Hi,
On Sat, 2018-01-13 at 07:30 -0500, Jeffrey Walton wrote:
On Wed, Jan 10, 2018 at 12:08 PM, Michael Tremer michael.tremer@ipfire.org wrote:
... So, again for me: What is the status of OpenVPN 2.4 now? I guess that should build with OpenSSL 1.1 out of the box.
I believe OpenSSL 1.1.0 is not supported by a few key packages, like OpenVPN and OpenSSH.
Here is the OpenVPN bug: https://community.openvpn.net/openvpn/ticket/759 . Here is the OpenSSH bug: https://github.com/openssh/openssh-portable/pull/48 .
OpenVPN 2.4 links fine against OpenSSL 1.1.0.
OpenSSH needs to be patched, but a maintained patchset is available and used by all the other major distributions.
OpenVPN and OpenSSH are going to have to shit or get off the pot. TLS 1.3 is in final draft stages, and it will be adopted soon.
Jeff
-Michael