit \| diff

Allow running a default configuration with TLS libraries without BF-CBC

Modern TLS libraries might drop Blowfish by default or distributions
might disable Blowfish in OpenSSL/mbed TLS. We still signal OCC
options with BF-CBC compatible strings. To avoid requiring BF-CBC
for this, special this one usage of BF-CBC enough to avoid a hard
requirement on Blowfish in the default configuration.

This patch is cherry-picked from 79ff3f79 and the missing
ciphername = "none"; has been added in the OCC code.

Due to uncrustify complains, a few extra whitespace fixes had to be
done to options.c.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220603095219.637361-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24456.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/crypto_backend.h		diff \| blob \| blame \| history
src/openvpn/init.c		diff \| blob \| blame \| history
src/openvpn/options.c		diff \| blob \| blame \| history