Another ACK from me.
Stared at the code, tested it vs. iOS OpenVPN and 2.2/2.3/git master
clients (works!), and we've discussed it quite a bit on IRC, so it finally
all made sense :-)
Testing this turned up something we need to fix: with the patch set 1-5
enabled, and "delayed key init" active on the server, mssfix is broken
("does not do anything") - and if setting "ncp-disable", mssfix works
again. Going back to commit d728ebeda8 (4/5 v4) on the server side makes
mssfix on the server side work, but running it on the client it is still
broken - so I think it's related to the delayed initialization (though
I have no idea yet what it is).
Still applying this one, as it's not the culprit.
Your patch has been applied to the master branch.
commit a17aa98180319f34c3240aea617bf8114d0bcaf7
Author: Steffan Karger
List-Post: openvpn-devel@lists.sourceforge.net
Date: Tue Jun 28 23:36:11 2016 +0200
Add server-side support for cipher negotiation
Signed-off-by: Steffan Karger <stef...@karger.me>
Acked-by: Arne Schwabe <a...@rfc2549.org>
Acked-by: Gert Doering <g...@greenie.muc.de>
Message-Id: <1467149771-10374-1-git-send-email-stef...@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/12009
Signed-off-by: Gert Doering <g...@greenie.muc.de>
--
kind regards,
Gert Doering
