On 26 August 2016 at 14:10, Gert Doering <g...@greenie.muc.de> wrote: > On Thu, Aug 25, 2016 at 04:17:25PM +0100, debbie10t wrote: >> Now server cannot negotiate --cipher and is set at AES-256-CBC >> Connecting linux client cannot renegotiate --cipher and is set at >> AES-256-GCM >> On --ping-restart --cipher is not reset and so the client can no longer >> connect. > > This is a problem indeed, thanks for noticing and clearly describing it. > > (In other words: upon reconnection, the --cipher setting should be > "what is in the config", not "what was negotiated in a previous connect", > so it needs to be stored in a session-dependent variable internally, and > not override the config variable - which makes the code less nice...) > > Steffan, are you listening? ;-)
Yes, I am, and I agree that this needs to be fixed. This could also cause problems when roaming from one server to the next. Just didn't find time to respond yet. It's on my list. -Steffan ------------------------------------------------------------------------------ _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
