git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Wed, 13 Dec 2023 10:53:08 +0000 (11:53 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Tue, 26 Dec 2023 19:40:10 +0000 (20:40 +0100)
commit	cfaf82d5eb62e1ed4804afa37817105e9aa4394a
tree	8b6cc19e2bdcb93714982069628664331ae160d1	tree
parent	030afe64198e6c32297dcdbf33ff9c5f6a35f5e1	commit \| diff

Extend the error message when TLS 1.0 PRF fails

This error will probably become more and more common in the future when
more and more systems will drop TLS 1.0 PRF support. We are already
seeing people stumbling upon this (see GitHub issue #460)

The current error messages

TLS Error: PRF calcuation failed
TLS Error: generate_key_expansion failed

are not very helpful for people that do not have deep understanding
of TLS or the OpenVPN protocol. Improve this message to give a normal
user a chance to understand that the peer needs to be OpenVPN 2.6.x or
newer.

Change-Id: Ib3b64b52beed69dc7740f191b0e9a9dc9af5b7f3
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20231213105308.121460-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27796.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 6ff816142c1acdaee149c4daabb297fefc2ccde0)