Hi Adriaan, I only found a minor nit:
2012/2/28 Adriaan de Jong <dej...@fox-it.com>: > --- a/ssl.c > +++ b/ssl.c > @@ -385,6 +385,11 @@ init_ssl (const struct options *options, struct > tls_root_ctx *new_ctx) > tls_ctx_restrict_ciphers(new_ctx, options->cipher_list); > } > > +#ifdef USE_POLARSSL > + /* Fox-IT hardening: Personalise the random by mixing in the certificate */ > + tls_ctx_personalise_random (new_ctx); > +#endif Unless it's intentional, the "Fox-IT hardening" string is probably from an earlier, internal iteration? The rest looks fine AFAICT. :) Cheers Fabian
