Commit 69793ae0 authored by Piotr Kubaj's avatar Piotr Kubaj Committed by David Woodhouse

Fix build with LibreSSL 2.5.1 and higher.

We don't actually care if we use the read or write state; we're only
calculating the cipher/protocol overheads which are the same in both
directions.

In LibreSSL they were all removed in
https://github.com/libressl-portable/openbsd/commit/122ecd906da7
and the read side was restored in
https://github.com/libressl-portable/openbsd/commit/0d7a7d5f5a44
so just use that.
Signed-off-by: default avatarPiotr Kubaj <pkubaj@anongoth.pl>
Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
parent 539e3ee7
......@@ -100,8 +100,8 @@ static int dtls_get_data_mtu(struct openconnect_info *vpninfo, int mtu)
}
#else
/* OpenSSL <= 1.0.2 only supports CBC ciphers with PSK */
ivlen = EVP_CIPHER_iv_length(EVP_CIPHER_CTX_cipher(vpninfo->dtls_ssl->enc_write_ctx));
maclen = EVP_MD_CTX_size(vpninfo->dtls_ssl->write_hash);
ivlen = EVP_CIPHER_iv_length(EVP_CIPHER_CTX_cipher(vpninfo->dtls_ssl->enc_read_ctx));
maclen = EVP_MD_CTX_size(vpninfo->dtls_ssl->read_hash);
blocksize = ivlen;
pad = 1;
#endif
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment