I agree, I think that allowing the usage of multiple, possibly old, protocols adds complexity and may couse some vulnerabilities.
A cracker could force the daemon to use some old protocol with security holes fixed in later versions. Sampo > > I'd like to hear your opinions on how the OpenVPN project should handle > > patches which break backward compatibility. > > Here are some answers that come to mind: > > > > (1) Accumulate such patches and merge them all at once in a future release > > such as 1.3.0 or 2.0.0, while warning users that this release will not be > > backward compatible. > > I'd prefer this one. Even though ssh seems to work nicely, you wind up > (at least when you have versions 1.3, 1.5 and 2) with lots of weird code > that you can't figure out if it runs or not. > > I'd like the more clean model without too much #ifdefs. With several > platforms and stuff, you'll have enough of those anyhow. =) > >
