TLS 1.3 is not ready yet in LibreSSL.
Also SSL_get1_supported_ciphers() has been just added into master (not yet
released).
Signed-off-by: Stefan Strogin
---
src/openvpn/ssl_openssl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/openvpn/ssl_openssl.c b/src
ION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2090100fL)
I also see other 'defined(LIBRESSL_VERSION_NUMBER)' ifdefs that don't specify
exact LibreSSL version number. I agree that it is not correct, and it is not
nice
to force deprecated functions on users of newer LibreSSL, wh
On 25/02/2019 13:10, Arne Schwabe wrote:
> Am 25.02.19 um 07:29 schrieb Stefan Strogin:
> Hm, both have advantages. But if we can fix the rare corner case of
> OpenSSL 1.1.1 without TLS_13 then lets go for the TLS1_3_VERSION variant.
Thanks, I'll use this one then.
> Are ther
7.0 were thrown away
in ssl_openssl.c regardless of LibreSSL version. Use them with newer LibreSSL.
Signed-off-by: Stefan Strogin
---
src/openvpn/ssl_openssl.c | 33 +
1 file changed, 21 insertions(+), 12 deletions(-)
diff --git a/src/openvpn/ssl_openssl.c b/src/open
On 04/03/2019 11:41, Arne Schwabe wrote:
> Looks good so far. I am struggling to find a security/release policy how
> long LibreSSL SSL versions are still supported. I would be nice to have
> some idea when we can remove the LibreSSL 2.7.0 defines.
Thanks Arne!
I am not associated with the OpenBS
