On Wed, May 18, 2022 at 07:42:04 -0000, Simon Chopin wrote: > I'm guessing there are some SSL certificates involved? If so, this issue
Tinc uses openssl's implementations of specific alogorithms, but does not use either TLS or SSL certificates. (So I don't think the Tinc situation is covered by the existing OpenSSL 3.0 section of the Release Notes document.) The Xenial version of Tinc uses the Blowfish algorithm for the metadata connection, which openssl3 does move to the legacy provider -- but even though enabling the legacy provider on the Jammy node allows the connenction setup to get further along, it's not sufficient to get a working connection -- the libssl3 transition seems to have affected some other aspect of the connection as well... -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1972939 Title: Jammy tinc incompatibile with older (e.g. Xenial) tinc nodes Status in Release Notes for Ubuntu: New Status in openssl package in Ubuntu: New Status in tinc package in Ubuntu: New Bug description: The tinc included in Jammy (1.0.36-2build1 linked with libssl3) cannot connect to tinc nodes running e.g. tinc from Xenial (1.0.26-1). (Tinc from Impish, which is also v1.0.36-2 but is linked to libssl1.1, can connect to these nodes without problems.) The symptom is a log message (on the system running Jammy) during the metadata channel negotiation (with debug level set to 5): Error during initialisation of cipher from tinc_xenial [...] error:0308010C:digital envelope routines::unsupported To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/1972939/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp