On Wed, Oct 10, 2018 at 10:14 AM Gert Doering <g...@greenie.muc.de> wrote:
> Hi, > > to copy the reply from Steffan over to openvpn-users... > > On Tue, Oct 09, 2018 at 08:43:49PM +0200, Gert Doering wrote: > > (copying in openvpn-devel, as this is something Steffan will want to > > see...) > [..] > > Possibly this is when the first packet is sent by the client or when > > the first packet comes in for decryption - "man EVP_CipherUpdate" says > > that this is for encryption or decryption. > > Steffan Karger: > > This very much sounds like an old OpenSSL bug for which we added a > > workaround in this commit: > > https://github.com/OpenVPN/openvpn/commit/13de0103e > > > > This typically occurred with the OpenSSL version shipped with Ubuntu > > 12.04, which had a buggy AEAD interface. > > > > Either upgrading your OpenSSL or your OpenVPN to a recent version should > > be sufficient to make it work. > > -> so, upgrade to OpenVPN 2.4.6, or see if there is an Ubuntu upgrade > to OpenSSL. Or upgrade to Ubuntu 14.04 or 16.04... > Sound to me also like that. Though I will be phasing out Ubuntu 12.04 in favor of Debian9, thus no need to bother. Thanx for the feedback! > > gert > -- > "If was one thing all people took for granted, was conviction that if you > feed honest figures into a computer, honest figures come out. Never > doubted > it myself till I met a computer with a sense of humor." > Robert A. Heinlein, The Moon is a Harsh > Mistress > > Gert Doering - Munich, Germany > g...@greenie.muc.de >
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
