On Wed, May 18, 2022 at 15:36:30 -0000, Nathan Stratton Treadway wrote: > On Wed, May 18, 2022 at 13:37:46 -0000, Simon Chopin wrote: > > Could you give more details about what happens when using the legacy > > providers? > > The short version is that by enabling the legacy provider and setting > SECLEVEL to 1, I'm able to get past the "digital envelope
(With the fixed version of OpenSSL's legacy.so, the SECLEVEL=1 configuration change is no longer needed -- tincd's openssl.cnf only needs to activate the "legacy" provider.) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1972939 Title: Jammy tinc incompatibile with older (e.g. Xenial) tinc nodes Status in Release Notes for Ubuntu: New Status in openssl package in Ubuntu: New Status in tinc package in Ubuntu: New Bug description: The tinc included in Jammy (1.0.36-2build1 linked with libssl3) cannot connect to tinc nodes running e.g. tinc from Xenial (1.0.26-1). (Tinc from Impish, which is also v1.0.36-2 but is linked to libssl1.1, can connect to these nodes without problems.) The symptom is a log message (on the system running Jammy) during the metadata channel negotiation (with debug level set to 5): Error during initialisation of cipher from tinc_xenial [...] error:0308010C:digital envelope routines::unsupported To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/1972939/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
