Am 24.07.20 um 16:04 schrieb Arne Schwabe:
> This patch adds a message that informs the user that the ncp-cipher
> is renamed to data-ciphers. This should address the following concerns:
>
> - Users being confused by old options.
> - Nudge users to use the modern variant of an option
>
> The man page already documents ncp-ciphers as an old name for
> data-ciphers, so looking it up in the man page will also work.
>
> Note that I did not add "deprecated old option" to this message
> since I still think that eventually removing the option will only
> break configs and we gain almost nothing from that.
>
> Also still accepting the option even though we do not recommend usage of
> it also follows the robustness principle of:
> "be strict in what you send and tolerant in what you receive"
>
> Signed-off-by: Arne Schwabe <a...@rfc2549.org>
> ---
> src/openvpn/options.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/src/openvpn/options.c b/src/openvpn/options.c
> index 5beaba0f..01f0ca0f 100644
> --- a/src/openvpn/options.c
> +++ b/src/openvpn/options.c
> @@ -7939,6 +7939,11 @@ add_option(struct options *options,
> && p[1] && !p[2])
> {
> VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_INSTANCE);
> + if (streq(p[0], "ncp-ciphers"))
> + {
> + msg(M_INFO, "Note: Rewriting option '--ncp-ciphers' to "
> + " '--data-ciphers'");
> + }
> options->ncp_ciphers = p[1];
> }
> else if (streq(p[0], "ncp-disable") && !p[1])
> Sorry, send out an old version. V2 incoming. Arne
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
