API to get ciphersuite

David Woodhouse dwmw2 at infradead.org
Tue Oct 28 09:32:33 PDT 2014 

On Mon, 2014-10-27 at 23:40 +0100, Nikos Mavrogiannopoulos wrote:
> On Mon, 2014-10-27 at 17:09 +0100, Nikos Mavrogiannopoulos wrote:
> > On Mon, Oct 27, 2014 at 1:51 PM, David Woodhouse <dwmw2 at infradead.org> wrote:
> > > On Mon, 2014-10-27 at 10:49 +0100, Nikos Mavrogiannopoulos wrote:
> > >> Hello,
> > >>  As it is now, a program using libopenconnect cannot get the
> > >> ciphersuite in use in a session. This patch adds that API.
> > >
> > > You have a habit of sending me patches which give me more work to do :)
> > >
> > > Admittedly, I know I do the same to you, but you definitely won that
> > > game by sending me a patch to make it *build* on Win32 without actually
> > > doing anything useful, then letting my OCD kick in and figure out the
> > > TAP-Windows driver and other issues :)
> > :)
> 
> I should add for completeness here, that if you had not kicked in and
> expected me to fix the remaining issues, we wouldn't have the windows
> client today. When I sent the patch I didn't even have access to
> windows; everything was done under mingw.

What else are we missing here, btw?

I'm in the process of pushing out a patch which makes it use
FormatMessage() instead of printing hex error numbers. That's working
under Wine but I want to give it a try under real Windows with real
errors instead of just synthesised calls to
openconnect__win32_strerror().

I have certificates in my Windows certificate store — are we able to use
those yet? Do we need http://thewalter.net/git/cgit.cgi/p11-capi/ to
make that work?

We also need to sort out the MTU configuration issues. I don't think we
*can* set the MTU under old versions of Windows but from Windows 7 or so
we should be able to. OpenVPN just *queries* the driver and then uses
that MTU, AFAICT. Which is kind of horrid. But hey, Windows is.

-- 
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141028/5e124cb0/attachment-0001.bin>

More information about the openconnect-devel mailing list