admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(slickvpn): lower TLS security level to 0

Browse Source
This commit is contained in:
Quentin McGaw
2023-03-25 14:38:27 +00:00
parent f6f3c110f0
commit 33a6f1c01b
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
internal/provider/slickvpn/openvpnconf.go
View File

@@ -26,5 +26,14 @@ func (p *Provider) OpenVPNConfig(connection models.Connection,
"redirect-gateway", "redirect-gateway",
}, },
} }
if settings.Version == openvpn.Openvpn25 {
// SlickVPN's certificate is sha1WithRSAEncryption and sha1 is now
// rejected by openssl 3.x.x which is used by OpenVPN >= 2.5.
// We lower the security level to 3 to allow this algorithm,
// see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html
providerSettings.TLSCipher = "DEFAULT:@SECLEVEL=0"
}
return utils.OpenVPNConfig(providerSettings, connection, settings, ipv6Supported) return utils.OpenVPNConfig(providerSettings, connection, settings, ipv6Supported)
} }