From 4afa7ed562410a1170223a7bc06efb3708af6a36 Mon Sep 17 00:00:00 2001 From: Bernhard Schmidt Date: Sun, 4 Mar 2018 22:55:51 +0100 Subject: New upstream version 2.4.5 --- src/openvpn/crypto_openssl.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/openvpn/crypto_openssl.c') diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 9e8d3f3..eae2b91 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -5,8 +5,8 @@ * packet encryption, packet authentication, and * packet compression. * - * Copyright (C) 2002-2017 OpenVPN Technologies, Inc. - * Copyright (C) 2010-2017 Fox Crypto B.V. + * Copyright (C) 2002-2018 OpenVPN Inc + * Copyright (C) 2010-2018 Fox Crypto B.V. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -665,7 +665,7 @@ cipher_ctx_free(EVP_CIPHER_CTX *ctx) } void -cipher_ctx_init(EVP_CIPHER_CTX *ctx, uint8_t *key, int key_len, +cipher_ctx_init(EVP_CIPHER_CTX *ctx, const uint8_t *key, int key_len, const EVP_CIPHER *kt, int enc) { ASSERT(NULL != kt && NULL != ctx); -- cgit v1.2.3 From 87356242baf10c8b2a94d9013e436ed2a0dada53 Mon Sep 17 00:00:00 2001 From: Bernhard Schmidt Date: Wed, 20 Feb 2019 14:11:46 +0100 Subject: New upstream version 2.4.7 --- src/openvpn/crypto_openssl.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'src/openvpn/crypto_openssl.c') diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index eae2b91..71602f3 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -199,7 +199,16 @@ crypto_print_openssl_errors(const unsigned int flags) "in common with the client. Your --tls-cipher setting might be " "too restrictive."); } - + else if (ERR_GET_REASON(err) == SSL_R_UNSUPPORTED_PROTOCOL) + { + msg(D_CRYPT_ERRORS, "TLS error: Unsupported protocol. This typically " + "indicates that client and server have no common TLS version enabled. " + "This can be caused by mismatched tls-version-min and tls-version-max " + "options on client and server. " + "If your OpenVPN client is between v2.3.6 and v2.3.2 try adding " + "tls-version-min 1.0 to the client configuration to use TLS 1.0+ " + "instead of TLS 1.0 only"); + } msg(flags, "OpenSSL: %s", ERR_error_string(err, NULL)); } } -- cgit v1.2.3