On Thu, Nov 25, 2010 at 01:01:45PM +0100, Martin Burman wrote: > On 11/24/2010 06:57 PM, Kurt Roeckx wrote: > >reassign 604723 openvpn 2.1~rc11-1 > >thanks > > > >On Wed, Nov 24, 2010 at 09:10:43AM +0100, Martin Burman wrote: > >>>On Tue, Nov 23, 2010 at 08:58:02PM +0100, Martin Burman wrote: > >>>>Package: libssl0.9.8 > >>>>Version: 0.9.8g-15+lenny6 > >>>>Severity: important > >>>> > >>>>After apply the latest patches my openvpn tunnel broke down. > >>>>Downgrading to cipher 0.9.8g-15+lenny6 (my previous version) brought the > >>>>tunnel up again. > >>>>Openvpn did start ok, interface went up, logs stated "connected to peer" > >>>>but the tunnel was non-functional. > >>>> > >>>>I have production state on this tunnel so I had lack of time in > >>>>investigating underlying causes. > >>>>If you provide me with your wishes I can do tests under controlled > >>>>circumstances. > >>>Do the logs indicate any kind of error message? > >>> > >>>Can you try exactly which version broke things? Can you for > >>>instance try if 0.9.8g-15+lenny8 still works? > >>> > >>>I've tried this with 0.9.8o-3 which has the same patch as > >>>0.9.8g-15+lenny9, and it still works for me. > >>> > >>>I can also try this with a lenny based system, but I'm not going > >>>to try this this late in the evening. > >So I've used a server with 0.9.8g-15+lenny9 now and things work > >perfectly for me. I've also heard some others didn't have any > >problems at all. > > > >I'm going to reassign this to the openvpn package as I think > >there is nothing wrong with openssl. > > > >>dev tap > >My setup uses dev tun instead. > > > > > >Kurt > I cannot argue about this but OpenVPN was not updated this time, > only libssl0.9.8
That's what I think. But I do not have time to argue. I you update openssl, and something that uses openssl breaks... Then, it's probably openssl's fault. If you think otherwise, you should try to explain/demonstrate it, but.... Regards, Alberto -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
