Am 25.09.18 um 16:31 schrieb David Sommerseth:
> On 25/09/18 14:48, Arne Schwabe wrote:
>> In my tests an OpenSSL 1.1.1 server does not accept TLS 1.0 only clients
>> anymore. Unfortunately, Debian 8 still has OpenVPN 2.3.4, which is
>> TLS 1.0 only without setting tls-version-min.
>>
>> We
On 25-09-18 14:48, Arne Schwabe wrote:
> + "If your client is 2.3.6 or older consider adding
> tls-version 1.1"
> + "to the the configuration to use TLS 1.1+ instead of TLS
> 1.0 only");
Don't you mean "adding tls-version-min 1.0 to the configuration to use
TLS
Grammar check by tincantech (my new role)
On 25/09/18 13:48, Arne Schwabe wrote:
In my tests an OpenSSL 1.1.1 server does not accept TLS 1.0 only clients
anymore. Unfortunately, Debian 8 still has OpenVPN 2.3.4, which is
TLS 1.0 only without setting tls-version-min.
We currently log only
On 25/09/18 14:48, Arne Schwabe wrote:
> In my tests an OpenSSL 1.1.1 server does not accept TLS 1.0 only clients
> anymore. Unfortunately, Debian 8 still has OpenVPN 2.3.4, which is
> TLS 1.0 only without setting tls-version-min.
>
> We currently log only
> OpenSSL: error:14209102:SSL
>
Acked-by: Gert Doering
"It does what it says on the lid" - do_init_tun() will allocate a new
struct tuntap, so if we have one beforehand, it needs free()ing.
I have not actively *tested* it, as I have no test rig for building
Android binaries - OTOH, if the one who gets all the blame for
In my tests an OpenSSL 1.1.1 server does not accept TLS 1.0 only clients
anymore. Unfortunately, Debian 8 still has OpenVPN 2.3.4, which is
TLS 1.0 only without setting tls-version-min.
We currently log only
OpenSSL: error:14209102:SSL
routines:tls_early_post_process_client_hello:unsupported
