Hi, On 03/06/18 16:27, Steffan Karger wrote: > Hi, > > On 02-06-18 05:42, Antonio Quartulli wrote: >> Different VPN servers may use different tls-auth keys. For this >> reason it is convenient to make tls-auth a per-connection-block >> option so that the user is allowed to specify one key per remote. > > Want! This also helps with tls-auth key rollover. Feature-ACK. > >> If no tls-auth option is specified in a given connection block, >> the global one, if any, is used. >> >> Trac: #720 >> Cc: Steffan Karger <stef...@karger.me> >> Signed-off-by: Antonio Quartulli <a...@unstable.cc> >> --- >> doc/openvpn.8 | 1 + >> src/openvpn/init.c | 10 +++--- >> src/openvpn/options.c | 82 ++++++++++++++++++++++++++++++++++--------- >> src/openvpn/options.h | 5 +++ >> 4 files changed, 77 insertions(+), 21 deletions(-) >> >> diff --git a/doc/openvpn.8 b/doc/openvpn.8 >> index 4114f408..e7bc3f4f 100644 >> --- a/doc/openvpn.8 >> +++ b/doc/openvpn.8 >> @@ -372,6 +372,7 @@ block: >> .B remote, >> .B rport, >> .B socks\-proxy, >> +.B tls\-auth, >> .B tun\-mtu and >> .B tun\-mtu\-extra. > > Shouldn't this also include key-direction? >
good catch! I added the manpage change at the end and I forgot about key-direction. Will wait a bit more before sending v2. > (Didn't really review or test yet, but otherwise looks good at first > glance.) > Thanks so far Cheers, -- Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
