-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 16/05/12 16:39, Alon Bar-Lev wrote: [...snip...] > > I am for announcing the removal have the time for all plugins > authors which may use this feature to modify their code. There is > enough time to do so, we are talking about ~5 months.
Just to clarify, as Alon and I have had an IRC discussion today. We've agreed that we will keep this code snippet enabled by default in v2.3. In v2.4 we will flip it to disabled by default. And in v2.5, it will go away. The reason is also that code from James have arrived into the v2.3 code base which provides pretty much the same information as 'tls_digest_%d' does, using a new feature: --x509-track See commit 9356bae859938c and commit 5cdb5e0111df7b3d for more information about that. > I am not sure that anyone knows this one even exists as was unique > to David's need. So most probably only the eurephia should be > modified. I will take care of modifying eurephia and it's documentation. > Samuli, I think it is simple enough... in the 2.3_alpha2 > announcement, announce that the tls_digest_* environment is > obsolete and until 2.3 release all plugins authors must modify > their plugins to use the V3 interface to extract this information > (if needed). Plug-ins can use the plug-in API v3 indeed. Scripts however need to use the new --x509-track feature instead and be rewritten to extract the information from a different environment variable. Both are new features in the coming OpenVPN v2.3. So we do need a transition period before pulling this feature. So, leave it as is in v2.3, flip to disabled by default in v2.4 (--disable-eurephia changes to --enable-eurephia) and remove it completely in v2.5. And add clear and informative release notes for all of these versions. kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+zzmkACgkQDC186MBRfrqBlACggTOMyC8L75Ctpbaxhl3KQ7bu yCEAnjFI60k7C0In0Bjp98Zo+WipYSlB =BMvf -----END PGP SIGNATURE-----