admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

change(openvpn): Openvpn 2.4 no longer supported

Browse Source
This commit is contained in:
Quentin McGaw
2023-05-21 13:10:38 +00:00
parent 1dd38bc658
commit e8f2296a0d
15 changed files with 38 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
internal/provider/slickvpn/openvpnconf.go
View File

@@ -28,13 +28,11 @@ func (p *Provider) OpenVPNConfig(connection models.Connection,
},
}
if settings.Version == openvpn.Openvpn25 {
// SlickVPN's certificate is sha1WithRSAEncryption and sha1 is now
// rejected by openssl 3.x.x which is used by OpenVPN >= 2.5.
// We lower the security level to 3 to allow this algorithm,
// see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html
providerSettings.TLSCipher = "DEFAULT:@SECLEVEL=0"
}
// SlickVPN's certificate is sha1WithRSAEncryption and sha1 is now
// rejected by openssl 3.x.x which is used by OpenVPN >= 2.5.
// We lower the security level to 3 to allow this algorithm,
// see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html
providerSettings.TLSCipher = "DEFAULT:@SECLEVEL=0"
return utils.OpenVPNConfig(providerSettings, connection, settings, ipv6Supported)
}