Comment 3 for bug 1972939
Revision history for this message
| Nathan Stratton Treadway (nathanst) wrote Re: [Bug 1972939] Re: Jammy tinc incompatibile with older (e.g. Xenial) tinc nodes | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
On Wed, May 18, 2022 at 07:42:04 -0000, Simon Chopin wrote:
> I'm guessing there are some SSL certificates involved? If so, this issue
Tinc uses openssl's implementations of specific alogorithms, but does not
use either TLS or SSL certificates. (So I don't think the Tinc situation
is covered by the existing OpenSSL 3.0 section of the Release Notes
document.)
The Xenial version of Tinc uses the Blowfish algorithm for the metadata
connection, which openssl3 does move to the legacy provider -- but even
though enabling the legacy provider on the Jammy node allows the
connenction setup to get further along, it's not sufficient to get a
working connection -- the libssl3 transition seems to have affected some
other aspect of the connection as well...