From: Adriaan de Jong Date: Sun, 16 Oct 2011 13:56:31 +0000 (+0200) Subject: Moved to PolarSSL 1.0.0: X-Git-Tag: v2.3-alpha1~77 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eaacf8d8f289fefa9a64b85e72552f949d4c28c6;p=thirdparty%2Fopenvpn.git Moved to PolarSSL 1.0.0: - Reversed des_key_check_weak output check, as the library changed this - Changed POLARSSL_MODE_CFB to POLARSSL_MODE_CFB128 - Changed the bio write function to accept const input Signed-off-by: Adriaan de Jong Acked-by: David Sommerseth Signed-off-by: David Sommerseth --- diff --git a/crypto_polarssl.c b/crypto_polarssl.c index e4b909990..7ae897304 100644 --- a/crypto_polarssl.c +++ b/crypto_polarssl.c @@ -216,7 +216,7 @@ key_des_check (uint8_t *key, int key_len, int ndc) msg (D_CRYPT_ERRORS, "CRYPTO INFO: check_key_DES: insufficient key material"); goto err; } - if (0 == des_key_check_weak(key)) + if (0 != des_key_check_weak(key)) { msg (D_CRYPT_ERRORS, "CRYPTO INFO: check_key_DES: weak key detected"); goto err; diff --git a/crypto_polarssl.h b/crypto_polarssl.h index 022491716..3ac2c96e8 100644 --- a/crypto_polarssl.h +++ b/crypto_polarssl.h @@ -58,7 +58,7 @@ typedef md_context_t hmac_ctx_t; #define OPENVPN_MODE_OFB POLARSSL_MODE_OFB /** Cipher is in CFB mode */ -#define OPENVPN_MODE_CFB POLARSSL_MODE_CFB +#define OPENVPN_MODE_CFB POLARSSL_MODE_CFB128 /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT POLARSSL_ENCRYPT diff --git a/ssl_polarssl.c b/ssl_polarssl.c index e6a966aa4..c95c0c022 100644 --- a/ssl_polarssl.c +++ b/ssl_polarssl.c @@ -453,7 +453,7 @@ static int endless_buf_read( void * ctx, unsigned char * out, size_t out_len ) return read_len; } -static int endless_buf_write( void *ctx, unsigned char *in, size_t len ) +static int endless_buf_write( void *ctx, const unsigned char *in, size_t len ) { endless_buffer *out = (endless_buffer *) ctx; buffer_entry *new_block = malloc(sizeof(buffer_entry));