> > > Apart from the wrong cipher type that Max pointed out, this call will > fail in OpenSSL 3.0 unless legacy is loaded, right? Causing a run-time > error in that case sounds good to me but a helpful error message like > legacy provider may be required or even a check whether legacy is loaded > and error out appropriately would be helpful. > > PS: can't we just get rid of the use of DES altogether? >
As Gert pointed out that NTLM depends on it. We can trick a bit here with DES-EDE and three times the same key but yes it should have a better error message. Arne _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
