Dear Devs,
what is the state of --compress migrate?
Thank you.
Am 18.06.24 um 12:52 schrieb Eike Lohmann:
Dear listusers,
on a flavor we have
- clients with comp-lzo in their local config and we have no access to
this clients. (can't change it)
- very old clients below 2.3 (no peer info)
- also "modern" clients of all versions 2.3.2 - 3.8.5
Our minimum Cipher is AES-256-CBC as fallback, when does AES-256-CBC
is supported by openvpn? It could reveal the minimum client version.
--allow-compression asym
can be set, but clients will still compress. Clients without, can't
connect.
--compress migrate
clients > 2.3 get pushed "stub-v2" all other "comp-lzo no".
What happens to clients wich does not support it? e.g. 2.2.x
This parameter is not documented in the reference manual, it is still
supported in 2.6 and how long it may be supported?
What could be the best way to operate it with a little attack surface
(voracle) but remaining compatibility for old clients?
Thanks for all information on this topic.
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
