On Mon, 2014-10-27 at 17:09 +0100, Nikos Mavrogiannopoulos wrote: > On Mon, Oct 27, 2014 at 1:51 PM, David Woodhouse <dwmw2 at infradead.org> wrote: > > On Mon, 2014-10-27 at 10:49 +0100, Nikos Mavrogiannopoulos wrote: > >> Hello, > >> As it is now, a program using libopenconnect cannot get the > >> ciphersuite in use in a session. This patch adds that API. > > > > You have a habit of sending me patches which give me more work to do :) > > > > Admittedly, I know I do the same to you, but you definitely won that > > game by sending me a patch to make it *build* on Win32 without actually > > doing anything useful, then letting my OCD kick in and figure out the > > TAP-Windows driver and other issues :) > :) I should add for completeness here, that if you had not kicked in and expected me to fix the remaining issues, we wouldn't have the windows client today. When I sent the patch I didn't even have access to windows; everything was done under mingw. > > One remaining issue: can the cipher change on a rehandshake? If so, your > > cached vpninfo->cstp_cipher string might get out of date, and it needs > > to be freed and set to NULL on a renegotiate too. > Yes, it could change. I'll check to it tomorrow. That should be fixed with the attached patch. I read also you comment in openconnect.h, and I made both strings consistent based on the library in use. What remains in my list is to allow disabling the system trust. A proposed API for that is attached. regards, Nikos -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Make-the-cipher-strings-consistent-based-on-which-li.patch Type: text/x-patch Size: 5670 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141027/870254c8/attachment.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Added-openconnect_set_system_trust.patch Type: text/x-patch Size: 3659 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141027/870254c8/attachment-0001.bin>
