From 3c57a988b0088e953a8b623941c2d3a91dbcca6a Mon Sep 17 00:00:00 2001 From: "Kali Kaneko (leap communications)" Date: Thu, 24 Jan 2019 19:29:02 +0100 Subject: [bug] allow tls 1.0 as a workaround for buster/sid in systems with newer openssl, tls 1.0 has been disabled. however, this breaks the ability of a client in a newer system to connect with the openvpn servers on providers that are still on stretch. platform needs to be upgraded. -Related: #105 --- pkg/helper/args.go | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg/helper') diff --git a/pkg/helper/args.go b/pkg/helper/args.go index d6b3bb4..1a5bd3b 100644 --- a/pkg/helper/args.go +++ b/pkg/helper/args.go @@ -23,6 +23,7 @@ var ( "--remote-cert-tls", "server", "--dhcp-option", "DNS", nameserver, "--log", LogFolder + "openvpn.log", + "--tls-version-min", "1.0", } allowendArgs = map[string][]string{ -- cgit v1.2.3