Re: [Openvpn-devel] [PATCH] TLS versioning

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Am 24.06.13 01:04, schrieb James Yonan:
> This is the TLS versioning patch as discussed in last Thursday's IRC 
> meeting.
>
> It combines these two patches:
>
> https://github.com/jamesyonan/openvpn/commit/03a5599202bdc3ba07983dc4efdae387fb8fb436 
>
>
> https://github.com/jamesyonan/openvpn/commit/d23005413b0e0f28a3c48a6342f494763d5c9b40 
>
>
OpenVPN for Android already ships this change and there seem some 
incompatibility. I have a report from a user which reports that against 
his OpenVPN server (Tomato Router Firmware - OpenVPN 2.2.2):

I am sure if this due to a broken configuration on the users side or the 
TLS.

P:TLS: Initial packet from [AF_INET]x.x.x.x:443, sid=3D3be6e216 89488=7fd
P:TLS_ERROR: BIO read tls_read_plaintext error: error:14092105:SSL
routines:SSL3_GET_SERVER_HELLO:wrong cipher returned
P:TLS Error: TLS object -> incoming plaintext read error
P:TLS Error: TLS handshake failed
P:Fatal TLS error (check_tls_errors_co), restarting

Re: [Openvpn-devel] [PATCH] TLS versioning

Robust and flexible VPN network tunnelling

Re: [Openvpn-devel] [PATCH] TLS versioning