diff options
author | Steffan Karger | 2016-03-05 17:08:22 +0100 |
---|---|---|
committer | Gert Doering | 2016-04-28 13:54:52 +0200 |
commit | fab49d17d36053189cf504d57e53a8b0cb907f6f (patch) | |
tree | eb0e289871b5566470b253ee2162da549c0ffc9a /src/openvpn/syshead.h | |
parent | dd2fbc26eb7b32325793ae3f7d215f46e881e68c (diff) | |
download | openvpn-fab49d17d36053189cf504d57e53a8b0cb907f6f.zip openvpn-fab49d17d36053189cf504d57e53a8b0cb907f6f.tar.gz |
Implemented x509-track for PolarSSL.
This patch is a variant of the patch to implement x509-track for
PolarSSL that was sent to openvpn-devel@ by James Yonan
(<1456993146-63968-7-git-send-email-james@openvpn.net>). It still uses
some of the original code from James, but proposes a different
implementation.
This patch does the following things differently:
* Do not introduce NID_* defines that need to be maintained. Instead,
just use the short name of the attribute for identification. This
has the advantage that we automatically support everything that
PolarSSL supports, it is less code and we do not have maintain the
list. But the disadvantage is that this approach will not error out
when an unknown attribute name is supplied. PolarSSL (at least 1.3,
I didn't check 2.x) does not provide the functions required to do
that. Instead of erroring out, this implementation will just
silently ignore the unknown --x509-track attribute name.
* Remove the ENABLE_X509_TRACK define completely - it depended just on
ENABLE_CRYPTO anyway.
* Move the --x509-track option parsing out of ENABLE_MANAGEMENT, since
it does not depend on management functionality.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <CAA1AbxL1w8e_o-GjS2jETZWxYdMbS2iKABPc6OZBA8bOVycjtA@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11350
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/syshead.h')
-rw-r--r-- | src/openvpn/syshead.h | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index 7e77b6c..1c9248f 100644 --- a/src/openvpn/syshead.h +++ b/src/openvpn/syshead.h @@ -632,13 +632,6 @@ socket_defined (const socket_descriptor_t sd) #endif /* - * Enable x509-track feature? - */ -#if defined(ENABLE_CRYPTO) && defined (ENABLE_CRYPTO_OPENSSL) -#define ENABLE_X509_TRACK -#endif - -/* * Is poll available on this platform? */ #if defined(HAVE_POLL) && defined(HAVE_SYS_POLL_H) |