[bug] allow tls 1.0 as a workaround for buster/sid

in systems with newer openssl, tls 1.0 has been disabled. however, this breaks the ability of a client in a newer system to connect with the openvpn servers on providers that are still on stretch. platform needs to be upgraded. -Related: https://0xacab.org/leap/bitmask-vpn/issues/105
author: Kali Kaneko <kali@leap.se> 2019-01-30 18:58:58 +0100
committer: Kali Kaneko <kali@leap.se> 2019-01-30 19:27:21 +0100
commit: 930141b423744f9269a8ad1aebf3c4ffb2e60ae5 (patch)
tree: 261df4750f33363e9a93749425e7b53d48e428e8
parent: e86f028c2f20be59ee0ae3a3dc78a612a93d9846 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/leap/bitmask/vpn/helpers/linux/bitmask-root b/src/leap/bitmask/vpn/helpers/linux/bitmask-root
index dad5247e..52c1838b 100755
--- a/src/leap/bitmask/vpn/helpers/linux/bitmask-root
+++ b/src/leap/bitmask/vpn/helpers/linux/bitmask-root
@@ -123,6 +123,7 @@ FIXED_FLAGS = [
     "--user", "nobody",
     "--persist-key",
     "--persist-local-ip",
+    "--tls-version-min", "1.0",
 ]
 
 if OPENVPN_GROUP is not None:
author	Kali Kaneko <kali@leap.se>	2019-01-30 18:58:58 +0100
committer	Kali Kaneko <kali@leap.se>	2019-01-30 19:27:21 +0100
commit	930141b423744f9269a8ad1aebf3c4ffb2e60ae5 (patch)
tree	261df4750f33363e9a93749425e7b53d48e428e8
parent	e86f028c2f20be59ee0ae3a3dc78a612a93d9846 (diff)