Extend the error message when TLS 1.0 PRF fails

This error will probably become more and more common in the future when
more and more systems will drop TLS 1.0 PRF support. We are already
seeing people stumbling upon this (see GitHub issue #460)

The current error messages

  TLS Error: PRF calcuation failed
  TLS Error: generate_key_expansion failed

are not very helpful for people that do not have deep understanding
of TLS or the OpenVPN protocol. Improve this message to give a normal
user a chance to understand that the peer needs to be OpenVPN 2.6.x or
newer.

Change-Id: Ib3b64b52beed69dc7740f191b0e9a9dc9af5b7f3
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20231213105308.121460-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27796.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

1 files changed, 6 insertions, 1 deletions

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 6eddb68..7597412 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -1477,7 +1477,12 @@ generate_key_expansion(struct tls_multi *multi, struct key_state *ks,
     {
         if (!generate_key_expansion_openvpn_prf(session, &key2))
         {
-            msg(D_TLS_ERRORS, "TLS Error: PRF calcuation failed");
+            msg(D_TLS_ERRORS, "TLS Error: PRF calculation failed. Your system "
+                "might not support the old TLS 1.0 PRF calculation anymore or "
+                "the policy does not allow it (e.g. running in FIPS mode). "
+                "The peer did not announce support for the modern TLS Export "
+                "feature that replaces the TLS 1.0 PRF (requires OpenVPN "
+                "2.6.x or higher)");
             goto exit;
         }
     }