possible upstream security issue #89
Comments
|
Seems it is being made configurable! For eduVPN/Let's Connect! we SHOULD set the security level to 3. |
|
👍 I'll update as soon as released as a CocoaPod. |
jeroenleenarts
added a commit
that referenced
this issue
May 10, 2019
…yLevel`. This commit sets it to 3. Beware, this uses a direct git reference instead of a released version of TunnelKit. I will switch back as soon as possible. Fixes #89.
|
Did you test it, e.g. by setting it to 4 and 5 and trying to connect? |
|
Good point. I added a toggle in settings allowing selection of level 3, 4 or 5. Everything checks out. Setting level 4 or 5 does not allow connecting due to a disallowed cipher suite or key size violation. |
|
I would not make this configurable by the end user, but maybe you meant a toggle at build time, then that's a great idea! |
|
It was, but now it is not anymore. 👍 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Keep an eye on this: passepartoutvpn/tunnelkit#97
I recommend to set this to 3 for eduVPN/Let's Connect! for iOS, possibly with a patch.
The text was updated successfully, but these errors were encountered: