diff options
author | Parménides GV <parmegv@sdf.org> | 2015-02-14 11:48:37 +0100 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2015-02-14 11:48:37 +0100 |
commit | c198dbd9dd583d980ae7e70118f67d09bed8de55 (patch) | |
tree | c2863f28134af00f26299c97bb6a81ed0aa4ed96 /app/openvpn/src/openvpn/ssl.c | |
parent | 9d346be65e6808710b9e814d2899e5888984b4ab (diff) | |
parent | 4028c100a59c45913cb569c4967faaddc090b1f9 (diff) |
Merge branch 'develop'0.9.2
Diffstat (limited to 'app/openvpn/src/openvpn/ssl.c')
-rw-r--r-- | app/openvpn/src/openvpn/ssl.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/app/openvpn/src/openvpn/ssl.c b/app/openvpn/src/openvpn/ssl.c index cdc8eb19..80293efd 100644 --- a/app/openvpn/src/openvpn/ssl.c +++ b/app/openvpn/src/openvpn/ssl.c @@ -43,7 +43,7 @@ #include "syshead.h" -#if defined(ENABLE_CRYPTO) && defined(ENABLE_SSL) +#if defined(ENABLE_CRYPTO) #include "error.h" #include "common.h" @@ -242,6 +242,7 @@ static const tls_cipher_name_pair tls_cipher_name_translation_table[] = { {"EDH", "EDH"}, {"EXP", "EXP"}, {"RSA", "RSA"}, + {"kRSA", "kRSA"}, {"SRP", "SRP"}, #endif {NULL, NULL} @@ -263,16 +264,14 @@ tls_get_cipher_name_pair (const char * cipher_name, size_t len) { return NULL; } -/* - * Max number of bytes we will add - * for data structures common to both - * data and control channel packets. - * (opcode only). +/** + * Max number of bytes we will add for data structures common to both data and + * control channel packets (1 byte opcode + 3 bytes peer-id). */ void tls_adjust_frame_parameters(struct frame *frame) { - frame_add_to_extra_frame (frame, 1); /* space for opcode */ + frame_add_to_extra_frame (frame, 1 + 3); /* space for opcode + peer-id */ } /* @@ -483,7 +482,10 @@ init_ssl (const struct options *options, struct tls_root_ctx *new_ctx) if (options->tls_server) { tls_ctx_server_new(new_ctx); - tls_ctx_load_dh_params(new_ctx, options->dh_file, options->dh_file_inline); + + if (options->dh_file) + tls_ctx_load_dh_params(new_ctx, options->dh_file, + options->dh_file_inline); } else /* if client */ { @@ -3625,4 +3627,4 @@ done: #else static void dummy(void) {} -#endif /* ENABLE_CRYPTO && ENABLE_SSL*/ +#endif /* ENABLE_CRYPTO */ |