git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Steffan Karger <steffan.karger@fox-it.com>
	Fri, 5 Sep 2014 10:38:04 +0000 (12:38 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Fri, 14 Nov 2014 14:12:08 +0000 (15:12 +0100)
commit	c80727650461e49525eefcbc741c8245d7787ba4
tree	4b4f5a51b52699fc42f7512873b36c2b6b35e9fc	tree
parent	44294568a113a7c54ce7fca86b4014c9d1168888	commit \| diff

Add --tls-version-max

Because using TLS 1.2 breaks certain setups, a user might want to enforce
a maximum TLS version to use. This patch adds that option.

This patch removes a number of #ifdefs from ssl_polarssl.c, because the
polarssl versions we currently support (polar 1.2 for openvpn 2.3, and
polar 1.3 for openvpn-master) have all versions unconditionally enabled.

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <544EC052.3080809@fox-it.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9210
Signed-off-by: Gert Doering <gert@greenie.muc.de>

doc/openvpn.8		diff \| blob \| blame \| history
src/openvpn/options.c		diff \| blob \| blame \| history
src/openvpn/ssl.c		diff \| blob \| blame \| history
src/openvpn/ssl_backend.h		diff \| blob \| blame \| history
src/openvpn/ssl_common.h		diff \| blob \| blame \| history
src/openvpn/ssl_openssl.c		diff \| blob \| blame \| history
src/openvpn/ssl_polarssl.c		diff \| blob \| blame \| history