Hi, On 02-06-18 05:42, Antonio Quartulli wrote: > Different VPN servers may use different tls-auth keys. For this > reason it is convenient to make tls-auth a per-connection-block > option so that the user is allowed to specify one key per remote.
Want! This also helps with tls-auth key rollover. Feature-ACK. > If no tls-auth option is specified in a given connection block, > the global one, if any, is used. > > Trac: #720 > Cc: Steffan Karger <stef...@karger.me> > Signed-off-by: Antonio Quartulli <a...@unstable.cc> > --- > doc/openvpn.8 | 1 + > src/openvpn/init.c | 10 +++--- > src/openvpn/options.c | 82 ++++++++++++++++++++++++++++++++++--------- > src/openvpn/options.h | 5 +++ > 4 files changed, 77 insertions(+), 21 deletions(-) > > diff --git a/doc/openvpn.8 b/doc/openvpn.8 > index 4114f408..e7bc3f4f 100644 > --- a/doc/openvpn.8 > +++ b/doc/openvpn.8 > @@ -372,6 +372,7 @@ block: > .B remote, > .B rport, > .B socks\-proxy, > +.B tls\-auth, > .B tun\-mtu and > .B tun\-mtu\-extra. Shouldn't this also include key-direction? (Didn't really review or test yet, but otherwise looks good at first glance.) -Steffan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
