On Mon, 2016-10-03 at 21:24 +0200, Peter Brant wrote: > > DES-CBC3-SHA > AES128-SHA > DHE-RSA-AES128-SHA > AES256-SHA > DHE-RSA-AES256-SHA > > The server is now returning X-DTLS-CipherSuite: AES256-SHA. > > I must confess my knowledge of encryption is rudimentary. Is the High > selection even reasonable? If so, might it be supported in a later > version of OpenSSL? It'll work today. Can you build the client with OpenSSL and just try adding '--dtls-ciphers?DHE-RSA-AES256-SHA' or '--dtls-ciphers?DHE-RSA-AES128-SHA' on the command line? If that's working, I'll try to fix it for the GnuTLS build too. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5760 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20161003/a7dacae5/attachment.bin>
