OpenVPN 2.4.6 could be compiled with LibreSSL, 2.4.7 cannot. This was broken
since 9de7fe0a "Add support for tls-ciphersuites for TLS 1.3".
This patch avoids using TLS 1.3 directly, be it that OpenSSL was compiled
without TLS 1.3 support, or LibreSSL was used.
This patch was based on an OpenBSD
It was deemed that the previous patch was insufficient, so let's
take a new stab. Note that this does not mean I endorse using
LibreSSL, but at least we should not be breaking existing library
support in a point release 2.4.7 (that cannot be compiled
against LibreSSL) when 2.4.6 could.
Details on
Am 18.08.19 um 13:18 schrieb Matthias Andree:
> OpenVPN 2.4.6 could be compiled with LibreSSL, 2.4.7 cannot. This was broken
> since 9de7fe0a "Add support for tls-ciphersuites for TLS 1.3".
>
> This patch avoids using TLS 1.3 directly, be it that OpenSSL was compiled
> without TLS 1.3 support, or