On 04/03/2019 11:41, Arne Schwabe wrote:
> Looks good so far. I am struggling to find a security/release policy how
> long LibreSSL SSL versions are still supported. I would be nice to have
> some idea when we can remove the LibreSSL 2.7.0 defines.
Thanks Arne!
I am not associated with the OpenBS
7.0 were thrown away
in ssl_openssl.c regardless of LibreSSL version. Use them with newer LibreSSL.
Signed-off-by: Stefan Strogin
---
src/openvpn/ssl_openssl.c | 33 +
1 file changed, 21 insertions(+), 12 deletions(-)
diff --git a/src/openvpn/ssl_openssl.c b/src/open
On 25/02/2019 13:10, Arne Schwabe wrote:
> Am 25.02.19 um 07:29 schrieb Stefan Strogin:
> Hm, both have advantages. But if we can fix the rare corner case of
> OpenSSL 1.1.1 without TLS_13 then lets go for the TLS1_3_VERSION variant.
Thanks, I'll use this one then.
> Are ther
ION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2090100fL)
I also see other 'defined(LIBRESSL_VERSION_NUMBER)' ifdefs that don't specify
exact LibreSSL version number. I agree that it is not correct, and it is not
nice
to force deprecated functions on users of newer LibreSSL, wh
TLS 1.3 is not ready yet in LibreSSL.
Also SSL_get1_supported_ciphers() has been just added into master (not yet
released).
Signed-off-by: Stefan Strogin
---
src/openvpn/ssl_openssl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/openvpn/ssl_openssl.c b/src
