As discussed in the community meeting of 13-12-2017, we should warn our
users that LibreSSL is not officially supported. We expect that it
currently works, but it might suddenly break or we might decide to no
longer build against LibreSSL in the future.
There seem to be ongoing efforts to make LibreSSL compatible with the
OpenSSL 1.1 API. If they truly do that, it might also keep working.
For now, make sure people understand we do not really support LibreSSL.
Signed-off-by: Steffan Karger <stef...@karger.me>
---
src/openvpn/options.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 41a42cf2..36d67b0f 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -2949,6 +2949,11 @@ options_postprocess_mutate_invariant(struct options
*options)
static void
options_postprocess_verify(const struct options *o)
{
+#ifdef LIBRESSL_VERSION_NUMBER
+ msg(M_WARN, "WARNING: This OpenVPN was built against LibreSSL. "
+ "This might work, but is *not* supported and can break at any time.")
+#endif
+
if (o->connection_list)
{
int i;
--
2.14.1
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
