Hi Gert,
Now that 2.6 appears to have reached a fairly stable state, may I request
you to look into this patch for 2.7 -- this one has an ACK (thanks to
Frank), 2/2 may need a closer look but that one is small.
I dread the prospect of this developing serious merge conflicts and having
to drill
Am 09.05.2023 um 17:46 schrieb Gianmarco De Gregori:
-bool persist_key; /* Don't re-read key files on SIGUSR1 or
PING_RESTART */
The downside of always enabling this option is that you can no longer
replace the certificate and key without restarting the server completley.
On Thu, May 25, 2023 at 04:40:46PM +0200, Gianmarco De Gregori wrote:
> This commit changes the default behavior of the OpenVPN
> configuration to enable the persist-key option by default.
>
> This means that all the key file content will be kept
> in memory throughout the lifetime of the VPN
Commit 36bef1b52b49ebbc3790635be230e2f30f0532a7 removed
the option but did not delete it from usage text.
Change-Id: I68d3c90c2bdf6f426a9eef81f852fcae2ea47ce9
Signed-off-by: Frank Lichtenheld
---
src/openvpn/options.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/openvpn/options.c
This commit changes the default behavior of the OpenVPN
configuration to enable the persist-key option by default.
This means that all the key file content will be kept
in memory throughout the lifetime of the VPN connection.
Fixes: Trac #1405
Signed-off-by: Gianmarco De Gregori
---
Changes