Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fix build with LibreSSL 2.5.1 and higher.
We don't actually care if we use the read or write state; we're only
calculating the cipher/protocol overheads which are the same in both
directions.

In LibreSSL they were all removed in
libressl/openbsd@122ecd906da7
and the read side was restored in
libressl/openbsd@0d7a7d5f5a44
so just use that.

Signed-off-by: Piotr Kubaj <pkubaj@anongoth.pl>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
  • Loading branch information
pkubaj authored and dwmw2 committed May 12, 2017
1 parent 539e3ee commit 69793ae
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions openssl-dtls.c
Expand Up @@ -100,8 +100,8 @@ static int dtls_get_data_mtu(struct openconnect_info *vpninfo, int mtu)
}
#else
/* OpenSSL <= 1.0.2 only supports CBC ciphers with PSK */
ivlen = EVP_CIPHER_iv_length(EVP_CIPHER_CTX_cipher(vpninfo->dtls_ssl->enc_write_ctx));
maclen = EVP_MD_CTX_size(vpninfo->dtls_ssl->write_hash);
ivlen = EVP_CIPHER_iv_length(EVP_CIPHER_CTX_cipher(vpninfo->dtls_ssl->enc_read_ctx));
maclen = EVP_MD_CTX_size(vpninfo->dtls_ssl->read_hash);
blocksize = ivlen;
pad = 1;
#endif
Expand Down

0 comments on commit 69793ae

Please sign in to comment.