git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Emmanuel Deloget <logout@free.fr>
	Mon, 19 Jun 2017 15:35:13 +0000 (17:35 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 22 Jun 2017 18:16:33 +0000 (20:16 +0200)
commit	64b8a4ae9d7edb39f802d0d4cbdf9d46116f2461
tree	eb1764ffc817c6e2d653f6b12c334a77cc39da7a	tree
parent	aeac1139a34321a7f770ca20bfef886a21a89fe9	commit \| diff

OpenSSL: remove pre-1.1 function from the OpenSSL compat interface

HMAC_CTX_init() has been removed from OpenSSL 1.1. Both this function
and function HMAC_CTX_cleanup() has been replaced by HMAC_CTX_reset().

Commit aba98e9050eb54d72d921e70bcd422cb892b9c6c introduced support for
HMAC_CTX_init() for OpenSSL 1.1+ while other functions were mimicking
the OpenSSL 1.1 interface for earlier version. This is clearly not a
good idea -- a better approach would be to provide the new interface for
pre-1.1 versions in order to have the dependant code use only one
interface version. To implement that, we remove HMAC_CTX_init() from our
compatibility layer and implement HMAC_CTX_reset() in terms of a cleanup
followed by an init (as the regular HMAC_CTX_reset() function does in
OpenSSL 1.1. This change has a consequence on HMAC_CTX_free() which now
need to cleanup() the HMAC context before freeing it.

Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20170619153513.5420-1-logout@free.fr>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14889.html

Signed-off-by: Gert Doering <gert@greenie.muc.de>

configure.ac		diff \| blob \| blame \| history
src/openvpn/crypto_openssl.c		diff \| blob \| blame \| history
src/openvpn/openssl_compat.h		diff \| blob \| blame \| history