-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi,
Sent with ProtonMail Secure Email, which cannot handle a simple reply properly. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, July 15th, 2021 at 11:17, Ralf Hildebrandt <ralf.hildebra...@charite.de> wrote: > I have quite a few users with old openvpn versions out there which are still > using TLSv1.0. > > Problem: the log line doesn't contain the username: > > 2021-07-15 02:13:22 openvpn-gw201-int openvpn-udp 109.69.55.111:63169 Control > Channel: TLSv1, cipher TLSv1.0 ECDHE-RSA-AES256-SHA, peer certificate: 2048 > bit RSA, signature: RSA-SHA256 > > Right now I'm correlating using field #5 (IP:Port), but is there an easier > way? > > Is the TLS version in any environment variable so I can log it using a > > client-connect or learn script? > Use client-connect and query IV_VER, which is the openvpn version of the client. The TLS version is not in the environment variables, although, may be it "could be" in future .. ? R -----BEGIN PGP SIGNATURE----- Version: ProtonMail wsBzBAEBCAAGBQJg8DcbACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec 9muQuJ0bHAgAwV4iN4+pCbCYo5WfQLS56q2tOoCZyge6aarJ14uaDPOkNcW4 lDYO3Z0AwqSNKkNFBUHuknnoDrGlfySI7YmR++5Spgvw6X2tq04mCKWiGC3g jFrjYJqXvaRRDCiFhswKhDKh1oCN1zlGBCPl1AbL43kJ27UfyayvMBPMcsMe 2z5y2KrAiX4b9wsWvWJtO+HbDkN5Xgq4tMAcKxP4kcqDiCWktaSDH9dT3JAE qaHiO8pjNtZ0OcZybSP4A/PBA+CwEyfrRKu5yRlkb3KEc6qgYWIjOHS6/Dgy ZH7HRFrPbMptzLC/XjnAHKlcMSDyMwiCWFUDEfwQ9rpscJujkXrG/g== =1dHS -----END PGP SIGNATURE-----
publickey - tincantech@protonmail.com - 0x09BC3D44.asc
Description: application/pgp-keys
publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
