Hi, On Tue, Jul 27, 2021 at 01:31:15PM +0000, tincantech wrote: > > I thought we also send the client SSL library, but seems we do not. > > It is sent but only if `push-peer-info` is defined in the client. > EG: peer info: IV_SSL=OpenSSL_1.1.1k__25_Mar_2021
Ah!
I knew I had seen that, somewhere, and git agrees with me :-)
commit 1ec984b154aa3247ef58c9d44e7e477880b632b1
Author: Gert Doering <g...@greenie.muc.de>
Date: Sun Apr 13 17:29:32 2014 +0200
Add SSL library version reporting.
SSL library version is also sent as IV_SSL=<version> to the server if
--push-peer-info is enabled.
... but unless explicitly permitted, we only send a limited set - nothing
that could be used against the client (like, SSL library / vulnerabilities,
or MAC addresses).
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
