Sorry, sent to Steffan but not the list:
---------- Forwarded message ---------
From: Jonathan K. Bullard <jkbull...@gmail.com>
Date: Wed, Oct 24, 2018 at 7:00 AM
Subject: Re: [Openvpn-devel] [PATCH] Remove deprecated
--compat-x509-names and --no-name-remapping
To: Steffan Karger <steffan.kar...@fox-it.com>
Hi,
The actual option name is --compat-names, not --compat-x509-names, so
the subject line of this email should be
"[Openvpn-devel] [PATCH] Remove deprecated --compat-names and
--no-name-remapping"
The existing source code (as of commit 2b15c11) uses compat-names
everywhere except one place, which is in a message (shown in the
patch, see below).
In addition, https://community.openvpn.net/openvpn/wiki/DeprecatedOptions
says --compat-names was deprecated in 2.3 and removed in 2.5. There is
no mention of --compat-x509-names.
On Wed, Oct 24, 2018 at 6:13 AM Steffan Karger
<steffan.kar...@fox-it.com> wrote:
>
> As promised, remove these options for OpenVPN 2.5.
>
> If a user still uses these, print an error that the user should update it's
> configuration. Just printing a warning would cause much more confusing
> errors, somewhere in middle of a failed connection attempt because the
> (non-compat) names no longer match the expected names.
<snip>
> --- a/src/openvpn/options.c
> +++ b/src/openvpn/options.c
> @@ -2422,10 +2422,6 @@ options_postprocess_verify_ce(const struct options
> *options, const struct connec
> {
> msg(M_USAGE, "--stale-routes-check requires --mode server");
> }
> - if (compat_flag(COMPAT_FLAG_QUERY | COMPAT_NO_NAME_REMAPPING))
> - {
> - msg(M_USAGE, "--compat-x509-names no-remapping requires --mode
> server");
> - }
> }
> #endif /* P2MP_SERVER */
That's the sole reference to --compat-x509-names in the source code
that I found (as of commit 2b15c11).
Best regards,
Jon Bullard
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
