Hi,
Thanks for taking this to the openvpn-devel list.
The proposed patch doesn't follow our approach of hiding the openssl
1.0/1.1 API compatibility mess inside openssl_compat.h, so we'll have to
rework it before including it. I will pick this up some time soon, but
have very limited access to i
Hi,
in https://bugs.debian.org/873302 Kurt Roeckx (Debian OpenSSL
maintainer) submitted a patch for OpenVPN to properly set the minimum
and maximum TLS version. On Debian Buster (current development) OpenSSL
1.1 defaults to TLSv1.2+ only.
I'm unwilling to carry crypto specific patches in Debian.
