-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
openvpn build with libressl-3.1.3 does not connect #23413
Comments
Can you check if this only affects UDP connection, and not TCP? |
Also, see your server log. |
It is a loop.
It is not my server. I have protonvpn. |
Note:
A much more suitable test would be for you to setup your own server. |
We might need some patches from https://openports.se/net/openvpn |
Can you run openvpn with more verbose output |
|
This is effecting |
Why do you expect Protonvpn to support a version 3.x (development) SSL library ? Especially one which OpenVPN themselves do not support ... |
LibreSSL 3.1.3 is NOT a development library. The versioning does not match with the OpenSSL one. Furthermore the Server does not have to care about the version of a client lib, as long as both ends work correctly (and either one of them doesn't) |
Sure but
|
@TinCanTech it was working fine until this update, hence why I was reporting. Also as stated it is not a development release. For me this is just more indication that it's time the switch back to openssl. Between these kind of issues in the ABI issues, the choice to use libressl now that the issues surrounding heartbleed have long since been remedied, is mostly an exercise in frustration. |
Yes, I agree it would be far better if someone does provide a server side configuration + logs that do fail. I don't have any failing setup right now, and don't know why ProtonVPN fails. |
I am not particularly familiar with LibreSSL but OpenVPN use an This
Indeed ..
Setup two servers; One using OpenSSL and the other using LibreSSL. I'll stay tuned but I'll leave you to it .. good luck. |
Workaround for the desperate:
Personally I switched my And yes, it's probably time we went back to OpenSSL. |
To reproduce download the .ovpn from protonvpn and add EDIT: follow libressl/portable#601 |
So the latest openvpn update partially fixed this issue. I'm not getting hangs on connection where it seems like it's partially connecting but never fully. |
I just wanted to update that ProtonVPN does connect now, i'm not sure when it started working. It does take awhile to complete the connection, I'm not sure what causes the slowdown but it took over a minute.
If anyone else can confirm i think it might be safe to close the issue. |
@HadetTheUndying I downgraded to openvpn-2.4.9_2 and it works again. But now I am using openvpn built with libressl 3.1.4 in order to have other TLS1.3 fixes included libressl/portable#601 (comment). Can the openvpn from repository be switched back to libressl? |
Ping? |
Yes, this was fixed a while ago. We should switch the build option back to openssl whenever Void drops libressl. |
System
Void 5.4.46_1 x86_64 AuthenticAMD uptodate hold rDF
openvpn-2.4.9_2
Expected behavior
Connect successfully to openvpn server
Actual behavior
Error is
Full log
Steps to reproduce the behavior
Connect to protonvpn with protonvpn-cli.
Downgrading to
openvpn-2.4.9_1
works and it connects. Upgrading toopenvpn-2.4.9_2
is above issue.Where is the problem? Libressl,void packaging?
The text was updated successfully, but these errors were encountered: