We originally wanted to deprecated these ciphers (especially BF-CBC) with
2.6 but currently these ciphers are still too widespread to make this
transition for 2.6.
---
src/openvpn/crypto.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
index 36f880433..c4cf72a55 100644
--- a/src/openvpn/crypto.c
+++ b/src/openvpn/crypto.c
@@ -721,7 +721,7 @@ warn_insecure_key_type(const char *ciphername)
" bit (%d bit). This allows attacks like SWEET32. Mitigate by "
"using a --cipher with a larger block size (e.g. AES-256-CBC). "
"Support for these insecure ciphers will be removed in "
- "OpenVPN 2.6.",
+ "OpenVPN 2.7.",
ciphername, cipher_kt_block_size(ciphername)*8);
}
}
--
2.33.0
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
