From c47793c19efe0e7bb71d4d119a213a0548c3b729 Mon Sep 17 00:00:00 2001
From: Arne Schwabe <arne@rfc2549.org>
Date: Wed, 13 Oct 2021 01:40:05 +0200
Subject: Enable proper legacy provider handling with OpenVPN3

---
 main/src/main/cpp/openvpn3                                   | 2 +-
 main/src/main/java/de/blinkt/openvpn/VpnProfile.java         | 5 +++--
 main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java | 1 +
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/main/src/main/cpp/openvpn3 b/main/src/main/cpp/openvpn3
index d959fd5f..dfa16e55 160000
--- a/main/src/main/cpp/openvpn3
+++ b/main/src/main/cpp/openvpn3
@@ -1 +1 @@
-Subproject commit d959fd5f3fe8b8761e328e6c778c9f6fc880f40a
+Subproject commit dfa16e552e3dca8aa11766a5db0c097060c8a7d3
diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java
index 772274ea..599647b0 100644
--- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -381,6 +381,9 @@ public class VpnProfile implements Serializable, Cloneable {
             cfg.append("setenv IV_SSO openurl,webauth,crtext\n");
             String versionString = getPlatformVersionEnvString();
             cfg.append(String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString)));
+
+            if (mUseLegacyProvider)
+                cfg.append("provider legacy:default\n");
         } else {
             cfg.append("# Config for OpenVPN 3 C++\n");
         }
@@ -664,8 +667,6 @@ public class VpnProfile implements Serializable, Cloneable {
         if (!TextUtils.isEmpty(mDataCiphers)) {
             cfg.append("data-ciphers ").append(mDataCiphers).append("\n");
         }
-        if (mUseLegacyProvider)
-            cfg.append("provider legacy:default\n");
 
         if (mCompatMode > 0)
         {
diff --git a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java
index aa9ec2e8..1e49f2e6 100644
--- a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java
+++ b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java
@@ -182,6 +182,7 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable
         config.setAllowLocalLanAccess(mVp.mAllowLocalLAN);
         boolean retryOnAuthFailed = mVp.mAuthRetry == AUTH_RETRY_NOINTERACT;
         config.setRetryOnAuthFailed(retryOnAuthFailed);
+        config.setEnableLegacyAlgorithms(mVp.mUseLegacyProvider);
 
         ClientAPI_EvalConfig ec = eval_config(config);
         if (ec.getExternalPki()) {
-- 
cgit v1.2.3