Hi
On 04.08.2017 18:37, Hauke Mehrtens wrote:
I agree to put this into LEDE 17.01 and the master branch for now.
It should be merged to LEDE 17.01 to maintain feature compatibility. I
disagree that it should be merged to master, as this is a feature we
(should) want to break in the long run.
On 07/30/2017 05:57 PM, Baptiste Jonglez wrote:
> From: Baptiste Jonglez
>
> Since mbedtls 2.5.1, SHA1 has been disallowed in TLS certificates.
> This breaks openvpn clients that try to connect to servers that
> present a TLS certificate signed with SHA1, which is fairly common.
>
> Run-tested w
On Sun, Jul 30, 2017 at 06:00:48PM +0200, Baptiste Jonglez wrote:
> On Sun, Jul 30, 2017 at 05:57:37PM +0200, Baptiste Jonglez wrote:
> > Since mbedtls 2.5.1, SHA1 has been disallowed in TLS certificates.
> > This breaks openvpn clients that try to connect to servers that
> > present a TLS certific
On Sun, Jul 30, 2017 at 05:57:37PM +0200, Baptiste Jonglez wrote:
> Since mbedtls 2.5.1, SHA1 has been disallowed in TLS certificates.
> This breaks openvpn clients that try to connect to servers that
> present a TLS certificate signed with SHA1, which is fairly common.
>
> Run-tested with openvpn
