[Openvpn-devel] [PATCH applied] Re: Add --tls-cert-profile option for mbedtls builds

Gert Doering Sun, 19 Nov 2017 12:39:06 -0800

.. of course this conflicts with o->renegotiate_seconds_min...

Nevertheless, thanks for the patch :-) - it makes my FreeBSD 10.3 
(mbedTLS 2.6) buildslave now happy again (on the default settings - with
--tls-cert-profile preferred, it refuses the old-hash cert, as it should).


Also tested with openssl 1.0.1, where it warns and does nothing, as
expected.  Good :-)

Commit subject amended according to Antonio's comment.

Your patch has been applied to the master and release/2.4 branch.

commit aba758740d26224b7b3957df221def7ab80c5802 (master)
commit 8bcabf0a1621e6ccc7a44465a73de29fd2d541b3 (release/2.4)
Author: Steffan Karger
Date:   Sun Nov 12 17:36:36 2017 +0100

     Add --tls-cert-profile option.

     Signed-off-by: Steffan Karger <steffan.kar...@fox-it.com>
     Acked-by: Antonio Quartulli <anto...@openvpn.net>
     Message-Id: <20171112163636.17434-1-stef...@karger.me>
     URL: 
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15848.html
     Signed-off-by: Gert Doering <g...@greenie.muc.de>


--
kind regards,

Gert Doering


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH applied] Re: Add --tls-cert-profile option for mbedtls builds

Reply via email to