emerged dev-libs/openssl-1.0.1e-r1 Reproducible: Always Steps to Reproduce: 1. emerge dev-libs/openssl-1.0.1e-r1 (eg latest stable) 2. create vpn tunnel with openconnect 3. to run openconnect correctly, install =dev-libs/openssl-1.0.1c Actual Results: CSTP connected. DPD 30, Keepalive 30 Connected tun0 as xxx.xxx.xx.xxx, using SSL DTLS handshake failed: 2 DTLS handshake failed: 1 140022422464232:error:14102410:SSL routines:DTLS1_READ_BYTES:sslv3 alert handshake failure:d1_pkt.c:1166:SSL alert number 40 Expected Results: CSTP connected. DPD 30, Keepalive 30 Connected tun0 as xxx.xxx.xx.xxx, using SSL Has been discussed other places too, current and effective solution is to downgrade openssl: http://comments.gmane.org/gmane.network.vpn.openconnect.devel/531 http://web.archiveorange.com/archive/v/wmeLDreq3d9oTYKS5t5Z http://lists.opensuse.org/opensuse-bugs/2013-05/msg02781.html Probably >dev-libs/openssl-1.0.1c should be marked as unstable, unless there is some easy way to batch the problem.
(In reply to Urmas Rosenberg from comment #0) > Has been discussed other places too, current and effective solution is to > downgrade openssl: solution => workaround
Is this still an issue?
Hi Matthew. Just removed mask from openssl, updated to latest openssl (dev-libs/openssl-1.0.1f) and recompiled openconnect (net-misc/openconnect-4.08) and seems, that problem is gone - no problems when connecting over VPN && RDP. Bug can be closed. Thanks.