API to get ciphersuite
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Oct 28 04:42:56 PDT 2014
On Tue, 2014-10-28 at 11:10 +0000, David Woodhouse wrote:
> On Mon, 2014-10-27 at 23:40 +0100, Nikos Mavrogiannopoulos wrote:
> > That should be fixed with the attached patch. I read also you comment in
> > openconnect.h, and I made both strings consistent based on the library
> > in use.
>
> Applied and pushed; thanks. I've now renamed the cstp_cipher field to
> gnutls_cstp_cipher alongside gnutls_dtls_cipher, since OpenSSL retusn a
> static string and doesn't need to cache/free it.
>
>
> > What remains in my list is to allow disabling the system trust. A
> > proposed API for that is attached.
>
> Looks sane enough. I prefer to avoid '== 0' in conditionals; would
> prefer to see 'if (!vpninfo->no_system_trust)' instead. And it needs
> exposing to Java along the same lines as commit de759ad5.
Updated. No idea whether the java part works.
regards,
Nikos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Added-openconnect_set_system_trust.patch
Type: text/x-patch
Size: 3655 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141028/271b9f3c/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Add-setSystemTrust-to-Java-bindings.patch
Type: text/x-patch
Size: 1691 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141028/271b9f3c/attachment-0003.bin>
More information about the openconnect-devel
mailing list